内容安全策略无效字符
Content Security Policy invalid characters
Chrome 在定义基本 csp 代码时在控制台上返回此错误:
The Content-Security-Policy directive name 'Content-Security-Policy:'
contains one or more invalid characters. Only ASCII alphanumeric
characters or dashes '-' are allowed in directive names.
这是我的 .htaccess 文件中的所有内容:
Header always set Content-Security-Policy "default-src 'self' script-src: 'self' 'unsafe-inline';"
你能看出有什么不对吗?谢谢
是的,你有误。你忘了一个“;”在 script-src 之前:
Header always set Content-Security-Policy "default-src 'self'; script-src: 'self' 'unsafe-inline';"
Chrome 在定义基本 csp 代码时在控制台上返回此错误:
The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
这是我的 .htaccess 文件中的所有内容:
Header always set Content-Security-Policy "default-src 'self' script-src: 'self' 'unsafe-inline';"
你能看出有什么不对吗?谢谢
是的,你有误。你忘了一个“;”在 script-src 之前:
Header always set Content-Security-Policy "default-src 'self'; script-src: 'self' 'unsafe-inline';"