electron报错：Refused to execute inline event handler because it violates the following Content 。。。

最新推荐文章于 2024-08-19 22:23:19 发布

原创最新推荐文章于 2024-08-19 22:23:19 发布 · 2.6k 阅读

2 ·

CC 4.0 BY-SA版权

文章标签：

#electron #javascript #前端

在Electron应用中，由于ContentSecurityPolicy限制，直接在HTML元素上使用onClick事件会报错。Chrome浏览器不允许内联执行事件处理器，需通过JavaScript的事件绑定方式，如使用getElementById获取元素并添加事件监听器来实现点击事件。示例代码展示了如何为按钮元素添加点击事件监听器。

electron 页面添加 onClick 点击事件报错：Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.

原因：谷歌浏览器不支持在元素上直接添加 onClick 事件

解决办法：使用 id 或 class 事件绑定点击监听事件即可

let button = document.getElementById('button')
button.addEventListener('click', () => {
    console.log('getSystemMemoryInfo1:', process.env);

})

确定要放弃本次机会？

福利倒计时

: :

立减 ¥

普通VIP年卡可用

立即使用

奈何-1912*

关注关注

1
点赞
踩
2

收藏

觉得还不错? 一键收藏
0
评论
分享

复制链接

分享到 QQ

分享到新浪微博

扫一扫
举报

举报

Cordova页面解析页面中script标签内容失败，Refused to execute inline script because it violates the following

天马3798

02-16

2万+

一、异常内容： Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'". Either the 'u...

vue3：百度地图报错because it violates the following Content Security Policy directive: “script-src * ‘unsaf

最新发布

高级前端工程师

10-22

4338

because it violates the following Content Security Policy directive: "script-src * 'unsafe-inline' 'unsafe-eval'". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback. Note that '*' matches only URLs with network schemes ('

参与评论您还未登录，请先登录后发表或查看评论

Refused to load the script ‘xxxx.js‘ because it violates the following Content Security Policy ...

魏大大

03-12

6702

Refused to load the script 'https://unpkg.com/xxxx.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' data:". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used

Electron请求后端接口踩坑

m0_58809631的博客

08-19

926

今天用Electron-Vite，后端用SpringBoot写一个简单的接口，测试一下是否联通，没想到一直报错，也没找到原因。原来是Electron-Vite设置没有设置CSP连接来源，导致Electron用了默认的。

Refused to execute inline event handler because it violates the following Content Security Policy di...

weixin_33698043的博客

04-10

7274

/********************************************************************************* * Refused to execute inline event handler because it violates the following Content Security Policy directive: "xx...

Electron中提示:Refused to execute inline event handler because it violates

weixin_45488518的博客

03-14

1366

出现“Refused to execute inline event handler”的错误： index.html： <!DOCTYPE html> <html> <head> <meta charset="UTF-8">  <meta http-equiv="Content-Securi

Chrome插件在页面上直接绑定JavaScript事件提示Refused to execute inline event handler because it violates the follow...

angou6476的博客

01-16

1479

Chrome插件问了安全是不提倡在页面上直接写JavaScript的，如果出现了这个提示，其实也没有什么，同样可以运行。从ChromeExtenstion V2开始，不允许执行任何inline javascript代码（也就是html内的任何js代码都不允许执行），比如下面的代码： <input type="submit" name="btn_submit" value...

electron报错Error: Object has been destroyed

个人网站：https://www.longzipeng.online

07-01

5217

Error: Object has been destroyed

vue - electron 报错 Unable to load preload script: “x“ | Error: require() of ES Module “x“ not support

高级前端工程师

05-09

4018

vue，electron，preload.js，CommonJS，vue electron报错，将Electron项目原CommonJS语法改成使用ES 模块（ESM）语法，preload.js一直加载不到，报错，Electron项目中将CommonJS改成使用ES 模块（ESM）语法preload.js加载报错，详细解决方案，Unable to load preload script，Error: require() of ES Module "x" not support. Instead change

Electron常见问题 58 - 解决报错：code object is not signed at all

liuzhen007的专栏

04-25

1239

目录问题解决《Electron实战》系列-总览_Data-Mining的博客-优快云博客_electron net欢迎大家阅读 Data-Mining 的《Electron实战》专栏。这里简单的罗列一下专栏的文章目录，一方面方便大家阅读，另一方面可以快速的查找对应的文章。需要说明的是，本专栏会持续更新，不断增加新的文章，同时，也会动态更新原有文章。https://liuzhen.blog.youkuaiyun.com/article/details/109491566 问题话说今天开发完新功能打包时

拒绝执行内联事件处理程序，因为它违反了以下内容安全策略指令

全栈攻城狮的博客

05-27

6229

Refused to execute inline event handler because it violates the following Content Security Policy directive: “script-src ‘self’ ‘unsafe-inline’ ‘unsafe-eval’ at.alicdn.com f.alicdn.com g.alicdn.com lo...

Electron中Refused to execute inline script because it violates the following Content Security Policy

web修理工

11-15

1834

方法一：去掉Content Security Policy <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'"> <meta http-equiv="X-Content-Secur

开发chrome谷歌插件报错：Refused to execute inline event handler because it violates the following Content Sec

qq_43429963的博客

01-14

9352

报错信息： Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable

Refused to execute inline event handler because it violates the following Content Security Policy di

baidu_40537062的博客

06-24

1415

把下面这句注释掉就好了 <meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *; img-src 'self' data: content:;">

Refused to execute inline script because it violates the following Content Security Policy directive

xiao_ju_ju的博客

04-26

2956

是因为我们iframe的本地页面的位置放错了，我们vue页面是spa单页面，我把本地iframe的页面放置到了src里面去了，所以报错了。把iframe放置在public里面就行了。

Cordova页面解析页面中script 内容失败，Refused to execute inline script because it violates the following

热门推荐

farmwang的专栏

10-13

2万+

异常的原因： Content-Security-Policy的默认配置是default-src 'self'。解决方案：添加script-src * 'unsafe-inline'，对于页面内部标签不进行安全验证。

Refused to execute inline script because it violates the following Content Security Policy 脚本报错已解决

小小彭

12-09

7536

写了一个功能发现脚本报错以为是我的 jar 包引错了？还是未知反了？经过捯饬才发现这些都不是看下面是具体的报错 Failed to load resource: the server responded with a status of 404 (Not Found) upload.html:9 Refused to execute inline script because it violates the following Content Security Policy directive: "de

Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'"

08-31

该错误提示是由内容安全策略(Content Security Policy)引起的，意思是拒绝执行内联脚本，因为它违反了"script-src 'self'"的安全策略指令。要解决这个问题，有几种方法可以尝试： 1. 方法一是去掉或修改Content Security Policy的策略指令。可以在页面的头部添加以下内容来修改策略指令： `<meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'">`[2] 这样可以将script-src指令设置为允许从同源('self')加载脚本。 2. 方法二是不采用内联脚本，而是将脚本代码放在外部文件中，然后通过`<script>`标签引入外部文件。这样可以避免内联脚本被拒绝执行的问题。 3. 方法三是修改内容安全策略，列出允许执行的脚本代码的Hash值。这个方法比较复杂，需要计算脚本代码的Hash值并在策略指令中指定。详细的步骤可以参考相关资料。总结起来，你可以通过修改或去掉Content Security Policy策略指令，或者将脚本代码放在外部文件中来解决这个问题。<span class="em">1</span><span class="em">2</span><span class="em">3</span> #### 引用[.reference_title] - *1* [Chrome扩展页面动态绑定JS事件提示错误](https://download.youkuaiyun.com/download/weixin_38716563/13585425)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v93^chatsearchT3_1"}}] [.reference_item style="max-width: 50%"] - *2* *3* [Electron中Refused to execute inline script because it violates the following Content Security Policy](https://blog.youkuaiyun.com/qq_42374676/article/details/121336166)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v93^chatsearchT3_1"}}] [.reference_item style="max-width: 50%"] [ .reference_list ]