Easy Tutorial
Ng Ng Href Ng Ng List Ng Ng Mouseenter Angularjs Forms Ng Ng Dblclick Ng Ng Class Odd Ng Ng Cloak Angularjs Validation Ng Ng App Angularjs Include Ng Ng Src Ng Ng Bind Ng Ng Readonly Ng Ng Switch Ng Ng Click Ng Ng Change Angularjs Dependency Injection Angularjs Bootstrap Angularjs Model Ng Ng Show Ng Ng Class Ng Ng Hide Angularjs Expressions Angularjs Animations Ng Ng Blur Ng Ng Disabled Ng Ng Mouseover Angularjs Examples Ng Ng Keyup Angularjs Directives Angularjs Html Events Ng Ng Csp Ng Ng Style Ng Ng Srcset Ng Ng Keydown Angularjs Api Ng Ng Paste Ng Ng Mousemove Ng Ng Bind Html Ng Ng Selected Angularjs Scopes Ng Ng Submit Angularjs Http Ng Ng Init Ng Ng Cut Angularjs Intro Angularjs Tutorial Angularjs Services Ng Ng Focus Angularjs Modules Angularjs Ng Mouseup Ng Ng Open Ng Ng Controller Angularjs Controllers Angularjs Routing Ng Ng Options Ng Ng Model Ng Ng Value Ng Ng Mousedown Ng Ng Bind Template Angularjs Sql Ng Ng If Ng Ng Keypress Ng Ng Include Ng Ng Checked Ng Ng Model Options Angularjs Filters Angularjs Html Dom Angularjs Application Angularjs Select Ng Ng Class Even Angularjs Reference Ng Ng Non Bindable Ng Ng Copy Ng Ng Repeat Ng Ng Mouseleave Angularjs Tables
❮ Angularjs Html Events Ng Ng Style ❯

AngularJS ng-csp Directive

AngularJS Reference Manual

AngularJS Example

Modify the behavior of "eval" and inline styles in AngularJS:

Definition and Usage

The ng-csp directive is used to modify the security policy of AngularJS.

If the ng-csp directive is used, AngularJS will not execute the eval function, preventing the injection of inline styles.

Setting the ng-csp directive to no-unsafe-eval will prevent AngularJS from executing the eval function but allow the injection of inline styles.

Setting the ng-csp directive to no-inline-style will prevent AngularJS from injecting inline styles but allow the execution of the eval function.

The ng-csp directive is mandatory for developing Google Chrome extensions or Windows applications.

Note: The ng-csp directive does not affect JavaScript but modifies the way AngularJS operates, meaning: you can still write and execute eval functions, but AngularJS cannot execute its own eval function. Using compatibility mode can reduce performance by 30%.

Syntax

Parameter Values

Value Description
no-unsafe-eval <br>no-inline-style The value can be set to empty, meaning neither eval nor inline styles are allowed. <br>You can set one of the values. <br>You can also set both values separated by a semicolon, but this has the same effect as leaving it empty.

AngularJS Reference Manual

❮ Angularjs Html Events Ng Ng Style ❯