Angular Content security policy

When serving your Angular application, the server should include a randomly-generated nonce in the HTTP header for each request. You must provide this nonce to Angular so that the framework can render <style> elements. You can set the nonce for Angular in one of two ways:

Way 1: Set the ngCspNonce attribute on the root application element as <app ngCspNonce="randomNonceGoesHere"></app>. Use this approach if you have access to server-side templating that can add the nonce both to the header and the index.html when constructing the response.


Way 2: Provide the nonce using the CSP_NONCE injection token. Use this approach if you have access to the nonce at runtime and you want to be able to cache the index.html.

![在这里插入图片描述](https://i-blog.csdnimg.cn/direct/db71a512c7e242d5ad18cfab313e3578.png

原文地址：https://blog.csdn.net/zsy_1991/article/details/142488969

免责声明：本站文章内容转载自网络资源，如本站内容侵犯了原著者的合法权益，可联系本站删除。更多内容请关注自学内容网（zxcms.com）！