Angular 8 , fails with strict CSP style-src : 'self' in platform browser

[Aditi Sharma]

Angular 8 , fails with strict CSP style-src : 'self ' in platform browser..

When we give the strict CSP policy :-

add_header Content-Security-Policy "default-src https: 'self'; script-src 'self'; style-src 'self';

and removing the 'unsafe-inline' it fails with :-

  DomSharedStylesHost.prototype._addStylesToHost = function (styles, host) {

        var _this = this;

        styles.forEach(function (style) {

            var styleEl = _this._doc.createElement('style');

            styleEl.textContent = style;

            _this._styleNodes.add(host.appendChild(styleEl));

        });

    };

any solution how to fix it or this is the issue with angular 8?

[john leo]

Hi,

I am looking for work. I am software developer, with over 10+ years of experience in software development.

I have good expertise on the following technologies.

ASP.NET, C#, ASP.NET Core, Classic ASP
Angular 2, 6 and 8
Angular Material
SQL Server, SSIS, SSRS and MySQL
SharePoint 2010 to 2016
Office 365 and SharePoint Online &
PHP

I am looking for a regular work. I am open for a fixed monthly rate.

regards

John

[Scott Logsdon]

John send me a CV. sc...@ser.vi.  

--
You received this message because you are subscribed to the Google Groups "Angular and AngularJS discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to angular+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/angular/CAP5ujUAzU0B8S1JYCUOTCaEgv%3Dm0YSMGGi-pqyGmkaqZoaM67g%40mail.gmail.com.