我正在尝试仅使用客户端JavaScript访问Spotify API。根据他们的documentation,我需要使用“隐式授权”流程。第一步是将用户从my React app发送到spotify.com上的API端点;这是我正在使用的一个例子:https://accounts.spotify.com/authorize%3Fresponse_type%3Dtoken%26scope%3Duser-read-private%20user-read-email%26client_id%3Dae45a76e6e264417a49a32043284912b%26redirect_uri%3Dhttps%3A%2F%2Fnydame-bloc-jams-v2.netlify.com%2Flibrary&state=a54hm27jfk。
我不明白当我使用正确的端点URL时我是如何得到404错误的(是的,我检查了拼写错误!)但是这里有一个提示,可能:404页面显示以下安全相关Web检查器中的错误:
Content Security Policy: The page’s settings blocked the loading of a resource at self (“script-src”). Source: ;(function installGlobalHook(window) {
....
Content Security Policy: The page’s settings blocked the loading of a resource at self (“script-src”). Source: !function(t){function __webpack_require_....
和
Content Security Policy: The page’s settings blocked the loading of a resource at https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5784146-31&cid=1787973498.1522278426&jid=1945824252&_v=j66&z=514970388 (“img-src”).