Reputation: 4161
How to load an external JavaScript inside an extension popup
I'm trying to build a page action extension and need to load an external JavaScript library from the popup (it needs to come from the external domain so that the correct cookies are sent).
However I get this error message:
Refused to load script from 'http://api.flattr.com/js/0.6/load.js?mode=auto' because of Content-Security-Policy.
Is there any way around this?
Upvotes: 7
Views: 2872
Answers (1)
Reputation: 9518
Using scripts via plain HTTP is no longer allowed for security reasons. See this issue.
From linked page:
Yeah, we're no longer allowing insecure scripts in extensions. If you load a script over HTTP, an active network attacker can inject script into your extension, which is a security vulnerability.
One suggested solution is to link the scripts via HTTPS where possible. Another one is to include the script with the plugin itself.
Upvotes: 2
Related Questions
- How can I open my extension's pop-up with JavaScript?
- call inject.js method from popup.js chrome extension
- Create a popup inside chrome extension
- how to load JS from a chrome extension popup
- Load jquery in popup chrome extension
- How to load an external javascript file asynchronously within popup.html?
- popup window in Chrome extension
- Chrome Extension won't load my JavaScript from the popup file
- Open popup.html using script in chrome extension?
- Chrome extensions: import local Javascript into popup.html