1

I am writing a chrome extension where I am using Google Plus login button.
The problem is as soon as I authenticate instead of response it throws an exception : Uncaught Error: G`{"iss":"accounts.google.com","azp":"822768261690-d94r53ch5tsma36qvjbmt0rhfh2vcbie.apps.googleusercontent.com","at_hash":"g8ULZcIKI58RsZ77N3F9pA","c_hash":"DchW3chFAqayAa8akuuXMw","aud":"822768261690-d94r53ch5tsma36qvjbmt0rhfh2vcbie.apps.googleusercontent.com","sub":"116366060578573041256","iat":1376935399,"exp":1376939299}

I am really confused as the code is precisely the same as in Quick start application for javascript. The Client ID is configured according to my chrome extension ID. The project has been untouched for a week. It was working before and now I get this strange Error.

Has anybody seen this before ?

4

1 回答 1

1

我遇到了这个问题,结果证明它与内容安全策略有关。当脚本尝试调用 eval() 时会引发该错误。我在标题中添加了 unsafe-eval 例如:

content-security-policy: script-src 'unsafe-eval' 'self' https://*.google.com ...

如果您使用的是 content-security-policy,这可能会导致错误。注意:从安全角度来看,使用 unsafe-eval 并不理想! 内容安全策略

于 2015-08-06T17:41:43.083 回答