我不斷收到此錯誤:腳本導致「拒絕執行內嵌腳本:無論是‘不安全的內聯’關鍵字,哈希...或現時需要啓用內嵌執行」
Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self' data: gap: http://www.visitsingapore.com https://ssl.gstatic.com 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-V+/U3qbjHKP0SaNQhMwYNm62gfWX4QHwPJ7We1PXokI='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
誰能告訴我如何解決這個問題,這是什麼意思?我的代碼是:
<meta http-equiv="Content-Security-Policy" content="default-src 'self' data:gap: http://www.visitsingapore.com https://ssl.gstatic.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *">
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<link rel="stylesheet" type="text/css" href="css/index.css">
<link rel="stylesheet" href="css/jquery.mobile-1.4.5.css">
<script src="lib/jquery-3.2.1.min.js"></script>
<script type="text/javascript" src="scripts/key.js"></script>
<script>$.ajax({
url: ' http://www.visitsingapore.com/api.listing.en.json',
type: 'GET',
beforeSend: function (xhr) {
xhr.setRequestHeader('email ID', '[email protected]');
xhr.setRequestHeader('token ID', '-------');
},
data: {},
success: function (qwe12) {
var TrueResult2 = JSON.stringify(qwe12);
document.write(TrueResult2);
},
error: function() { },
});</script>
我試圖努力去創造一個新的js文件,並把代碼在HTML文件<腳本類型=「文/ JavaScript的」 SRC =「腳本/ Ajax的call.js」>但我有另一個錯誤「XMLHttpRequest無法加載http://www.visitsingapore.com/api.listing.en.json。請求的資源上沒有「Access-Control-Allow-Origin」標題。原因'http:// localhost:4400'因此是不允許訪問的。「這是什麼意思? –
這意味着問題中描述的問題已經解決了,但是您還有一個完全的紅外問題,而不是您在問題中描述的問題這是在這裏回答的,所以你應該發佈一個關於額外無關問題的新問題 – sideshowbarker