The CSPcannot cause the problem you've described. It's very likely that you're using JSONP instead of plain JSON. JSONP does not work in Chrome, because JSONP works by inserting a <script>tag in the document, whose srcattribute is set to the URL of the webservice. This is disallowed by the CSP.

该CSP不能引起你所描述的问题。您很可能使用的是 JSONP 而不是普通的 JSON。JSONP 在 Chrome 中不起作用，因为 JSONP 通过<script>在文档中插入一个标签来工作，该标签的src属性设置为 web 服务的 URL。这是 CSP 不允许的。

Provided that you've set the correct permission in the manifest file (e.g. "permissions": ["http://domain/getjson*"], you will always be able to get and parse the JSON:

假设您已在清单文件中设置了正确的权限（例如"permissions": ["http://domain/getjson*"]，您将始终能够获取和解析 JSON：

var xhr = new XMLHttpRequest();
xhr.onload = function() {
    var json = xhr.responseText;                         // Response
    json = json.replace(/^[^(]*\(([\S\s]+)\);?$/, ''); // Turn JSONP in JSON
    json = JSON.parse(json);                             // Parse JSON
    // ... enjoy your parsed json...
};
// Example:
data = 'Example: appended to the query string..';
xhr.open('GET', 'http://domain/getjson?data=' + encodeURIComponent(data));
xhr.send();

When using jQuery for ajax, make sure that JSONP is not requested by using jsonp: false:

将 jQuery 用于 ajax 时，请确保不使用jsonp: false以下命令请求 JSONP ：

$.ajax({url:'...',
        jsonp: false ... });

Or, when using $.getJSON:

或者，当使用$.getJSON：

$.getJSON('URL which does NOT contain callback=?', ...);