Hello
We are currently working on improving the content security policy header of our application to remove the unsafe-inline and unsafe-eval for the script element.
I am facing some issues when using the Template element with the generated deferred javascript mostly in the grid and I hope someone could help me with that.
Firstly, I'd like to know if there are some tag helpers that could be used to generate some template. To be more explicit : we use some shared and partial views to render the components in edition mode in our grids. These views are written using tag helpers, for instance we have the following file Views\Shared\EditorTemplates\DateTime.cshtml :
@model DateTime
<kendo-datetimepicker asp-for="@Model" />
Used in our grids :
column.Bound(User => User.DateCreated).EditorTemplateName("DateTime")(this is a basic example but we have some more complex views using home made components with taghelper syntax)
I noticed there is a kendo-template tag helper and I would like to know if there is any way to use it in our views, so I could replace my view with the following code and use the EditorTemplateComponentName extension method in my grid :
<kendo-template>
<kendo-datetimepicker asp-for="@Model" />
</kendo-template>When I tried to do this I have an exception :
Secondly, I noticed an issue when using some kendo elements in editor templates: the javascript rendered in the deferred script file includes the initialisation scripts at the root of the script file. This mainly cause some issues in my pages when some other element has the same names (but I think it can lead to some other issues).
For instance, I have the following column definition in my grid:
<columns>
<column field="FullName" title="FullName"></column>
<column field="DateCreated" title="DateCreated">
<column-editor-template>
<kendo-datetimepicker name="dateCreated"></kendo-datetimepicker>
</column-editor-template>
</column>
</columns>Then in the kendo-deferred-script javascript file I can see the dateCreated element is inialized at the beginning of the file and in the template function:
I'm joining a sample application with both cases to help reproduce the issues.
Is there something I'm doing wrong or any improvement coming in the next versions to fix these issues ?
Thanks in advance
Yael
1 Answer, 1 is accepted
Hello Yael,
Thank you for the images and the details provided.
Upon reviewing the ticket, it has come to our attention that there is no active support license associated with your account. Consequently, this restricts the level of support we can provide. To fully access all the benefits of our support services, it is necessary to purchase a license.
Nevertheless, our template projects include an “EditorTemplates” folder containing pre-built templates. These can be utilized in place of the custom “TagHelpers” templates.
In addition, there are some resources you can review with information about the "CSP" templates:
- https://docs.telerik.com/kendo-ui/framework/templates/get-started-csp-templates
- https://docs.telerik.com/aspnet-core/html-helpers/helper-basics/using-client-templates#content-security-policy-csp-templates
I hope this information was helpful.
Regards,
Ivaylo
Progress Telerik
Love the Telerik and Kendo UI products and believe more people should try them? Invite a fellow developer to become a Progress customer and each of you can get a $50 Amazon gift voucher.