我的chrome扩展程序的结构如下:
background.html
background.js
javascripts/angular...
javascripts/webRTC...
我正在使用来自firebase的datachannel.js库,它基本上创建了对firebaseio.com的远程调用
var socket = new window.Firebase('https://' +
(self.firebase || 'webrtc-experiment') + '.firebaseIO.com/' + channel);
chrome将此错误返回到控制台:
Refused to load the script 'https://webrtc-experiment.firebaseio.com/.lp?start=t&ser=24080204&cb=23&v=5' because it violates the following Content Security Policy directive: "script-src 'self' blob: filesystem: chrome-extension-resource:".
(anonymous function) @ firebase.js:168
这是manifest.json:
"manifest_version": 2,
"background": {
"page": "background.html"
},
"browser_action": {
"default_popup": "main.html",
"default_icon": "icon.png",
"default_title": "title"
},
"minimum_chrome_version": "37.0",
"name": "chromeextensionname",
"permissions": [
"<all_urls>",
答案 0 :(得分:4)
在manifest.json
中使用content-security-policy解决
"content_security_policy": "script-src 'self' https://*.firebase.com https://*.firebaseio.com; object-src 'self'",
的引用:
https://developer.chrome.com/extensions/contentSecurityPolicy
How to set Content Security Policy in Chrome Extension Manifest.json in order for Firebase to work