3 * Parse inline JSON and initialize the drupalSettings global object.
7 // Use direct child elements to harden against XSS exploits when CSP is on.
8 const settingsElement = document.querySelector(
9 'head > script[type="application/json"][data-drupal-selector="drupal-settings-json"], body > script[type="application/json"][data-drupal-selector="drupal-settings-json"]',
13 * Variable generated by Drupal with all the configuration created from PHP.
19 window.drupalSettings = {};
21 if (settingsElement !== null) {
22 window.drupalSettings = JSON.parse(settingsElement.textContent);