We removed unsafe-inline from our Angular + FastAPI app CSP and implemented nonces to secure inline scripts and styles. Along the way, we handled third-party libraries and build optimizations to achieve a strict, fully functional CSP.

Protect Angular forms from XSS with a custom validator that detects scripts and encoded HTML, and shows clear error messages.

Learn how to build a reusable loading service and HTTP interceptor in an Angular standalone project to manage global loading states.

Learn how to easily add Lottie animations to your Angular standalone project using ngx-lottie.