Open mattjay opened 9 years ago
We'll have to put angular in CSP mode first.
After we do that we should be able to really lock it down.
Figured there would be some oddities of CSP with Angular. Never looked into that.
I've used it in WHIP chrome apps are required to be full CSP.
Now that helmet is in lets figure out what our CSP policy needs to look like.