这很有可能是因为你没有把这个域名加入CSP Policy。
And to be honest, I recommend you to copy this js file directly and throw it in the <script> tag to prevent users from loading js from an external website. This is not safe - unless you completely trust this website.
说实话,我更推荐你直接把这个js文件复制过来扔在<script>标签里,以免用户还要加载外部网站的js,这并不能说安全——除非你完全信任这个网站
