cordova错误之: Refused to connect to XXX -- because it violates the following Content Security Policy..
Refused to connect to ‘http://localhost:8545/‘ because it violates the following Content Security Policy directive: “default-src ‘self’ data: gap: https://ssl.gstatic.com ‘unsafe-eval’”. Note that ‘connect-src’ was not explicitly set, so ‘default-src’ is used as a fallback.
(anonymous) @ chunk-vendors.8e02e518.js:33
app.f97599e1.js:1 Error during service worker registration: DOMException
error @ app.f97599e1.js:1
2chunk-vendors.8e02e518.js:33 Uncaught (in promise) Error: invalid response - 0
at XMLHttpRequest.a.onreadystatechange (chunk-vendors.8e02e518.js:33)
解决办法:
错误提示中,已经说是违反了Content Security Policy指令,
因为在Content Security Policy中,没有配置对应的部分,那么会默认使用default-src指令,而default-src指令中没有设置我们发送请求url设置,因此拒绝访问。
如果要设置允许请求数据的话,则需要设置Content-Security-Policy的connect-src *,意思是可以请求到任何的url,如下所示:
<meta http-equiv="Content-Security-Policy"content="connect-src *; default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *; img-src 'self' data: content:;">
只要是配置了connect-src指令,则不会使用默认指令default-src。
解决办法参考链接:https://blog.csdn.net/michael_ouyang/article/details/50757456
meta标签官网:https://developer.mozilla.org/zh-CN/docs/Web/HTML/Element/meta
Content Security Policy官网:https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Headers/Content-Security-Policy__by_cnvoid
旧城等待,
今天药忘吃喽~
我就是我
怼烎@
刺骨的言语ヽ痛彻心扉
小灰灰
还没有评论,来说两句吧...