onclick or inline script isn't working in extension
This seems to be the easiest thing to do, but it\'s just not working. In a normal browser the .html and .js files works perfectly, but in the Chrome/Firefox extension the
-
Reason
This does not work, because Chrome forbids any kind of inline code in extensions via Content Security Policy.
Inline JavaScript will not be executed. This restriction bans both inline
Alternative if you're using jQuery:
// jQuery $(document).ready(function() { $("#click-this").click(handler); });Relaxing the policy
Q: The error mentions ways to allow inline code. I don't want to / can't change my code, how do I enable inline scripts?
A: Despite what the error says, you cannot enable inline script:
There is no mechanism for relaxing the restriction against executing inline JavaScript. In particular, setting a script policy that includes
'unsafe-inline'will have no effect.Update: Since Chrome 46, it's possible to whitelist specific inline code blocks:
As of Chrome 46, inline scripts can be whitelisted by specifying the base64-encoded hash of the source code in the policy. This hash must be prefixed by the used hash algorithm (sha256, sha384 or sha512). See Hash usage for
- 热议问题