高德地图脚本加载异常，浏览器报错

最新推荐文章于 2025-02-19 16:26:59 发布

白执落

最新推荐文章于 2025-02-19 16:26:59 发布

阅读量4k

点赞数 6

分类专栏： problem 文章标签：前端

本文链接：https://blog.youkuaiyun.com/qq_39331257/article/details/125635529

版权

problem 专栏收录该内容

25 篇文章

订阅专栏

博客主要描述了nginx配置后浏览器出现脚本加载报错的问题，报错信息显示脚本违反Content Security Policy指令，且‘script-src-elem’未明确设置，以‘script-src’作为备用。同时提到会给出相应的解决办法。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

                    
                    问题描述 
  nginx配置了add_header Content-Security-Policy "script-src 'self'";
 
浏览器报错 
  Refused to load the script ‘xxxx’ because it violates the following Content Security Policy directive: “script-src ‘self’ https://webapi.amap.com ‘unsafe-inline’ ‘unsafe-eval’ blob: data:”. Note that ‘script-src-elem’ was not explicitly set, so ‘script-src’ is used as a fallback.
Refused to load the script ‘xxxx’ because it violates the following Content Security Policy directive: “script-src ‘self’ https://webapi.amap.com ‘unsafe-inline’ ‘unsafe-eval’ blob: data:”. Note that ‘script-src-elem’ was not explicitly set, so ‘script-src’ is used as a fallback.
 
解决办法 
  add_header Content-Security-Policy "script-src 'self' https://webapi.amap.com 'unsafe-inline' 'unsafe-eval' blob: data:;";