So I wonder if there's a workaraound to get a variable into while read from the WP editor. I cannot use PHP because it's not supported by the editor (and I cannot use a PHP plugin to allow editor php because of safety measures). However, I cannot do this because the script tag isn't a typical external javascript loaded via the Wordpress functions.php setup. How do I pass variables and data from PHP to JavaScript? I'm aware of different methods to read the PHP variable in html or javascript and methods to pass it into the script tags, like these: I need to add the nonce variable to the script tags here, too because I cannot use the 'unsafe-inline' value for script-src in the CSP (because it contradicts the whole point of using CSP). The client wants to edit the charts, so it has to be like this.
The codeblocks in the editor load JS scripts with config for Chart.js (the chart library loads correctly from an external source I explicit authorize in the CSP). This works for all but two scripts that are located in two wp-blocks of the Plain HTML type in the page editor. Then I evaluate the script tags' nonce value in my html to allow it to be echoed into the output by php.
I create the $nonce variable in PHP with the built in Wordpress method at the top of my template: Because of Content-Security-Policy (CSP) my inline tags will be blocked if they don't contain a nonce=".
0 kommentar(er)
