AngularJS Basic ng csp Instructions Detailed Explanation
- 2021-07-06 10:10:09
- OfStack
AngularJS ng-csp Directive
AngularJS instance
Modify the behavior and inline style of "eval" in AngularJS:
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<script src="http://apps.bdimg.com/libs/angular.js/1.4.6/angular.min.js"></script>
</head>
<body ng-app="" ng-csp>
<div>
<p> My first 1 Expressions : {{ 5 + 5 }}</p>
</div>
<p> Use ng-csp Instruction , You can modify AngularJS The way the code is executed. </p>
<p>AngularJS The implementation mode of has been improved 30% Performance of </p>
</body>
</html>
Run results:
My first expression: 10
Using the ng-csp directives, you can modify the way AngularJS executes code.
The implementation of AngularJS improves performance by 30%
Definition and usage
The ng-csp directives are used to modify the security policy of AngularJS.
If the ng-csp directives are used, AngularJS will not execute the eval function, so inline styles cannot be injected.
Setting the ng-csp directive to no-unsafe-eval prevents AngularJS from executing the eval function, but allows inline styles to be injected.
Setting the ng-csp directive to no-inline-style prevents AngularJS from injecting inline styles, but allows eval functions to be executed.
If Google Chrome extensions are developed or Windows applies ng-csp directives are required.
Note: The ng-csp directives do not affect JavaScript, but modify the way AngularJS works, which means that you can still write eval functions, and it can also be normal
But AngularJS cannot execute its own eval function. If compatibility mode is adopted, the performance will be reduced by 30%.
Grammar
<
element ng-csp="no-unsafe-eval | no-inline-style"
>
<
/element
>
Parameter value
值 | 描述 |
---|---|
no-unsafe-eval no-inline-style |
值可设置为空,意味着 eval 和 内联样式都不被允许。 可以设置其中1个值。 你也可以同时设置两个值使用分号隔开,但这与留空的效果是1样的。 |
The above is the AngularJS ng-csp instruction data collation, learning AngularJS under the reference of friends.