今天在做文件上傳的時候,出現了下面的錯誤:
Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-4Su6mBWzEIFnH4pAGMOuaeBrstwJN4Z3pq/s1Kn4/KQ='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
傷透了腦筋,就是圖片上傳上去了,返回url的時候被攔截了,這是play裏面的攔截引起的。
解決方法
在application.conf的headers裏面加上這句:
# The Content-Security-Policy header. If null, the header is not set.
contentSecurityPolicy = "default-src 'self' 'unsafe-inline'"
參考文獻
[1]. Refused to apply inline style because it violates the following Content Security Policy directive. https://stackoverflow.com/questions/17766817/refused-to-apply-inline-style-because-it-violates-the-following-content-security