2

I need to debug or modify webpages from time to time using JQuery. I open Developer Tools, in Console enter

(function()
{
  var s=document.createElement('script');
  s.setAttribute('src','https://code.jquery.com/jquery-2.1.1.min.js');
  s.setAttribute('type','text/javascript');
  document.getElementsByTagName('head')[0].appendChild(s);
  jQuery.noConflict();
})();

But Chrome says

Refused to load the script 'https://code.jquery.com/jquery-2.1.1.min.js' because it violates the following Content Security Policy directive: "script-src 'none'".

I understand Content Security Policy is good to prevent cross site scripting. But I want to be able to load JQuery.

How can I load JQuery to any page?

Gqqnbig
  • 5,845
  • 10
  • 45
  • 86
  • This might be helpful - https://stackoverflow.com/a/74456654/816213 – Sachin Jain Nov 16 '22 at 07:31
  • Does this answer your question? [How to override content security policy while including script in browser JS console?](https://stackoverflow.com/questions/27323631/how-to-override-content-security-policy-while-including-script-in-browser-js-con) – Sachin Jain Nov 16 '22 at 07:32

3 Answers3

1

If the page has that CSP directive, you can't (on a browser that supports the CSP); the page owner has it locked down. If it's a page you're really supposed to be debugging, modify the server to not send the CSP header or to allow scripts from https://code.jquery.com.

T.J. Crowder
  • 1,031,962
  • 187
  • 1,923
  • 1,875
0

Instead of pasting loading code into console, you can just paste complete minified source code of jQuery.

Kamil Szot
  • 17,436
  • 6
  • 62
  • 65
-1

The problem states: I need to debug or modify webpages from time to time using JQuery

There is an easier way to do that than trying to load it manually. This is what I typically do. Try chrome's Jquery injector https://chrome.google.com/webstore/detail/jquery-injector/indebdooekgjhkncmgbkeopjebofdoid?hl=en

Vadim
  • 179
  • 4