ContentSecurityPolicy 防止电子中的获取请求
ContentSecurityPolicy Preventing fetch request in Electron
我正在尝试构建一个发出 api 请求的电子应用程序,但是当我发出 api 调用时,出现以下错误:
Refused to connect to '<API_URL>' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' data:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
Refused to connect to '<API_URL>' because it violates the document's Content Security Policy.
我用来发出请求的代码是
const getContent = async (url) => await fetch(url)
我尝试在 BrowserWindow 中添加元标记以允许不安全评估并将 webSecurity 设置为 false,但似乎都没有任何效果。我也尝试用 axios 发出请求并得到相同的响应。尽管看到有人从 Electron 内部发出 api 请求的几个例子,但我无法在互联网上找到此问题的任何其他实例。
如果您使用 electron-forge,此资源将会有所帮助。 https://githubmemory.com/repo/electron-userland/electron-forge/issues/2331
转到 package.json,查找配置,然后插入并插入这个
"devContentSecurityPolicy":"default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;"
万一你还是一头雾水,这是我的package.json代码
{
"name": "x",
"productName": "x",
"version": "1.0.0",
"description": "My Electron application description",
"main": ".webpack/main",
"scripts": {
"start": "electron-forge start",
"package": "electron-forge package",
"make": "electron-forge make",
"publish": "electron-forge publish",
"lint": "echo \"No linting configured\"",
},
"keywords": [],
"license": "MIT",
"config": {
"forge": {
"packagerConfig": {},
"makers": [
{
"name": "@electron-forge/maker-squirrel",
"config": {
"name": "x"
}
},
{
"name": "@electron-forge/maker-zip",
"platforms": [
"darwin"
]
},
{
"name": "@electron-forge/maker-deb",
"config": {}
},
{
"name": "@electron-forge/maker-rpm",
"config": {}
}
],
"plugins": [
[
"@electron-forge/plugin-webpack",
{
"devContentSecurityPolicy":"default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;",
"mainConfig": "./webpack.main.config.js",
"renderer": {
"config": "./webpack.renderer.config.js",
"entryPoints": [
{
"html": "./public/index.html",
"js": "./public/renderer.js",
"name": "main_window"
}
]
}
}
]
]
}
},
"devDependencies": {
"@babel/core": "^7.15.5",
"@babel/preset-react": "^7.14.5",
"@electron-forge/cli": "^6.0.0-beta.60",
"@electron-forge/maker-deb": "^6.0.0-beta.60",
"@electron-forge/maker-rpm": "^6.0.0-beta.60",
"@electron-forge/maker-squirrel": "^6.0.0-beta.60",
"@electron-forge/maker-zip": "^6.0.0-beta.60",
"@electron-forge/plugin-webpack": "6.0.0-beta.60",
"@vercel/webpack-asset-relocator-loader": "1.7.0",
"babel-loader": "^8.2.2",
"css-loader": "^6.0.0",
"electron": "^15.3.1",
"install": "^0.13.0",
"node-loader": "^2.0.0",
"npm": "^7.22.0",
"react": "^17.0.2",
"react-dom": "^17.0.2",
"style-loader": "^3.0.0"
},
"dependencies": {
"@date-io/date-fns": "^1.3.13",
"@date-io/moment": "^2.10.11",
"@material-ui/core": "^4.11.4",
"@material-ui/icons": "^4.11.2",
"@material-ui/pickers": "^4.0.0-alpha.12",
"@testing-library/jest-dom": "^5.11.4",
"@testing-library/react": "^11.1.0",
"@testing-library/user-event": "^12.1.10",
"@wojtekmaj/react-daterange-picker": "^3.2.0",
"@y0c/react-datepicker": "^1.0.4",
"aes-js": "^3.1.2",
"ag-grid-community": "^25.3.0",
"ag-grid-react": "^25.3.0",
"axios": "^0.21.1",
"base-64": "^1.0.0",
"bootstrap": "^4.6.0",
"bootstrap-daterangepicker": "^3.1.0",
"crypto-js": "^4.1.1",
"date-fns": "^2.22.1",
"electron-splashscreen": "^1.0.0",
"electron-squirrel-startup": "^1.0.0",
"hex64": "^0.4.0",
"jquery": "^3.6.0",
"lottie-react": "^2.1.0",
"moment": "^2.29.1",
"moment-timezone": "^0.5.32",
"node-jsencrypt": "^1.0.0",
"prop-types": "^15.7.2",
"qrcode": "^1.4.4",
"react-bootstrap-daterangepicker": "^7.0.0",
"react-custom-scrollbars-2": "^4.4.0",
"react-date-range": "^1.2.0",
"react-dropdown-input": "^0.1.11",
"react-geolocated": "^3.2.0",
"react-live-clock": "^5.2.0",
"react-lottie": "^1.2.3",
"react-moment": "^1.1.1",
"react-native-qrcode-svg": "^6.1.1",
"react-native-svg": "^12.1.1",
"react-otp-input": "^2.3.1",
"react-qr-code": "^2.0.2",
"react-responsive": "^8.2.0",
"react-router-dom": "^5.2.0",
"react-scripts": "4.0.3",
"react-scroll": "^1.8.3",
"react-table": "^7.7.0",
"react-to-print": "^2.13.0",
"react-virtualized": "^9.22.3",
"react-virtualized-auto-sizer": "^1.0.5",
"react-window": "^1.8.6",
"reactstrap": "^8.9.0",
"rsuite": "^4.10.2",
"systeminformation": "^5.8.7",
"text-to-binary-converter": "^1.0.2",
"web-vitals": "^1.0.1",
"zustand": "^3.5.7"
}
}
我正在尝试构建一个发出 api 请求的电子应用程序,但是当我发出 api 调用时,出现以下错误:
Refused to connect to '<API_URL>' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' data:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
Refused to connect to '<API_URL>' because it violates the document's Content Security Policy.
我用来发出请求的代码是
const getContent = async (url) => await fetch(url)
我尝试在 BrowserWindow 中添加元标记以允许不安全评估并将 webSecurity 设置为 false,但似乎都没有任何效果。我也尝试用 axios 发出请求并得到相同的响应。尽管看到有人从 Electron 内部发出 api 请求的几个例子,但我无法在互联网上找到此问题的任何其他实例。
如果您使用 electron-forge,此资源将会有所帮助。 https://githubmemory.com/repo/electron-userland/electron-forge/issues/2331
转到 package.json,查找配置,然后插入并插入这个
"devContentSecurityPolicy":"default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;"
万一你还是一头雾水,这是我的package.json代码
{
"name": "x",
"productName": "x",
"version": "1.0.0",
"description": "My Electron application description",
"main": ".webpack/main",
"scripts": {
"start": "electron-forge start",
"package": "electron-forge package",
"make": "electron-forge make",
"publish": "electron-forge publish",
"lint": "echo \"No linting configured\"",
},
"keywords": [],
"license": "MIT",
"config": {
"forge": {
"packagerConfig": {},
"makers": [
{
"name": "@electron-forge/maker-squirrel",
"config": {
"name": "x"
}
},
{
"name": "@electron-forge/maker-zip",
"platforms": [
"darwin"
]
},
{
"name": "@electron-forge/maker-deb",
"config": {}
},
{
"name": "@electron-forge/maker-rpm",
"config": {}
}
],
"plugins": [
[
"@electron-forge/plugin-webpack",
{
"devContentSecurityPolicy":"default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;",
"mainConfig": "./webpack.main.config.js",
"renderer": {
"config": "./webpack.renderer.config.js",
"entryPoints": [
{
"html": "./public/index.html",
"js": "./public/renderer.js",
"name": "main_window"
}
]
}
}
]
]
}
},
"devDependencies": {
"@babel/core": "^7.15.5",
"@babel/preset-react": "^7.14.5",
"@electron-forge/cli": "^6.0.0-beta.60",
"@electron-forge/maker-deb": "^6.0.0-beta.60",
"@electron-forge/maker-rpm": "^6.0.0-beta.60",
"@electron-forge/maker-squirrel": "^6.0.0-beta.60",
"@electron-forge/maker-zip": "^6.0.0-beta.60",
"@electron-forge/plugin-webpack": "6.0.0-beta.60",
"@vercel/webpack-asset-relocator-loader": "1.7.0",
"babel-loader": "^8.2.2",
"css-loader": "^6.0.0",
"electron": "^15.3.1",
"install": "^0.13.0",
"node-loader": "^2.0.0",
"npm": "^7.22.0",
"react": "^17.0.2",
"react-dom": "^17.0.2",
"style-loader": "^3.0.0"
},
"dependencies": {
"@date-io/date-fns": "^1.3.13",
"@date-io/moment": "^2.10.11",
"@material-ui/core": "^4.11.4",
"@material-ui/icons": "^4.11.2",
"@material-ui/pickers": "^4.0.0-alpha.12",
"@testing-library/jest-dom": "^5.11.4",
"@testing-library/react": "^11.1.0",
"@testing-library/user-event": "^12.1.10",
"@wojtekmaj/react-daterange-picker": "^3.2.0",
"@y0c/react-datepicker": "^1.0.4",
"aes-js": "^3.1.2",
"ag-grid-community": "^25.3.0",
"ag-grid-react": "^25.3.0",
"axios": "^0.21.1",
"base-64": "^1.0.0",
"bootstrap": "^4.6.0",
"bootstrap-daterangepicker": "^3.1.0",
"crypto-js": "^4.1.1",
"date-fns": "^2.22.1",
"electron-splashscreen": "^1.0.0",
"electron-squirrel-startup": "^1.0.0",
"hex64": "^0.4.0",
"jquery": "^3.6.0",
"lottie-react": "^2.1.0",
"moment": "^2.29.1",
"moment-timezone": "^0.5.32",
"node-jsencrypt": "^1.0.0",
"prop-types": "^15.7.2",
"qrcode": "^1.4.4",
"react-bootstrap-daterangepicker": "^7.0.0",
"react-custom-scrollbars-2": "^4.4.0",
"react-date-range": "^1.2.0",
"react-dropdown-input": "^0.1.11",
"react-geolocated": "^3.2.0",
"react-live-clock": "^5.2.0",
"react-lottie": "^1.2.3",
"react-moment": "^1.1.1",
"react-native-qrcode-svg": "^6.1.1",
"react-native-svg": "^12.1.1",
"react-otp-input": "^2.3.1",
"react-qr-code": "^2.0.2",
"react-responsive": "^8.2.0",
"react-router-dom": "^5.2.0",
"react-scripts": "4.0.3",
"react-scroll": "^1.8.3",
"react-table": "^7.7.0",
"react-to-print": "^2.13.0",
"react-virtualized": "^9.22.3",
"react-virtualized-auto-sizer": "^1.0.5",
"react-window": "^1.8.6",
"reactstrap": "^8.9.0",
"rsuite": "^4.10.2",
"systeminformation": "^5.8.7",
"text-to-binary-converter": "^1.0.2",
"web-vitals": "^1.0.1",
"zustand": "^3.5.7"
}
}