Chrome showing error as: Refused to execute inline script because of Content-Security-Policy

jquery google-chrome google-chrome-extension

Solution 1:

From the Chrome extension CSP docs:

Inline JavaScript will not be executed. This restriction bans both inline <script> blocks and inline event handlers (e.g. <button onclick="...">).

You cannot have inline scripts in your extension HTML like:

<script>alert("I'm an inline script!");</script>

<button onclick="alert('I am an inline script, too!')">

Rather, you must place your script into a separate file:

<script src="somescript.js"></script>

Solution 2:

If you are using React with create-react-app:

  1. create a .env file in project root

  2. Add variable as follows: INLINE_RUNTIME_CHUNK=false

  3. Build the project again and load the extension again.

Source

Solution 3:

You have to add content_security_policy to your manifest.json file:

"content_security_policy": "script-src 'self' 'sha256-B+Qe/KNUDtGDd/m1g5ycAq1DgpLs9ubKmYTlOHBogC8='; object-src 'self'"

You will find the hash from console.

enter image description here

Related

JS: Does Object.assign() create deep copy or shallow copy
How to replace (null) values with 0 output in PIVOT
Capturing window.onbeforeunload
Why React Hook useState uses const and not let
How to add a footer to the UITableView?
Refreshing the auto complete (IntelliSense) database in Visual Studio
How to use mongoose findOne
How do I rotate text in css?
Confusion between isNaN and Number.isNaN in javascript
Converting string to tuple without splitting characters
How to reverse htmlentities()?
What is the difference between SQLite integer data types like int, integer, bigint, etc.?