diff options
author | 2024-03-18 00:45:41 +0100 | |
---|---|---|
committer | 2024-03-20 17:50:37 -0700 | |
commit | ed2077119491bcc198ae84df5b1b1ed6f13f78f1 (patch) | |
tree | 408252a9571f8b28a9fda14b9949bd73831a5d28 /internal/ui/static/js/bootstrap.js | |
parent | beb8c80787beadbfdb8b970368a3200f7d59f58e (diff) | |
download | v2-ed2077119491bcc198ae84df5b1b1ed6f13f78f1.tar.gz v2-ed2077119491bcc198ae84df5b1b1ed6f13f78f1.tar.zst v2-ed2077119491bcc198ae84df5b1b1ed6f13f78f1.zip |
Enable trusted-types
This commit adds a policy, and make use of it in the Content-Security-Policy.
I've tested it the best I could, both on a modern browser supporting
trusted-types (Chrome) and on one that doesn't (firefox).
Thanks to @lweichselbaum for giving me a hand to wrap this up!
Diffstat (limited to 'internal/ui/static/js/bootstrap.js')
-rw-r--r-- | internal/ui/static/js/bootstrap.js | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/internal/ui/static/js/bootstrap.js b/internal/ui/static/js/bootstrap.js index c83704c3..44d6e716 100644 --- a/internal/ui/static/js/bootstrap.js +++ b/internal/ui/static/js/bootstrap.js @@ -129,7 +129,7 @@ document.addEventListener("DOMContentLoaded", () => { if ("serviceWorker" in navigator) { const scriptElement = document.getElementById("service-worker-script"); if (scriptElement) { - navigator.serviceWorker.register(scriptElement.src); + navigator.serviceWorker.register(ttpolicy.createScriptURL(scriptElement.src)); } } |