我正在尝试与 API“https://brasilapi.com.br/api/ibge/uf/v1”建立连接,但出现以下错误:
chunk-OMODUTDX.js:79 Refused to load the script 'https://apis.google.com/js/api.js?onload=__iframefcb559688' because it violates the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval' 'inline-speculation-rules'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
这是我的 HTML 头:
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="assets/css/style.css">
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests" />
<script src="https://kit.fontawesome.com/d4c0dbaccd.js" crossorigin="anonymous"></script>
这是我的js代码:
async function carregarEstados(){
const APIResponse = await fetch(`https://brasilapi.com.br/api/ibge/uf/v1
`)
if(APIResponse.status === 200){
const data = await APIResponse.json()
console.log(data[1]['sigla'])
for (let index = 1; index <= data.length; index++) {
const doc = `
<option value=${data[index]['sigla']}>${data[index]['sigla']}</option>
`
document.querySelector('#estado').append(doc)
}
}else{
console.log("Algo deu errado")
}
}
为您的站点设置了内容安全策略,可能在响应标头中。您将需要确定此 CSP 的设置位置并对其进行修改。它可以在代码中设置,但更有可能默认在您的框架中,在 Web 服务器或代理上。