[D7] Convert drupalSettings from JavaScript to JSON, to allow for CSP in the future

Created on 12 August 2016, about 8 years ago

Updated 16 May 2024, 4 months ago

Copy the last 7.x patch from the original 8.x issue, and continue.

📌 Task

Status

RTBC

Version

7.0 ⚰️

Component

Javascript →

Last updated 25 minutes ago

Created by

🇬🇧United Kingdom catch

Live updates comments and jobs are added and updated live.

Security improvements
It makes Drupal less vulnerable to abuse or misuse. Note, this is the preferred tag, though the Security tag has a large body of issues tagged to it. Do NOT publicly disclose security vulnerabilities; contact the security team instead. Anyone (whether security team or not) can apply this tag to security improvements that do not directly present a vulnerability e.g. hardening an API to add filtering to reduce a common mistake in contributed modules.

Incomplete comments

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Comment 10 months ago →
🇬🇧United Kingdom kenorb
Open in Jenkins → Open on Drupal.org →
Environment: PHP 8.0 & MySQL 5.7
last update 10 months ago
2,163 pass
Open in Jenkins → Open on Drupal.org →
Environment: PHP 8.1 & MySQL 5.7
last update 10 months ago
2,163 pass
Open in Jenkins → Open on Drupal.org →
Environment: PHP 8.1 & MySQL 5.7
last update 10 months ago
2,166 pass
Comment 10 months ago →
🇺🇸United States cboyden
Updated the patch from #33 to apply cleanly to the latest version.
Comment 6 months ago →
🇺🇸United States DamienMcKenna NH, USA
Status changed to RTBC 4 months ago7:18pm 16 May 2024
Comment 4 months ago →
🇺🇸United States dsnopek USA
The patch on #45 looks good to me, and has been working fine on some production sites for a while.

Production build 0.71.5 2024