I'm making Chrome extention and used following code there:
var wnd = window.open()
wnd.document.write("<script>console.log(123)</script>")
When I run it new tab is opend but the script is not executed due to error
(unknown) Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' blob: filesystem:". Either the 'unsafe-inline' keyword, a hash ('sha256-HNzGVZJz/a6AgeYzhJ2eI5ogYei3YBUxeYiDI0NUpyU='), or a nonce ('nonce-...') is required to enable inline execution.
I have no idea how I should specify unsafe-inline
in window.open
.
Extension manifest if it matters:
{
"manifest_version": 2,
"name": "My ext",
"version": "1",
"description": "My ext",
"icons": {},
"background": {
"persistent": true,
"scripts": ["background.js"]
},
"permissions": ["cookies", "http://*/*", "https://*/*", "tabs"]
}