我正在实施一个facebook应用程序..我在这个应用程序Chart.js内使用来显示图表..问题是当我在网络浏览器上测试应用程序时,框架是正确的实例化,当我在facebook内部尝试它得到以下消息:
"Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'self'"
Chart.js初始化:
MpM.initializeActions = function() {
$("<canvas id='mycanv' width='700' height='400' />").appendTo($(".vote-poll-content"));
MpM.initializeCharts();
MpM.initializeCharts = function() {
var ctx = $("#mycanv").get(0).getContext("2d");
var answer_labels = [];
var answer_percentage = [];
var data = {labels:[10,23,12,],datasets:[
{
label : "My First dataset",
fillColor : "rgba(220,220,220,0.5)",
strokeColor : "rgba(220,220,220,0.8)",
highlightFill : "rgba(220,220,220,0.75)",
highlightStroke : "rgba(220,220,220,1)",
data : [10,23,21,23]
},
]
};
var myBarChart = new Chart(ctx).Bar(data, {barValueSpacing : 25});
};
});
答案 0 :(得分:0)
您可能只需要设置内容安全策略以允许来自您的Facebook应用网址的脚本在http标头中
Content-Security-Policy: script-src 'self' https://yourfacebookappurl.com