Skip to content

Move polyfill JavaScript code to be included as a remote script from … #14318

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 13, 2018
Merged

Move polyfill JavaScript code to be included as a remote script from … #14318

merged 1 commit into from
Apr 13, 2018

Conversation

@jonathanKingston
Copy link
Contributor

@jonathanKingston jonathanKingston commented Mar 24, 2018

Description

Inline <script tags are a source of code injection, the browser can protect against this with CSP to block inline scripts. However Magento has a lot of inline scripts that need removing bit-by-bit.

Fixed Issues (if relevant)

  1. Removal of an inline script block

Manual testing scenarios

  1. Ensure browsers with no localstorage still support storage

Contribution checklist

  • Pull request has a meaningful description of its purpose
  • All commits are accompanied by meaningful commit messages
  • All new or changed code is covered with unit/integration tests (if applicable)
  • All automated tests passed successfully (all builds on Travis CI are green)

@orlangur orlangur requested a review from VladimirZaets March 24, 2018 13:26
@maghamed maghamed added the Event: distributed-cd Distributed Contribution Day label Mar 24, 2018
@jonathanKingston jonathanKingston force-pushed the 2.3-develop_removal-of-pollyfill-inline branch from fb92257 to 3668651 Compare March 25, 2018 19:22
@jonathanKingston
Copy link
Contributor Author

jonathanKingston commented Mar 26, 2018

Updating to fix the coding style since it was moved...

@jonathanKingston jonathanKingston force-pushed the 2.3-develop_removal-of-pollyfill-inline branch from 3668651 to ab934f6 Compare March 26, 2018 09:51
@jonathanKingston
Copy link
Contributor Author

jonathanKingston commented Mar 26, 2018

Updated code style which is now passing locally.

@jonathanKingston jonathanKingston mentioned this pull request Mar 26, 2018
Closed
4 tasks
@jonathanKingston jonathanKingston force-pushed the 2.3-develop_removal-of-pollyfill-inline branch 2 times, most recently from bb1bbb2 to 495818f Compare March 27, 2018 08:50
@jonathanKingston jonathanKingston force-pushed the 2.3-develop_removal-of-pollyfill-inline branch from 495818f to 823f07a Compare March 28, 2018 11:17
@VladimirZaets VladimirZaets self-assigned this Apr 2, 2018
VladimirZaets
VladimirZaets requested changes Apr 2, 2018
View reviewed changes
Copy link
Contributor

@VladimirZaets VladimirZaets left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @jonathanKingston. Please fix it using the backward compatible way. We can't delete block from the layout. Please look at our document for more details about backward compatibility. You can leave the block declaration, and use <script type="text/x-magento-init"> to initialize js file.

@jonathanKingston
Copy link
Contributor Author

jonathanKingston commented Apr 4, 2018

@VladimirZaets I'm a little confused by your comment, this should be fully backwards compatible no? If I use an init block it will be asynchronously loaded where as this will load synchronously in the same manner as the embedded block currently.
Are you suggesting that the app/code/Magento/Theme/view/frontend/templates/js/polyfill.phtml file should still exist? If so the only way would be for this to import the new JS file I have created.

@VladimirZaets
Copy link
Contributor

VladimirZaets commented Apr 12, 2018

@jonathanKingston We had discussion about this case and take desition that your fix is ok, so we will merge your fix in the near time, thanks.

@magento-engcom-team magento-engcom-team added this to the April 2018 milestone Apr 12, 2018
@magento-engcom-team magento-engcom-team merged commit 823f07a into magento:2.3-develop Apr 13, 2018
magento-engcom-team pushed a commit that referenced this pull request Apr 13, 2018
ENGCOM-1265: Move polyfill JavaScript code to be included as a remote…
cfd3ca6 
… script from … #14318
@magento-engcom-team
Copy link
Contributor

magento-engcom-team commented Apr 13, 2018

Hi @jonathanKingston. Thank you for your contribution.
Changes from your Pull Request will be available with the upcoming 2.3.0 release.

@ihor-sviziev ihor-sviziev mentioned this pull request Jul 23, 2018
Closed
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@VladimirZaets VladimirZaets VladimirZaets approved these changes

Assignees

@VladimirZaets VladimirZaets

Labels

Event: distributed-cd Distributed Contribution Day Progress: accept Release Line: 2.3

Projects

None yet

Milestone

April 2018

Development

Successfully merging this pull request may close these issues.

4 participants

@jonathanKingston @VladimirZaets @magento-engcom-team @maghamed