Ember-cli-csp-style

It is very important when creating a component as an addon to make sure that you do not require CSP to include unsafe-inline. If you do then the entire app that your component is used within will have no protection against style injection attacks.

This addon makes CSP-safe styling of your Ember component really easy.

Installation

npm install --save ember-cli-csp-style

Usage

In your component, supply an array of strings called styleBindings.

// app/components/my-component

import Ember from 'ember';
import CspStyleMixin from 'ember-cli-csp-style/mixins/csp-style';

export default Ember.Component.extend(CspStyleMixin, {

	classNames: ['component'],
	styleBindings: ['width[px]'],

	width: 100,
	
	click: function() {
		this.set('width', 200);
	}
});

Binding format

Format borrowed from with-style-mixin

Simple binding

styleBindings: ['color'] binds the inline style value color to the color property on your component styleBindings: ['foreground:color'] binds the inline style value color to the foreground property on your component

Binding with units

Only works with numeric values

styleBindings: ['width[px]'] binds the inline style value width to the width property on your component, adding 'px' on the end if the value is numeric

styleBindings: ['width[%]'] binds the inline style value width to the width property on your component, adding '%' on the end if the value is numeric

styleBindings: ['internalWidth:width[%]'] binds the inline style value width to the internalWidth property on your component, adding '%' on the end if the value is numeric

Escaping

If the bound value is a string, it will be escaped for safety. If your property returns a SafeString then it will not be escaped.

Switch values

styleBindings: ['show:display?block:none'] binds to the show property. If it returns a truthy value, the style is set to display:block, otherwise it's set to display:none.

Advanced

You can provide the styleBindings array as a computed property to change which styles are bound at run time.

If a bound property returns null then the style will be removed from the HTML.

Running Tests

ember test
ember test --server

Building

ember build

For more information on using ember-cli, visit http://www.ember-cli.com/.

Authors

Bryan Crotaz

Legal

Licensed under the MIT license

Name		Name	Last commit message	Last commit date
Latest commit History 22 Commits
addon		addon
config		config
tests		tests
vendor		vendor
.bowerrc		.bowerrc
.editorconfig		.editorconfig
.ember-cli		.ember-cli
.gitignore		.gitignore
.jshintrc		.jshintrc
.npmignore		.npmignore
.travis.yml		.travis.yml
.watchmanconfig		.watchmanconfig
LICENSE		LICENSE
LICENSE.md		LICENSE.md
README.md		README.md
bower.json		bower.json
ember-cli-build.js		ember-cli-build.js
index.js		index.js
package.json		package.json
testem.json		testem.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Licenses found

Uh oh!

Repository files navigation

Ember-cli-csp-style

Installation

Usage

Binding format

Simple binding

Binding with units

Escaping

Switch values

Advanced

Running Tests

Building

Authors

Legal

About

Licenses found

Uh oh!

Releases

Packages

Languages

License

Licenses found

limesoft/ember-cli-csp-style

Folders and files

Latest commit

History

Repository files navigation

Ember-cli-csp-style

Installation

Usage

Binding format

Simple binding

Binding with units

Escaping

Switch values

Advanced

Running Tests

Building

Authors

Legal

About

Resources

License

Licenses found

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages