Tim*_*thy 4 javascript google-chrome-extension
我正在尝试运行以下内容:
chrome.tabs.onCreated.addListener(function (tab){
if (tab.url.indexOf(".salesforce.com/") != -1 || tab.url.indexOf(".force.com/") != -1) {
chrome.tabs.executeScript(tab.id, {
"file": "loadScript.js"
}, function () {
console.log("Script Executed .. ");
});
} else {
var wrongTab = chrome.i18n.getMessage("wrongTab");
console.log(wrongTab);
alert(wrongTab);
}
});
哪个应该(在理论上),在页面加载时运行loadScript.js文件.... loadScript.js文件如下,这应该将文件追加到正在运行的页面,而不是当前的背景页面:
/* Create a scriipt element in head of HTML and put /soap/ajax/31.0/connection.js in the src */
var connectJsUrl = "/connection.js";
function loadScript(url, callback) {
var head = document.getElementsByTagName("head")[0];
var script = document.createElement("script");
script.src = url;
var done = false;
script.onload = script.onreadystatechange = function() {
if (!done && (!this.readyState || this.readyState == "loaded" || this.readyState == "complete")) {
done = true;
callback();
script.onload = script.onreadystatechange = null;
head.removeChild(script);
}
};
head.appendChild(script);
}
loadScript(connectJsUrl, function() {
console.log("Script Confirmed...")
});
/* Check to see if the file have been appended correctly and works correctly */
var JSFile = "chrome-extension://" + window.location.host + connectJsUrl;
var req = (window.XMLHttpRequest) ? new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP");
if (req == null) {
console.log("Error: XMLHttpRequest failed to initiate.");
};
req.onload = function() {
try {
eval(req.responseText);
} catch (e) {
console.log("There was an error in the script file.");
}
};
try {
req.open("GET", JSFile, true);
req.send(null);
} catch (e) {
console.log("Error retrieving data httpReq. Some browsers only accept cross-domain request with HTTP.");
};
我仍然是Chrome Extensions和.js的新手,请原谅我,如果我犯了一个愚蠢的错误:)
所有我从这个越来越如下:拒绝,因为"不安全-EVAL"不是脚本在下面的内容安全策略指令所允许源的来评价一个字符串,如JavaScript"脚本的src'自我’铬扩展资源:".
abh*_*ash 14
为防止跨站点脚本,Google已阻止了eval功能.
要解决这个问题,请将此代码添加到manifest.json中
"content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'self'",
如果您需要进一步说明,请评论
重要的
如前所述,将其添加到您的 manifest.json 中:
"content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'self'"
确保将“manifest_version”设置为 2 又名
//this
"manifest_version": 2
出于某些安全原因,适用于 manifest_version 3 的 Chrome 扩展不支持不安全的评估。
还要确保重新加载您的扩展。
| 归档时间: |
|
| 查看次数: |
2985 次 |
| 最近记录: |