我正在尝试创建一个Chrome扩展程序,在页面上注入一个侧边栏,内部有一个iframe,指向外部页面。测试时,我在LinkedIn上遇到以下错误:
拒绝框架'https://example.com/',因为它违反了。https://www.linkedin.com' 遵循内容安全策略指令:“frame-src'self' * .doubleclick.net www.slideshare.net radar.cedexis.com platform.linkedin.com media-exp1.licdn.com media-exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com media-lcdn.licdn.com m.c.lcdn.licdn.com cdn.embedly.com https://github.com/socketio/socket.io-client-java lichat.azurewebsites.net www.youtube.com www.facebook.com player.vimeo.com embed.ted.com livestream.com embed.gettyimages.com w.soundcloud.com www.lynda.com media.licdn.com“。
我理解这意味着他们阻止嵌入除了列入白名单之外的任何网站,所以我很好奇是否有办法通过扩展程序改变CSP?
这是我的清单文件:
{
"manifest_version": 2,
"name": "my ext",
"description": "my ext desc",
"version": "0.1",
"content_scripts": [{
"matches": ["<all_urls>"],
"js": ["jquery-3.3.1.min.js","content.js","scripts.js"],
"css": ["content.css"]
}],
"background": {
"scripts": ["background.js"]
},
"permissions": ["tabs","activeTab","storage"],
"browser_action": {
"default_icon": {
"16": "images/icon16.png",
"32": "images/icon32.png",
"48": "images/icon48.png",
"128": "images/icon128.png"
}
},
"icons": {
"16": "images/icon16.png",
"32": "images/icon32.png",
"48": "images/icon48.png",
"128": "images/icon128.png"
}
}