0WordpressのロゴWordPressのビジュアルエディタが動作しません

私はワードプレスのビジュアルエディタ]ボタンが動作を停止しばらくの間、問題を持っていました. コードエディタは大丈夫でした, そして、ビジュアルエディタのボタンが存在するが、それをクリックしても効果はありません. 周りの多くのあいた後、私は最終的にそれは私のコンテンツセキュリティポリシーによって破壊されていた発見しました!

One reas­on this was so dif­fi­cult to dia­gnose is because I haven’t seen any­one else sug­gest CSP as the source of the prob­lem, espe­cially since I am using the “clas­sic edit­or” plu­gin which most people seem to blame. The plu­gin, or word­press itself, may be partly to blame as my CSP isn’t unreas­on­able, but clearly I needed to per­mit some­thing else.

When I finally star­ted dig­ging through the con­sole I found the fol­low­ing error (in Fire­fox): The page’s set­tings observed the load­ing of a resource at eval (“script-src”)

The Chrome con­sole was much more help­ful: “Refused to eval­u­ate a string as JavaS­cript because ‘unsafe-eval’ is not an allowed source of script in the fol­low­ing Con­tent Secur­ity Policy directive”

So to get this work­ing I will have to enable “unsafe-eval” which is annoy­ing because this makes a con­tent secur­ity policy largely pointless.

As more and more people imple­ment CSP this will become more of an issue for the word­press and plu­gin devs to resolve to hope­fully in the longer term solu­tions will become avail­able. Until then I will see if there is a work­around by remov­ing inline and eval code.

The best inform­a­tion and guide I have found so far is at Col­or Blind Programming

返信を残す