1 articles and links tagged with “angular

  1. Content Security Policy: Feature Detection

    AngularJS has recently implemented support for Content Security Policy that restricts the use of eval(), new Function(), and other such text-to-JS conduits. This is a huge win, as CSP is one of the best protections modern browsers provide against XSS attacks. However, Angular’s implementation reveals a need for feature detection that the spec currently doesn’t address. This is my proposal for such an API.