[Bug] Injecting script tag blocked by Hacker News content security policy
Closed this issue · 0 comments
joshuaavalon commented
As title.
Refused to load the script 'https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://cdnjs.cloudflare.com/".
A simple fix is to use @require
instead of injecting script tag.
...
// @include https://news.ycombinator.com*
// @require https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
// @grant none
...
start();