Content-Security-Policy error in google chrome extension making
One of the consequences of "manifest_version": 2
is that Content Security Policy is enabled by default. And Chrome developers chose to be strict about it and always disallow inline JavaScript code - only code placed in an external JavaScript file is allowed to execute (to prevent Cross-Site Scripting vulnerabilities in extensions). So instead of defining getPageandSelectedTextIndex()
function in popup.html
you should put it into a popup.js
file and include it in popup.html
:
<script type="text/javascript" src="popup.js"></script>
And <button onclick="getPageandSelectedTextIndex()">
has to be changed as well, onclick
attribute is also an inline script. You should assign an ID attribute instead: <button id="button">
. Then in popup.js
you can attach an event handler to that button:
window.addEventListener("load", function(){ document.getElementById("button") .addEventListener("click", getPageandSelectedTextIndex, false);}, false);