<button id="mgqzr"></button>
<noscript id="mgqzr"></noscript>
<button id="mgqzr"></button>
<pre id="mgqzr"><sup id="mgqzr"><sub id="mgqzr"></sub></sup></pre>
<noscript id="mgqzr"><b id="mgqzr"></b></noscript><button id="mgqzr"></button>

<noscript id="mgqzr"></noscript><button id="mgqzr"><b id="mgqzr"><th id="mgqzr"></th></b></button>
<pre id="mgqzr"><b id="mgqzr"></b></pre><button id="mgqzr"><menuitem id="mgqzr"><table id="mgqzr"></table></menuitem></button>
<pre id="mgqzr"><input id="mgqzr"></input></pre>

拒絕執行內聯腳本,因為它違反了以下內容安全策略指令:“script-src'self'” [英] Refused to execute inline script because it violates the following Content Security Policy directive: &quot;script-src &#39;self&#39;&quot;

查看:20241
本文介紹了拒絕執行內聯腳本,因為它違反了以下內容安全策略指令:“script-src'self'”的處理方法,對大家解決問題具有一定的參考價值,需要的朋友們下面隨著小編來一起學習吧!

問題描述

我為Rss閱讀器創建了一個Chrome擴展,在那個即時通訊中得到了上述錯誤請幫助

manifest.json $ b

  {
name:Tutorialzine Extension,
manifest_version:2,
version:1.1,
description:制作您的第一個Google Chrome擴展程序。,
圖標:{
128:icon_128.png
},
web_accessible_resources:[script.js,https ://query.yahooapis.com],
browser_action:{
default_icon:icon.png,
default_popup:tutorialzine.html
,
permissions:[tabs,< all_urls,http:// localhost /,
http:// * / *,https:// * / *,https://query.yahooapis.com],
content_security_policy:script-src'self';'https://query.yahooapis.com'; unsafe-inline; object-src'self'
}

script.js

  $(document).ready(function(){

va r query =SELECT * FROM feed WHERE url ='http://feeds.feedburner.com/Tutorialzine'LIMIT 2;

//存儲自現在開始的秒數:
var now =(new Date())。getTime()/ 1000;

//如果localStorage中沒有設置緩存,或者緩存大于1小時:
if(!localStorage.cache || now - parseInt(localStorage.time)> 1 * 60 * 60){
$ .get(yahoo.js,function(msg){

// msg.query.results.item是一個數組:
var items = msg.query.results.item;
var htmlString =;

for(var i = 0; i< items.length; i ++){
var tut = items [i];

//從永久鏈接提取帖子ID:
var id = tut.guid.content.match(/(\ d +)$ / )[0];

//循環并生成教程標記:

htmlString + ='< div class =tutorial> \
< img src =http://tutorialzine.com/img/posts/'+ id +'.jpg/> \
< h2>'+ tut.title +'< / h2> \
< p> + tut.description +'< / p> \
< a href ='+ tut.link +'target =_ blank>閱讀更多內容< / a> \\ \\
< / div>';
}

//設置緩存
localStorage.cache = htmlString;
localStorage.time = now;

//更新內容div:
$('#content')。html(htmlString);
},'json');
} else {
//緩存是新鮮的,使用它:
$('#content')。html(localStorage.cache);


jquery.min.js錯誤:



Jquery.min.js包含內聯腳本執行操作

  parentNode:d .removeChild(d.appendChild(s.createElement( DIV)))parentNode ===空,deleteExpando:真,checkClone:假,scriptEval:假,noCloneEvent:真,boxModel:空}; b.type =文本/ JavaScript的 ;嘗試{b.appendChild(s.createTextNode( 窗口 + F += 1;))}趕上(I){} a.insertBefore(b,a.firstChild);如果(A [ f)){c.support.scriptEval = true; delete A [f]} try {delete b.test} catch(o){c.support.deleteExpando = false} a.removeChild(b); if(d.attachEvent& amp; amp; ;& d.fireEvent){d.attachEvent(onclick,function k(){c.support.noCloneEvent = 


<在使用LinkedIn oAuth API時,我也遇到了這種類型的問題。



我使用linkedIn API以下設置為cordova



config.xml

 < access origin =*launc H-外部= 是/> 
< allow-navigation href =*/>

元標記

 < meta http-equiv =Content-Security-Policycontent =default-src *; style-src'self''unsafe-inline'; script-src 'self''unsafe-inline''unsafe-eval'> 

腳本

 < script type =text / javascriptsrc =http://platform.linkedin.com/in.js>< / script> 

當我在模擬器上運行應用程序時,它給出





修正了將uri添加到元標記中的問題 http://platform.linkedin.com like

 < meta http-equiv =Content-Security-Policycontent =default-src *; style-src'self''unsafe-inline'; script-src'self''unsafe-inline''unsafe -eval'http://platform.linkedin.com> 


Im creating a chrome extension for Rss reader in that im getting the above error. please help

manifest.json

{
    "name": "Tutorialzine Extension",
        "manifest_version": 2,
        "version": "1.1",
        "description": "Making your first Google Chrome extension.",
        "icons": {
        "128": "icon_128.png"
    },
        "web_accessible_resources": ["script.js", "https://query.yahooapis.com"],
        "browser_action": {
        "default_icon": "icon.png",
            "default_popup": "tutorialzine.html"
    },
        "permissions": ["tabs", "<all_urls", "http://localhost/",
        "http://*/*", "https://*/*", "https://query.yahooapis.com"],
        "content_security_policy": "script-src 'self'; 'https://query.yahooapis.com';unsafe-inline; object-src 'self'"
}

script.js

$(document).ready(function () {

    var query = "SELECT * FROM feed WHERE url='http://feeds.feedburner.com/Tutorialzine' LIMIT 2";

    // Storing the seconds since the epoch in now:
    var now = (new Date()).getTime() / 1000;

    // If there is no cache set in localStorage, or the cache is older than 1 hour:
    if (!localStorage.cache || now - parseInt(localStorage.time) > 1 * 60 * 60) {
        $.get("yahoo.js", function (msg) {

            // msg.query.results.item is an array:
            var items = msg.query.results.item;
            var htmlString = "";

            for (var i = 0; i < items.length; i++) {
                var tut = items[i];

                // Extracting the post ID from the permalink:
                var id = tut.guid.content.match(/(\d+)$/)[0];

                // Looping and generating the markup of the tutorials:

                htmlString += '<div class="tutorial">\
                            <img src="http://tutorialzine.com/img/posts/' + id + '.jpg" />\
                            <h2>' + tut.title + '</h2>\
                            <p>' + tut.description + '</p>\
                            <a href="' + tut.link + '" target="_blank">Read more</a>\
                            </div>';
            }

            // Setting the cache
            localStorage.cache = htmlString;
            localStorage.time = now;

            // Updating the content div:
            $('#content').html(htmlString);
        }, 'json');
    } else {
        // The cache is fresh, use it:
        $('#content').html(localStorage.cache);
    }
}

Error in jquery.min.js:

Jquery.min.js contains inline script what to do

parentNode:d.removeChild(d.appendChild(s.createElement("div"))).parentNode===null,deleteExpando:true,checkClone:false,scriptEval:false,noCloneEvent:true,boxModel:null};b.type="text/javascript";try{b.appendChild(s.createTextNode("window."+f+"=1;"))}catch(i){}a.insertBefore(b,a.firstChild);if(A[f]){c.support.scriptEval=true;delete A[f]}try{delete b.test}catch(o){c.support.deleteExpando=false}a.removeChild(b);if(d.attachEvent&&d.fireEvent){d.attachEvent("onclick",function k(){c.support.noCloneEvent=

解決方案

I also faced such type of problem when working with LinkedIn oAuth API.

I was using linkedIn API with following settings for cordova

config.xml

 <access origin="*" launch-external="yes"/>
  <allow-navigation href="*" />

Meta Tag was

 <meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'">

Script

<script type="text/javascript" src="http://platform.linkedin.com/in.js"></script>

When i run the application on emulator its giving

Fixed Problem to add uri into meta tag http://platform.linkedin.com like

<meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://platform.linkedin.com ">

這篇關于拒絕執行內聯腳本,因為它違反了以下內容安全策略指令:“script-src'self'”的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,也希望大家多多支持IT屋!

查看全文
相關文章
登錄 關閉
掃碼關注1秒登錄
發送“驗證碼”獲取 | 15天全站免登陸
亚洲AV无码国产精品
<button id="mgqzr"></button>
<noscript id="mgqzr"></noscript>
<button id="mgqzr"></button>
<pre id="mgqzr"><sup id="mgqzr"><sub id="mgqzr"></sub></sup></pre>
<noscript id="mgqzr"><b id="mgqzr"></b></noscript><button id="mgqzr"></button>

<noscript id="mgqzr"></noscript><button id="mgqzr"><b id="mgqzr"><th id="mgqzr"></th></b></button>
<pre id="mgqzr"><b id="mgqzr"></b></pre><button id="mgqzr"><menuitem id="mgqzr"><table id="mgqzr"></table></menuitem></button>
<pre id="mgqzr"><input id="mgqzr"></input></pre>