问题
Code in manifest.json:
{
"name": "Test",
"version": "1.0",
"manifest_version": 2,
"description": "Test",
"browser_action": {
"default_icon": "icon.png",
"default_popup": "popup.html"
},
"permissions": [
"notifications",
"https://www.roblox.com"
],
"background": { "scripts": ["background.js"] },
"content_security_policy": "script-src https://www.roblox.com 'self' ; object-src 'self'",
"web_accessible_resources": [
"icon.png"
]
}
Code in background.js:
var iframe = document.createElement("iframe")
iframe.src = "http://www.roblox.com/User.aspx?ID=1"
document.body.appendChild(iframe)
I keep getting this error:
Unsafe JavaScript attempt to access frame with URL chrome-extension://dbekkpdpdheclekbpajgigjdlpleolgd/_generated_background_page.html from frame with URL http://www.roblox.com/User.aspx?ID=1. The frame requesting access has a protocol of 'http', the frame being accessed has a protocol of 'chrome-extension'. Protocols must match.
Is there anyway to fix this?
回答1:
Problem in your code is your http://www.roblox.com/*
source is not secure. The whitelist only secure resources part of the Chrome error message refers to this. You have to use https://www.roblox.com/*
and declare
"content_security_policy": "script-src https://roblox.com 'self' ; object-src 'self'"
in manifest file. I observed your domain has is making calls through
http://www.roblox.com/Ads/IFrameAdContent.aspx?v=2&slot=Roblox_User_Top_728x90&format=banner&v=2.
http
URL, which is not white listed.
References for further reading
- Content Security Policy
来源:https://stackoverflow.com/questions/14293451/loading-iframe-in-google-chrome-extension-error-protocols-must-match