Skip to content
This repository has been archived by the owner on Dec 20, 2022. It is now read-only.

Angular, requirejs error when eval - within chrome extension. #6

Open
JohnRSim opened this issue Dec 26, 2013 · 1 comment
Open

Angular, requirejs error when eval - within chrome extension. #6

JohnRSim opened this issue Dec 26, 2013 · 1 comment

Comments

@JohnRSim
Copy link

I thought it would be interesting to see how this would run within Chrome extension it almost works apart from issue with a partial not rendering correctly -

Running in Chrome / firefox works fine but in an extension

I get this error -

Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'self' chrome-extension-resource:". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
angular.js:10236
EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'self' chrome-extension-resource:".

This is an example of the generated output you can see the partial is being written every time I click back to it.

<body>
  <ul class="menu">
    <li><a href="#/view1">view1</a></li>
    <li><a href="#/view2">view2</a></li>
  </ul>

  <!-- ngView:  --><div data-ng-view="" class="ng-scope"><p class="ng-scope">This is the partial for view 1.</p>
</div><div data-ng-view="" class="ng-scope"><p>This is the partial for view 2.</p>
<p>
  Showing of 'interpolate' filter:
  {{ 'Current version is v%VERSION%.' | interpolate }}
</p>
</div><div data-ng-view="" class="ng-scope"><p>This is the partial for view 2.</p>
<p>
  Showing of 'interpolate' filter:
  {{ 'Current version is v%VERSION%.' | interpolate }}
</p>
</div>

  <script src="lib/requirejs/require.js" data-main="js/main.js"></script>


</body>

Not sure if this is an issue with angular but thought it was worth posting here :)

Thanks for the great blog post of using requirejs with angular.
I tried setting "content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'self'" into manifest.json but got this message - 'content_security_policy' is only allowed for extensions and legacy packaged apps, but this is a packaged app.

I'm going to take a look at sandboxing as listed here - http://developer.chrome.com/apps/sandboxingEval.html

See if that works.
@iwein
Copy link
Member

iwein commented Jun 23, 2014

I see that this has been hanging here for a while now. @JohnRSim did you have any luck? Do you have an opinion on how this should be dealt with best?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@iwein @JohnRSim