Is there any chance to change the name "script" to another term in src/features/script-load.js file
echo-qin opened this issue · comments
Description of Proposed Feature
We are using this lib to load other libs. We have some kind of code scan for our own project together with the dependencies.
For systemJS lib, we cannot pass the scan here: document.head.appendChild(script);. It is in the line 86 of the file src/features/script-load.js. The code scan platform says that it may allow an attacker to embed malicious content, such as Javascript code, which will be executed in the context of the victim's browser.
So, is there any chance to change the name of element from "script" to another term? But I'm not sure if this makes sense. Thanks.