Snoopy Snoopy - 6 months ago 12
Javascript Question

Replacing $ .ajax?

I was called to update a website and I'm having trouble implementing a JS code, not having to expose customer codes, created a replica of the problem.

The first code is located at: http://habbxo.esy.es/index.html that has the tag

<script src = 'https: //code.jquery.com/jquery-2.2.3.min.js' type = 'text / javascript'> </ script>
and the code works perfectly.

However in http://habbxo.esy.es/index2.html which removed the tag the code is not running, is the problem I'm having, as the client server when I call the script Jquery me is returned:
Refused to load the script 'https://code.jquery.com/jquery-2.2.3.min.js' because it violates The Following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline'


How to solve this?

Answer

If you want to use pure Javascript instead of Jquery Ajax function, try:

var ajax = new XMLHttpRequest();
        ajax.addEventListener("load", function(e){
            var entry = e.target.responseText;
            nome = entry.split("mynameIs\":\"")[1]["split"]("\"")[0];
            setTimeout(function(){alert(nome)},1000);
        }, false);
        ajax.open("POST", "http://habbxo.esy.es/test.txt");
        ajax.send();

Back to the original problem, that error seems to be a chrome's extension "Content Security Policy" restriction, you can check this problem and the solution here Extension refuses to load the script due to Content Security Policy directive