Angular4 Content-Security-Protocol 拒绝加载字体

Question

我刚刚从 Angular1.6 -> 4 升级，我有点卡住 Content-Security-Protocol 错误：

http://localhost:4200/:1 GET http://localhost:4200/ 404 (Not Found)
localhost/:1 Refused to load the font 'data:font/woff;base64,d09GRgABAAAAAIt0ABEAAAABQDwAAQABAAAAAAAAAAAAAAAAAAAAACwKGBmIIpVWLACJWGwAUVjI2KwAiNEswkKAwIrswsQAwIrsxEWAwIrWbIEKAZFUkSzCxAEAisA' 
because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'font-src' was not explicitly set, so 'default-src' is used as a fallback.

就像我尽我所能并让我发布我的 JSON 文件一样！就像有人可以帮助我了解到底发生了什么，为什么它不起作用以及其他可能的解决方案？而且，我还没有尝试使用 manifest.JSON.... 我对这个项目有点兴趣，所以任何帮助都将不胜感激！

<!doctype html>
<html lang="en">
<head>
  <meta http-equiv="Content-Security-Policy" content="
        default-src 'none';
        style-src 'self' 'unsafe-inline';
        font-src * data:;
        " />
  <meta charset="utf-8">
  <title>Comp</title>
  <base href="/">


  <!-- Latest compiled and minified CSS -->
  <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">

  <!-- jQuery library -->
  <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>

  <!-- Latest compiled JavaScript -->
  <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <link rel="icon" type="image/x-icon" href="favicon.ico">
</head>
<body>
  <app-root></app-root>
</body>
</html>

包.JSON：

{
  "name": "comp",
  "version": "0.0.0",
  "license": "MIT",
  "scripts": {
    "ng": "ng",
    "start": "ng serve && node app.js",
    "build": "ng build",
    "test": "ng test",
    "lint": "ng lint",
    "e2e": "ng e2e"
  },
  "private": true,
  "dependencies": {
    "@angular/animations": "^4.0.0",
    "@angular/common": "^4.0.0",
    "@angular/compiler": "^4.0.0",
    "@angular/compiler-cli": "^4.2.6",
    "@angular/core": "^4.0.0",
    "@angular/forms": "^4.0.0",
    "@angular/http": "^4.0.0",
    "@angular/platform-browser": "^4.0.0",
    "@angular/platform-browser-dynamic": "^4.0.0",
    "@angular/router": "^4.0.0",
    "core-js": "^2.4.1",
    "module": "^1.2.5",
    "mongodb": "^2.2.30",
    "mongoose": "^4.11.1",
    "mongoose-middleware": "^1.0.0",
    "ng2-dnd": "^4.2.0",
    "rxjs": "^5.1.0",
    "zone.js": "^0.8.4"
  },
  "devDependencies": {
    "@angular/cli": "^1.2.0",
    "@angular/language-service": "^4.0.0",
    "@types/jasmine": "~2.5.53",
    "@types/jasminewd2": "~2.0.2",
    "@types/mongodb": "^2.2.7",
    "@types/node": "^8.0.10",
    "body-parser": "^1.17.2",
    "codelyzer": "~3.1.2",
    "jasmine-core": "~2.6.2",
    "jasmine-spec-reporter": "~4.1.0",
    "karma": "~1.7.0",
    "karma-chrome-launcher": "~2.2.0",
    "karma-cli": "~1.0.1",
    "karma-coverage-istanbul-reporter": "^1.2.1",
    "karma-jasmine": "~1.1.0",
    "karma-jasmine-html-reporter": "^0.2.2",
    "protractor": "~5.1.2",
    "ts-node": "~3.2.0",
    "tslint": "~5.5.0",
    "typescript": "~2.4.1"
  }
}

Answer 1

向评论过的@sideshowbarker 致敬：

听起来您的 Content-Security-Policy 标头更严格 策略比您尝试在 文档。你不能这样设置一个不太严格的政策。你需要 改为更改标题值。看 stackoverflow.com/questions/42960811/ … 和 stackoverflow.com/questions/44732431/…

这个错误是由模块内部更严格的 CSP 引起的，因此请尝试在 .ts 文件中禁用模块导入，这就是我所做的。

祝你好运！

Answer 2

如果您在终端中收到错误node_modules/rxjs/internal/types.d.ts

错误 TS1005、TS1109

请尝试重新安装您的 rxjs

npm install rxjs@6.0.0 --save

从rxjs 6.4.0 更改为rxjs: 6.0.0。 它在我的情况下有效。

Answer 3

如果您想解决此问题，请按照以下步骤操作：

1. 打开终端 (CMD)
2. 进入您的项目 (cd C:/user/user/desktop/....)
3. 写这个（npm install --save rxjs-compat）
4. 重新启动您的项目
5. 完成