Victor S
Reputation: 5142
Could someone please explain how this Chrome extension manifest option is put together?
I'm looking at the http://code.google.com/chrome/extensions/contentSecurityPolicy.html documentation and seeing:
{
...,
"content_security_policy": "script-src 'self' https://example.com; object-src 'self'",
...
}
gets me confused... how is that value put together? What are the relevant pieces?
Upvotes: 0
Views: 97
Answers (2)
cababunga
Reputation: 3114
This means that scripts can be loaded only from the same extension and from https://example.com; media files can only be loaded from the extension.
Upvotes: 1
Chris Eberle
Reputation: 48795
Taken straight off of the same page:
For full details regarding CSP's syntax, please take a look at the Content Security Policy specification.
Upvotes: 0
Related Questions
- Chrome Extension Manifest 'Matches'
- What is "content_capabilities" field in chrome extension's manifest file?
- Google Chrome Extension manifest.json file
- Meta tags in chrome extension manifest.json?
- How do all types of Chrome extension scripts work?
- chrome extension - manifest version 2
- Chrome Extension permissions field in the manifest.json
- How to read chrome extension development documentation?
- chrome extension - manifest version 2
- how does the manifest for chrome extensions work?