plasmo
plasmo copied to clipboard
[BUG] CSP restricted inline-style in Overlay CSUI.
What happened?
The CSP restricted inline-style is configured on some web pages, causing injectAnchor to be executed abnormally on the csui.ts, and the CSUI style does not take effect:
import cssText from "data-text:~style.css"
export function getStyle() {
const style = document.createElement("style")
style.textContent = cssText
return style
}
https://developer.apple.com/documentation/safariservices/safari_web_extensions/style.css
guide.6d2501fe.js:72 Refused to connect to 'ws://localhost:1815/' because it violates the following Content Security Policy directive: "default-src 'self' *.apple.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
Version
Latest
What OS are you seeing the problem on?
MacOSX
What browsers are you seeing the problem on?
Chrome
Relevant log output
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' *.apple.com 'sha256-8sYhey1EBDQi8bgEKVzQaukvyoXk2XyF4mAm3oRZ/SQ='". Either the 'unsafe-inline' keyword, a hash ('sha256-wziXN3zGg/m2EZsVU1JeuUbR22M36/vyuqwFduwiJC4='), or a nonce ('nonce-...') is required to enable inline execution.
(OPTIONAL) Contribution
- [ ] I would like to fix this BUG via a PR
Code of Conduct
- [X] I agree to follow this project's Code of Conduct
- [X] I checked the current issues for duplicate problems.