在Chrome扩展内部输出Google API调用

Outputting Google API Calls Inside Chrome Extension

本文关键字:Google API 调用 输出 内部 Chrome 扩展      更新时间:2023-09-26

我的目标是使用Chrome扩展在一个新的选项卡页面中输出我的一些谷歌分析数据。

我关注的"Hello Analytics API:web应用程序的JavaScript快速启动"位于https://developers.google.com/analytics/devguides/reporting/core/v3/quickstart/web-js#clientId作为我新标签页的基础:

<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <title>Hello Analytics - A quickstart guide for JavaScript</title>
</head>
<body>
<button id="auth-button" hidden>Authorize</button>
<h1>Hello Analytics</h1>
<textarea cols="80" rows="20" id="query-output"></textarea>
<script>
  // Replace with your client ID from the developer console.
  var CLIENT_ID = 'TAKEN OUT FOR SECURITY';
  // Set authorized scope.
  var SCOPES = ['https://www.googleapis.com/auth/analytics.readonly'];

  function authorize(event) {
    // Handles the authorization flow.
    // `immediate` should be false when invoked from the button click.
    var useImmdiate = event ? false : true;
    var authData = {
      client_id: CLIENT_ID,
      scope: SCOPES,
      immediate: useImmdiate
    };
    gapi.auth.authorize(authData, function(response) {
      var authButton = document.getElementById('auth-button');
      if (response.error) {
        authButton.hidden = false;
      }
      else {
        authButton.hidden = true;
        queryAccounts();
      }
    });
  }

function queryAccounts() {
  // Load the Google Analytics client library.
  gapi.client.load('analytics', 'v3').then(function() {
    // Get a list of all Google Analytics accounts for this user
    gapi.client.analytics.management.accounts.list().then(handleAccounts);
  });
}

function handleAccounts(response) {
  // Handles the response from the accounts list method.
  if (response.result.items && response.result.items.length) {
    // Get the first Google Analytics account.
    var firstAccountId = response.result.items[0].id;
    // Query for properties.
    queryProperties(firstAccountId);
  } else {
    console.log('No accounts found for this user.');
  }
}

function queryProperties(accountId) {
  // Get a list of all the properties for the account.
  gapi.client.analytics.management.webproperties.list(
      {'accountId': accountId})
    .then(handleProperties)
    .then(null, function(err) {
      // Log any errors.
      console.log(err);
  });
}

function handleProperties(response) {
  // Handles the response from the webproperties list method.
  if (response.result.items && response.result.items.length) {
    // Get the first Google Analytics account
    var firstAccountId = response.result.items[0].accountId;
    // Get the first property ID
    var firstPropertyId = response.result.items[0].id;
    // Query for Views (Profiles).
    queryProfiles(firstAccountId, firstPropertyId);
  } else {
    console.log('No properties found for this user.');
  }
}

function queryProfiles(accountId, propertyId) {
  // Get a list of all Views (Profiles) for the first property
  // of the first Account.
  gapi.client.analytics.management.profiles.list({
      'accountId': accountId,
      'webPropertyId': propertyId
  })
  .then(handleProfiles)
  .then(null, function(err) {
      // Log any errors.
      console.log(err);
  });
}

function handleProfiles(response) {
  // Handles the response from the profiles list method.
  if (response.result.items && response.result.items.length) {
    // Get the first View (Profile) ID.
    var firstProfileId = response.result.items[0].id;
    // Query the Core Reporting API.
    queryCoreReportingApi(firstProfileId);
  } else {
    console.log('No views (profiles) found for this user.');
  }
}

function queryCoreReportingApi(profileId) {
  // Query the Core Reporting API for the number sessions for
  // the past seven days.
  gapi.client.analytics.data.ga.get({
    'ids': 'ga:' + profileId,
    'start-date': '7daysAgo',
    'end-date': 'today',
    'metrics': 'ga:sessions'
  })
  .then(function(response) {
    var formattedJson = JSON.stringify(response.result, null, 2);
    document.getElementById('query-output').value = formattedJson;
  })
  .then(null, function(err) {
      // Log any errors.
      console.log(err);
  });
}
  // Add an event listener to the 'auth-button'.
  document.getElementById('auth-button').addEventListener('click', authorize);
</script>
<script src="https://apis.google.com/js/client.js?onload=authorize"></script>
</body>
</html>

我得到以下错误:

  • 拒绝执行内联脚本,因为它违反了以下内容内容安全策略指令:"script src'self'blob:文件系统:chrome扩展资源:".要么是'unsafe-inline'关键字,散列('sa256-ZJ1hGXIQLHmnXhFZqYWEDfv/ypJQ/Yph6mYGne3Nf0s='),或nonce('none-…')是启用内联执行所必需的
  • 拒绝加载脚本'https://apis.google.com/js/client.js?onload=authorize',因为它违反了以下内容安全策略指令:"script src'self'blob:file系统:chrome扩展资源:"

请告知。

谢谢,Jack

默认情况下,不会执行内联脚本(第一个错误),只加载本地脚本(第二个错误)。

要解决这个问题,请查看内容安全策略,建议将内联脚本提取到外部脚本(第一个错误),并制作远程脚本的本地副本(第二个错误)。

相关文章: