在 html 页面中嵌入 google 工作表 - 拒绝执行内联脚本

发布于 2025-01-13 20:53:09 字数 915 浏览 1 评论 0原文

我正在尝试将 google 工作表嵌入到一个简单的 HTML 页面中。我正在遵循以下指示： https://support.google.com/ docs/answer/183965?hl=en&co=GENIE.Platform%3DDesktop

我在控制台中收到以下内容

拒绝执行内联脚本，因为它违反了以下内容安全策略指令：“default-src 'self'”。启用内联执行需要“unsafe-inline”关键字、哈希值（“sha256-ktarjbJmNtF8IylbwgjSQoKrcQSdXJkqf60bj4nusHA=”）或随机数（“nonce-...”）。另请注意，未显式设置“script-src”，因此“default-src”用作后备

在浏览器中，我得到以下内容 Cannot GET /undefined

我将 Google Sheet 提供的 URL 嵌入到 div 中，如下所示

<div class="text-center section-heading" style="margin-top: 80px;">
<iframe src="https://docs.google.com/spreadsheets/d/e/2PACX-1vTuYr0tEiCqzkPHDgAEMxbUFfYAGI-XADsjCCC05dHuSU-5foLqR9CTHjjq-Xgh-O6SnM4ukIuKMywK/pubhtml?widget=true&amp;headers=false"></iframe>
</div>

原文

I am trying to embed google sheet in a simple HTML page.
I am following the instruction from:
https://support.google.com/docs/answer/183965?hl=en&co=GENIE.Platform%3DDesktop

I get the following in the console

Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-ktarjbJmNtF8IylbwgjSQoKrcQSdXJkqf60bj4nusHA='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback

In the browser I get the following
Cannot GET /undefined

I am embedding the google sheet provided URL in a div like the following

<div class="text-center section-heading" style="margin-top: 80px;">
<iframe src="https://docs.google.com/spreadsheets/d/e/2PACX-1vTuYr0tEiCqzkPHDgAEMxbUFfYAGI-XADsjCCC05dHuSU-5foLqR9CTHjjq-Xgh-O6SnM4ukIuKMywK/pubhtml?widget=true&headers=false"></iframe>
</div>

分享到QQ

分享到微博