Skip to content
This repository was archived by the owner on Dec 20, 2022. It is now read-only.

Angular, requirejs error when eval - within chrome extension. #6

Open
Open
Angular, requirejs error when eval - within chrome extension.#6
@JohnRSim

Description

@JohnRSim
JohnRSim
opened on Dec 26, 2013

I thought it would be interesting to see how this would run within Chrome extension it almost works apart from issue with a partial not rendering correctly -

Running in Chrome / firefox works fine but in an extension

I get this error -

Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'self' chrome-extension-resource:". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
angular.js:10236
EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'self' chrome-extension-resource:".

This is an example of the generated output you can see the partial is being written every time I click back to it.

<body>
  <ul class="menu">
    <li><a href="#/view1">view1</a></li>
    <li><a href="#/view2">view2</a></li>
  </ul>

  <!-- ngView:  --><div data-ng-view="" class="ng-scope"><p class="ng-scope">This is the partial for view 1.</p>
</div><div data-ng-view="" class="ng-scope"><p>This is the partial for view 2.</p>
<p>
  Showing of 'interpolate' filter:
  {{ 'Current version is v%VERSION%.' | interpolate }}
</p>
</div><div data-ng-view="" class="ng-scope"><p>This is the partial for view 2.</p>
<p>
  Showing of 'interpolate' filter:
  {{ 'Current version is v%VERSION%.' | interpolate }}
</p>
</div>

  <script src="lib/requirejs/require.js" data-main="js/main.js"></script>


</body>

Not sure if this is an issue with angular but thought it was worth posting here :)

Thanks for the great blog post of using requirejs with angular.
I tried setting "content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'self'" into manifest.json but got this message - 'content_security_policy' is only allowed for extensions and legacy packaged apps, but this is a packaged app.

I'm going to take a look at sandboxing as listed here - http://developer.chrome.com/apps/sandboxingEval.html

See if that works.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions