'Content-Security-Policy with 'unsafe-inline' not working

In my chrome extension code, I need to inject a <script> tag with code, but I get this error:

Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'"

So I added the content_security_policy to my manifest.json file, but now I get another error:

enter image description here

My manifest is as follows:

{
  "manifest_version": 3,
  "name": "...",
  "description": "...",
  "version": "1.1",
  "author": "...",
  "icons": {
    "48": "favicon48.png",
    "256": "favicon256.png"
  },
  "permissions": [
    
  ],
  "content_scripts": [
    {
      "matches": [
        "http://skribbl.io/*",
        "https://skribbl.io/*"
      ],
      "js": [
        "words.js",
        "content.js"
      ],
      "run_at": "document_end"
    }
  ],
  "content_security_policy": {
    "sandbox": "script-src 'self' 'unsafe-inline'"
  }
}
javascriptgoogle-chrome-extensioncontent-security-policyunsafe-inline


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

React Router with optional path parameter

How to dynamically update google recaptcha sitekey?

How to dynamically update google recaptcha sitekey?

Remove duplicate in a string - javascript

Remove duplicate in a string - javascript

Searching a string for missing letters of the alphabet in javascript

Searching a string for missing letters of the alphabet in javascript

Searching a string for missing letters of the alphabet in javascript

Find an element in DOM based on an attribute value

Redirecting html page with javascript

Find an element in DOM based on an attribute value

Find an element in DOM based on an attribute value

Redirecting html page with javascript

How to find x and y coordinates of a button while using keyboard navigation?

How to find x and y coordinates of a button while using keyboard navigation?