I agree it would be cool if you could use vulcanize to just --csp an entire directory of stuff and then never have to worry about it again. Daniel is that possible?
On Thu, Oct 23, 2014 at 12:51 PM, Max <[email protected]> wrote: > FWIW, I made a quick example to demonstrate the basics of what I'm trying > to do. > > <https://github.com/davidmaxwaterman/polymer-in-event-page> > > If you 'load unpacked extension', you get the error message right away. I > attempted to use the CDE 'refactor for csp' facility, but it still didn't > work. > > I'd quite like to hear that I've done something wrong :) > > Max. > > On 23 October 2014 19:23, David Waterman <[email protected]> > wrote: > >> Hi, >> >> I want to use polymer inside a background page, but I run into the csp >> issue on polymer.js:12 >> >> "Refused to evaluate a string as JavaScript because 'unsafe-eval' is not >> an allowed source of script in the following Content Security Policy >> directive: "script-src 'self' chrome-extension-resource:" >> >> This is after I run the 'refactor for csp' tool in the Chrome Dev Editor. >> >> I wonder if anyone else has tried to use polymer inside an event page or >> a background page, and has had some success. >> >> I normally do development from the command line, so vulcanize would be my >> tool of choice (or event grunt-vulcanize), but I really like the way the >> 'refactor for csp' tool can work on the entire 'bower_components' hierarchy >> at once. >> >> It would be nice if I could do that same thing from the command line, so >> I can do something like this : >> >> $ bower install && vulcanize --csp bower_components/ >> >> Then, all I need to do is make sure I structure my own polymer elements >> so they conform to csp and everything should work. >> >> Well, that's the theory. The problems are : >> >> 1) vulcanize doesn't have that facility >> 2) even using CDE's 'refactor for csp' on the bower_components tree >> doesn't eliminate the csp errors. >> >> I can't help but wonder why bower components aren't automatically >> de-csp'ed in the git repository. I guess there's a good reason else the CDE >> developers would have pushed for that rather than make the tool, and even >> the polymer developers wouldn't have bothered to make the csp option for >> vulcanize. >> >> Can anyone tell me how to de-csp an entire bower_components directory in >> one shot? I guess a quick bash script might work. >> >> Max. >> >> Follow Polymer on Google+: plus.google.com/107187849809354688692 >> --- >> You received this message because you are subscribed to the Google Groups >> "Polymer" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/polymer-dev/66b68f6a-d41d-45ce-a197-019d545389f1%40googlegroups.com >> <https://groups.google.com/d/msgid/polymer-dev/66b68f6a-d41d-45ce-a197-019d545389f1%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > Follow Polymer on Google+: plus.google.com/107187849809354688692 > --- > You received this message because you are subscribed to the Google Groups > "Polymer" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/polymer-dev/CAMZCrPh3_Sx61QyrPYEAu7Qkq8us1R3bbrCuJ3UTDPOXbmprjA%40mail.gmail.com > <https://groups.google.com/d/msgid/polymer-dev/CAMZCrPh3_Sx61QyrPYEAu7Qkq8us1R3bbrCuJ3UTDPOXbmprjA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > Follow Polymer on Google+: plus.google.com/107187849809354688692 --- You received this message because you are subscribed to the Google Groups "Polymer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/polymer-dev/CAJj5OwB0xKH2Me3L-YzB4-Ts_rygmdsTVUw5S6_R5v0eVkJyfQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
