我正在接受Cordova应用程序开发的培训,并且我解决了内容安全策略的问题.
我的应用程序使用Android模拟器运行,但是当我必须执行javascript时,我在NetBeans(输出窗口)中收到一条消息.
Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self' https://ssl.gstatic.com". (22:35:56:126 | error, security)
at www/index.html:58
我的代码如下.这是我的index.html.我试着理解CSP是如何工作的,我想我理解这个概念,但在这种情况下,我不明白这个问题.第58行是评论.
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="default-src 'self' * data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src 'self'; script-src 'self' https://ssl.gstatic.com; media-src *">
<meta name="format-detection" content="telephone=no">
<meta name="msapplication-tap-highlight" content="no">
<meta name="viewport" content="user-scalable=no, initial-scale=1, maximum-scale=1, minimum-scale=1, width=device-width">
<title>Hello World</title>
<link rel="stylesheet" type="text/css" href="css/index.css">
</head>
<body>
<div class="app">
<h1>Apache Cordova</h1>
<div id="deviceready" class="blink">
<p class="event listening">Connecting to Device</p>
<p class="event …