我正在将我的离子/角度应用程序构建为电子应用程序,当我运行它并加载它时,我会得到以下错误:
Refused to connect to 'https://xxxxxxxxxx.com/whpacking/v1/getlocations' because it violates the following Content Security Policy directive: "default-src capacitor-electron://* 'unsafe-inline' devtools://* 'unsafe-eval' data:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
我试图在电子文件夹的index.html中添加以下行,但仍然会出现同样的错误:
<meta http-equiv="Content-Security-Policy" content="default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *;">
有办法解决这个问题吗?
您可以查看内容安全策略文档以更好地理解。所以,对我来说,一个通用的配置是:
<meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' 'unsafe-inline'; script-src * 'self' 'unsafe-inline' 'unsafe-eval'; media-src *; connect-src * ;">