Move all JavaScript into JS files #1455
Comments
|
Do you have a list of all the javascript fragments which could be moved to separate JS file? Thanks. |
|
Well there are not too many. However it is not as easy as copy/paste to be fixed. The scripts need to be moved to an external JavaScript file load/execute/initialize from there. If-Else decisions built via Jinja2 (if x than execute this JS code, else another one) probably need to be done in JavaScript. And if necessary, they need to get the elements they want to address from DOM (e.g. by ID or tag name...). I'm not very familiar with JavaScript, so I cannot support with this... Here is a list of JavaScripts currently directly included and executed within the HTML templates: |
|
There are also some onclick handlers (see #1506). |
|
Thanks for reporting this issue. As there are a few issues open on the topic of CSP, I'm go to close this one in favour of #2344, so that we can keep conversation in one place. |
Hi,
great module, I appreciate it much :)
I've seen that most of the JavaScript functions are already located in dedicated JS files. However this is not consistent, as sometimes a little function is also defined within the HTML templates. Would it be possible to cleanly keep all JavaScript function definitions in a JS file and calling them from there?
As long as there is any JavaScript function definition within the HTML content of my application, I am not able to define and make use of the Content-Security-Policy HTTP header.
The Content-Security-Policy HTTP header is a great feature to mitigate Cross-Site-Scripting, and I'd really love to see it compatible with applications using Flask-Admin.
with best regards!
The text was updated successfully, but these errors were encountered: