Content injection via resources
I'm not sure what's totally fine or not in content injection.
But I'm pretty sure that having access to another DOM element from the content of a resource is not fine at all.
See: https://jsbin.com/lojibacuvo/1/edit?html,output
For reference, it's only few CSS lines on https://api.test3.startinblox.com/dashboards/1/ impacting the whole page.
content: "<span>This is a 1 size</span>\r\n<style>*::before{content:\"I ♥ CHEESE\";}*{background-color:pink}</style>"
By the way, I still love to have the possibility of serving HTML! We want that! But only if it's scoped to the target element and not the whole page.