attachinline

Inline JavaScript should be re-rewritten for Drupal 8 to define libraries and use drupalSettings to pass data.

When inline code blocks are absolutely necessary, this module extends Drupal's asset system to allow attaching inline scripts and styles to render array elements.

When using Content Security Policy module, hashes are automatically added to the page's policy to remove the need for 'unsafe-inline', and limit the risk of Cross Site Scripting vulnerabilities.

Example Usage

$render['element'] = [
  '#attached' => [
    // Existing Functionality
    'library' => [
      'drupal/drupalSettings'
    ],
    'drupalSettings' => ['module' => $data],

    // New functionality
    'js' => [
      [
        'data' => 'alert("Hi!")',
        'scope' => 'header',
        'dependencies' => ['core/jquery'],
      ],
    ],
    'css' => [
      [
        'data' => '#logo { border 1px solid #000; }',
        'attributes' => [
          'media' => 'all',
        ]
        'group' => CSS_THEME,
      ],
    ],
  ],
];