I'm working on a chrome extension and using content scripting to execute this code on the page

chrome.browserAction.onClicked.addListener(function(tab) {
try{
$('input[type="submit"]').click();
}
catch(err){
($('input[type="button"]').attr('onclick'))(event);
}

});

and I get this error
"Refused to apply inline style because of Content-Security-Policy."
the manifest.json code:

{
  "name": "sites faxana ads clicking exception",
  "version": "1.0",
  "background_page": "background.html",
  "permissions": [
    "tabs", "<all_urls>"
  ],
  "browser_action": {
  "default_icon": "icon.png",
    "name": "Make this page red"
  },
  "content_security_policy": "default-src 'none'; script-src 'self'"
}

I'm working on a chrome extension and using content scripting to execute this code on the page

chrome.browserAction.onClicked.addListener(function(tab) {
try{
$('input[type="submit"]').click();
}
catch(err){
($('input[type="button"]').attr('onclick'))(event);
}

});

and I get this error
"Refused to apply inline style because of Content-Security-Policy."
the manifest.json code:

{
  "name": "sites faxana ads clicking exception",
  "version": "1.0",
  "background_page": "background.html",
  "permissions": [
    "tabs", "<all_urls>"
  ],
  "browser_action": {
  "default_icon": "icon.png",
    "name": "Make this page red"
  },
  "content_security_policy": "default-src 'none'; script-src 'self'"
}

• javascript
• google-chrome
• google-chrome-extension
• content-security-policy

Share Improve this question Follow edited Nov 9, 2012 at 10:06 Mike West 5,1512626 silver badges2626 bronze badges asked Dec 25, 2011 at 17:38 AmgedAmged 70011 gold badge77 silver badges2020 bronze badges 4

• my question is how to solve this error and execute this code – Amged Commented Dec 25, 2011 at 17:47
• This error shouldn't be causing anything to fail...other than styles. You should probably change default-src to 'self' 'unsafe-inline' because it looks like you're getting that error with an inline style. – gengkev Commented Jan 12, 2012 at 1:35
• I didn't write any inline style code :/ – Amged Commented Jan 12, 2012 at 18:35
• Apparently jQuery is writing inline style code. The plete error message should give you a clearer idea whether you should change default-src or maybe even better, style-src. – Michael McGinnis Commented Oct 13, 2017 at 2:22

Add a ment  | 

2 Answers 2

Sorted by: Reset to default 5

You're probably using an inline <style>.selector { ... }</style> in your head. Your CSP prevents you from doing this. Instead, use a <link rel...>.

For more info, see this nice article on the topic: https://mikewest/2011/10/secure-chrome-extensions-content-security-policy

This is because you included jQuery. Remove everything from your background.html page except for the jQuery include (I tried jQuery 1.7.1) and you get 5 errors in the console in Chrome 18.0.1003.1.

I've filed a bug with jQuery via their forums.