Change
Get rid of client side eval again
Developer comments
Removed all uses with the exception of form and source code editor. The form uses evaluated code in general and for the admin specifically. In general because constraints hold stringified JavaScript functions in JSON notation (compund constraints and form code). These could be made into real objects with unquoted functions which are defined then on page load by the browser without eval. But the constraints can also be loaded via XHR. Hmm. This probably could be tackled by using %strict-dynamic%.
The admin sometimes edits code in occurrence fields. To make this comforable, syntax highlighting and autoformatting are loaded dynamically via XHR. They are rather large, so they are not included by default.
For now the form and also the source code editor are therefore served with 'unsafe-eval'.
HTML services might also serve forms.
Removed the need for unsafe-eval for all resources for anyone but the administrator. The admin needs it for code editor and code editing in the form.
|
Work sessions8
Start |
2021-08-13T20:20:48
|
End |
2021-08-13T22:12:08
|
Participant |
Robert Cerny
|
Start |
2021-08-14T09:46:53
|
End |
2021-08-14T18:15:25
|
Participant |
Robert Cerny
|
Start |
2021-08-15T19:33:52
|
End |
2021-08-15T21:33:58
|
Participant |
Robert Cerny
|
Start |
2021-08-15T08:34:01
|
End |
2021-08-15T12:17:53
|
Participant |
Robert Cerny
|
Start |
2021-08-15T12:39:54
|
End |
2021-08-15T13:25:58
|
Participant |
Robert Cerny
|
Start |
2021-08-15T14:22:08
|
End |
2021-08-15T16:23:28
|
Participant |
Robert Cerny
|
Start |
2021-08-16T20:35:10
|
End |
2021-08-16T22:35:50
|
Participant |
Robert Cerny
|
Start |
2021-08-17T07:53:48
|
End |
2021-08-17T08:33:55
|
Participant |
Robert Cerny
|
|
We are sorry
This page cannot be displayed in your browser. Use Firefox, Opera, Safari, or Chrome instead.