当我尝试<script src="https://savehut.xyz/files/file.js"></script>使用 chrome 扩展时出现此错误:
Refused to load the script 'https://savehut.xyz/files/file.js' because it violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
我的 manifest.json 文件中有这个:(它是 manifest v3 btw)
"content_security_policy": {
"script-src": "'self' 'unsafe-eval' https://cdn.jsdelivr.net/* https://savehut.xyz/* 'unsafe-inline';"
}
jsdelivr 有效,但 savehut.xyz 无效。
顺便说一句,文件位置不是/files/file.js,这只是一个示例