Use JSON.parse instead of eval to comply with CSP. #40

Closed
wants to merge 1 commit into
from

Projects

None yet

2 participants

@agrueneberg

Content Security Policy (CSP) has an option to disallow the use of eval. Chrome apps enforce this option by default. In normalizeUnicodeLiterals, eval can be safely replaced by JSON.parse.

bollwyvl commented Feb 4, 2013

+1

Project is dead.

@agrueneberg agrueneberg closed this Feb 1, 2015
@agrueneberg agrueneberg deleted the agrueneberg:csp branch Feb 1, 2015
@agrueneberg agrueneberg restored the agrueneberg:csp branch Mar 2, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment