0

I'm making a browser extension but the Content Security Policy seems to be blocking some of my content. I've added a meta tag to allow for a website: 

<meta http-equiv="Content-Security-Policy" content="script-src https://cdnjs.cloudflare.com https://cdn.jsdelivr.net">

I'm still getting the same error message saying that the script-src is being blocked.

Warning that Loading failed for the script with source...

Error that the Content Security Policy settings blocked the resource from loading

How do I allow my resource to load?

p.s. I'm targeting Firefox and Google Chrome.

Dezmond H
  • 25
  • 7

1 Answers1

0

Nevermind, I needed to put the code in my manifest.json file, instead of in the <head> of my html file. It should look something like this: 

}
"content_security_policy": "script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://cdn.jsdelivr.net; object-src 'self'",
}

I was able to find an answer in another post to help me with this.

Dezmond H
  • 25
  • 7