Merge pull request #428 from arv/detect-eval

dfreedm · dfreedm · commit 73a758b2f9d3 · 2014-05-06T13:33:01.000-07:00
Remove document.securityPolicy since it is no longer supported
diff --git a/src/wrappers.js b/src/wrappers.js
@@ -11,25 +11,23 @@ window.ShadowDOMPolyfill = {};
   var nativePrototypeTable = new WeakMap();
   var wrappers = Object.create(null);
 
-  // Don't test for eval if document has CSP securityPolicy object and we can
-  // see that eval is not supported. This avoids an error message in console
-  // even when the exception is caught
-  var hasEval = !('securityPolicy' in document) ||
-      document.securityPolicy.allowsEval;
-
-  if (typeof chrome !== 'undefined' && chrome.app && chrome.app.runtime) {
-    hasEval = false;
-  }
+  function detectEval() {
+    // Don't test for eval if we're running in a Chrome App environment.
+    // We check for APIs set that only exist in a Chrome App context.
+    if (typeof chrome !== 'undefined' && chrome.app && chrome.app.runtime) {
+      return false;
+    }
 
-  if (hasEval) {
     try {
-      var f = new Function('', 'return true;');
-      hasEval = f();
+      var f = new Function('return true;');
+      return f();
     } catch (ex) {
-      hasEval = false;
+      return false;
     }
   }
 
+  var hasEval = detectEval();
+
   function assert(b) {
     if (!b)
       throw new Error('Assertion failed');
