祝你有美好的一天! 我正在构建一个简单的Web应用程序。但是由于内容安全策略(CSP),我无法链接外部脚本或CSS。
Refused to load the stylesheet 'https://cdn.plyr.io/3.5.10/plyr.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
我搜索了一些解决方案,并将此meta标签插入到head标签中,但结果仍然相同。
<meta http-equiv="Content-Security-Policy" content="default-src *;">
对不起,我的英语不好,所以我不能解释清楚。此外,这是完整的模板:
<!doctype html>
<html {if isset($locale)}lang="{$locale->getBcp47()}"{/if}>
<head>
<meta charset="UTF-8" />
<meta name=viewport content="width=device-width, initial-scale=1">
{if isset($description)}
<meta name="description" content="{$description|escape}" />
<meta name="twitter:description" content="{$description|escape}" />
<meta property="og:description" content="{$description|escape}" />
{/if}
<link rel="stylesheet" href="{base_url}/css/fonts.css" />
<link rel="stylesheet" href="{base_url}/css/style.css" />
<title>{$config->appName}{if isset($title)} - {$title|escape}{/if}</title>
<link rel="canonical" href="{$canonical}" />
<link rel="icon" href="{base_url}/img/favicon.png" />
<meta property="og:title" content="{$config->appName}{if isset($title)} - {$title|escape}{/if}" />
<meta property="og:image" content="{base_url}/img/logo.png" />
<meta name="twitter:card" content="summary" />
<meta name="twitter:title" content="{$config->appName}{if isset($title)} - {$title|escape}{/if}" />
<meta name="twitter:image" content="{base_url}/img/logo.png" />
<meta name="twitter:creator" content="@_quangthang" />
<meta name="theme-color" content="#4F4F4F">
<link rel="manifest" href="{base_url}/resources/manifest.json" />
<meta http-equiv="Content-Security-Policy" content="default-src *;">
<link rel="stylesheet" href="https://cdn.plyr.io/3.5.10/plyr.css" />
</head>
<body class="{$class}">
感谢您的帮助!