Giters

danieldietrich / candid

Candid is a surprisingly fresh and frameworkless JavaScript library for building web applications.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Use Content Security Policy (CSP) to secure the app

danieldietrich opened this issue · comments

commented

Background: Candid internally uses eval to execute web component scripts.

See also #10
See https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP