In accordance with the policies of the Google developer program ( https://developer.chrome.com/webstore/program_policies ), it is perfectly acceptable to add ads to the chrome extension:
Ads must be presented in context or clearly indicate which application or extension they are associated with. Ads should also be easily removed by setting options or even removing the application or extension. Ads may not mimic or impersonate system notifications or warnings.
Therefore, I am trying to add ads, and I use Chitika for this, since AdSense is not allowed. It took me so long to get closer to the ads, I had to edit the mini files and much more to fit the Chrome manifest extension content_security_policy. In any case, at the moment only 1 advertising company is shown, but the rest are blocked by an error message:
getads.js:340 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' https://www.google-analytics.com https://secure.adnxs.com https://gum.criteo.com https://ib.adnxs.com https://mm.chitika.net https://cdn.chitika.net". Either the 'unsafe-inline' keyword, a hash ('sha256-KaerrywnDX+trLhtIG9qlTDyP6iiK4PCLN7LWCvctFc='), or a nonce ('nonce-...') is required to enable inline execution.
What can I do to fix this? I tried to add keyworkd unsafe-inline, but I just got another error message:
Ignored insecure CSP value "'unsafe-inline'" in directive 'object-src'.
? , , . - ? , , Chrome? .. 320x50 - , , 8 , !
.
: :
( function() {
if (window.CHITIKA === undefined) { window.CHITIKA = { 'units' : [] }; };
var unit = {"calltype":"async[2]","publisher":"USER_NAME","width":300,"height":250,"sid":"Chitika Default"};
var placement_id = window.CHITIKA.units.length;
window.CHITIKA.units.push(unit);
document.write('<div id="chitikaAdBlock-' + placement_id + '"></div>');
}());
:
<script type="text/javascript" src="../../js/getads.js" async></script>, : http://cdn.chitika.net/getads.js. https.
2: content_security_policy :
"content_security_policy": "script-src 'self' https://www.google-analytics.com https://secure.adnxs.com https://gum.criteo.com https://ib.adnxs.com https://mm.chitika.net https://cdn.chitika.net; object-src 'self'",