Reputation: 196
Angularjs Tabs with CSP
Using CSP with Angularjs. Getting below error for all the screens which includes TABS (Angular Tabs).
Tabs are implemented like - https://codepen.io/jasoncluck/pen/iDcbh
Chrome error - refused to execute inline event handler because it violates the following content security policy directive: "default-src 'self' '....
Firefox error - the page's settings blocked the loading of a resource.
setting below in header
response.addheader(Content-Security-Policy: default-src 'self'; style-src https: 'unsafe-inline')
Restriction is there for using 'unsafe-inline' 'unsafe-eval' with default-src.
Upvotes: 1
Views: 734
Answers (1)
Reputation: 403
It's basically it doesn't allow inline scripting check this link link. So you can do some thing like - <meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://your address"> OR you add img-src* in your meta tag - http://your address'; style-src 'self' 'unsafe-inline'; media-src *; img-src *">
Upvotes: 0
Related Questions
- Make Angular working with restrictive Content Security Policy (CSP)
- Content Security Policy (CSP) not implemented in Angular
- Implement Content Security Policy For Angular Application On Internet Explorer
- bootstrap tab contents not working
- tabs with angular: loading tab content on click only with $http
- Angular js tabs content HTML tags not rendering
- AngularJS bootstrap-ui tabs pulling in local html content
- AngularJS conflicting with Bootstrap tabs
- AngularJS html bind and Chome application CSP
- AngularJS tab content