我在 jenkins 服务器上托管了一个网页。
我看到在最新的jenkins更新中有
所以我读了这本精彩的 post关于如何绕过这个限制
我已经添加了这个 <meta>
到我的页面
但我不断收到控制台错误:
拒绝应用内联样式,因为它违反了以下内容安全策略指令:“style-src 'self' https://maxcdn.bootstrapcdn.com/bootstrap/”。启用内联执行需要“不安全内联”关键字、散列(“sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=”)或随机数(“nonce-...”)。
<head>
<title>Bidi: unknown bl version vs. 1.0.487</title>
<meta content="text/html; charset=utf-8 ;" http-equiv="content-type">
<meta content="style-src 'self' https://maxcdn.bootstrapcdn.com/bootstrap/" http-equiv="Content-Security-Policy"><meta content="script-src 'self' https://maxcdn.bootstrapcdn.com/bootstrap/" http-equiv="Content-Security-Policy"><meta content="default-src 'self' https://maxcdn.bootstrapcdn.com/bootstrap/" http-equiv="Content-Security-Policy"><link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css"><link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap-theme.min.css"><script type="script" src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js"></script><link rel="icon" href="/jenkins/view/QA/job/RoutingRegression/ws/src/main/resources/html_pages/images/favicon.png" type="image/gif" sizes="16x16"><link rel="stylesheet" href="/RoutingRegression/html_pages/css/delta_samples.css">
</head>
最佳答案
将“不安全内联”属性添加到元数据。
<meta content="style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/" http-equiv="Content-Security-Policy">
<meta content="script-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/" http-equiv="Content-Security-Policy">
关于javascript - "style-src ' self ' https://maxcdn.bootstrapcdn.com/bootstrap/"。 'unsafe-inline' 关键字,哈希,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/35035864/