Closed
Description
Rustdoc currently emits two inline <script>
tags into each HTML page it generates, making it hard to enforce content security policies on websites hosting documentation. The two tags in question are:
<script>window.sidebarCurrent = {name: "rustwide", ty: "mod", relpath: "../"};</script>
<script>window.rootPath = "../";window.currentCrate = "rustwide";</script>
Both of the tags just define variables used by the JavaScript code, and it should be possible to replace them with data-
attributes loaded by main.js
without other changes to the codebase:
<div id="rustdoc-vars" data-root-path="../" data-current-crate="rustwide" ...></div>
// Top of main.js
var rustdocVars = document.getElementById("rustdoc-vars");
window.rootPath = rustdocVars.attributes["data-root-path"];
window.currentCrate = rustdocVars.attributes["data-current-crate"];