_
_
_Performante_2015-11-26 13:59:29
Web development
_Performante_, 2015-11-26 13:59:29

I'm writing a chrome extension but I'm having the same problem. Why, when I write a function in popup.js to return an alert, does it return an error like this?

Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self' blob: filesystem: chrome-extension-resource:". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. but without the function it works, what is the reason for this?

{
  "manifest_version": 2,

  "name": "Getting started example",
  "description": "This extension shows a Google Image search result for the current page",
  "version": "1.0",

  "browser_action": {
    "default_icon": "icons/icon.png",
    "default_popup": "popup.html",
    "default_title": "Click here!",
    "style_css" : "style.css",
    "javascript" : "popup.js"
  },
  "permissions": [
    "activeTab",
    "https://ajax.googleapis.com/"
  ]
}

<html>
  <head>
    <title>Getting Started Extension's Popup</title>
    <link rel="stylesheet" href="style.css">
    <script src="popup.js"></script>
  </head>
  <body>
    <div class="Boss">
    <p>Welcome</p>
    <input type="button" class="input" onclick="myFunction()" value="Click Here">
    </div>
  </body>
</html>

function myFunction() {
    console.log("lololo");
    return;
};

Answer the question

In order to leave comments, you need to log in

2 answer(s)
A
Alexander Melnichenko, 2015-11-26
@alex87melnichenko

It says that your application security policy does not allow such code to be executed.
https://developer.chrome.com/extensions/contentSec...
habrahabr.ru/post/149948
Export scripts to files.

D
dimwap, 2019-12-22
@dimwap

Change the security policy in the plugin manifest.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question