Issue #2592925 by Fabianx, Sagar Ramgade: Harden drupalSettings selector against XSS when CSP is enabled