Chrome 扩展“拒绝加载脚本,因为它违反了以下内容安全策略指令" [英] Chrome Extension "Refused to load the script because it violates the following Content Security Policy directive"
问题描述
我正在尝试创建 Chrome 扩展程序,但我的 JS 都不起作用.控制台显示此错误:
<块引用>拒绝加载脚本'https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js'因为它违反了以下内容安全策略指令:script-src 'self' blob:文件系统:chrome-extension-resource:".
为什么它会阻止我的 jQuery 运行?
如 Chome 网站上所述
一>,有一个内容安全策略阻止您的脚本加载远程脚本:
<块引用>允许通过 HTTPS 从 example.com 加载脚本资源的宽松策略定义可能如下所示:
"content_security_policy": "script-src 'self' https://example.com; object-src 'self'"
所以在你的情况下,manifest.json
应该包含:
<代码> {"name": "我的分机",清单版本":2,背景":{脚本":[...]},"content_security_policy": "script-src 'self' https://example.com; object-src 'self'",}
I'm trying to create a Chrome extension, but none of my JS works. The console shows this error:
Refused to load the script 'https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js' because it violates the following Content Security Policy directive: "script-src 'self' blob: filesystem: chrome-extension-resource:".
Why is it blocking my jQuery from running?
As explained on the Chome website, there is a Content Security Policy preventing your script to load remote script:
A relaxed policy definition which allows script resources to be loaded from example.com over HTTPS might look like:
"content_security_policy": "script-src 'self' https://example.com; object-src 'self'"
So in your case, the manifest.json
should contain:
{
"name": "My Extension",
"manifest_version": 2,
"background":{
"scripts": [...]
},
"content_security_policy": "script-src 'self' https://example.com; object-src 'self'",
}
这篇关于Chrome 扩展“拒绝加载脚本,因为它违反了以下内容安全策略指令"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!