Hi, I want to use polymer inside a background page, but I run into the csp issue on polymer.js:12
"Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' chrome-extension-resource:" This is after I run the 'refactor for csp' tool in the Chrome Dev Editor. I wonder if anyone else has tried to use polymer inside an event page or a background page, and has had some success. I normally do development from the command line, so vulcanize would be my tool of choice (or event grunt-vulcanize), but I really like the way the 'refactor for csp' tool can work on the entire 'bower_components' hierarchy at once. It would be nice if I could do that same thing from the command line, so I can do something like this : $ bower install && vulcanize --csp bower_components/ Then, all I need to do is make sure I structure my own polymer elements so they conform to csp and everything should work. Well, that's the theory. The problems are : 1) vulcanize doesn't have that facility 2) even using CDE's 'refactor for csp' on the bower_components tree doesn't eliminate the csp errors. I can't help but wonder why bower components aren't automatically de-csp'ed in the git repository. I guess there's a good reason else the CDE developers would have pushed for that rather than make the tool, and even the polymer developers wouldn't have bothered to make the csp option for vulcanize. Can anyone tell me how to de-csp an entire bower_components directory in one shot? I guess a quick bash script might work. Max. Follow Polymer on Google+: plus.google.com/107187849809354688692 --- You received this message because you are subscribed to the Google Groups "Polymer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/polymer-dev/66b68f6a-d41d-45ce-a197-019d545389f1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
