mirror of
https://github.com/grafana/grafana.git
synced 2025-02-25 18:55:37 -06:00
* Draft: Feature: Trusted Types support * remove trusted-types package * Create policy before jQuery and Angular is loaded and add feature flag * Add trustedTypePolicies * Sanitize scriptURL * Add TT meta tag for test env * Move trusted types into core * Add DOMParser support for TrustedHTML * Seperate RSS sanitization and add better TrustedHTML support * Get test CSP header from config * Remove dompurify dep from core * Add documentation for trusted types * Apply suggestions from code review Co-authored-by: Kristian Bremberg <114284895+KristianGrafana@users.noreply.github.com> * Add comment about Github discussion thread and things breaking * Remove changes from News panel * Remove TT feature toggle * Expose TT and CSPReportOnly to frontend * Log errors in console when CSP report only is enabled * Log error for reporting and remove test mode * Only insert CSP header in HTML for dev env * Update docs --------- Co-authored-by: Tobias Skarhed <tobias.skarhed@gmail.com> Co-authored-by: Tobias Skarhed <1438972+tskarhed@users.noreply.github.com>