Chrome showing error as: Refused to execute inline script because of Content-Security-Policy

Solution 1:

From the Chrome extension CSP docs:

Inline JavaScript will not be executed. This restriction bans both inline <script> blocks and inline event handlers (e.g. <button onclick="...">).

You cannot have inline scripts in your extension HTML like:

<script>alert("I'm an inline script!");</script>

<button onclick="alert('I am an inline script, too!')">

Rather, you must place your script into a separate file:

<script src="somescript.js"></script>

Solution 2:

If you are using React with create-react-app:

  1. create a .env file in project root

  2. Add variable as follows: INLINE_RUNTIME_CHUNK=false

  3. Build the project again and load the extension again.

Source

Solution 3:

You have to add content_security_policy to your manifest.json file:

"content_security_policy": "script-src 'self' 'sha256-B+Qe/KNUDtGDd/m1g5ycAq1DgpLs9ubKmYTlOHBogC8='; object-src 'self'"

You will find the hash from console.

enter image description here