Why would global panel js be more unsafe than a field js?

For security reasons it is not possible to include a custom javascript file.

https://getkirby.com/docs/developer-guide/panel/css

Security is really important but we can include javascript files in a panel field. Why would it be more insecure to allow a global javascript file?

Many fields need JS to work. We just don’t want to make the custom global JS an official feature. Otherwise a lot of people would start using it without being sure about the consequences.

I still think it would be good for many developers to bend the panel, but perhaps the solution is not a global javascript file but something else?

Do you have any alternative ideas that would be better? I don’t want to give it up just yet. :slight_smile:

1 Like

Do you have an alternative idea? :slight_smile:

I have a very vague idea. It’s to have plugin like features bound to specific surface in the panel.

For example:

  • Menu
  • Topbar
  • Main

So when you add a menu plugin the js should if doing it correctly only modify the menu. The same goes for the other parts.

Today we have these:

  • Widget
  • Field

So it’s kind of a continuation of that but on other stuff. What do you think?

1 Like