Angularjs NG-CSP Instruction
Angularjs instance
Modify the behavior and inline style of "eval" in Angularjs:
<! DOCTYPE html>
<html>
<head>
<meta charset = "utf-8">
<script src = "http://apps.bdimg.com/libs/angular.js/1.4.6/angular.min.js"> </ script>
</ head>
<body ng-app = "" ng-csp>
<div>
<p> My first expression: {{5 + 5}} </ p>
</ div>
<p> With the ng-csp directive, you can modify the way AngularJS executes code. </ p>
<p> AngularJS implementation method improves performance by 30% </ p>
</ body>
</ html>
Run Result:
My first expression: 10
Using the NG-CSP directive, you can modify the way Angularjs executes the code.
Angularjs's performance improved by 30%
Definitions and usage
The NG-CSP directive is used to modify the ANGULARJS security policy.
If the NG-CSP directive is used, ANGULARJS does not execute the Eval function, so the inline style cannot be injected.
Setting the NG-CSP directive to No-unsafe-eval prevents Angularjs from executing the eval function, but allows inline styles to be injected.
Setting the NG-CSP directive to No-inline-style prevents Angularjs from injecting inline styles, but allows the eval function to be executed.
It is necessary to develop Google Chrome extensions or Windows application NG-CSP directives.
Note:the NG-CSP directive does not affect JavaScript, but modifies how ANGULARJS works, which means that you can still write the Eval function, and you can also
execution, but Angularjs cannot execute its own eval function. If compatibility mode is used, 30% performance is reduced.
Grammar
<element ng-csp= "No-unsafe-eval | No-inline-style "></element>
Parameter values
value |
Description |
No-unsafe-eval No-inline-style |
The value can be set to null, meaning that neither the eval nor the inline styles are allowed. You can set one of these values. You can also set two values at the same time, separated by semicolons, but this is the same as the effect of a blank. |
The above is the ANGULARJS NG-CSP instruction data collation, learning Angularjs friends under the reference.