Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/asp.net/32.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/6/google-chrome/4.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Asp.net 拒绝加载,因为它违反了内容安全策略_Asp.net_Google Chrome_Firefox_Content Security Policy_Identityserver3 - Fatal编程技术网
Fatal编程技术网
  • asp.net/
  • Asp.net 拒绝加载,因为它违反了内容安全策略

Asp.net 拒绝加载,因为它违反了内容安全策略

asp.net google-chrome firefox

Asp.net 拒绝加载,因为它违反了内容安全策略,asp.net,google-chrome,firefox,content-security-policy,identityserver3,Asp.net,Google Chrome,Firefox,Content Security Policy,Identityserver3,我在Chrome和Firefox中面临着一个非常奇怪的内容安全策略问题 我的元标记如下所示: <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta http-equiv="Content-Security-P

我在Chrome和Firefox中面临着一个非常奇怪的内容安全策略问题

我的元标记如下所示:

<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' http://* https://* 'unsafe-inline'; script-src 'self' http://* https://* 'unsafe-inline' 'unsafe-eval'" />
这些线路产生了问题:

链接标签:

正文中的脚本标记:

<script>
        (function (i, s, o, g, r, a, m) {
            i['GoogleAnalyticsObject'] = r; i[r] = i[r] || function () {
                (i[r].q = i[r].q || []).push(arguments)
            }, i[r].l = 1 * new Date(); a = s.createElement(o),
            m = s.getElementsByTagName(o)[0]; a.async = 1; a.src = g; m.parentNode.insertBefore(a, m)
        })(window, document, 'script', 'https://www.google-analytics.com/analytics.js', 'ga');

        ga('create', 'UA-76462125-1', 'auto');
        ga('send', 'pageview');

        var dimensionValue = 'SOME_APP_NAME';
        ga('set', 'dimension1', dimensionValue);

</script>


(功能(i、s、o、g、r、a、m){
i['GoogleAnalyticsObject']=r;i[r]=i[r]| |函数(){
(i[r].q=i[r].q | |[]).push(参数)
},i[r].l=1*新日期();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(窗口,文档,'脚本','https://www.google-analytics.com/analytics.js","ga",;
ga(“创建”、“UA-76462125-1”、“自动”);
ga(‘发送’、‘页面浏览’);
var dimensionValue='SOME_APP_NAME';
ga('set','dimension1',dimensionValue);
我的页面中的视频标签如下:

<video controls="controls">
    <source src="https://www.youtube.com/embed/OhFel6HTHu8" type="video/mp4" />
</video>
请告诉我遗漏了什么。

如果检查HTTP响应,IdentityServer会发出CSP头。您可以通过在
CspOptions
上设置各种标志来配置它们。文档中介绍了这一点:

感谢您在这方面提供的帮助。我不认为Identity Server会强制执行此操作。