问题描述： 通过HTML代码调用网站安全证书，报错Refused to load plugin data from 'https://program.xinchacha.com/web/1485531711720976384=*.域名.ac.cn.svg' because it violates the following Content Security Policy directive: "object-src 'self'".

问题分析：目前使用的是动易WebFuture 10.1.0.0，系统内置HTTP相应头的Content-Security-Policy值是script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.map.baidu.com *.bdimg.com bdimg.share.baidu.com res.wx.qq.com pucha.kaipuyun.cn dcs.conac.cn webservice.coolwei.com www.gov.cn; object-src 'self'

解决方案：HTTP相应头的Content-Security-Policy值做修改，将 object-src 'self'值改成object-src data: 'unsafe-eval' blob: program.xincha;

也即是完整版本：script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.map.baidu.com *.bdimg.com bdimg.share.baidu.com res.wx.qq.com pucha.kaipuyun.cn dcs.conac.cn webservice.coolwei.com www.gov.cn; object-src data: 'unsafe-eval' blob: program.xinchacha.com;