Make Angular working with restrictive Content Security Policy (CSP)

Question

I cannot make base Angular2 (final) application works with the following restrictive CSP.

default-src \'none\';
script-src \'self\';
style-src \'self\';
font-src          


        

Answer 1

The problem has been solved using last Angular CLI version (starting with 1.0.0-beta.17). The following command serves a working application because it includes a-head-of-time compilation.

ng serve --prod