0

I'm building a google chrome extension, in the run time it displays Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' blob: filesystem: chrome-extension-resource:". Either the 'unsafe-inline' keyword, a hash ('sha256-GnVJQ+pfVgD0VXf8ZFlSzgJaDUFRyvpUk++sBrdjNQE='), or a nonce ('nonce-...') is required to enable inline execution. when I run the code as a html page it works perfectly, but as a plugin in chrome it doesn't

<script>
function getinput(welcome)
{   var welcome = document.getElementById('welcome')
    var get = document.getElementById('text')
    welcome.innerHTML=get.value;
    var restore = document.body.innerHTML;
    var printcontent = document.getElementById('welcome').innerHTML;
    document.body.innerHTML = printcontent;
    window.print()
    document.body.innerHTML = restore;
}
</script>

the manifest file 

{
"name" : "print plugin",
"version" : "1.0",
"description" : "a simple printing plugin",
"manifest_version":2,
"browser_action" :{
"default_icon" : "icon.png",
"default_popup":"popup.html"}}
Cœur
  • 32,421
  • 21
  • 173
  • 232
hala
  • 111
  • 12
  • Add your manifest.json file – Barmar Jun 06 '18 at 23:34
  • { "name" : "print plugin", "version" : "1.0", "description" : "a simple printing plugin", "manifest_version":2, "browser_action" :{ "default_icon" : "icon.png", "default_popup":"popup.html" } } @Barmar – hala Jun 06 '18 at 23:48
  • Add it to the question. – Barmar Jun 06 '18 at 23:48
  • Looks like you're missing the content security policy directive. – Barmar Jun 06 '18 at 23:48
  • https://developer.chrome.com/extensions/contentSecurityPolicy – Barmar Jun 06 '18 at 23:49
  • @Barmar i added the manifest file to the code . – hala Jun 06 '18 at 23:57
  • You're missing `"content_security_policy": "[POLICY STRING GOES HERE]"` – Barmar Jun 07 '18 at 00:01
  • should i paste it as it is in my manifest file or there must be any other information i should add it inside the parenthe ses?! @Barmar – hala Jun 07 '18 at 00:50
  • You need to replace `[POLICY STRING GOES HERE]` with the correct policy string for your extension. – Barmar Jun 07 '18 at 00:52
  • Inline javascripts are not allowed in the chrome extension. You must put them in a file and include the file using script tag. – elegant-user Jun 07 '18 at 05:09
  • can i have more help please , because i have no idea about the security side .i followed the content security policy document , but theres alot of things i didn't understand .what should I add instead of [POLICY STRING GOES HERE] @Barmar – hala Jun 08 '18 at 15:01
  • Have you tried reading the documentation I linked to above? – Barmar Jun 08 '18 at 15:19
  • yes ,but i had a little hard to understand some few things .@Barmar – hala Jun 08 '18 at 15:24

0 Answers0