content_security_policy unsafe-eval

adambullmer / vue-cli-plugin-browser-extension

Browser extension development plugin for vue-cli 3.0

GNU Lesser General Public License v3.0

426 stars 76 forks source link

content_security_policy unsafe-eval #54

Closed franciscolourenco closed 5 years ago

franciscolourenco commented 5 years ago

I'm trying to edit the content_security_policy but I see that this plugin is was setting its own, only during development, with unsafe-eval, I guess for the purposes of HMR or sourcemap eval?

Is is currently possible to set a custom content_security_policy in such a way that unsafe-eval is removed in production?

Thanks!

adambullmer commented 5 years ago

Yes, this can be done. Will probably take some time, but if you need it now, you can use the manifestTransformer option to provide a function to do it yourself.

franciscolourenco commented 5 years ago

Thanks for the tip!

adambullmer commented 5 years ago

Automatic removal of 'unsafe-eval' in production builds should be available in 0.22.1