【Vue3】Refused to frame ‘http://www.xxxxx.com/‘ because it violates the following Content Security

最新推荐文章于 2025-03-28 17:16:24 发布

春暖花开.,

最新推荐文章于 2025-03-28 17:16:24 发布

阅读量3.8k

点赞数

文章标签：前端 javascript 开发语言

本文链接：https://blog.youkuaiyun.com/m0_64494670/article/details/135143478

版权

错误：

在Vue内使用 iframe 标签然后引入了外部链接无法正常显示内容

Refused to frame 'http://xxxxxx/' 
because it violates the following Content Security 
Policy directive: "default-src 'self'". 
Note that 'frame-src' was not explicitly set, 
so 'default-src' is used as a fallback.

解决：

将html文件内 meta标头替换

<meta http-equiv="Content-Security-Policy"
    content="default-src * 'self' 'unsafe-inline' 
'unsafe-eval' data: gap: content: https://xxx.com;media-src * blob: 
'self' http://* 'unsafe-inline' 'unsafe-eval';style-src * 'self' 
'unsafe-inline';img-src * 'self' data: content:;connect-src * blob:;">