1. In your manifest file, "manifest_version": 2is specified. This automatically activates a stricter mode, in which all extension's files are not available to web pages by default.
2. Your original code would never work, because the <script>element is immediately removed after injection (the script file does not have a chance to load).

1. 在您的清单文件中，"manifest_version": 2指定了。这会自动激活更严格的模式，在该模式下，默认情况下所有扩展程序的文件都不可用于网页。
2. 您的原始代码永远不会工作，因为该<script>元素在注入后立即被删除（脚本文件没有机会加载）。

As a result of 1., the following error shows up in the console:

作为 1. 的结果，控制台中显示以下错误：

Failed to load resource                             chrome-extension://invalid/

To fix the problem, add script.jsto the whitelist, "web_accessible_resources"in your manifest file:

要解决此问题，请添加script.js到白名单，"web_accessible_resources"在您的manifest file：

{
  "name": "Chrome Extension",
  "version": "1.0",
  "manifest_version": 2,
  "content_scripts": [{
      "matches": ["http://pagetoinject/script/into/*"],
      "js": ["contentscript.js"]
  }],
  "web_accessible_resources": ["script.js"]
}

In addition to the answers above I notice that in your contentscript.jsyou are just adding another script i.e script.jsWhy don't you directly add script.jsthrough content_scripts in manifest.json.

除了上面的答案，我注意到contentscript.js您只是在添加另一个脚本，即script.js为什么不直接script.js通过 content_scripts添加manifest.json。

Another reason for getting this error is if the url is being blocked by CORS. Check the network request header of the page to see if it contains Content-Security-Policy:

出现此错误的另一个原因是 url 是否被 CORS 阻止。检查页面的网络请求头，看是否包含Content-Security-Policy：

Content-Security-Policy: default-src 'self' http://example.com; connect-src http://example.com/; script-src http://example.com/

You can try opening the url in a new browser tab to verify the image url is correct:

您可以尝试在新的浏览器选项卡中打开 url 以验证图像 url 是否正确：

chrome-extension://mjcbjlencnokpknflpneebajalcnnifo/images/pattern.jpg

One way around this is to use an image data URI:

解决此问题的一种方法是使用图像数据 URI：

data:image/gif;base64,R0lGODlhEAAQAMQAAORHHOVSKudfOulrSOp3WOyDZu6QdvCchPGolfO0o/XBs/fNwfjZ0frl3/zy7////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAkAABAALAAAAAAQABAAAAVVICSOZGlCQAosJ6mu7fiyZeKqNKToQGDsM8hBADgUXoGAiqhSvp5QAnQKGIgUhwFUYLCVDFCrKUE1lBavAViFIDlTImbKC5Gm2hB0SlBCBMQiB0UjIQA7

The problem here is that you are using manifest_version : 2. If you make that manifest-version: 1you'll not have any problems. Version 2 restricts many such features to improve security. Refer Google Content Security Policyfor more details on the restrictions imposed in manifest version 2. I could not find your specific case mentioned in the CSP but when I changed the manifest version to 1 and executed your code it is working fine.

这里的问题是您正在使用manifest_version : 2. 如果你做到了，manifest-version: 1你就不会有任何问题。版本 2 限制了许多此类功能以提高安全性。有关清单版本 2 中施加的限制的更多详细信息，请参阅Google 内容安全政策。我在 CSP 中找不到您提到的具体情况，但是当我将清单版本更改为 1 并执行您的代码时，它工作正常。