尝试使用Google地图的API时出现script-src 'unsafe-eval'错误。
<script src="https://maps.googleapis.com/maps/api/js?v=3.exp&sensor=false"></script>
这是控制台错误:
Uncaught EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' ' *.gstatic.com *.googleapis.com *.google-analytics.com *.google.com".
您会认为Google的库中不会有任何不安全的eval触发器。如果它可能是我的一面,我的代码如下:
JS
function initialize() {
// Create the map.
var mapOptions = {
zoom: 4,
center: new google.maps.LatLng(37.09024, -95.712891),
mapTypeId: google.maps.MapTypeId.ROADMAP,
zoomControl: true,
streetViewControl: false
};
var map = new google.maps.Map(document.getElementById('map-canvas'),
mapOptions);
google.maps.event.addListener(map, "click", function (e) {
var marker = new google.maps.Marker({
draggable: true,
raiseOnDrag: false,
map: map,
position: e.latLng
});
var radius = Math.pow(2, (20 - map.getZoom())) * 3;
if (radius < 100) {
radius = 100;
}
var circle = new google.maps.Circle({
map: map,
editable: true,
radius: radius,
fillColor: '#0159e5',
strokeColor: '#0159e5',
strokeWeight: 1,
geodesic: true
});
circle.bindTo('center', marker, 'position');
google.maps.event.addListener(circle, 'radius_changed', function() {
if (circle.getRadius() < 100){
circle.setRadius(100);
}
});
//Set form fields
document.getElementById("geo-fence-lat").value = marker.getPosition().lat();
document.getElementById("geo-fence-long").value = marker.getPosition().lng();
document.getElementById("geo-fence-radius").value = Math.ceil(radius/100)*100;
google.maps.event.clearListeners(map, "click");
addListeners(circle);
});
}
对GMaps替代品的任何修复或想法将不胜感激。
编辑: 这些是Chrome中的违规行。在maps.gstatic.com maps-api-v3 / api / js / 21/2 / main.js中找到。
Kh.main = function(a) {
eval(a)
};
fg("main", {});
function ql(a) {
return O(eval, k, "window." + a + "()")
}
答案 0 :(得分:1)
在Google Maps 3.23中看起来主要已修复 - 请参阅issue 4201
代码中仍然存在eval的一些实例 - 例如eval('document.namespaces')块内的try(请参阅:related Closure fix)