grafana/public/views
Kristian Bremberg 35407142d0
Feature: Trusted Types support (#64975)
* Draft: Feature: Trusted Types support

* remove trusted-types package

* Create policy before jQuery and Angular is loaded and add feature flag

* Add trustedTypePolicies

* Sanitize scriptURL

* Add TT meta tag for test env

* Move trusted types into core

* Add DOMParser support for TrustedHTML

* Seperate RSS sanitization and add better TrustedHTML support

* Get test CSP header from config

* Remove dompurify dep from core

* Add documentation for trusted types

* Apply suggestions from code review

Co-authored-by: Kristian Bremberg <114284895+KristianGrafana@users.noreply.github.com>

* Add comment about Github discussion thread and things breaking

* Remove changes from News panel

* Remove TT feature toggle

* Expose TT and CSPReportOnly to frontend

* Log errors in console when CSP report only is enabled

* Log error for reporting and remove test mode

* Only insert CSP header in HTML for dev env

* Update docs

---------

Co-authored-by: Tobias Skarhed <tobias.skarhed@gmail.com>
Co-authored-by: Tobias Skarhed <1438972+tskarhed@users.noreply.github.com>
2023-04-27 18:20:37 +02:00
..
error-template.html Build: Enable long term caching for frontend assets (#47625) 2022-05-26 11:49:18 +02:00
index-template.html Feature: Trusted Types support (#64975) 2023-04-27 18:20:37 +02:00
openapi3.html Implementing OpenApi 3 specs (converted from Swagger 2) (#53243) 2022-08-04 13:51:12 -03:00
swagger.html Swagger: Add integrity attributes (#48396) 2022-05-02 09:49:49 +02:00