Refused to execute a script (CSP issues)
#106
Comments
|
TL;DR: try putting this into your scripts metadata: That error most often occurs when trying to inject the script into the page context on a website with a strict content security policy. Injecting into the content script context can usually circumvent this issue. You can do that by using the Note, this error is due to the webpage's content security policy, which the user has no control over. While injecting into the |
|
Hi Justin,
Thanks a lot for this option. I'm able to proceed now. Thanks.
Cheers
Abdul
On 12-Mar-2021, at 1:52 PM, Justin Wasack ***@***.***> wrote:
@mjabdulm <https://github.com/mjabdulm>
TL;DR: try putting this into your scripts metadata: @inject-into content
That error most often occurs when trying to inject the script into the page context on a website with a script content security policy.
Injecting into the content script context can usually circumvent this issue. You can do that by using the @inject-into key with the value content or auto. auto attempts to inject into the page context and if an error occurs it should automatically fallback to content. You can read more about available keys here <https://github.com/quoid/userscripts#userscript-metadata>.
Note, this error is due to the webpage's content security policy, which the user has no control over. While injecting into the content context will usually allow script execution, it is not always a perfect solution since there are some things you can not accomplish in the content script context. Unfortunately, it is the only alternative for strict security policies, currently.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub <#106 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AHDZNWI2PVLDZT7PHLDGUBDTDG6MDANCNFSM4ZBX2KLA>.
|
|
@quoid Common Errors[Error] Refused to execute a script because its hash, its nonce, or 'unsafe-inline' does not appear in the script-src directive of the Content Security Policy...
|
|
If you have other previous error-solutions to add to the FAQ, just point me to them, I will do the blabla 💼 |
|
@TraderStf I have already done this for next update, but thank you for offer. |
CSP issues)
System Information:
Hi,
I wanted to execute a JS script and I get the following error while trying to execute the script. Please guide on how to debug this.
[Error] Refused to execute a script because its hash, its nonce, or 'unsafe-inline' does not appear in the script-src directive of the Content Security Policy. (tto-dyni-oto, line 0)
Thanks,
Abdul
The text was updated successfully, but these errors were encountered: