Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Add CSP-compliant mode (Content Security Policy)

See original GitHub issue

I might be missing something obvious here, and if so, I apologize in advance.

I expected this to work:

<div v-show="!metadata">

But it didn’t. Is there a good reason for this?

Issue Analytics

  • State:closed
  • Created 10 years ago
  • Comments:20 (7 by maintainers)

github_iconTop GitHub Comments

8reactions
k88hudsoncommented, Sep 30, 2014

This is a significant blocker for us using vue.js in a privileged environment on FirefoxOS apps – we have a sandbox workaround, but still really sucks 😦

Personally I’d love to see CSP-compliance implemented here, I am guessing this will be a blocker on more and more projects

5reactions
luxpcommented, Sep 10, 2017

I meet this same problem in Vue@2.x. I solved it just add the page to sandbox option in manifest.json.

{
  "manifest_version": 2,
  "name": "my-tab",
  "version": "1.0",
  "chrome_url_overrides": {
    "newtab": "index.html"
  },
  "sandbox": {
    "pages": ["index.html"]
  }
}
Read more comments on GitHub >

github_iconTop Results From Across the Web

Using Content Security Policy (CSP) to Secure Web Applications
Using CSP Directives. CSP allows you to define a variety of content restrictions using directives, usually specified in HTTP response headers.
Read more >
Content Security Policy (CSP) - HTTP - MDN Web Docs
Chrome Edge Content‑Security‑Policy Full support. Chrome25. more. Toggle history Full sup... base‑uri Full support. Chrome40. Toggle history Full sup... block‑all‑mixed‑content. Deprecated Full support. ChromeYes. Toggle history...
Read more >
What is Content Security Policy (CSP) | Header Examples
A Content Protection Policy (CSP) adds protection measures against XSS, clickjacking, and other code injection attacks. Learn how.
Read more >
Strict CSP - Content Security Policy
To enable a strict CSP policy, most applications will need to make the following changes: Add a nonce attribute to all <script> elements....
Read more >
Understanding Content Security Policies - Adobe Tech Blog
Deploying Content Security Policies (CSPs) can help increase the security ... Also, there are trade-offs to running in CSP compliant mode.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Image src attribute causes a 404 before the compilation

Next page

I have implemented the class API based on setup, which is friendly to TS types and supports vue2 and vue3