包含哈希时出现内容安全策略错误
Getting content security policy error while hash is included
我有一个问题,尽管我已经包含(如您所见)内联样式的哈希="height:18px"(属性)我仍然遇到 csp 错误(页面在 ghostjs 中)
Refused to apply inline style because it violates the following Content
Security Policy directive: "style-src 'self' maxcdn.bootstrapcdn.com
fonts.googleapis.com https://intercom.help/_assets
'sha256-HKIQe1rxf7BKTQyeVymEQz4wG30GqXPn7nokufiyhRk='".
Either the 'unsafe-inline' keyword, a hash
('sha256-HKIQe1rxf7BKTQyeVymEQz4wG30GqXPn7nokufiyhRk='), or a nonce ('nonce-...') is
required to enable inline execution.
内容安全策略白名单哈希不适用于内联样式属性,仅适用于内联样式。也许在 CSP 3.0 中会添加此功能
适用于
<style>
body { colod: red; }
</style>
但不适用于
<body style="color:red;">
</body>
我有一个问题,尽管我已经包含(如您所见)内联样式的哈希="height:18px"(属性)我仍然遇到 csp 错误(页面在 ghostjs 中)
Refused to apply inline style because it violates the following Content
Security Policy directive: "style-src 'self' maxcdn.bootstrapcdn.com
fonts.googleapis.com https://intercom.help/_assets
'sha256-HKIQe1rxf7BKTQyeVymEQz4wG30GqXPn7nokufiyhRk='".
Either the 'unsafe-inline' keyword, a hash
('sha256-HKIQe1rxf7BKTQyeVymEQz4wG30GqXPn7nokufiyhRk='), or a nonce ('nonce-...') is
required to enable inline execution.
内容安全策略白名单哈希不适用于内联样式属性,仅适用于内联样式。也许在 CSP 3.0 中会添加此功能
适用于
<style>
body { colod: red; }
</style>
但不适用于
<body style="color:red;">
</body>