admin管理员组文章数量:1192330
I'm learning to use Cordova with jquery mobile and I have the following error:
Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self' data: gap: 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-iacGaS9lJJpFDLww4DKQsrDPQ2lxppM2d2GGnzCeKkU='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
My code is as follows:
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *; img-src 'self' data: content:;">
<meta name="format-detection" content="telephone=no">
<meta name="msapplication-tap-highlight" content="no">
<meta name="viewport" content="user-scalable=no, initial-scale=1, maximum-scale=1, minimum-scale=1, width=device-width">
<link rel="stylesheet" type="text/css" href="css/index.css">
<title>Hello World</title>
<script>
$(document).ready(function()
{
$("#tryit").click(function() {
document.getElementById("msg").innerHTML = "hello";
});
});
</script>
</head>
<body>
<button id="tryit">Try it</button>
<div id="msg"></div>
<script type="text/javascript" src="cordova.js"></script>
<script type="text/javascript" src="js/index.js"></script>
</body>
</html>
In the class, I wrote this:
cordova create hello2 com.example.hello2 hello2
cordova platform add android
cordova build
I think it has to do with "cordova-plugin-whitelist" , but I don't know how to uninstall the NPM
I'm learning to use Cordova with jquery mobile and I have the following error:
Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-iacGaS9lJJpFDLww4DKQsrDPQ2lxppM2d2GGnzCeKkU='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
My code is as follows:
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *; img-src 'self' data: content:;">
<meta name="format-detection" content="telephone=no">
<meta name="msapplication-tap-highlight" content="no">
<meta name="viewport" content="user-scalable=no, initial-scale=1, maximum-scale=1, minimum-scale=1, width=device-width">
<link rel="stylesheet" type="text/css" href="css/index.css">
<title>Hello World</title>
<script>
$(document).ready(function()
{
$("#tryit").click(function() {
document.getElementById("msg").innerHTML = "hello";
});
});
</script>
</head>
<body>
<button id="tryit">Try it</button>
<div id="msg"></div>
<script type="text/javascript" src="cordova.js"></script>
<script type="text/javascript" src="js/index.js"></script>
</body>
</html>
In the class, I wrote this:
cordova create hello2 com.example.hello2 hello2
cordova platform add android
cordova build
I think it has to do with "cordova-plugin-whitelist" , but I don't know how to uninstall the NPM
Share Improve this question edited Jan 9, 2017 at 20:31 Mr. Xcoder 4,7955 gold badges28 silver badges44 bronze badges asked Jan 9, 2017 at 19:34 Periseas LilithPeriseas Lilith 611 gold badge1 silver badge3 bronze badges2 Answers
Reset to default 21You need to add 'unsafe-inline' to the Content-Security-Policy; either to the default-src or explicitly for Javascript using script-src. So try something like:
<meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; media-src *; img-src 'self' data: content:;">
Simply add this code in index.html
<meta http-equiv="Content-Security-Policy" script-src='unsafe-inline';>
For more information visit: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src#Unsafe_inline_script
本文标签:
版权声明:本文标题:javascript - Cordova error: Refused to execute inline script because it violates the following Content Security Policy directive 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1738407908a2085152.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论