内容安全政策Mozilla扩展 [英] Content Security Policy on Mozilla extension
问题描述
我在Mozilla和Chrome中都有一个扩展,在我的扩展中,我调用了一个远程JS文件。
为了避免Chrome中的CSP, manifest.json和我的文件通过HTTPS布莱恩的规则,所以一切都是完美的。
但在Mozilla中,我找不到如何加载JS。即使通过https不工作。
我在这发现的唯一的事情是另一个问题在这里Stackoverflow:如何将内容安全政策添加到Firefox扩展,但不知道在哪里插入代码,我的扩展它非常简单。
我只需要那个,我怎么能在一个Firefox插件上处理CSP?
感谢和抱歉我的英文!
Notidart帮助我解决了这个问题。在我给出的链接的帮助下,Notidart在这个扩展上工作只是为了测试:
该扩展注入了一个JS文件和一个Image,例如,并实现了Jai Prakash放在如何将内容安全策略添加到Firefox扩展及其运行良好。它会在所有定义了CSP的站点上注入该文件。
非常感谢两者,为避免Firefox扩展中的CSP,没有简单的方法或文档,但这个解决方案效果很好。
I have an extension in both Mozilla and Chrome, in my extension I make a call to a remote JS file.
To avoid the CSP in Chrome, I add the rule to manifest.json and my file goin over HTTPS so everything is perfect.
But in Mozilla, I could not find out how to load the JS. Even over https dont work. The only thing I found on this was another question here on Stackoverflow: How to add Content Security Policy to Firefox extension, but are not sure where to insert that code, my extension its very simple.
I just need that, how i can handle CSP on a Firefox addon?
Thanks and sorry for my English!
Notidart help me a lot with this problem. With the help of the link I gave, Notidart work on this extension just for testing:
That extension inject a JS file and an Image just for example, and Have Implemented the code that Jai Prakash put on How to add Content Security Policy to Firefox extension and its working well. It injects the file on all sites with a CSP defined.
Thank you very much to both, there is no easy way or documentation for avoid the CSP in Firefox extensions, but this solution works very well.
这篇关于内容安全政策Mozilla扩展的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
