getting error to setup ngcordova firsttime

时间:2015-04-23 05:47:23

标签: cordova ngcordova

I am using below code: 

<html>
<head>
    <!--
    Customize this policy to fit your own app's needs. For more guidance, see:
        https://github.com/apache/cordova-plugin-whitelist/blob/master/README.md#content-security-policy
    Some notes:
        * gap: is required only on iOS (when using UIWebView) and is needed for JS->native communication
        * https://ssl.gstatic.com is required only on Android and is needed for TalkBack to function properly
        * Disables use of inline scripts in order to mitigate risk of XSS vulnerabilities. To change this:
            * Enable inline JS: add 'unsafe-inline' to default-src
    -->

    <meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *">
    <meta name="format-detection" content="telephone=no">
    <meta name="msapplication-tap-highlight" content="no">
    <meta name="viewport" content="user-scalable=no, initial-scale=1, maximum-scale=1, minimum-scale=1, width=device-width">
    <link rel="stylesheet" type="text/css" href="css/index.css">
    <script type="text/javascript" src="js/angular.min.js"></script>
    <script type="text/javascript" src="js/ng-cordova.min.js"></script>
    <script type="text/javascript" src="cordova.js"></script>

    <script>
var app = angular.module('myApp', ['ngCordova']);
app.controller('MyCtrl', function($scope, $cordovaDevice) {

 alert("fgf);
})
</script>
</head>


<div ng-app="myApp" ng-controller="myCtrl">

  k
</div>

</body>
</html>

And during runtime I am getting below error. Please guide me how to fix it.

     "[INFO:CONSOLE(47)] "Received Event: deviceready", source:       file:///android_asset/www/js/index.js (47)
    04-23 11:06:19.444  17043-17043/com.example.hello I/chromium﹕ [INFO:CONSOLE(41)] "Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
        ", source: file:///android_asset/www/my.html (41)
    04-23 11:06:19.524  17043-17043/com.example.hello I/chromium﹕ [INFO:CONSOLE(35)] "Uncaught Error: [$injector:modulerr] http://errors.angularjs.org/1.3.14/$injector/modulerr?`enter code here`p0=myApp&p1=Error%3A%20%5B%24injector%3Anomod%5D%20http%3A%2F%2Ferrors.angularjs.org%2F1.3.14%2F%24injector%2Fnomod%3Fp0%3DmyApp%0A%20%20%20%20at%20Error%20(......1)", source: file:///android_asset/www/js/angular.min.js (35)"

3 个答案:

答案 0 :(得分:4)

评论中的最后一个项目是建议您将内容安全策略更改为

 <meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *">

允许内联脚本。

答案 1 :(得分:2)

我有同样的问题,当我添加http json请求调用它总是在错误的情况下。所以我只是从html中删除下面的标签。

 <meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *">


 <meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *">

它对我有用.. !!

答案 2 :(得分:0)

我也有这个问题,我在'unsafe-inline'解决问题后添加了default-src。 像这样

<meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *">
相关问题
最新问题