html+php内联执行JavaScript是报错

报错信息

read.PHP:1 Refused to run the javascript URL because it violates the following Content Security Policy directive: “script-src ‘self’”. Either the ‘unsafe-inline’ keyWord, a hash (‘sha256-…’), or a nonce (‘nonce-…’) is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the ‘unsafe-hashes’ keyword is present.

翻译过来就是

拒绝运行JavaScript URL，因为它违反了以下内容安全策略指令:“script-src ‘self’”。要启用内联执行，需要使用’unsafe-inline’关键字、hash (‘sha256-…’)或nonce (‘nonce-…’)。注意，哈希值不适用于事件处理程序、样式属性和javascript:导航，除非有’unsafe-hash '关键字。

解决方法

在header方法中增加unsafe-inline

header("Content-Security-Policy: script-src 'self' 'unsafe-inline';);

来源地址：https://blog.csdn.net/Leloz/article/details/126183540