Fix: [Extension] Remove inline script (for extension's Content Security Policy reason)

Fix: [Extension] Disable Service Worker
4 years ago · ce2642ad1f
parent c6ea98333e
commit ce2642ad1f
5 changed files with 43 additions and 35 deletions
--- a/extension-manifest.json
+++ b/extension-manifest.json
@ -11,5 +11,6 @@
  "homepage_url": "https://github.com/ix64/unlock-music",
  "browser_action": {
    "default_popup": "./popup.html"
-  }
+  },
+  "content_security_policy": "script-src 'self' https://stats.ixarea.com; object-src 'self'"
 }
--- a/public/index.html
+++ b/public/index.html
@ -5,13 +5,10 @@
    <meta content="webkit" name="renderer">
    <meta content="IE=edge,chrome=1" http-equiv="X-UA-Compatible">
    <meta content="width=device-width,initial-scale=1.0" name="viewport">
-    <!--@formatter:off-->
-    <script>var _paq=window._paq||[];_paq.push(["setRequestMethod","POST"],["trackPageView"],["enableLinkTracking"],["setSiteId","2"],["setTrackerUrl","https://stats.ixarea.com/ixarea-stats/report"]);</script>
-    <!--@formatter:on-->
-    <script async src="https://stats.ixarea.com/ixarea-stats.js"></script>
    <title>音乐解锁</title>
    <meta content="音乐,解锁,ncm,qmc,mgg,mflac,qq音乐,网易云音乐,加密" name="keywords"/>
    <meta content="音乐解锁 - 在任何设备上解锁已购的加密音乐！" name="description"/>
+    <script src="./ixarea-stats.js"></script>
    <!--@formatter:off-->
    <style>#loader{position:absolute;left:50%;top:50%;z-index:1010;margin:-75px 0 0 -75px;border:16px solid #f3f3f3;border-radius:50%;border-top:16px solid #1db1ff;width:120px;height:120px;animation:spin 2s linear infinite}@keyframes spin{0%{transform:rotate(0)}100%{transform:rotate(360deg)}}#loader-mask{text-align:center;position:absolute;width:100%;height:100%;bottom:0;left:0;right:0;top:0;z-index:1009;background-color:rgba(242,246,252,.88)}@media (prefers-color-scheme:dark){#loader-mask{color:#fff;background-color:rgba(0,0,0,.85)}#loader-mask a{color:#ddd}#loader-mask a:hover{color:#1db1ff}}#loader-source{font-size:1.5rem}#loader-tips-timeout{font-size:1.2rem}</style>
    <!--@formatter:on-->
@ -27,12 +24,12 @@
             style="border:0"/>
    </noscript>
    <h3 id="loader-source"> 请勿直接运行源代码！ </h3>
-    <div hidden id="loader-tips-outdated">
+    <div id="loader-tips-outdated" hidden>
        <h2>您可能在使用不受支持的<span style="color:#f00;">过时</span>浏览器，这可能导致此应用无法正常工作。</h2>
        <h3>如果您使用双核浏览器，您可以尝试切换到 <span style="color:#f00;">“极速模式”</span> 解决此问题。</h3>
        <h3>或者，您可以尝试更换下方的几个浏览器之一。</h3>
    </div>
-    <h3 hidden id="loader-tips-timeout">
+    <h3 id="loader-tips-timeout" hidden>
        音乐解锁采用了一些新特性！建议使用
        <a href="https://www.microsoft.com/zh-cn/edge" target="_blank">Microsoft Edge Chromium</a>
        <a href="https://www.google.cn/chrome/" target="_blank">Google Chrome</a>
@ -41,32 +38,6 @@
    </h3>
 </div>
 <div id="app"></div>
-<script>
-    (function () {
-        setTimeout(function () {
-            var ele = document.getElementById("loader-tips-timeout");
-            if (ele != null) {
-                ele.hidden = false;
-            }
-        }, 2000);
-
-        var ua = navigator && navigator.userAgent;
-        var detected = (function () {
-            var m;
-            if (!ua) return true;
-            if (/MSIE |Trident\//.exec(ua)) return true; // no IE
-            m = /Edge\/([\d.]+)/.exec(ua); // Edge >= 17
-            if (m && Number(m[1]) < 17) return true;
-            m = /Chrome\/([\d.]+)/.exec(ua); // Chrome >= 58
-            if (m && Number(m[1]) < 58) return true;
-            m = /Firefox\/([\d.]+)/.exec(ua); // Firefox >= 45
-            return m && Number(m[1]) < 45;
-        })();
-        if (detected) {
-            document.getElementById('loader-tips-outdated').hidden = false;
-            document.getElementById("loader-tips-timeout").hidden = false;
-        }
-    })();
-</script>
+<script src="./loader.js"></script>
 </body>
 </html>
--- a/public/ixarea-stats.js
+++ b/public/ixarea-stats.js
@ -0,0 +1,10 @@
+var _paq = window._paq || [];
+_paq.push(["setRequestMethod", "POST"], ["trackPageView"], ["enableLinkTracking"],
+    ["setSiteId", "2"], ["setTrackerUrl", "https://stats.ixarea.com/ixarea-stats/report"]);
+
+var tag = document.createElement('script');
+tag.type = 'text/javascript';
+tag.async = true;
+tag.src = 'https://stats.ixarea.com/ixarea-stats.js';
+var s = document.getElementsByTagName('script')[0];
+s.parentNode.insertBefore(tag, s);
--- a/public/loader.js
+++ b/public/loader.js
@ -0,0 +1,25 @@
+(function () {
+    setTimeout(function () {
+        var ele = document.getElementById("loader-tips-timeout");
+        if (ele != null) {
+            ele.hidden = false;
+        }
+    }, 2000);
+
+    var ua = navigator && navigator.userAgent;
+    var detected = (function () {
+        var m;
+        if (!ua) return true;
+        if (/MSIE |Trident\//.exec(ua)) return true; // no IE
+        m = /Edge\/([\d.]+)/.exec(ua); // Edge >= 17
+        if (m && Number(m[1]) < 17) return true;
+        m = /Chrome\/([\d.]+)/.exec(ua); // Chrome >= 58
+        if (m && Number(m[1]) < 58) return true;
+        m = /Firefox\/([\d.]+)/.exec(ua); // Firefox >= 45
+        return m && Number(m[1]) < 45;
+    })();
+    if (detected) {
+        document.getElementById('loader-tips-outdated').hidden = false;
+        document.getElementById("loader-tips-timeout").hidden = false;
+    }
+})();
--- a/src/registerServiceWorker.js
+++ b/src/registerServiceWorker.js
@ -2,7 +2,8 @@

 import {register} from 'register-service-worker'

-if (process.env.NODE_ENV === 'production') {
+if (process.env.NODE_ENV === 'production' && window.location.protocol === "https:") {
+
    register(`${process.env.BASE_URL}service-worker.js`, {
        ready() {
            console.log('App is being served from cache by a service worker.')