1

this answer suggests adding shaw-256 base 64 encode string of source code under content_script_policy in manifest.json. What should I encode exactly? Complete content.js or only myfunction() in the below snippet or something else?

My content.js is something like this

myfunction(var1,var2){
  //do some thing here
}

var module = `<a href=${url} onclick="myfunction(var1,var2)">Lorem ipsum is a dummy text.Lorem ipsum is a dummy texxt.Lorem ipsum is a dummy texxt.</a>`

somedom.append(module)

Improve this question
2
  • Instead of using HTML simply construct the a element using document.createElement and then assign a.onclick = myfunction. It will correctly reference your content script's function. Commented Jan 7, 2019 at 18:26
  • Since you're calling this piece of code content.js, presumably this is a content script. They are not bound by content_security_policy in the manifest. Commented Jan 8, 2019 at 12:41

1 Answer 1

Reset to default
1

Inline code execution is not possible but you can add dynamic elements by using this

injectBtn() {
const link = document.createElement("button");
link.innerHTML = "BTN";
link.className = "btn1";

link.addEventListener("click", () => {
  this.injectTemplate();
});

return document.querySelector("#ipd-leftnav").appendChild(link);
 }
}

Hope this help

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

as per documentation (developer.chrome.com/extensions/…) inline execution of javascript is possible if you provide base64-encoded hash of the source code. I am confused about source code here in my case.
Bharath gedela, there's no point in doing this since the attribute will point to a page function, not to the content script (except for Chrome 71 which is buggy but that's a different story).

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.