AngularJS ng csp Directive
AngularJS ng-csp Directive
The ng-csp directive is used to change the security policy of AngularJS. With it, AngularJS will not run any eval functions, and it will not inject any inline styles.
Setting the value to no-unsafe-eval, will stop AngularJS from running any eval functions, but allow injecting inline styles.
Setting to no-inline-style, will stop AngularJS from injecting any inline styles, but allow eval functions.
< element ng-csp="no-unsafe-eval | no-inline-style" >< /element >
|The value can be empty, meaning neither eval nor inline styles are allowed.
The value can be one of the two values described.
The value can be both values, separated by a semicolon, but that will have the same meaning as an empty value.