Actions
Task #95874
closedEpic #87417: Integrate proper Content Security Policy (CSP) handling
Task #87418: Refactor and remove usage of inline scripts in backend
Avoid JavaScript eval function in FormEngine AjaxDispatcher
Start date:
2021-11-04
Due date:
% Done:
0%
Estimated time:
TYPO3 Version:
11
PHP Version:
Tags:
Complexity:
Sprint Focus:
Description
AjaxDispatcher
uses implicit JavaScript eval
, see
https://github.com/TYPO3/typo3/blob/v11.5.2/Build/Sources/TypeScript/backend/Resources/Public/TypeScript/FormEngine/InlineRelation/AjaxDispatcher.ts#L122
→ use JSON handling instead of pure string-eval
require([ModuleA], function(module) { ... }); require([ModuleB], function(module) { ... });
to be
[ {"type":"javaScriptModuleInstruction","payload":{...}}, // explicit structure via JavaScriptModuleInstruction "require([ModuleB], function(module) { ... });" // legacy eval as string ]
Actions