EVOLUTION-MANAGER
Edit File: insecurl.html
<a href='https://github.com/angular/angular.js/edit/v1.3.x/docs/content/error/$sce/insecurl.ngdoc?message=docs(error%2Finsecurl)%3A%20describe%20your%20change...' class='improve-docs btn btn-primary'><i class="glyphicon glyphicon-edit"> </i>Improve this Doc</a> <h1>Error: error:insecurl <div><span class='hint'>Processing of a Resource from Untrusted Source Blocked</span></div> </h1> <div> <pre class="minerr-errmsg" error-display="Blocked loading resource from url not allowed by $sceDelegate policy. URL: {0}">Blocked loading resource from url not allowed by $sceDelegate policy. URL: {0}</pre> </div> <h2>Description</h2> <div class="description"> <p>AngularJS' <a href="api/ng/service/$sce">Strict Contextual Escaping (SCE)</a> mode (enabled by default) has blocked loading a resource from an insecure URL.</p> <p>Typically, this would occur if you're attempting to load an Angular template from an untrusted source. It's also possible that a custom directive threw this error for a similar reason.</p> <p>Angular only loads templates from trusted URLs (by calling <a href="api/ng/service/$sce#getTrustedResourceUrl">$sce.getTrustedResourceUrl</a> on the template URL).</p> <p>By default, only URLs that belong to the same origin are trusted. These are urls with the same domain, protocol and port as the application document.</p> <p>The <a href="api/ng/directive/ngInclude">ngInclude</a> directive and <a href="guide/directive">directives</a> that specify a <code>templateUrl</code> require a trusted resource URL.</p> <p>To load templates from other domains and/or protocols, either adjust the <a href="api/ng/provider/$sceDelegateProvider#resourceUrlWhitelist">whitelist</a>/ <a href="api/ng/provider/$sceDelegateProvider#resourceUrlBlacklist">blacklist</a> or wrap the URL with a call to <a href="api/ng/service/$sce#trustAsResourceUrl">$sce.trustAsResourceUrl</a>.</p> <p><strong>Note</strong>: The browser's <a href="https://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_XMLHttpRequest">Same Origin Policy</a> and <a href="http://www.w3.org/TR/cors/">Cross-Origin Resource Sharing (CORS)</a> policy apply that may further restrict whether the template is successfully loaded. (e.g. neither cross-domain requests won't work on all browsers nor <code>file://</code> requests on some browsers)</p> </div>