[Webkit-unassigned] [Bug 268710] New: [Warning] [blocked] The page at https://xxxx.html was not allowed to run insecure content from knb://knb.js.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Feb 4 00:23:07 PST 2024
https://bugs.webkit.org/show_bug.cgi?id=268710
Bug ID: 268710
Summary: [Warning] [blocked] The page at https://xxxx.html was
not allowed to run insecure content from knb://knb.js.
Product: WebKit
Version: Safari 16
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Major
Priority: P2
Component: JavaScriptCore
Assignee: webkit-unassigned at lists.webkit.org
Reporter: 904936148 at qq.com
I am trying to load a URL with a specific scheme through the HTTPS main document to implement the function of local data interception and feedback on the iOS end's WKWebView. I have set a custom scheme interceptor, but I cannot receive related calls in the callback method:
-(void)webView:(nonnull WKWebView *)webView startURLSchemeTask:(nonnull id<WKURLSchemeTask>)urlSchemeTask
In the H5, I set the Content-Security-Policy as follows:
<meta http-equiv="Content-Security-Policy" content="script-src knb:">
......
<script src="knb://knb.js"></script>
<img src="knb://knb2.js"></img>
I can intercept knb://knb2.js, but I cannot receive knb://knb.js.
When inspecting in the safari browser, it shows
[Warning] [blocked] The page at https://xxxx.html was not allowed to run insecure content from knb://knb.js.
Is there anything else I need to set? Or does it not support this kind of loading at all?
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240204/10b3a867/attachment-0001.htm>
More information about the webkit-unassigned
mailing list