我試圖從Chrome封裝應用程序發送一個請求:HTTPS請求在Chrome封裝應用程序(Java腳本)
$.ajax({
url: "https://accounts.google.com/o/oauth2/auth?client_id=xxxapps.googleusercontent.com&response_type=id_token&scope=openid%20email", //"https://www.googleapis.com/plus/v1/people/me",
jsonp: "responseText",
dataType: "jsonp",
data: {
q: "select *",
format: "json"
},
success: function(response) {
console.log(response);
}
});
和recieving以下錯誤:
Refused to load the script
'https://accounts.google.com/o/oauth2/auth?client_id=xxx&q=select+*&format=json&_=xxx'
because it violates the following Content Security Policy directive:
"default-src 'self' chrome-extension-resource:". Note that
'script-src' was not explicitly set, so 'default-src' is used as a fallback.
的清單文件該應用程序包含以下內容:
"content_security_policy": "script-src 'self' https://accounts.google.com; object-src 'self'"
如何解決此錯誤?
確保你重新加載在Chrome擴展:您更改清單//擴展後。 – abraham
@abraham,做了一遍。同樣的結果:嘗試安裝此擴展程序時出現警告: 'content_security_policy'僅適用於擴展和舊版打包應用程序,但這是一個打包應用程序。 – 31415926
您是否嘗試將'https:// accounts.google.com/*'添加到您的permissins數組中? – abraham