Sunday, May 19, 2024
Homepage · google-chrome
 Popular · Latest · Hot · Upcoming
90
rated 0 times [  94] [ 4]  / answers: 1 / hits: 50573  / 11 Years ago, wed, january 15, 2014, 12:00:00

My Chrome app has the following manifest:



{

    name: ,

    version: 1.0.3,

    manifest_version: 2,

    description: Chrome Extension for.,

    icons: {

        16: images/test.png,

        19: images/test.png,

        256: images/test.png

    },

    app: {

        background: {

            scripts: [

                background.js

            ]

        }

    },



    sandbox: {

        js: [

            lib/test-api.js

        ]

    },

    permissions: [

        <all_urls>,

        notifications,

        storage,

        videoCapture

    ]

}


I have a script file that runs eval. I have read about CSP and sandboxing, but I still get this error:




Refused to evaluate a string as JavaScript because 'unsafe-eval' is
not an allowed source of script in the following Content Security
Policy directive: default-src 'self' chrome-extension-resource:.
Note that 'script-src' was not explicitly set, so 'default-src' is
used as a fallback.



More From » google-chrome
 Answers
153

Have you tried adding the CSP line to your manifest as per your CSP link?



content_security_policy: script-src 'self' 'unsafe-eval'; object-src 'self'

[#73161] Tuesday, January 14, 2014, 11 Years  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.
raveno
Add To Favorites
Follow
Total Points: 453
Total Questions: 92
Total Answers: 92
Location: France
Member since Thu, Oct 27, 2022
2 Years ago
raveno questions
Wed, Jun 24, 20, 00:00, 4 Years ago
Sat, Feb 29, 20, 00:00, 4 Years ago
Fri, Dec 20, 19, 00:00, 5 Years ago
Thu, Sep 26, 19, 00:00, 5 Years ago
Sat, Jun 22, 19, 00:00, 5 Years ago
View All
;