背景见上一篇博客修改网页内容的方法
上一篇博客之后,我要修改的网页有一个新改版,然后有个数据存在了window中,我直接在js中使用window.xxx发现无法获取。所以有本文。
搜了一下发现有两种方法,如上,大概就是:
方法1
javascript
var script = document.createElement('script');
script.textContent = 'console.log(window);';
(document.head||document.documentElement).appendChild(script);出现报错:
bash
extensions_version_page.js:6 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval' 'inline-speculation-rules' http://localhost:* http://127.0.0.1:*". Either the 'unsafe-inline' keyword, a hash ('sha256-XnQUOdrKm+cYqdkT/ljnkhjaYaitt2Xh3uRQxH/M9z0='), or a nonce ('nonce-...') is required to enable inline execution.方法2
json
{
"name": "yeshen_extresion",
"version": "1.0",
"description": "yeshen test",
"manifest_version": 3,
"web_accessible_resource": [
{
"resources": [
"assets/*",
"js/contentScript.js"
]
}
],
"content_scripts": [
{
"matches": [
"https://innovation.pm.netease.com/v6/issues/*",
"https://web.pm.netease.com/v6/issues/*",
"https://uu.pm.netease.com/v6/issues/*",
"https://msdk.pm.netease.com/v6/issues/*"
],
"js": [
"extensions_issue_page.js"
],
"run_at": "document_start"
},
]
}
bash
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval' 'inline-speculation-rules' http://localhost:* http://127.0.0.1:*". Either the 'unsafe-inline' keyword, a hash ('sha256-XnQUOdrKm+cYqdkT/ljnkhjaYaitt2Xh3uRQxH/M9z0='), or a nonce ('nonce-...') is required to enable inline execution.报错比较清晰,就是注入的代码和原有代码不在一个域下,无法操作/注入javascript对象。
最后我是这样做的:
我的方法一
从其他页面获取这个数据,在url参数中携带这个信息;
我的方法二
从dom节点中获取第一个元素信息,然后通过网络请求,重新请求需要的数据。