Menu
Google Chrome’s Packaged Apps need to comply with CSP. Assuming you compile your Handlebars templates before deployment, does that apply to Ember.js?
For some reason, Google doesn’t list Ember.js as a recommended MVC framework.
369
At the time of writing the docs, Ember wasn't CSP compliant due to use of eval or new Function in the code - which was mainly around the Handlebars templating side of things.
With the correct build tools, Ember templates can be precompiled. The grunt-ember-templates npm package will handle this for you. This package is used by ember-app-kit which is becoming the default recommended Ember build tools. If you like Rails you can use ember-appkit-rails instead.
If for some reason you want to use uncompiled templates, you can of course use the sandbox attribute to isolate your page from the Chrome apps API's and allow use of eval.
62
ember applications created with ember-cli are CSP compliant since version 0.0.47. hope google reevaluate their recommendations.
41
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
