我正在React中开发一个网站,我想将http-equiv="Content-Security-Policy"添加到我的index.html文件中。我当前的代码包括:
script-src 'self' https://www.google-analytics.com/
https://maps.googleapis.com/
'unsafe-inline';
但是我得到一个错误:
Refused to load the script 'https://localhost:3000/static/js/bundle.js'
because it violates the following Content Security Policy
directive: "script-src 'self' ...
与此脚本'https://localhost:3000/node_modules/localforage/dist/localforage.js'相同。
当我将https://localhost:3000/添加到script-src列表时,它给了我不同的错误:
GET https://localhost:3000/static/js/bundle.js 0 ()