我已经在heroku上使用材质部署了一个测试角度应用程序,但出现错误
Refused to load the image 'https://my-app.herokuapp.com/favicon.ico' because it
violates the following Content Security Policy directive: "default-src 'none'".
Note that 'img-src' was not explicitly set, so 'default-src' is used as a
fallback.
稍作搜索后,我将其添加到index.html
<meta http-equiv="Content-Security-Policy"
content="default-src 'self' https://fonts.googleapis.com;
font-src 'self' https://fonts.gstatic.com;">
现在我得到了错误
Refused to apply inline style because it violates the following Content Security
Policy directive: "default-src 'self' https://fonts.googleapis.com". Either the
'unsafe-inline' keyword, a hash ('XXXXXXXXXXXXXXXXXX'), or a nonce ('nonce-...')
is required to enable inline execution. Note also that 'style-src' was not
explicitly set, so 'default-src' is used as a fallback.
我不知道下一步要去哪里。我现在正在学习有关CSP的信息,找不到答案。谢谢!