Task #87418

Epic #87417: Integrate proper Content Security Policy (CSP) handling

Refactor and remove usage of inline scripts in backend

Added by Oliver Hader 8 months ago. Updated 8 months ago.

Status:
New
Priority:
Should have
Assignee:
-
Category:
Backend JavaScript
Start date:
2019-01-13
Due date:
% Done:

0%

TYPO3 Version:
10
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

Dynamically generated <script> tags must be avoided and refactored to be used as static resources, dynamic use-cases have to be controlled by applying according settings (e.g. data-attributes and/or JSON configuration).

Examples (these resources have not been verified in detail and the list is not completed):

Search criteria:

  • <script>
  • GeneralUtility::wrapJS
  • GeneralUtility::writeJavaScriptContentToTemporaryFile
  • Response::addAdditionalHeaderData

History

#1 Updated by Oliver Hader 8 months ago

  • Tracker changed from Epic to Task
  • TYPO3 Version set to 10

Also available in: Atom PDF