我试图从Chrome封装应用程序发送一个请求:HTTPS请求在Chrome封装应用程序(Java脚本)
$.ajax({
url: "https://accounts.google.com/o/oauth2/auth?client_id=xxxapps.googleusercontent.com&response_type=id_token&scope=openid%20email", //"https://www.googleapis.com/plus/v1/people/me",
jsonp: "responseText",
dataType: "jsonp",
data: {
q: "select *",
format: "json"
},
success: function(response) {
console.log(response);
}
});
和recieving以下错误:
Refused to load the script
'https://accounts.google.com/o/oauth2/auth?client_id=xxx&q=select+*&format=json&_=xxx'
because it violates the following Content Security Policy directive:
"default-src 'self' chrome-extension-resource:". Note that
'script-src' was not explicitly set, so 'default-src' is used as a fallback.
的清单文件该应用程序包含以下内容:
"content_security_policy": "script-src 'self' https://accounts.google.com; object-src 'self'"
如何解决此错误?
确保你重新加载在Chrome扩展:您更改清单//扩展后。 – abraham
@abraham,做了一遍。同样的结果:尝试安装此扩展程序时出现警告: 'content_security_policy'仅适用于扩展和旧版打包应用程序,但这是一个打包应用程序。 – 31415926
您是否尝试将'https:// accounts.google.com/*'添加到您的permissins数组中? – abraham