https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36152 --- Comment #2 from Lucas Gass <lucas@bywatersolutions.com> --- (In reply to David Cook from comment #1)
Inline Javascript and CSS will be a problem for the eventual adoption of Content-Security-Policy.
If it were to be done, I think it would need to be stored in separate database columns, so that a CSP nonce could be added to it in the templates.
Then this seems like it would be more trouble then it is worth when we already have a good place for the JS, the USerJS's. I do sympathize with Andrew's problem. If you have a custom page that displays on the OPAC and staff interface you'll need to duplicate JS and put in both OPACJS and IntranetUserJS. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.