Javascript 旋转木马不';启用内容安全策略时无法工作
我使用的是CSP,我的Javascript旋转木马不工作,除了旋转木马,其他一切都可以工作。 旋转木马CSS在另一个文件中工作,Java脚本也在另一个文件中,但不工作。 我没有收到任何错误 我做错了什么 提前感谢您抽出时间 CSP:Javascript 旋转木马不';启用内容安全策略时无法工作,javascript,twitter-bootstrap,security,carousel,xss,Javascript,Twitter Bootstrap,Security,Carousel,Xss,我使用的是CSP,我的Javascript旋转木马不工作,除了旋转木马,其他一切都可以工作。 旋转木马CSS在另一个文件中工作,Java脚本也在另一个文件中,但不工作。 我没有收到任何错误 我做错了什么 提前感谢您抽出时间 CSP: <div class="row"> <div class="col-md-12"> <div class="carousel carousel
<div class="row">
<div class="col-md-12">
<div class="carousel carousel-showsixmoveone slide" id="carousel123">
<div class="carousel-inner">
<div class="item active" ><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/1.jpg" class="img-responsive"></a></div></div>
<div class="item"><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/7.jpg" class="img-responsive"></a></div></div>
<div class="item"><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/1.jpg" class="img-responsive"></a></div></div>
<div class="item"><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/7.jpg" class="img-responsive"></a></div></div>
<div class="item"><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/2.jpg" class="img-responsive"></a></div></div>
<div class="item"><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/8.jpg" class="img-responsive"></a></div></div>
<div class="item"><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/9.jpg" class="img-responsive"></a></div></div>
<div class="item"><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/2.jpg" class="img-responsive"></a></div></div>
</div>
<div class="control">
<a href="#carousel123" data-slide="next"><img src="css/right.png"></a>
<a href="#carousel123" data-slide="prev"><img src="css/left.png"></a>
</div>
</div>
</div>
</div>
旋转木马html:
<div class="row">
<div class="col-md-12">
<div class="carousel carousel-showsixmoveone slide" id="carousel123">
<div class="carousel-inner">
<div class="item active" ><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/1.jpg" class="img-responsive"></a></div></div>
<div class="item"><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/7.jpg" class="img-responsive"></a></div></div>
<div class="item"><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/1.jpg" class="img-responsive"></a></div></div>
<div class="item"><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/7.jpg" class="img-responsive"></a></div></div>
<div class="item"><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/2.jpg" class="img-responsive"></a></div></div>
<div class="item"><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/8.jpg" class="img-responsive"></a></div></div>
<div class="item"><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/9.jpg" class="img-responsive"></a></div></div>
<div class="item"><div class="col-xs-12 col-sm-4 col-md-2"><a href="#"><img src="img/bests/2.jpg" class="img-responsive"></a></div></div>
</div>
<div class="control">
<a href="#carousel123" data-slide="next"><img src="css/right.png"></a>
<a href="#carousel123" data-slide="prev"><img src="css/left.png"></a>
</div>
</div>
</div>
</div>
JavaScript文件:
(function(){
$('#carousel123').carousel({ interval: 2000 });
$('#carouselABC').carousel({ interval: 3600 });
}());
(function(){
$('.carousel-showsixmoveone .item').each(function(){
var itemToClone = $(this);
for (var i=1;i<6;i++) {
itemToClone = itemToClone.next();
if (!itemToClone.length) {
itemToClone = $(this).siblings(':first');
}
itemToClone.children(':first-child').clone()
.addClass("cloneditem-"+(i))
.appendTo($(this));
}
});
}());
(函数(){
$(#carousel123')。carousel({interval:2000});
$(#carouselab')。carousel({interval:3600});
}());
(功能(){
$('.carousel showsixmoveone.item')。每个(函数(){
var itemToClone=$(此项);
对于(var i=1;i代码中不能有多个脚本src'self'
,因此CSP元如下所示:
<meta http-equiv="Content-Security-Policy" content="
style-src 'self' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css;
script-src 'self' https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js">