Javascript Chrome插件和内容安全策略错误

上载未打包的Chrome扩展时，出现以下错误：

Could not load extension from '/Users/me/example'. Invalid value for 'content_security_policy': Both 'script-src' and 'object-src' directives must be specified (either explicitly, or implicitly via 'default-src'), and both must whitelist only secure resources. You may include any of the following sources: "'self'", "'unsafe-eval'", "http://127.0.0.1", "http://localhost", or any "https://" or "chrome-extension://" origin. For more information, see http://developer.chrome.com/extensions/contentSecurityPolicy.html

我的清单如下所示：

{
  "name": "Example Inc.",
  "manifest_version" : 2,
  "version": "0.4.4",
  "content_scripts": [
    {
      "matches": [
        "*://*.example.cc/*"
      ],
      "js": [
        "production/jquery.libs.min.js",
        "https://example.cc/js/example.js"
      ],
      "run_at": "document_end"
    }
  ],
  "permissions": [
    "*://*.example.cc/*",
    "tabs",
    "activeTab",
    "contextMenus",
    "storage",
    "management",
    "cookies"
  ],
  "content_security_policy": "script-src 'self' https://ssl.google-analytics.com/ga.js https://example.cc/js/*; object-src 'self'"
}

从我所看到的所有例子中，在阅读了一些CSP文档之后，我不确定我遗漏了什么。我们的域是完全https的，example.js文件存在并且可以访问，等等

欢迎任何意见

你应该做：

"content_security_policy": "script-src 'self' https://ssl.google-analytics.com/ga.js https://example.cc; object-src 'self'"

---

如果您只使用您的代码，请将其设置为仅限自己

---

“内容安全策略”：“脚本src'self'；默认src'self'”

为了更好地回答这个问题，请解释问题所在。使用此条目，尝试上载时出现以下错误：无法从“/Users/me/example”加载扩展名。无法为内容脚本加载javascript“”。@Xan向上滚动并阅读原始问题