diff options
| author | tigbro | 2013-10-14 12:06:26 -0700 |
|---|---|---|
| committer | Igor Minar | 2013-10-22 15:21:23 -0700 |
| commit | a86cf20e67202d614bbcaf038c5e04db94483256 (patch) | |
| tree | 9d8eadd5de50d6ba2b96f9432cee256647e6b681 /src/ng/directive/ngCsp.js | |
| parent | b9557b0a86206d938a738ea470736d011dff7e1a (diff) | |
| download | angular.js-a86cf20e67202d614bbcaf038c5e04db94483256.tar.bz2 | |
fix: don't inline css in csp mode.
Also add `angular-csp.css` to the resulting build.
Diffstat (limited to 'src/ng/directive/ngCsp.js')
| -rw-r--r-- | src/ng/directive/ngCsp.js | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/ng/directive/ngCsp.js b/src/ng/directive/ngCsp.js index f1a71d4c..fc90d46a 100644 --- a/src/ng/directive/ngCsp.js +++ b/src/ng/directive/ngCsp.js @@ -19,6 +19,10 @@ * evaluate all expressions up to 30% slower than in non-CSP mode, but no security violations will * be raised. * + * CSP forbids JavaScript to inline stylesheet rules. In non CSP mode Angular automatically + * includes some CSS rules (e.g. {@link ng.directive:ngCloak ngCloak}). + * To make those directives work in CSP mode, include the `angular-csp.css` manually. + * * In order to use this feature put the `ngCsp` directive on the root element of the application. * * *Note: This directive is only available in the `ng-csp` and `data-ng-csp` attribute form.* |