Task #87418

Epic #87417: Integrate proper Content Security Policy (CSP) handling

Refactor and remove usage of inline scripts in backend

Added by Oliver Hader over 2 years ago. Updated about 2 months ago.

Status:
Accepted
Priority:
Should have
Assignee:
-
Category:
Backend JavaScript
Start date:
2020-04-13
Due date:
% Done:

75%

Estimated time:
(Total: 0.00 h)
TYPO3 Version:
10
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

Dynamically generated <script> tags must be avoided and refactored to be used as static resources, dynamic use-cases have to be controlled by applying according settings (e.g. data-attributes and/or JSON configuration).

Examples (these resources have not been verified in detail and the list is not completed):

Search criteria:

  • <script>
  • GeneralUtility::wrapJS
  • GeneralUtility::writeJavaScriptContentToTemporaryFile
  • Response::addAdditionalHeaderData

Subtasks

Task #91015: Reduce inline JavaScript in ext:beuserClosedOliver Hader2020-04-13

Actions
Task #91016: Reduce inline JavaScript in ext:filelistClosedOliver Hader2020-04-13

Actions
Task #91052: Reduce inline onchange events in backend scopeClosedOliver Hader2020-04-15

Actions
Task #91109: Reduce inline JavaScript in ext:redirects and ext:schedulerClosedOliver Hader2020-04-18

Actions
Task #91110: Remove superfluous onclick events in FormEngineClosedOliver Hader2020-04-18

Actions
Task #91111: Reduce inline JavaScript in QueryViewClosedOliver Hader2020-04-18

Actions
Task #91117: Use GlobalEventHandler and ActionDispatcher instead of inline JSClosedOliver Hader2020-04-18

Actions
Task #91120: Remove superfluous inline JavaScript assignment in ext:beuserClosedOliver Hader2020-04-18

Actions
Task #91122: Introduce DocumentService as JQuery.ready substituteClosed2020-04-18

Actions
Task #91123: Avoid inline JavaScript generated by BackendUtility:viewOnClickClosedOliver Hader2020-04-18

Actions
Task #91124: Add substitutes for module menu navigationNewOliver Hader2021-05-04

Actions
Task #94058: Remove goToModule() inline JavaScript invocationsResolved2021-05-04

Actions
Task #91125: Add substitutes for declaring static inline settingsNewOliver Hader2020-04-18

Actions
Task #91132: Reduce inline JavaScript in ext:setupClosedOliver Hader2020-04-19

Actions
Task #91191: Reduce inline JavaScript for refreshing backend componentsClosedOliver Hader2020-04-25

Actions
Task #91786: Replace RequireJS module loading and invocationNewOliver Hader2020-07-12

Actions
Task #91787: Deprecate and replace inline JavaScript in FormEngineNewOliver Hader2020-07-12

Actions
Task #91795: Replace window.open with WindowManager & PreviewUriBuilderNewOliver Hader2020-07-13

Actions
Task #91804: Remove inline JavaScript from backend paginate view helperClosedOliver Hader2020-07-15

Actions
Task #91815: Remove window.open inline JavaScriptUnder ReviewOliver Hader2020-07-17

Actions
Task #91820: Remove inline onclick code from MoveElementControllerClosedOliver Hader2020-07-17

Actions
#1

Updated by Oliver Hader over 2 years ago

  • Tracker changed from Epic to Task
  • TYPO3 Version set to 10
#2

Updated by Georg Ringer over 1 year ago

  • Status changed from New to Accepted

Also available in: Atom PDF