Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/sharepoint/4.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
防止javascript表单提交到php服务器的内容安全策略_Javascript_Content Security Policy - Fatal编程技术网
Fatal编程技术网
  • javascript/
  • 防止javascript表单提交到php服务器的内容安全策略

防止javascript表单提交到php服务器的内容安全策略

javascript

防止javascript表单提交到php服务器的内容安全策略,javascript,content-security-policy,Javascript,Content Security Policy,有人能帮我解决这个烦人的问题吗?我正在尝试向我的服务器提交条带表单。我的标题中有他们的链接。每次我点击表单按钮,都不会发生任何事情,因为CSP阻止表单提交。看起来Firefox正在注入某种脚本?如何避开这个问题?我在本地主机上 控制台日志 Content Security Policy: The page’s settings blocked the loading of a resource at self (“script-src”). Source: try { (function in

有人能帮我解决这个烦人的问题吗?我正在尝试向我的服务器提交条带表单。我的标题中有他们的链接
。每次我点击表单按钮,都不会发生任何事情,因为CSP阻止表单提交。看起来Firefox正在注入某种脚本?如何避开这个问题?我在本地主机上

控制台日志

Content Security Policy: The page’s settings blocked the loading of a resource at self (“script-src”). Source: try {

(function injectPageScriptAPI(scr....
elements-inner-card-799faf0b7f6484028049b34fc28226d1.html:1
Content Security Policy: The page’s settings blocked the loading of a resource at self (“script-src”). Source: (function(){function _PostRPC() {        // in....
elements-inner-card-799faf0b7f6484028049b34fc28226d1.html:1
Content Security Policy: The page’s settings blocked the loading of a resource at self (“script-src”). Source: try {

(function injectPageScriptAPI(scr....
controller-0d0fbe23aa60de208bc061dd4283db56.html:1
Content Security Policy: The page’s settings blocked the loading of a resource at self (“script-src”). Source: (function(){function _PostRPC() {        // in....
controller-0d0fbe23aa60de208bc061dd4283db56.html:1
Content Security Policy: The page’s settings blocked the loading of a resource at self (“script-src”). Source: try {

var AG_onLoad=function(func){if(d....
controller-0d0fbe23aa60de208bc061dd4283db56.html:1
Content Security Policy: The page’s settings blocked the loading of a resource at self (“script-src”). Source: try {

var AG_onLoad=function(func){if(d....
elements-inner-card-799faf0b7f6484028049b34fc28226d1.html:1
Javascript

var stripe = Stripe('pk_test_test');
var elements = stripe.elements();
    // Handle form submission
    var form = document.getElementById('payment-form');

    form.addEventListener('submitpayment', function(event) {
        event.preventDefault();

    stripe.createToken(card).then(function(result) {
            if (result.error) {
                // Inform the user if there was an error
                var errorElement = document.getElementById('card-errors');
                errorElement.textContent = result.error.message;
            } else {
                stripeTokenHandler(result.token);
            }
        });
    });

    // Send Stripe Token to Server
    function stripeTokenHandler(token) {
        // Insert the token ID into the form so it gets submitted to the server
        var form = document.getElementById('payment-form');

    // Add Stripe Token to hidden input
        var hiddenInput = document.createElement('input');
        hiddenInput.setAttribute('type', 'hidden');
        hiddenInput.setAttribute('name', 'stripeToken');
        hiddenInput.setAttribute('value', token.id);
        form.appendChild(hiddenInput);

    // Submit form
     form.submit();
    }
在这个特殊的例子中,是AdGuard FireFox插件导致了这个问题

其他资源:

  • 看起来您正在运行AdGuard扩展(AG_onLoad),因此这很可能是罪魁祸首
  • 这是一个很好的资源,但是_PostRPC调用在
    unexplained
    .md文档中
  • 看起来这可能与-显然FF对CSP的应用非常严格有关
如果禁用所有加载项,能否验证它是否正常工作

HTH!

棒极了,哈哈。我应该对此进行更多的研究。我看得太远了。你是否缩小了@GaryJ的附加问题?我为localhost启用了ad guard,它成功了。我忘了我已经运行了这个程序。很好!我会为其他开发者更新我的答案,并向CSP repo提交PR。我只是想确保这是相关的。Che呃!