Hi guys,
sorry for spamming you with my noob questions, but I find no solutions via google.
I found page.httpResponseHead.headers.* to add a content-security-policy which bans inline-scripts, but this results in a lot of error messages in the backend. So the questions is, how to add http headers only to the live workspace. I know the ts if condition, but I need an argument. In the view I can use node.context.workspace.name, but how can I access this information inside the ts?
Here’s my ts for adding a js for live workspace only:
javascripts.frontend = TYPO3.TypoScript:Template {
templatePath = 'resource://Visay.PhnomClimb/Private/Templates/Page/Default.html'
sectionName = 'frontendBodyScripts'
}
javascripts.frontend.@process.1 = ${node.context.workspaceName == 'live' ? value : ''}
Hope it helps 
Alternative:
javascripts.frontend = TYPO3.TypoScript:Template {
templatePath = 'resource://Visay.PhnomClimb/Private/Templates/Page/Default.html'
sectionName = 'frontendBodyScripts'
@if.inLiveWorkspace = ${node.context.workspaceName == 'live'}
}I think the second solution is much cleaner, but thanks for helping. For the record, this is how it looks and works now:
httpResponseHead.headers.Content-Security-Policy = "default-src 'self'; style-src 'self' 'unsafe-inline'"
httpResponseHead.headers.Content-Security-Policy.@if.1 = ${node.context.workspaceName == 'live'}