Dear colleagues, help clarify one question. When I try to place my extension in Chrome Online Store, I get the following warning - Avoid requesting or executing remotely javascript files. Its meaning is generally understandable, it is not clear just what to sin. I have several versions:
In popup.html there is the line
<script type="text/javascript" src="https://withyouon.com/js/index.js"></script>'In background.js there is
$ .post (" https://withyouon.com/server.php ”, p, function (a) {d = eval ('(' + a + ')');})
I get lost in a more specific definition of the problem. Whether it is that you can not connect js from a remote server. Either that $ .post does not work, although jquery.min.js is taken from the extension folder (see the manifest below). And you need to use XMLHttpRequest.send () Whether it is in eval ('(' + a + ')'); What exactly is the problem?
Manifesto:
{ "manifest_version": 2, "name": "withyouon.com", "version": "1.2", "icons": { "128": "icons/128.png", "129": "icons/konv.png" }, "content_scripts": [ { "matches": [ "*://*/*" ], "js": [ "/js/jquery.min.js", "/js/background.js", "/js/inject.js", "/js/script.js" ], "run_at": "document_end" } ], "description":"ver. 1.2. withyouon.com site extension ajax orient", "short_name": "withyouon.com site extension ajax orient", "browser_action": { "default_icon": "icons/128.png", "default_popup": "popup.html" }, "background": { "scripts": ["/js/jquery.min.js", "/js/background.js"] }, "content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'self'", "web_accessible_resources": ["/js/jquery.min.js", "/js/inject.js", "icons/128.png", "popup.html", "/js/script.js"], "permissions": ["activeTab", "proxy", "webRequest", "webRequestBlocking", "\u003Call_urls>", "storage", "tabs", "webNavigation", "cookies", "<all_urls>", "history" ] } Maybe the problem is that the permissions section: should contain two more values - " https://withyouon.com/ ", " http://withyouon.com/ "? Help, please, understand.
