Merge pull request #26 from mangini/master

Changed hasEval test to avoid console error when browser supports security policy

Author: rafaelw

src/observe.js

@@ -37,11 +37,16 @@
 
   var hasObserve = detectObjectObserve();
 
-  var hasEval = false;
-  try {
-    var f = new Function('', 'return true;');
-    hasEval = f();
-  } catch (ex) {
+  // don't test for eval if document has CSP securityPolicy object and we can see that
+  // eval is not supported. This avoids an error message in console even when the exception
+  // is caught
+  var hasEval =  ! ('securityPolicy' in document) || document.securityPolicy.allowsEval;
+  if (hasEval) {
+    try {
+      var f = new Function('', 'return true;');
+      hasEval = f();
+    } catch (ex) {
+    }
   }
 
   function isIndex(s) {