科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>javascript - Run non-inline JS locally in Electron - Stack Overflow

    javascript - Run non-inline JS locally in Electron - Stack Overflow

    programmeradmin2浏览0评论

    I'd like to stick all of my separate JS scripts as files in another folder when developing locally. The only way I've been able to do this is if I don't declare the meta statement. However, by not declaring it, I of course get a warning.

    Electron Security Warning (Insecure Content-Security-Policy) This renderer process has either no Content Security Policy set or a policy with "unsafe-eval" enabled. This exposes users of this app to unnecessary security risks.

    Is there a way to do it locally without either ignoring or violating CSP?

    I'd like to stick all of my separate JS scripts as files in another folder when developing locally. The only way I've been able to do this is if I don't declare the meta statement. However, by not declaring it, I of course get a warning.

    Electron Security Warning (Insecure Content-Security-Policy) This renderer process has either no Content Security Policy set or a policy with "unsafe-eval" enabled. This exposes users of this app to unnecessary security risks.

    Is there a way to do it locally without either ignoring or violating CSP?

    • javascript
    • node.js
    • electron
    • content-security-policy
    Share Improve this question edited Oct 4, 2019 at 6:01 M. Twarog 2,6314 gold badges23 silver badges42 bronze badges asked Oct 4, 2019 at 5:57 oldboyoldboy 5,9847 gold badges42 silver badges99 bronze badges
    Add a ment  | 

    1 Answer 1

    Reset to default 3

    Set the following meta tag in the renderers.

    <meta http-equiv="Content-Security-Policy" content="script-src 'nonce-xxx or sha256-yyy' " />

    Kindly checkout my github repo electron-renderer-CSP-sample, containing samples for both nonce & SHA methods for internal & external js files as well.

    OR

    You can make use of preload argument in webPreferences while creating the main BrowserWindow. In the main.js,

      mainWindow = new BrowserWindow({
    webPreferences: {
      nodeIntegration: false,
      preload: path.join(__dirname, 'preload.js')
    }
  })

    In the preload.js

            const remote = require("electron").remote;
// electron APIs
        window.appQuit = function() {
          remote.app.exit(0);
        };
// node modules
       window.notify= function notify(msg) {
       return require('node-notifier').notify(msg);
       };
// DOM can be manipulated from here (Refer 
// https://github./electron/electron-quick-start/blob/master/preload.js)

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论