search

dojo / dojox

Dojo 1 - extras library. Please submit bugs to https://bugs.dojotoolkit.org/
https://dojotoolkit.org/
Other
150 stars 231 forks source link

Improve CSP compliance for gfx and charting #314

Closed msssk closed 4 years ago

msssk commented 4 years ago

Fixes #312

Remove usage of new Function()

This PR addresses the most common CSP issues with the charting code (and its gfx dependencies).

The Chart widget, when used with a declarative data provider, makes more extensive use of eval and dojox/functional.lambda and remains unaddressed in this PR. Using this widget this way is cumbersome and not recommended, and hopefully not being done in the wild.

dylans commented 4 years ago

Closed via 5491eff.

Backported as: