Google 种字体被内容安全策略阻止
Google fonts blocked by Content Security Policy
嗨,我有一些这样的内容安全策略:
<meta http-equiv="content-security-policy" content="default-src 'self';
script-src 'self' 'nonce-MhqUJrKKq9' https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js;
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; font-src 'self' https://fonts.gstatic.com/;
object-src 'none'; base-uri 'none';">
我试图允许 google 字体,但它给我这个错误:
webfont.js:17 拒绝加载样式表“http://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/”。
那么是什么导致了这个错误?我虽然已经将其排除在我的保单之外。
嗨,我有一些这样的内容安全策略:
<meta http-equiv="content-security-policy" content="default-src 'self';
script-src 'self' 'nonce-MhqUJrKKq9' https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js;
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; font-src 'self' https://fonts.gstatic.com/;
object-src 'none'; base-uri 'none';">
我试图允许 google 字体,但它给我这个错误:
webfont.js:17 拒绝加载样式表“http://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/”。
那么是什么导致了这个错误?我虽然已经将其排除在我的保单之外。