Closed pvullioud closed 6 years ago
I'm not sure I like adding Javascript to be something easily done. You can always add JS with a custom plugin, it seems a bit dangerous to allow anyone with permissions to manage the backend branding to insert arbitrary JS though.
You can also break the backend with custom css :) It make sens to do an external plugin as a start. You can close the issue
Break the backend, yes. Enable hidden XSS attacks by malicious backend users? Not quite :)
Expected behavior
Actual behavior
We can inject CSS in the backend template but not Javascript This could be useful to implement tracking code and third party integration.
I can implement it if you agree with the proposal