Turnkey extra meta tags
No edit summary
(Automatically adding template at the end of the page.)
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
To inject extra meta tags into your tunrkey application create a file like this:
To inject extra meta tags into your Turnkey application, create a file like this:
  Views/EXT_OverridePages/__ExtraMetaTags.cshtml
  Views/EXT_OverridePages/__ExtraMetaTags.cshtml
Example of meta tag you want to inject:
Example of the meta tag you want to inject:
  <meta http-equiv="Content-Security-Policy" content="default-src 'self'">
  <meta http-equiv="Content-Security-Policy" content="default-src 'self'">
The above meta tag does however knock out inline scripts and inline styles. Even if knocking out inline scripts might be ok (because standard Turnkey does not depend on them) knocking out inline styles are more problematic since boostrap and angularjs depend on the need to dynamically change styles via DOM manipulation. See this https://stackoverflow.com/questions/42401952/inline-style-error-with-content-security-policy-and-javascript
The above meta tag knocks out inline scripts and inline styles. Even if knocking out inline scripts might be ok (because standard Turnkey does not depend on them), knocking out inline styles is more problematic since Bootstrap and Angularjs depend on the need to change styles dynamically via DOM manipulation. See this: https://stackoverflow.com/questions/42401952/inline-style-error-with-content-security-policy-and-javascript


A more realistic security policy meta tag is this:
A more realistic security policy meta tag is this:
  <meta http-equiv="Content-Security-Policy" content="style-src 'unsafe-inline' 'self'; default-src 'self'">
  <meta http-equiv="Content-Security-Policy" content="style-src 'unsafe-inline' 'self'; default-src 'self'">


If the file is found the contents is read and injected after the standard meta tags.
If the file is found, the contents are read and injected after the standard meta tags.  


Use the [[AssetsTK]] strategy to inject your file into the application
Use the [[AssetsTK]] strategy to inject your file into the application.
[[Category:MDriven Turnkey]]
[[Category:MDriven Turnkey]]
{{Edited|July|12|2024}}

Latest revision as of 15:48, 10 February 2024

To inject extra meta tags into your Turnkey application, create a file like this: 

Views/EXT_OverridePages/__ExtraMetaTags.cshtml

Example of the meta tag you want to inject: 

<meta http-equiv="Content-Security-Policy" content="default-src 'self'">

The above meta tag knocks out inline scripts and inline styles. Even if knocking out inline scripts might be ok (because standard Turnkey does not depend on them), knocking out inline styles is more problematic since Bootstrap and Angularjs depend on the need to change styles dynamically via DOM manipulation. See this: https://stackoverflow.com/questions/42401952/inline-style-error-with-content-security-policy-and-javascript

A more realistic security policy meta tag is this: 

<meta http-equiv="Content-Security-Policy" content="style-src 'unsafe-inline' 'self'; default-src 'self'">

If the file is found, the contents are read and injected after the standard meta tags.

Use the AssetsTK strategy to inject your file into the application.

This page was edited 100 days ago on 02/10/2024. What links here
Retrieved from "https://wiki.mdriven.net/index.php?title=Documentation:Turnkey_extra_meta_tags&oldid=16800"

© MDRIVEN . All Rights Reserved

Glossary API Docs
MDriven World | Portal | Blog | YouTube | StackOverflow | Facebook

© MDRIVEN . All Rights Reserved