Content-Security-Policy(csp)
策略,如 HTML6的 <audio>, <video>等元素frame-src'self'定义加载子frmae的策略sandboxallow-forms allow-scripts沙盒模式,会阻止页面弹窗/js执行等,你可以通过添加allow-forms allow-same-origin allow-scripts allow-popups, allow-modals, allow-orientation-lock, allow-pointer-lock, allow-presentation, allow-popups-to-escape-sandbox, and allow-top-