即使我添加了正确的 SHA 也违反了 CSP
Violating CSP even though I added the right SHA
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' 'sha256-o/kbe6RnURgWNmQt/lS02Rrn0WWOYgK9UupCx39FTBI=' 'sha256-v9Mw9x7yMApHnSPDExzKqU3NtzpjJzqCFAjKU2czIRo=' 'sha256-udQJaD2iLjLPwDBs5CIgWma5W3O8BHOI9Sy+17DR6tk=' 'nonce-33bbb484-d955-42ee-ac5a-5864f5cb4f59'". Either the 'unsafe-inline' keyword, a hash ('sha256-o/kbe6RnURgWNmQt/lS02Rrn0WWOYgK9UupCx39FTBI='), or a nonce ('nonce-...') is required to enable inline execution.
如您所见,我添加了浏览器建议我为 style-src 指令添加的确切 SHA。这是浏览器错误吗...怎么了?
答案在这里:
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' 'sha256-o/kbe6RnURgWNmQt/lS02Rrn0WWOYgK9UupCx39FTBI=' 'sha256-v9Mw9x7yMApHnSPDExzKqU3NtzpjJzqCFAjKU2czIRo=' 'sha256-udQJaD2iLjLPwDBs5CIgWma5W3O8BHOI9Sy+17DR6tk=' 'nonce-33bbb484-d955-42ee-ac5a-5864f5cb4f59'". Either the 'unsafe-inline' keyword, a hash ('sha256-o/kbe6RnURgWNmQt/lS02Rrn0WWOYgK9UupCx39FTBI='), or a nonce ('nonce-...') is required to enable inline execution.
如您所见,我添加了浏览器建议我为 style-src 指令添加的确切 SHA。这是浏览器错误吗...怎么了?
答案在这里: