监控 Cordova

1. 接入插件
2. 修改Content-Security-Policy配置

https://og6593g2z.qnssl.comhttps://fundebug.com添加到default-src中即可:

<meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval' https://fundebug.com  https://og6593g2z.qnssl.com; style-src 'self' 'unsafe-inline'; media-src *; img-src 'self' data: content:;">



PS:为什么需要修改Content-Security-Policy配置?

处于安全方面的考虑,Cordova使用cordova-plugin-whitelist配置了严格的安全策略。

Cordova的默认的Content-Security-Policy配置位于www/index.html内,如下所示:

<meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *; img-src 'self' data: content:;">

为了在在Cordova中使用Fundebug,则需要修改Content-Security-Policy

否则,将会遇到这些的错误:

加载fundebug脚本失败:

08-02 14:10:52.132  4185  4185 I chromium: [INFO:CONSOLE(0)] "Refused to load the script 'https://og6593g2z.qnssl.com/fundebug.0.3.3.min.js' because it violates the following Content Security Policy directive: "default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval' 'unsafe-inline'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.

发送错误数据到Fundebug失败:

08-02 11:10:59.848 20520 20520 I chromium: [INFO:CONSOLE(1)] "Uncaught SecurityError: Failed to execute 'open' on 'XMLHttpRequest': Refused to connect to 'https://fundebug.com/javascript/' because it violates the document's Content Security Policy.", source: https://og6593g2z.qnssl.com/fundebug.0.3.3.min.js (1)

results matching ""

    No results matching ""