javascript - Why does html import external js file to save and refuse to load the script?
漂亮男人
漂亮男人 2017-07-05 10:43:52
0
1
1651

The following is the error message:
Refused to load the script 'http:// */js/track.js' because it violates the following Content Security Policy directive: "default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self' .qq.com .flzhan.com .gtimg.com .share.baidu.com .gtimg.cn .qlogo.cn img.hb.aicdn.com pub.idqqimg.com nsclick. baidu.com ajax.googleapis.com .qpic.cn code.jquery.com cdn.bootcss.com .sec.qq.com .sinaimg.cn wvjbscheme://* creativecommons.org www .w3.org purl.org tnm2.oa.com statics.dnspod.cn doksoft.com js.plus weixinping weixinpreinject weixin jsbridge". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.

The imported file is introduced like this

<script type="text/javascript" src="http://****/js/track.js"></script>

HTML header is like this


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<html class="VACT_body_page_text10"   >
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=320,minimum-scale=0.5, maximum-scale=5, user-scalable=no">
    <meta name="format-detection" content="telephone=no">

I tried to put the js file into the site, and the js file imported into the site also reported this error. What is going on? Thanks

漂亮男人
漂亮男人

reply all(1)
洪涛

Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
Judging from the error message, your resource configuration information is wrong and some things are blocked.

<meta http-equiv="Content-Security-Policy" content="default-src 'self' http://XX.XX.XX.XX ">
//试试加上这个 地址是自己服务器地址

<meta http-equiv="Content-Security-Policy" content="default-src *;
 frame-src 'self' wvjbscheme://*;
 style-src 'self' http://*.xxx.com 'unsafe-inline';
 script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.xxx.com;">
//加强版 只要default和js的配置就好, 其他的看需要
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template