playframework 2.6 refused to apply inline style because it violates the following Content Security

来源:csdn博客 分类: 文章浏览史 发布时间:2020-06-06 15:49:15 最后更新:2020-06-06 浏览:214
转载声明:
本文为摘录自“csdn博客”,版权归原作者所有。
温馨提示:
为了更好的体验,请点击原文链接进行浏览
摘录时间:
2020-06-06 15:49:15

今天在做文件上传的时候,出现了下面的错误:

Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-4Su6mBWzEIFnH4pAGMOuaeBrstwJN4Z3pq/s1Kn4/KQ='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.

伤透了脑筋,就是图片上传上去了,返回url的时候被拦截了,这是play里面的拦截引起的。

解决方法

在application.conf的headers里面加上这句:

 # The Content-Security-Policy header. If null, the header is not set.
     contentSecurityPolicy = "default-src 'self' 'unsafe-inline'"

参考文献

[1]. Refused to apply inline style because it violates the following Content Security Policy directive. https://stackoverflow.com/questions/17766817/refused-to-apply-inline-style-because-it-violates-the-following-content-security

 

php技术微信