更新时间:2022-04-19 22:47:02
显然,modernizr要么注入具有某些CSS属性的 style
元素,要么注入一些 style
属性;您可以通过以下方式更改CSP策略来处理它:
Apparently modernizr either injects a style
element with some CSS properties, or else injects some style
attributes; you can deal with it by changing your CSP policy this:
<meta http-equiv="content-security-policy"
content="default-src 'none'; script-src 'self';
connect-src 'self'; img-src 'self';
style-src 'self' 'sha256-CwE3Bg0VYQOIdNAkbB/Btdkhul49qZuwgNCMPgNY5zw=';" />