适用于 Firefox 而非 Chrome 网站的 Facebook Messenger
Facebook messenger for website working in Firefox, not Chrome
这可能是微不足道的,但我正在尝试为网站设置 Facebook Messenger,因为它可以通过页面使用。它在 Firefox 上加载完美(如下)
在 Chrome 上加载它时,我遇到了以下错误:
Refused to display 'https://www.facebook.com/v2.12/plugins/customerchat.php?app_id=226382507935447&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FNh1oH0K63yz.js%3Fversion%3D42%23cb%3Df3ee1b33e9fa724%26domain%3Dwww.MYWEBSITE.com%26origin%3Dhttps%253A%252F%252Fwww.MYWEBSITE.com%252Ffa7870694c0fac%26relation%3Dparent.parent&container_width=0&locale=en_US&page_id=1323494501052770&sdk=joey' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://www.facebook.com".
我已经对此进行了相当多的研究,运行 通过 adding/removing 我的域名从白名单中,将 off/modifying 我的 'Content-Security-Policy header & X-Frame-Options headers, 但无济于事.
我目前将 X-Frame-Options header 设置为:SAMEORIGIN,将 Content-Security-Policy 设置为:
default-src 'self';
frame-src 'self' https://*.facebook.com https://*.googleapis.com;
script-src 'self' 'unsafe-inline' 'unsafe-eval' http://cdn.adaptivedigital.io https://*.googleapis.com https://*.gstatic.com https://*.facebook.net https://*.facebook.com *.google-analytics.com https://cdnjs.cloudflare.com;
style-src 'self' 'unsafe-inline' http://cdn.adaptivedigital.io https://*.googleapis.com;
img-src 'self' http://cdn.adaptivedigital.io https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.googleapis.com https://*.gstatic.com;
font-src 'self' http://cdn.adaptivedigital.io https://*.googleapis.com https://*.gstatic.com;
object-src 'none'
在过去的 4 个小时里,我一直坚持这个问题,任何帮助将不胜感激!
顺便说一句,
Chrome版本:Version 64.0.3282.186 (Official Build) (64-bit)
我不相信。原来我有以下设置;
add_header Referrer-Policy 'no-referrer';
这反过来又破坏了 Facebook Messenger 插件(仍然很奇怪它只发生在 Chrome)。
我最终将其设置为;
add_header Referrer-Policy 'origin';
这可能是微不足道的,但我正在尝试为网站设置 Facebook Messenger,因为它可以通过页面使用。它在 Firefox 上加载完美(如下)
在 Chrome 上加载它时,我遇到了以下错误:
Refused to display 'https://www.facebook.com/v2.12/plugins/customerchat.php?app_id=226382507935447&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FNh1oH0K63yz.js%3Fversion%3D42%23cb%3Df3ee1b33e9fa724%26domain%3Dwww.MYWEBSITE.com%26origin%3Dhttps%253A%252F%252Fwww.MYWEBSITE.com%252Ffa7870694c0fac%26relation%3Dparent.parent&container_width=0&locale=en_US&page_id=1323494501052770&sdk=joey' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://www.facebook.com".
我已经对此进行了相当多的研究,运行 通过 adding/removing 我的域名从白名单中,将 off/modifying 我的 'Content-Security-Policy header & X-Frame-Options headers, 但无济于事.
我目前将 X-Frame-Options header 设置为:SAMEORIGIN,将 Content-Security-Policy 设置为:
default-src 'self';
frame-src 'self' https://*.facebook.com https://*.googleapis.com;
script-src 'self' 'unsafe-inline' 'unsafe-eval' http://cdn.adaptivedigital.io https://*.googleapis.com https://*.gstatic.com https://*.facebook.net https://*.facebook.com *.google-analytics.com https://cdnjs.cloudflare.com;
style-src 'self' 'unsafe-inline' http://cdn.adaptivedigital.io https://*.googleapis.com;
img-src 'self' http://cdn.adaptivedigital.io https://*.google-analytics.com https://*.facebook.com https://*.facebook.net https://*.googleapis.com https://*.gstatic.com;
font-src 'self' http://cdn.adaptivedigital.io https://*.googleapis.com https://*.gstatic.com;
object-src 'none'
在过去的 4 个小时里,我一直坚持这个问题,任何帮助将不胜感激!
顺便说一句,
Chrome版本:Version 64.0.3282.186 (Official Build) (64-bit)
我不相信。原来我有以下设置;
add_header Referrer-Policy 'no-referrer';
这反过来又破坏了 Facebook Messenger 插件(仍然很奇怪它只发生在 Chrome)。
我最终将其设置为;
add_header Referrer-Policy 'origin';