Refused to execute inline script because it violates the following Content Security Policy directive

Posted 2021-09-23 谷哥的小弟

---

版权声明

• 本文原创作者：谷哥的小弟
• 作者博客地址：http://blog.csdn.net/lfdfhl

---

问题描述

在利用表单向后台提交数据时，前端页面报错：

Refused to execute inline script because it violates the following Content Security Policy directive: “default-src ‘self’”. Either the ‘unsafe-inline’ keyword, a hash (‘sha256-2/nwTfnmhsEOQ+pVDGpNeMyOzp4HRtQri8QvvBb+A6Q=’), or a nonce (‘nonce-…’) is required to enable inline execution. Note also that ‘script-src’ was not explicitly set, so ‘default-src’ is used as a fallback.

解决方案

在前端表单提交时请勿采用type="submit"的方式，而应采用type="button"。

示例代码

在此，以示例形式展示解决方案。

html代码

<form method="post" id="userform2">
	姓名: <input type="text" id="name" name="username" style="width: 150px" />
	<br /><br />
	年龄: <input type="text" id="age" name="userage" style="width: 150px" />
	<br /><br />
	<input id="ajaxPostButton4" type="button" value="利用$.post()提交表单" />
</form>

javascript代码

//利用$.post()提交表单
$("#ajaxPostButton4").click(function() {
	var url = "http://xxx.xxx.137.1:8080/MyController/test";
	var params = $("#userform2").serialize();
	console.log(params);
	$.post(
		url,
		params,
		function(data) {
			console.log(data);
		},
		"json"
	);
});