I try to connect to my localhost served Google Endpoints API from Chrome Extension. I managed to OAuth to Google Contact API other way than throught their JS Client but using https://apis.google.com/js/client.js?onload=loadF never call callback function. When I tried to call it manually, I get error in console:
Refused to execute inline event handler because it violates the following Content Security Policy directive . It seems that background worker has not enough permission to load API but there is no info about it from console.
My JS Code
var apiRoot='//localhost:8080/_ah/api';
var loadF = function() {
console.log("api init");
gapi.client.load('my_api', 'v1', function(){
console.log("callback");
}, apiRoot);
}
My Manifest:
{
"name": "Linkeer",
"version": "1.0",
"description": "Linkeer ",
"manifest_version": 2,
"icons": {
"128": "icon128.png"
},
"browser_action": {
"default_title": "OAuth 2.0",
"default_icon": "icon128.png",
"default_popup": "options.html"
},
"options_page": "options.html",
"content_scripts": [
{
"matches": ["http://www.google.com/robots.txt*"],
"js": ["oauth2/oauth2_inject.js"],
"run_at": "document_start"
}
],
"permissions": [
"https://accounts.google.com/o/oauth2/token",
"http://localhost:8080/_ah/api"
],
"web_accessible_resources" : [
"oauth2/oauth2.html"
],
"content_security_policy": "script-src 'self' http://localhost https://apis.google.com https://www.googleapis.com; object-src 'self'"
}
Today, I don't believe it's possible. There are at least two issues: