Skip to content

Working with JavaScript

Daniel Pimley edited this page Oct 4, 2023 · 10 revisions

Chyrp Lite inlines all of its dynamic JavaScript in order to minimise page load times if the network connection has high latency or the server is resource-constrained. All scripts run in ECMAScript 5 strict mode for speed and security. A variety of triggers are provided to add custom JavaScript to your site.

Adding dynamic JavaScript

If you want to add a dynamic script to a blog page or the admin console, the best way to do this is to respond to the trigger calls javascript and admin_javascript and send your script content to output. Several of Chyrp Lite's bundled modules use this method, for example the Cascade module.

Adding static JavaScript

If you want to add a static script to a blog page, you can respond to the trigger filter scripts and provide the absolute path to your script file. To add your own static JavaScript to the admin console you can instead respond to the trigger call admin_head and output a complete <script> element.

jQuery

jQuery will always be available, loaded statically from includes/common.js.

Content Security Policy

If you want to add a Content Security Policy to your site, Chyrp Lite provides two triggers so that you can allow its inline JavaScript.

With the trigger call javascripts_hash you can generate a hash from the inline JavaScript content and declare this in your policy. With the trigger filter javascripts_nonce you can set a nonce value for the inline JavaScript content and declare this in your policy.

Clone this wiki locally