Whitelist multiple domains in content security policy

前端未结

关注

 2  857

[愿得一人] 2021-02-01 19:02

I am writting a chrome extension that needs to have two domains in its whitelist for the content security policy. I\'ve looked at the official docs, but I still can\'t seem to f

2条回答

一向 (楼主)

2021-02-01 19:22
I have face the same problem to whitelist the secure resources URL's with the below warning.

There were warnings when trying to install this extension:
« Ignored insecure CSP value "object-src" in directive 'script-src'.
« CSP directive 'object-src' must be specified (either explicitly, or implicitly via 'default-src') and must whitelist only secure resources.

To resolve HTTP Content-Security-Policy use below key value in manifest.json file.
```
{
"content_security_policy":
   "script-src 'self' https://yash.test.com:8443 'unsafe-eval'; object-src 'self' https://yash.test.com:8443"
}
```
0 讨论(0)

查看其它2个回答
发布评论:

提交评论
- 加载中...