Custom Query (18300 matches)


Show under each result:

Results (61 - 63 of 18300)

Ticket Resolution Summary Owner Reporter
#18909 fixed Use csp-restrictions when setting has for dojo-v1x-i18n-Api Neil Roberts

If csp-restrictions are on, the code in dojox-v1x-i18-Api won't work due to the eval code in it. We should be able, then, to disable dojo-v1x-i18n-Api when csp-restrictions are on.

#18908 invalid getLocalization calls still existing in dijit despite the method being deprecated Neil Roberts

We are trying to run dijit with unsafe-eval enabled which requires turning off the dojo-v1x-i18n-Api. This creates problems because there are still a large number of getLocalization calls remaining in dijit. All remaining getLocalization calls should be updated to use the i18n plugin.

#18907 fixed Possible Content Security Policy violations Jolly42

I have been looking into using dojo with a Content Security Policy in place.

Whilst doing this I've found two places where dojo violates the unsafe-eval protection of CSP. line 784 and line 470

Both of these make use of Function(string).

It was my, quite possibly erroneous, understanding that by adding csp-restrictions to the 'has' part of my dojo config, dojo would be placed in a CSP mode, for want of a better term, and would then not cause unsafe-eval violations.

I can provide a simple example if needed.

Note: See TracQuery for help on using queries.