VueJS CSP compliance and Chrome Apps

I used to be a AngularJS user, but it’s a very heavy tool for most projects. ReactJS was a leap in the right direction and I really enjoy using it. But VueJS is by far the most lightweight (usable) framework I’ve found.

ReactJS does require quite a bit of work to get your head around. Even then there is quite a bit of setup and boilerplate code. VueJS on the other hand feels like you’re writing a template with the minimal amount of code outside of the template.

It’s put perfectly on the vuejs FAQ:

But one issue with React (or JSX) is that your render function often involves a lot of logic, and ends up looking more like a piece of program (which in fact it is) rather than a visual representation of the interface.

Cross Site Policy

I’m writing this extremely simple Chrome App which VueJS is perfect for. But Chrome Apps are restricted in what they can do for security reasons, so AngularJS or VueJS won’t run in them out of the box. In particular it’s the js logic stored in the DOM. The frameworks use functions to interpolate strings into executable javascript which is not allowed. The only way to get around this restriction is to download the CSP compliant version.

Luckily VueJS maintains a CSP branch that you can download.