From 5d6e425da4f78837db32178d17e9207be98536e3 Mon Sep 17 00:00:00 2001
From: Phil <phil.ayres@consected.com>
Date: Fri, 23 Jan 2026 12:45:00 +0000
Subject: [PATCH 1/7] Updated CHANGELOG

---
 CHANGELOG.md | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3f0823a408..6affb00220 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -14,6 +14,60 @@ Since [version 8.4.0](#840---2024-01-10) the convention is that releases made wi
 
 ## Unreleased
 
+### From FPHS - PR #870 - 2026-01-23
+
+- [Changed] embedded_block in report to allow URLs with /edit - fixes #325
+- [Fixed] embedded_block in report to allow activity log URLs
+
+### From FPHS - PR #868 - 2026-01-22
+
+- [Added] activity log access summaries in admin panel - resolves #867
+
+### From FPHS - PR #865 - 2026-01-22
+
+- [Added] `active_sublist_values` option to page layouts `view_options` - fixes #584
+- [Added] `sort_sublists` option to set default sort order (`'asc'` or `'desc'`) to page layouts `view_options`
+
+### From FPHS - PR #864 - 2026-01-22
+
+- [Added] a scope to exclude a role name from a user access controls query (required coalesce to work)
+- [Added] the ability to show extra calculated columns in admin index lists
+- [Added] UAC summary to Dynamic Model and External Identifier admin panels - fixes #859
+
+### From FPHS - PR #860 - 2026-01-21
+
+- [Added] access control filtering for master tabs nav dropdown - fixed #673
+
+- [Fixed] External IDs panel blank when switching participants, resolves original issue #653 incorrectly addresed by PR #855  - fixes #857
+
+### From FPHS - PR #856 - 2026-01-21
+
+- [Fixed] view_options.alt_width_classes not working for external ID or dynamic models displayed in master panels - fixes #389
+
+### From FPHS - PR #855 - 2026-01-20
+
+- [Fixed] external IDs panel not showing content when switching participants  - fixed #653
+
+### From FPHS - PR #854 - 2026-01-20
+
+- [Fixed] error parsing JSON field when the content is an empty string - fixes #853
+
+### From FPHS - PR #852 - 2026-01-20
+
+- [Fixed] issue when users tried to reset their password with a previously used password, they saw confusing duplicate errors - fixes #340
+
+### From FPHS - PR #851 - 2026-01-20
+
+- [Fixed] switch_id_on_click for multiple external IDs - fixed #312
+
+### From FPHS - PR #850 - 2026-01-20
+
+- [Fixed] styling on admin log and long lines in YAML editors
+
+### From FPHS - PR #849 - 2026-01-20
+
+- [Fixed] spec test issues
+
 ## [9.42.1] - 2026-01-19
 
 ### From FPHS - PR #848 - 2026-01-19

From bb00062bfbe7c9d03512cf314bf56727cc21e555 Mon Sep 17 00:00:00 2001
From: Phil <phil.ayres@consected.com>
Date: Fri, 23 Jan 2026 12:45:24 +0000
Subject: [PATCH 2/7] Updated gems

---
 Gemfile.lock | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index e992c83285..64c6147146 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -107,7 +107,7 @@ GEM
     ansi (1.5.0)
     ast (2.4.3)
     aws-eventstream (1.4.0)
-    aws-partitions (1.1206.0)
+    aws-partitions (1.1209.0)
     aws-sdk-cloudwatchlogs (1.138.0)
       aws-sdk-core (~> 3, >= 3.241.4)
       aws-sigv4 (~> 1.5)
@@ -199,7 +199,7 @@ GEM
       railties (>= 4.1.0)
       responders
       warden (~> 1.2.3)
-    devise-two-factor (6.3.0)
+    devise-two-factor (6.3.1)
       activesupport (>= 7.0, < 8.2)
       devise (>= 4.0, < 5.0)
       railties (>= 7.0, < 8.2)
@@ -441,12 +441,12 @@ GEM
     rubyzip (2.3.2)
     sass (3.7.4)
       sass-listen (~> 4.0.0)
-    sass-embedded (1.97.2)
+    sass-embedded (1.97.3)
       google-protobuf (~> 4.31)
       rake (>= 13)
-    sass-embedded (1.97.2-arm64-darwin)
+    sass-embedded (1.97.3-arm64-darwin)
       google-protobuf (~> 4.31)
-    sass-embedded (1.97.2-x86_64-linux-gnu)
+    sass-embedded (1.97.3-x86_64-linux-gnu)
       google-protobuf (~> 4.31)
     sass-listen (4.0.0)
       rb-fsevent (~> 0.9, >= 0.9.4)

From 59791490a130f944600bffaa4f55dd0115ed0d6f Mon Sep 17 00:00:00 2001
From: Restructure Build Process <phil_ayres@hms.harvard.edu>
Date: Fri, 23 Jan 2026 12:51:32 +0000
Subject: [PATCH 3/7] Built and tested release-ready version '9.42.2' - dev
 repo

---
 CHANGELOG.md                | 2 ++
 db/dumps/current_schema.sql | 4 ++--
 security/brakeman-output.md | 4 ++--
 version.txt                 | 2 +-
 4 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6affb00220..601b484b69 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -14,6 +14,8 @@ Since [version 8.4.0](#840---2024-01-10) the convention is that releases made wi
 
 ## Unreleased
 
+## [9.42.2] - 2026-01-23
+
 ### From FPHS - PR #870 - 2026-01-23
 
 - [Changed] embedded_block in report to allow URLs with /edit - fixes #325
diff --git a/db/dumps/current_schema.sql b/db/dumps/current_schema.sql
index 5586780877..701bc68b29 100644
--- a/db/dumps/current_schema.sql
+++ b/db/dumps/current_schema.sql
@@ -3,7 +3,7 @@ begin;
 -- PostgreSQL database dump
 --
 
-\restrict Xc22WOT33J32vhwOjKoaIWm17DTfh6sN5BDBKd2ZndNlCrETBDKwALR2KhOzrbo
+\restrict 2JhpvDCyGSuytjZZu6pd1fPKNBzyUNOya35CXF2TQgwbemuOXfya89lQHafV5qj
 
 -- Dumped from database version 15.15
 -- Dumped by pg_dump version 15.15
@@ -23299,6 +23299,6 @@ ALTER TABLE ONLY ref_data.redcap_data_dictionary_history
 -- PostgreSQL database dump complete
 --
 
-\unrestrict Xc22WOT33J32vhwOjKoaIWm17DTfh6sN5BDBKd2ZndNlCrETBDKwALR2KhOzrbo
+\unrestrict 2JhpvDCyGSuytjZZu6pd1fPKNBzyUNOya35CXF2TQgwbemuOXfya89lQHafV5qj
 
 commit;
diff --git a/security/brakeman-output.md b/security/brakeman-output.md
index f103b5812c..c45895ea2a 100644
--- a/security/brakeman-output.md
+++ b/security/brakeman-output.md
@@ -2,7 +2,7 @@
 
 | Application path    | Rails version | Brakeman version | Started at                | Duration             |
 |---------------------|---------------|------------------|---------------------------|----------------------|
-| /output/restructure | 7.2.3         | 7.1.2            | 2026-01-19 18:43:15 +0000 | 21.873932121 seconds |
+| /output/restructure | 7.2.3         | 7.1.2            | 2026-01-23 12:50:05 +0000 | 20.850077809 seconds |
 
 | Checks performed                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
 |------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
@@ -14,7 +14,7 @@
 |-------------------|-------|
 | Controllers       | 70    |
 | Models            | 191   |
-| Templates         | 425   |
+| Templates         | 426   |
 | Errors            | 0     |
 | Security Warnings | 0 (0) |
 | Ignored Warnings  | 33    |
diff --git a/version.txt b/version.txt
index 797f20aaba..a4841a86c5 100644
--- a/version.txt
+++ b/version.txt
@@ -1 +1 @@
-9.42.1
\ No newline at end of file
+9.42.2
\ No newline at end of file

From 3724cd2cdafe915ba2619d9fe3fb56f96ad34d75 Mon Sep 17 00:00:00 2001
From: Phil <phil.ayres@consected.com>
Date: Tue, 27 Jan 2026 08:28:21 +0000
Subject: [PATCH 4/7] Added Content-Security-Policy with nonces for inline
 scripts and Handlebars templates - fixes #279

---
 .github/agents/plan.agent.md                  |  2 +
 .github/copilot-instructions.md               |  7 ++
 .../rspec-system-spec.instructions.md         | 27 +++--
 app-scripts/parallel_test.sh                  |  2 +-
 app/assets/javascripts/app/_fpa_form_utils.js | 19 ++++
 app/assets/stylesheets/admin/admin.scss       | 49 ++++++++++
 .../stylesheets/admin/parsed_config.scss      | 28 ++++++
 app/assets/stylesheets/admin/server_info.scss | 28 ++++++
 app/assets/stylesheets/admin_index.css        |  1 +
 .../stylesheets/app/activity_log.css.scss     | 14 +++
 app/assets/stylesheets/app/devise.css.scss    | 15 +++
 app/assets/stylesheets/app/e_sign.css.scss    | 13 +++
 .../stylesheets/app/markdown-editor.scss      | 35 +++++++
 app/assets/stylesheets/app/page_layouts.scss  | 11 +++
 app/assets/stylesheets/app/reports.scss       | 39 ++++++++
 .../stylesheets/app/search_results.scss       |  7 ++
 .../app/secure_view/secure_view.scss          |  5 +
 app/controllers/csp_reports_controller.rb     | 11 +++
 app/helpers/application_helper.rb             | 27 +++++
 app/helpers/big_select_field_helper.rb        | 16 ++-
 .../edit_fields/edit_form_field_helper.rb     |  9 +-
 .../reports_common_result_cell.rb             | 23 +++--
 .../_common_search_results_template.html.erb  | 30 +++---
 .../common/_parsed_config_panel.html.erb      | 28 ------
 .../_def_details_field_configs.html.erb       |  4 +-
 .../_def_version_head_identifiers.html.erb    |  6 +-
 .../common_templates/_def_versions.html.erb   |  2 +-
 .../admin/common_templates/_form.html.erb     |  8 +-
 .../admin/common_templates/_index.html.erb    |  4 +-
 .../admin/common_templates/_item.html.erb     |  2 +-
 .../dynamic_models/_def_details.html.erb      |  4 +-
 .../admin/external_identifier_details/new.erb |  4 +-
 .../message_notifications/_index.html.erb     |  8 +-
 .../_accuracy_score_block.html.erb            |  4 +-
 .../_general_selections_block.html.erb        |  6 +-
 .../reference_data/_item_flags_block.html.erb |  6 +-
 .../reference_data/_protocol_block.html.erb   |  8 +-
 .../_table_list_block_part.html.erb           |  4 +-
 app/views/admin/reports/_form.html.erb        |  4 +-
 .../form/_admin_criteria_view.html.erb        |  2 +-
 .../form/_search_attr_definer.html.erb        |  2 +-
 app/views/admin/server_info/index.html.erb    |  4 +-
 .../admin/server_info/rails_log.html.erb      | 10 +-
 .../_common_page_template_result.html.erb     |  8 +-
 .../common_templates/_common_parts.html.erb   | 46 ++++-----
 .../_common_template_list.html.erb            |  8 +-
 .../_common_template_references.html.erb      |  4 +-
 .../_common_template_result.html.erb          | 20 ++--
 .../_common_template_result_fields.html.erb   | 28 +++---
 .../common_templates/_edit_form_filestore.erb |  4 +-
 .../_references_results.html.erb              |  8 +-
 .../_search_results_template.html.erb         | 25 +++--
 .../e_signature/_show_parts.html.erb          |  8 +-
 .../_name_is_e_signed_document.html.erb       |  4 +-
 .../markdown_editor/_show_editor.html.erb     | 14 +--
 app/views/devise/registrations/new.html.erb   | 12 +--
 app/views/devise/sessions/new.html.erb        |  4 +-
 .../_search_results_template.html.erb         |  4 +-
 .../_browse_icons_templates.html.erb          | 20 ++--
 .../filestore/_browse_list_templates.html.erb | 20 ++--
 .../filestore/_common_template_view.html.erb  | 24 ++---
 .../classification/_result_template.html.erb  |  8 +-
 .../imports/imports/_new_import_form.html.erb |  4 +-
 .../imports/imports/_table_notes.html.erb     |  4 +-
 app/views/imports/imports/index.html.erb      |  4 +-
 .../_search_results_template.html.erb         | 24 ++---
 app/views/layouts/_force_window_home.html.erb |  2 +-
 app/views/layouts/_setup_app.html.erb         |  4 +-
 app/views/layouts/admin_application.html.erb  | 17 ++--
 app/views/layouts/application.html.erb        | 21 ++--
 .../layouts/child_error_reporter.html.erb     |  4 +-
 app/views/layouts/e_signature.html.erb        |  4 +-
 .../layouts/nfs_store/filestore.html.erb      | 18 ++--
 app/views/layouts/public_application.html.erb |  2 +-
 app/views/masters/_master_panels.html.erb     | 24 ++---
 ..._modal_pi_search_results_template.html.erb |  4 +-
 .../masters/_search_form_advanced.html.erb    |  6 +-
 app/views/masters/_search_form_simple.erb     |  7 +-
 .../_search_results_master_tabs.html.erb      |  4 +-
 ...earch_results_master_tabs_default.html.erb |  4 +-
 .../masters/_search_results_parts.html.erb    | 59 ++++++-----
 .../masters/_search_results_template.html.erb | 18 ++--
 app/views/page_layouts/index.html.erb         |  4 +-
 .../data_dictionaries/_tab_panels.html.erb    |  2 +-
 .../project_admins/_files_block.html.erb      |  4 +-
 .../project_admins/_metadata_block.html.erb   |  2 +-
 app/views/reports/_criteria.html.erb          |  2 +-
 app/views/reports/_index.html.erb             | 10 +-
 .../reports/_insert_options_css.html.erb      |  4 +-
 app/views/reports/_results.html.erb           |  2 +-
 app/views/reports/_show.html.erb              |  4 +-
 app/views/reports/criteria/_fields.html.erb   |  2 +-
 .../_inline_search_button_block.html.erb      |  2 +-
 app/views/reports/index.html.erb              |  4 +-
 .../result_template/_calendar.html.erb        |  4 +-
 .../reports/result_template/_chart.html.erb   |  6 +-
 app/views/secure_view/_preview.html.erb       |  2 +-
 .../_search_results_template.html.erb         |  8 +-
 .../_search_results_template.html.erb         | 28 +++---
 .../_container_template.html.erb              | 16 +--
 app/views/user_profiles/_tabs.html.erb        |  4 +-
 .../initializers/content_security_policy.rb   | 47 +++++----
 config/routes.rb                              |  2 +
 spec/support/feature_support.rb               | 98 +++++++++++++++++++
 .../admin/server_info_rails_log_spec.rb       |  4 +-
 105 files changed, 855 insertions(+), 447 deletions(-)
 create mode 100644 app/assets/stylesheets/admin/parsed_config.scss
 create mode 100644 app/controllers/csp_reports_controller.rb

diff --git a/.github/agents/plan.agent.md b/.github/agents/plan.agent.md
index 4d7252c48c..f0dc4b66f3 100644
--- a/.github/agents/plan.agent.md
+++ b/.github/agents/plan.agent.md
@@ -11,6 +11,8 @@ tools:
   - search/searchResults
   - search/usages
   - vscode/vscodeAPI
+  - execute/runInTerminal
+  - read/terminalLastCommand
 ---
 
 # Plan Mode - Strategic Planning & Architecture Assistant
diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md
index f16c0f06f7..65f24687fc 100644
--- a/.github/copilot-instructions.md
+++ b/.github/copilot-instructions.md
@@ -37,6 +37,13 @@
 
 For all Ruby on Rails code you write, follow these conventions: [Ruby on Rails Coding Standards](instructions/ruby-on-rails.instructions.md)
 
+### HTML and CSS Conventions
+
+- Avoid adding HTML styles inline; use CSS classes instead.
+- Use BEM (Block, Element, Modifier) naming conventions for CSS classes.
+- If JavaScript is needed for UI behavior, preferably use appropriate postprocessors rather than inline scripts.
+- If inline `<script>` or `<style>` tags are necessary, use Rails `javascript_tag` or `style_tag` helpers with a nonce for CSP compliance.
+
 ### Database Conventions
 - Use migrations for all schema changes; avoid direct DB modifications for implementation.
 - Name tables according to Rails conventions (plural snake_case) aligning with model names.
diff --git a/.github/instructions/rspec-system-spec.instructions.md b/.github/instructions/rspec-system-spec.instructions.md
index 0c66abec90..143dfbe5bd 100644
--- a/.github/instructions/rspec-system-spec.instructions.md
+++ b/.github/instructions/rspec-system-spec.instructions.md
@@ -68,20 +68,29 @@ If an HTML snapshot is needed for debugging, use the helper method:
 save_html_snapshot('/tmp/debug_page.html')
 ```
 
-To capture console logs from the browser, store them to a global array variable during the test run
-and retrieve them later for debugging:
+To capture console logs and CSP violations from the browser, use the helper methods:
 
 ```ruby
-# At the start of the test run
-page.execute_script('window.browserLogs = []; console.log = function(msg) { window.browserLogs.push(msg); };')
-```
+# Set up capture AFTER initial page load, BEFORE navigating to page to debug
+visit '/'
+setup_browser_console_capture
 
-```ruby
-# At the end of the test run
-logs = page.evaluate_script('window.browserLogs')
-puts "Browser console logs:\n#{logs.join("\n")}"
+# Navigate and perform actions you want to debug
+visit '/page/to/debug'
+finish_page_loading
+click_button 'Submit'
+
+# Print captured logs with context description
+print_browser_console_logs('After clicking Submit')
+
+# Or retrieve logs programmatically without printing
+result = get_browser_console_logs
+puts "CSP violations: #{result[:csp_violations].count}"
+result[:logs].each { |log| puts log }
 ```
 
+The capture methods intercept `console.log`, `console.error`, `console.warn`, and CSP violation events.
+
 ### Things to Remember
 - Standard string / varchar fields downcase data on storage and titleize on display. Keep this in mind when writing system specs that interact with user data fields.
 - Some fields rely heavily on Javascript for rendering and interaction (e.g., chosen.js dropdowns, big select dialogs, custom rich text editors). Always use the provided helper methods to interact with these fields.
diff --git a/app-scripts/parallel_test.sh b/app-scripts/parallel_test.sh
index 30f34a75e3..9f641c2aba 100755
--- a/app-scripts/parallel_test.sh
+++ b/app-scripts/parallel_test.sh
@@ -139,7 +139,7 @@ done
 
 echo "========================================================================" >> tmp/working_failing_specs.log
 echo "All Done" >> tmp/working_failing_specs.log
-echo "Runs with Failures: $(grep 'Failures: ' tmp/failing_specs.log | wc -l)" >> tmp/working_failing_specs.log
+echo "Runs with failures: $(grep 'Failures: ' tmp/working_failing_specs.log | wc -l)" >> tmp/working_failing_specs.log
 echo "==>>>> $(date)" >> tmp/working_failing_specs.log
 echo "========================================================================" >> tmp/working_failing_specs.log
 mv tmp/working_failing_specs.log tmp/failing_specs.log
diff --git a/app/assets/javascripts/app/_fpa_form_utils.js b/app/assets/javascripts/app/_fpa_form_utils.js
index 518d62b3fb..1448804cd8 100644
--- a/app/assets/javascripts/app/_fpa_form_utils.js
+++ b/app/assets/javascripts/app/_fpa_form_utils.js
@@ -195,6 +195,25 @@ _fpa.form_utils = {
 
   // Handle big-select fields
   setup_big_select_fields(block) {
+    // First, process any JSON data elements that store big-select configuration
+    // This approach avoids inline script tags that fail CSP when loaded via AJAX
+    block.find('script.big-select-data[type="application/json"]').each(function() {
+      var $dataEl = $(this);
+      var fieldId = $dataEl.data('field-id');
+      var options = $dataEl.data('options') || {};
+      var hashData = $dataEl.data('hash') || {};
+      
+      var field = document.getElementById(fieldId);
+      if (field) {
+        field.big_select_options = field.big_select_options || options;
+        field.big_select_hash = field.big_select_hash || {};
+        // Merge in the hash data (which contains subtype -> data mapping)
+        Object.assign(field.big_select_hash, hashData);
+      }
+      // Remove the data element after processing
+      $dataEl.remove();
+    });
+
     block
       .find('.use-big-select')
       .not('.big-select-su')
diff --git a/app/assets/stylesheets/admin/admin.scss b/app/assets/stylesheets/admin/admin.scss
index d3769473e7..a5e95cd1bd 100644
--- a/app/assets/stylesheets/admin/admin.scss
+++ b/app/assets/stylesheets/admin/admin.scss
@@ -314,4 +314,53 @@ a.link-disabled {
 .admin_page .job-summary {
   margin-right: 20px;
   // font-size: 0.9em;
+}
+
+// BEM-named classes for admin views
+.admin-form {
+  &__left-aligned {
+    text-align: left;
+  }
+
+  &__help-info {
+    font-size: 12px;
+  }
+
+  &__vertical-top {
+    vertical-align: top;
+  }
+}
+
+.admin-ref-data {
+  &__list {
+    overflow: auto;
+    background-color: white;
+  }
+
+  &__list-item--disabled {
+    color: #aaa;
+  }
+
+  &__checkbox--inline {
+    width: initial;
+    display: inline-block;
+  }
+}
+
+.admin-version {
+  &__section {
+    margin-bottom: 30px;
+  }
+
+  &__header-cell--attr {
+    width: 20%;
+  }
+
+  &__header-cell--prev {
+    width: 40%;
+  }
+
+  &__header-cell--curr {
+    width: 40%;
+  }
 }
\ No newline at end of file
diff --git a/app/assets/stylesheets/admin/parsed_config.scss b/app/assets/stylesheets/admin/parsed_config.scss
new file mode 100644
index 0000000000..88fd6456e9
--- /dev/null
+++ b/app/assets/stylesheets/admin/parsed_config.scss
@@ -0,0 +1,28 @@
+// Styles for parsed config panel
+.parsed-config-output {
+  background-color: #f5f5f5;
+  border: 1px solid #ccc;
+  border-radius: 4px;
+  padding: 10px;
+  font-family: 'Courier New', monospace;
+  font-size: 12px;
+  overflow-x: auto;
+  max-height: 600px;
+  overflow-y: auto;
+
+  code {
+    display: block;
+    white-space: pre;
+  }
+}
+
+.line-number {
+  display: inline-block;
+  width: 40px;
+  color: #999;
+  text-align: right;
+  padding-right: 10px;
+  border-right: 1px solid #ddd;
+  margin-right: 10px;
+  user-select: none;
+}
diff --git a/app/assets/stylesheets/admin/server_info.scss b/app/assets/stylesheets/admin/server_info.scss
index 859f59665d..b425b0a923 100644
--- a/app/assets/stylesheets/admin/server_info.scss
+++ b/app/assets/stylesheets/admin/server_info.scss
@@ -12,3 +12,31 @@
     font-family: monospace;
   }
 }
+
+// BEM-named classes for rails log viewer
+.rails-log {
+  width: 100vw;
+  max-width: 100vw;
+  padding: 0;
+
+  &__row {
+    margin: 0;
+  }
+
+  &__code-container {
+    width: 100vw;
+    display: block;
+    overflow-x: auto;
+  }
+
+  &__listing {
+    width: auto;
+    overflow-x: auto;
+    white-space: pre;
+    margin-bottom: 0;
+  }
+
+  &__common-searches {
+    margin-top: 1em;
+  }
+}
\ No newline at end of file
diff --git a/app/assets/stylesheets/admin_index.css b/app/assets/stylesheets/admin_index.css
index faaf20f2a7..84317c86a5 100644
--- a/app/assets/stylesheets/admin_index.css
+++ b/app/assets/stylesheets/admin_index.css
@@ -26,6 +26,7 @@
  *= require admin/server_info
  *= require admin/sortable
  *= require admin/report_admin
+ *= require admin/parsed_config
  *= require admin/z_admin_overrides
  *= require_self
  */
diff --git a/app/assets/stylesheets/app/activity_log.css.scss b/app/assets/stylesheets/app/activity_log.css.scss
index 0e11485098..bfc324e7a5 100644
--- a/app/assets/stylesheets/app/activity_log.css.scss
+++ b/app/assets/stylesheets/app/activity_log.css.scss
@@ -220,3 +220,17 @@ a.related-tracker-histories-link {
 a.view-item:hover {
   cursor: pointer;
 }
+
+// BEM styles for activity log components
+
+.rank-label {
+  &--spaced {
+    margin-right: 1em;
+  }
+}
+
+.activity-log-entity-link {
+  &--spaced {
+    margin-right: 1em;
+  }
+}
diff --git a/app/assets/stylesheets/app/devise.css.scss b/app/assets/stylesheets/app/devise.css.scss
index f94dc76102..9803a648bc 100644
--- a/app/assets/stylesheets/app/devise.css.scss
+++ b/app/assets/stylesheets/app/devise.css.scss
@@ -5,3 +5,18 @@
 .devise-links {
   margin-top: 1em;
 }
+
+// BEM-named classes for devise views
+.devise-form {
+  &__terms-of-use {
+    display: none;
+  }
+
+  &__2fa-block {
+    display: none;
+  }
+
+  &__final-submit {
+    margin: 0.8em 0;
+  }
+}
\ No newline at end of file
diff --git a/app/assets/stylesheets/app/e_sign.css.scss b/app/assets/stylesheets/app/e_sign.css.scss
index 0472433a00..ce9e787837 100644
--- a/app/assets/stylesheets/app/e_sign.css.scss
+++ b/app/assets/stylesheets/app/e_sign.css.scss
@@ -13,4 +13,17 @@
 .e-signed-how-fields {
   margin-top: 7px;
   margin-bottom: 7px;
+}
+
+// BEM-named classes for e-signature container
+.e-signature-container {
+  width: 812px;
+  margin: 0 auto;
+  height: auto;
+  overflow: hidden;
+}
+
+.e-signature-container__iframe {
+  width: 810px;
+  border: 0;
 }
\ No newline at end of file
diff --git a/app/assets/stylesheets/app/markdown-editor.scss b/app/assets/stylesheets/app/markdown-editor.scss
index b9f5ba2ee0..793afef74e 100644
--- a/app/assets/stylesheets/app/markdown-editor.scss
+++ b/app/assets/stylesheets/app/markdown-editor.scss
@@ -24,4 +24,39 @@
     color: #333333;
   }
 
+}
+
+// BEM-named classes for markdown editor toolbar buttons
+.markdown-editor-toolbar__btn {
+  &--paragraph {
+    font-weight: normal;
+  }
+
+  &--paragraph-text {
+    font-size: 12px;
+  }
+
+  &--heading {
+    font-weight: bold;
+  }
+
+  &--h2-text {
+    font-size: 14px;
+  }
+
+  &--h3-text {
+    font-size: 12px;
+  }
+
+  &--h4-text {
+    font-size: 10px;
+  }
+
+  &--strikethrough {
+    text-decoration: line-through;
+  }
+
+  &--unlink-icon {
+    text-decoration: line-through;
+  }
 }
\ No newline at end of file
diff --git a/app/assets/stylesheets/app/page_layouts.scss b/app/assets/stylesheets/app/page_layouts.scss
index 2be21a1c9c..41cc59bf34 100644
--- a/app/assets/stylesheets/app/page_layouts.scss
+++ b/app/assets/stylesheets/app/page_layouts.scss
@@ -26,4 +26,15 @@
         display: none;
       }
   }
+}
+
+// BEM-named classes for page layout index
+.page-layout-index {
+  &__label-cell {
+    width: 15%;
+  }
+
+  &__description-cell {
+    width: 30%;
+  }
 }
\ No newline at end of file
diff --git a/app/assets/stylesheets/app/reports.scss b/app/assets/stylesheets/app/reports.scss
index 8f6c692784..410aca9628 100644
--- a/app/assets/stylesheets/app/reports.scss
+++ b/app/assets/stylesheets/app/reports.scss
@@ -363,3 +363,42 @@ table .report-cb-inner {
     white-space: nowrap;
   }
 }
+
+// BEM-named classes for report index and criteria
+.report-index {
+  &__type-cell {
+    width: 5%;
+  }
+
+  &__name-cell {
+    width: 15%;
+  }
+
+  &__description-cell {
+    width: 30%;
+  }
+
+  &__search-attr-cell {
+    width: 25%;
+  }
+
+  &__measure-cell {
+    width: 25%;
+  }
+}
+
+.report-criteria {
+  &__actions {
+    border-color: transparent;
+  }
+
+  &__field-group {
+    padding-bottom: 1em;
+  }
+}
+
+.report-results {
+  &__show-btn--hidden {
+    display: none;
+  }
+}
diff --git a/app/assets/stylesheets/app/search_results.scss b/app/assets/stylesheets/app/search_results.scss
index 5356ef0034..c93a179719 100644
--- a/app/assets/stylesheets/app/search_results.scss
+++ b/app/assets/stylesheets/app/search_results.scss
@@ -1166,3 +1166,10 @@ li.list-group-item.is_external_id_item {
     }
   }
 }
+
+// BEM-named classes for search form
+.search-form {
+  &__clear-icon {
+    font-size: 18px;
+  }
+}
diff --git a/app/assets/stylesheets/app/secure_view/secure_view.scss b/app/assets/stylesheets/app/secure_view/secure_view.scss
index b74064cbc0..1903452845 100644
--- a/app/assets/stylesheets/app/secure_view/secure_view.scss
+++ b/app/assets/stylesheets/app/secure_view/secure_view.scss
@@ -168,3 +168,8 @@
     display: inline-block;
   }
 }
+
+// BEM modifier for initially hidden secure view (shown by JavaScript)
+.secure-view--hidden {
+  display: none;
+}
diff --git a/app/controllers/csp_reports_controller.rb b/app/controllers/csp_reports_controller.rb
new file mode 100644
index 0000000000..154f9ccf09
--- /dev/null
+++ b/app/controllers/csp_reports_controller.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+# Controller to handle Content Security Policy violation reports
+class CspReportsController < ApplicationController
+  skip_before_action :verify_authenticity_token
+
+  def create
+    Rails.logger.warn("CSP Violation: #{request.body.read}")
+    head :no_content
+  end
+end
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 342a3927e3..79f3141829 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -387,4 +387,31 @@ def remove_empty_error(errors)
       end
     end
   end
+
+  #
+  # Generate a style tag with CSP nonce for inline styles
+  # @param content [String] the CSS content to include
+  # @return [String] HTML safe style tag with nonce
+  def csp_style_tag(content)
+    content_tag(:style, content.html_safe, nonce: true)
+  end
+
+  #
+  # Generate a script tag with CSP nonce for inline JavaScript
+  # @param content [String] the JavaScript content to include
+  # @return [String] HTML safe script tag with nonce
+  def csp_script_tag(&)
+    javascript_tag(nonce: true, &)
+  end
+
+  #
+  # Generate a Handlebars template script tag with CSP nonce
+  # @param id [String] the id attribute for the script tag
+  # @param css_class [String] the CSS class(es) for the script tag (default: 'hidden handlebars-template')
+  # @param block [Block] the Handlebars template content
+  # @return [String] HTML safe script tag with nonce and type="text/x-handlebars-template"
+  def handlebars_template_tag(id, css_class: 'hidden handlebars-template', &)
+    content = capture(&) if block_given?
+    content_tag(:script, content, id:, type: 'text/x-handlebars-template', class: css_class, nonce: true)
+  end
 end
diff --git a/app/helpers/big_select_field_helper.rb b/app/helpers/big_select_field_helper.rb
index ea951553d9..568d7e7c2d 100644
--- a/app/helpers/big_select_field_helper.rb
+++ b/app/helpers/big_select_field_helper.rb
@@ -94,12 +94,18 @@ def big_select_field_data(subtype, data, options = nil)
     options ||= {}
 
     predata = data&.transform_keys { |v| v.to_s.split(' >>>').first }
+
+    # Store data in a hidden element as JSON data attributes
+    # This avoids inline script tags that fail CSP when loaded via AJAX
+    # The JavaScript setup code will read these attributes
+    data_json = { subtype => predata }.to_json
+    options_json = options.to_json
+
     <<~END_HTML
-      <script>
-        var big_select_field = $('##{big_select_field_id}')[0]
-        big_select_field.big_select_options = big_select_field.big_select_options || #{options.to_json.html_safe};
-        big_select_field.big_select_hash = big_select_field.big_select_hash || {};
-        big_select_field.big_select_hash['#{subtype}'] = #{predata.to_json.html_safe};
+      <script type="application/json" class="big-select-data"
+              data-field-id="#{big_select_field_id}"
+              data-options="#{ERB::Util.html_escape(options_json)}"
+              data-hash="#{ERB::Util.html_escape(data_json)}">
       </script>
     END_HTML
       .html_safe
diff --git a/app/helpers/edit_fields/edit_form_field_helper.rb b/app/helpers/edit_fields/edit_form_field_helper.rb
index cce0003e68..6b4567758f 100644
--- a/app/helpers/edit_fields/edit_form_field_helper.rb
+++ b/app/helpers/edit_fields/edit_form_field_helper.rb
@@ -148,15 +148,14 @@ def edit_form_field(
         if cw
           got ||= ''
           got = got.html_safe
-          got += <<~END_SCRIPT
-            <script>
+          got += javascript_tag(nonce: true) do
+            <<~END_JS
               _fpa.calculate_with = _fpa.calculate_with || {};
               var cwdef = _fpa.calculate_with['#{field_name_sym}'] = #{cw.to_json.html_safe};
 
               _fpa.utils.calc_field('#{field_name_sym}', '#{form_object_item_type_us}');
-            </script>
-          END_SCRIPT
-                 .html_safe
+            END_JS
+          end
         end
 
       end
diff --git a/app/helpers/report_results/reports_common_result_cell.rb b/app/helpers/report_results/reports_common_result_cell.rb
index 097d9a54c9..0414a11f07 100644
--- a/app/helpers/report_results/reports_common_result_cell.rb
+++ b/app/helpers/report_results/reports_common_result_cell.rb
@@ -315,22 +315,29 @@ def cell_content_for_iframe
 
       block_id = SecureRandom.hex(10)
 
-      html = <<~END_HTML
+      iframe_html = <<~END_HTML
         <iframe id="report-cell-iframe-#{block_id}" src='javascript:void(0)' srcdoc="" class="iframe-report-cell if-report-cell-type" sandbox="allow-popups allow-popups-to-escape-sandbox"></iframe>
-        <script id="report-cell-content-#{block_id}" class="hidden" type="x-html">
-          #{cell_content.gsub('<head>', '<head><base target="_blank" />').html_safe}
-        </script>
-        <script>
+      END_HTML
+
+      # Store the HTML content in a script tag (data container, not executable)
+      content_script = javascript_tag(nonce: true, type: 'x-html', id: "report-cell-content-#{block_id}",
+                                      class: 'hidden') do
+        cell_content.gsub('<head>', '<head><base target="_blank" />')
+      end
+
+      # Script to load the content into the iframe
+      loader_script = javascript_tag(nonce: true) do
+        <<~END_JS
           window.setTimeout(function() {
             var c = $('#report-cell-content-#{block_id}');
             var html = c.html();
 
             $('#report-cell-iframe-#{block_id}').attr('srcdoc', html);
           }, 100);
-        </script>
-      END_HTML
+        END_JS
+      end
 
-      html.html_safe
+      (iframe_html + content_script + loader_script).html_safe
     end
 
     private
diff --git a/app/views/activity_logs/_common_search_results_template.html.erb b/app/views/activity_logs/_common_search_results_template.html.erb
index 8f5f12819b..38b219b366 100644
--- a/app/views/activity_logs/_common_search_results_template.html.erb
+++ b/app/views/activity_logs/_common_search_results_template.html.erb
@@ -103,7 +103,7 @@
 %>
   <%= render partial: 'common_templates/search_results_template', locals: mapped_vars %>
 <% end %>
-<script id="sub_list_<%=item_type_name%>_result-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag("sub_list_#{item_type_name}_result-partial", css_class: 'hidden handlebars-partial') do %>
   {{#was _created}}<div class="panel index-{{_created}} sub-list-item activity-log--<%=item_type_name_hyphenated%>-type" id="activity-log-<%=item_type_name_hyphenated%>-sub-list-{{master_id}}-{{id}}" data-template="sub-list-<%=item_type_name_hyphenated%>-result-template" data-sub-item="<%=item_type%>" data-sub-id="{{id}}" data-sort-desc="data-item-rank" data-preprocessor="<%=item_type%>_edit_form">{{/was}}
   
     <ul class="list-group" data-item-id="{{id}}" data-item-rank="{{rank}}">
@@ -111,7 +111,7 @@
         <i class="glyphicon glyphicon-phone"></i>
         <a data-on-click-call="activity_logs.selected_parent" data-on-click-show="activity_logs_<%=item_type_name%>_actions_block@#activity-log-{{master_id}}-initial-action" data-master-id="{{master_id}}" data-item-id="{{id}}" data-item-data="{{data}}" data-rec-type="{{rec_type}}">{{pretty_string data return_string="true"}}</a>
         <a data-toggle="scrollto-result" data-target-force="true" data-target="#activity-log-<%=item_type_name_hyphenated%>-sub-list-{{master_id}}-{{id}}" title="edit" class="edit-entity edit-activity-log-<%=item_type_name_hyphenated%> pull-right glyphicon glyphicon-edit small" href="/masters/{{master_id}}/<%=item_type.pluralize%>/{{id}}/edit" data-remote="true" data-<%=item_type_hyphenated%>-id="{{id}}" data-result-target=""></a>
-        <span class="pull-right label label-info general-rank-{{rank}} <%=item_type_hyphenated%>-{{rank}}" style="margin-right:1em">{{#has 'rank'}}{{#if rank}}{{rank}} - {{rank_name}}{{else}}(no rank){{/if}}{{/has}}</span>
+        <span class="pull-right label label-info general-rank-{{rank}} <%=item_type_hyphenated%>-{{rank}} rank-label--spaced">{{#has 'rank'}}{{#if rank}}{{rank}} - {{rank_name}}{{else}}(no rank){{/if}}{{/has}}</span>
       </li>
       <li class="list-group-item activity-log-actions-holder activity-log-initial-action">
           {{> activity_logs_<%=item_type_name%>_actions item_id=id}}
@@ -119,16 +119,16 @@
     </ul>
   
   {{#was _created}}</div>{{/was}}
-</script>
-<script id="sub-list-<%=item_type_name_hyphenated%>-result-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<% end %>
+<%= handlebars_template_tag("sub-list-#{item_type_name_hyphenated}-result-template") do %>
   {{#with <%=item_type%>}}
       {{>sub_list_<%=item_type_name%>_result}}
   {{/with}}
-</script>
-<script id="activity_logs_<%=item_type_name%>_actions_block" type="text/x-handlebars-template" class="hidden handlebars-template">
+<% end %>
+<%= handlebars_template_tag("activity_logs_#{item_type_name}_actions_block") do %>
   {{> activity_logs_<%=item_type_name%>_actions item_id=item_id}}
-</script>
-<script id="activity_logs_<%=item_type_name%>_actions-partial" type="text/x-handlebars-template" class="hidden handlebars-partial handlebars-template">
+<% end %>
+<%= handlebars_template_tag("activity_logs_#{item_type_name}_actions-partial", css_class: 'hidden handlebars-partial handlebars-template') do %>
   <% unless prevent_create  || !current_user.has_access_to?(:create, :activity_log_type, current_definition.option_type_config_for(:primary).resource_name)%>
   <span id="activity-log-{{master_id}}-initial-action" class="al-initial-action-container" >
     <span class="activity-log--<%=item_type_name_hyphenated%>-actions">
@@ -136,11 +136,11 @@
     </span>
    </span>
    <% end %>
-</script>
+<% end %>
 <%
   # Template for page layout resource results. A plain list without activity log controls.
 %>
-<script id="activity-log--<%=item_type_name_hyphenated.pluralize%>-page-result-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag("activity-log--#{item_type_name_hyphenated.pluralize}-page-result-template") do %>
   <div id="<%=item_type_hyphenated%>-activity-logs-<%=item_type_name_hyphenated%>-type-{{item_id}}" class="panel panel-default activity-logs-item-block activity-logs-<%=item_type_name_hyphenated%>-type-block <%= hide_item_list_panel ? 'hidden-item-list-panel' : 'shown-item-list-panel' %> al-page-result-template" data-item-id="{{item_id}}" data-master-id="{{master_id}}" data-item-data="{{item_data}}">
     <div class="col-md-24">
         <div class="row common-template-list activity-log-list resize-children" id="activity-logs-master-{{master_id}}-" data-sub-list="<%=item_type_name%>_logs">
@@ -166,10 +166,10 @@
         </div>
       </div>
   </div>
-</script>
+<% end %>
 
 <%# Activity Log main results including controls %>
-<script id="activity-log--<%=item_type_name_hyphenated.pluralize%>-main-result-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag("activity-log--#{item_type_name_hyphenated.pluralize}-main-result-template") do %>
   <div id="<%=item_type_hyphenated%>-activity-logs-<%=item_type_name_hyphenated%>-type-{{item_id}}" class="panel panel-default activity-logs-item-block activity-logs-<%=item_type_name_hyphenated%>-type-block <%= hide_item_list_panel ? 'hidden-item-list-panel' : 'shown-item-list-panel' %> al-main-result-template" data-item-id="{{item_id}}" data-master-id="{{master_id}}" data-item-data="{{item_data}}">
   
     <div class="is-heading activity-logs-header">
@@ -294,8 +294,8 @@
     </div>
   
   </div>
-</script>
-<script>
+<% end %>
+<%= javascript_tag nonce: true do %>
   <%
     eltcn = []
     option_configs.each do |elt|
@@ -303,5 +303,5 @@
     end
   %>
   _fpa.activity_logs.generate_postprocessors('<%=item_type_name%>', <%= eltcn.to_json.html_safe %>)
-</script>
+<% end %>
 <% end %>
diff --git a/app/views/admin/common/_parsed_config_panel.html.erb b/app/views/admin/common/_parsed_config_panel.html.erb
index 794e2d9ae6..9ac17f6c9f 100644
--- a/app/views/admin/common/_parsed_config_panel.html.erb
+++ b/app/views/admin/common/_parsed_config_panel.html.erb
@@ -18,34 +18,6 @@
 <pre class="parsed-config-output"><div><% lines.each_with_index do |line, index| %><span class="line-number"><%= sprintf("%4d", index + 1) %></span> <%= ERB::Util.html_escape(line) %>
 <% end %></div></pre>
 
-<style>
-.parsed-config-output {
-  background-color: #f5f5f5;
-  border: 1px solid #ccc;
-  border-radius: 4px;
-  padding: 10px;
-  font-family: 'Courier New', monospace;
-  font-size: 12px;
-  overflow-x: auto;
-  max-height: 600px;
-  overflow-y: auto;
-}
-.parsed-config-output code {
-  display: block;
-  white-space: pre;
-}
-.line-number {
-  display: inline-block;
-  width: 40px;
-  color: #999;
-  text-align: right;
-  padding-right: 10px;
-  border-right: 1px solid #ddd;
-  margin-right: 10px;
-  user-select: none;
-}
-</style>
-
 <% 
       else
 %>
diff --git a/app/views/admin/common_templates/_def_details_field_configs.html.erb b/app/views/admin/common_templates/_def_details_field_configs.html.erb
index 95787c9d38..bbd1e0fe87 100644
--- a/app/views/admin/common_templates/_def_details_field_configs.html.erb
+++ b/app/views/admin/common_templates/_def_details_field_configs.html.erb
@@ -84,7 +84,7 @@ if field_configs.present?
  </ul>
 </div>
 
-<script>
+<%= javascript_tag nonce: true do %>
   window.setTimeout(function(){
     if ($('[data-field-configs-option="default"]').hasClass("dfc-processed")) return;
     
@@ -96,6 +96,6 @@ if field_configs.present?
       ftab.append($this.find('.dfc-field-config-block'))
     })
   }, 300);
-</script>
+<% end %>
 
  <% end %>
\ No newline at end of file
diff --git a/app/views/admin/common_templates/_def_version_head_identifiers.html.erb b/app/views/admin/common_templates/_def_version_head_identifiers.html.erb
index b6e6708a34..de52412964 100644
--- a/app/views/admin/common_templates/_def_version_head_identifiers.html.erb
+++ b/app/views/admin/common_templates/_def_version_head_identifiers.html.erb
@@ -1,8 +1,8 @@
 <thead>
   <tr>
-    <th style="width: 20%;">Attribute</th>
-    <th style="width: 40%;">Previous Version</th>
-    <th style="width: 40%;">Current Version</th>
+    <th class="admin-version__header-cell--attr">Attribute</th>
+    <th class="admin-version__header-cell--prev">Previous Version</th>
+    <th class="admin-version__header-cell--curr">Current Version</th>
   </tr>
   <% 
     # Show key identifying information in the header
diff --git a/app/views/admin/common_templates/_def_versions.html.erb b/app/views/admin/common_templates/_def_versions.html.erb
index b218304d0d..7ab44e537f 100644
--- a/app/views/admin/common_templates/_def_versions.html.erb
+++ b/app/views/admin/common_templates/_def_versions.html.erb
@@ -4,7 +4,7 @@
       <p class="text-muted">No version changes to display.</p>
     <% else %>
       <% @version_diffs.each_with_index do |diff_data, idx| %>
-        <div class="version-diff-section" style="margin-bottom: 30px;">
+        <div class="version-diff-section admin-version__section">
           <h4>
             Version Change <%= idx + 1 %>
             <small class="text-muted">
diff --git a/app/views/admin/common_templates/_form.html.erb b/app/views/admin/common_templates/_form.html.erb
index 31b6ceb679..32b28aa45e 100644
--- a/app/views/admin/common_templates/_form.html.erb
+++ b/app/views/admin/common_templates/_form.html.erb
@@ -14,7 +14,7 @@
 <div class="admin-form-block-outer">
 <% if form_info_partial %>
       <div class="row block-within-flex">
-        <div class="col-sm-12" style="text-align: left">
+        <div class="col-sm-12 admin-form__left-aligned">
 <% end %>
 <%= form_for(fref, url: url, class: "form-formatted admin-edit-form", remote: true, data: {result_target: "#admin-item-#{object_instance.id}", preprocessor: "admin_result", before_send_processor: before_send_processor}) do |f| %>
   <%
@@ -30,10 +30,10 @@
   <div class="admin-inline-update-report"><%= f.submit class: "btn btn-primary pull-right", value: "save" %></div>
   <%= render partial: 'admin/common_templates/form/options_block', locals: local_vars %>
   <% if @show_extra_help_info && @show_extra_help_info[:text] %>
-    <div class="form-group" style="vertical-align: top">
+    <div class="form-group admin-form__vertical-top">
       <label><%= @show_extra_help_info[:title] %></label>
       <div class="admin-form-fields-block">
-        <textarea style="font-size: 12px" class="extra-help-info">
+        <textarea class="extra-help-info admin-form__help-info">
             <%= @show_extra_help_info[:text] %>
         </textarea>
       </div>
@@ -48,7 +48,7 @@
 
 <% if form_info_partial %>
         </div>
-        <div class="col-sm-12" style="text-align: left">
+        <div class="col-sm-12 admin-form__left-aligned">
           <div class="admin-options-outer-block">
             <div class="admin-options-ref-block">
               <%= render partial: form_info_partial, locals: {object_instance: object_instance} %>
diff --git a/app/views/admin/common_templates/_index.html.erb b/app/views/admin/common_templates/_index.html.erb
index 994a8d177c..5ca1bb8fc0 100644
--- a/app/views/admin/common_templates/_index.html.erb
+++ b/app/views/admin/common_templates/_index.html.erb
@@ -56,9 +56,9 @@
   <% end %>
 </div>
 </div>
-<script>
+<%= javascript_tag nonce: true do %>
   $('.common-template-index-table .expandable').not('.attached-exp').on('click', function(){
       if($(this).attr('disabled')) return;
       _fpa.form_utils.toggle_expandable($(this));
   }).addClass('attached-exp');
-</script>
+<% end %>
diff --git a/app/views/admin/common_templates/_item.html.erb b/app/views/admin/common_templates/_item.html.erb
index 7bdc3567e3..4002dba895 100644
--- a/app/views/admin/common_templates/_item.html.erb
+++ b/app/views/admin/common_templates/_item.html.erb
@@ -74,7 +74,7 @@
   <% if found_options %>
     <tr class="<%=list_item.disabled ? 'disabled-result' : ''%>">
       <td>&nbsp;</td>
-      <td colspan="<%=num_fields%>" class="admin-field-<%=p%>"><strong><%=found_options%>:</strong> <pre style="font-size: 12px" class="shrinkable-block"><%= list_item.send(found_options) %></pre></td>
+      <td colspan="<%=num_fields%>" class="admin-field-<%=p%>"><strong><%=found_options%>:</strong> <pre class="shrinkable-block admin-form__help-info"><%= list_item.send(found_options) %></pre></td>
     </tr>
   </tbody>
   <% end %>
diff --git a/app/views/admin/dynamic_models/_def_details.html.erb b/app/views/admin/dynamic_models/_def_details.html.erb
index 00c501118d..d8a841e195 100644
--- a/app/views/admin/dynamic_models/_def_details.html.erb
+++ b/app/views/admin/dynamic_models/_def_details.html.erb
@@ -180,11 +180,11 @@
    if object_instance.persisted? && object_instance.enabled? && object_instance.table_or_view_ready? %>
 <%= render partial: 'dynamic_models/search_results_template_item', locals: { def_record: object_instance, force: true } %>
 <% end %>
-<script>
+<%= javascript_tag nonce: true do %>
   window.setTimeout(function(){
 
     $('a#expand-captions-dialogs').not('.added-ecs-click-handler').on('click', function() {
       $('.dfc-field-config-block .dfc-config-name[href$="--labels"], .dfc-field-config-block .dfc-config-name[href$="--caption_before"], .dfc-field-config-block .dfc-config-name[href$="--dialog_before"]').not('[aria-expanded="true"]').click()    
     }).addClass('added-ecs-click-handler');
   }, 400);
-</script>
+<% end %>
diff --git a/app/views/admin/external_identifier_details/new.erb b/app/views/admin/external_identifier_details/new.erb
index 58e93431db..054bce9654 100644
--- a/app/views/admin/external_identifier_details/new.erb
+++ b/app/views/admin/external_identifier_details/new.erb
@@ -35,9 +35,9 @@
 
 <% end %>
 
-<script>
+<%= javascript_tag nonce: true do %>
   $('form').on('submit',function(){
       _fpa.ajax_working($(this));
       $(this).find('input[type="submit"]').hide();
   });
-</script>
+<% end %>
diff --git a/app/views/admin/message_notifications/_index.html.erb b/app/views/admin/message_notifications/_index.html.erb
index eb4c7ecd10..7e1a998ab9 100644
--- a/app/views/admin/message_notifications/_index.html.erb
+++ b/app/views/admin/message_notifications/_index.html.erb
@@ -37,9 +37,7 @@
           <iframe id="message-iframe-<%= list_item.id %>" src='javascript:void(0)' srcdoc="" class="iframe-message-notification if-mn-type-<%= list_item.message_type%> if-mn-status-<%= list_item.status %>" sandbox="allow-popups allow-popups-to-escape-sandbox">
           </iframe>
 
-          <script id="message-content-<%= list_item.id %>" class="hidden" type="x-html">
-            <%= list_item.generate_view(ignore_missing: :show_tag).gsub('<head>', '<head><base target="_blank" />').html_safe %>
-          </script>
+          <%= content_tag(:script, list_item.generate_view(ignore_missing: :show_tag).gsub('<head>', '<head><base target="_blank" />').html_safe, id: "message-content-#{list_item.id}", class: 'hidden', type: 'x-html', nonce: true) %>
         </td>
       </tr>
       <% rescue StandardError => e %>
@@ -58,7 +56,7 @@
   </div>
 </div>
 
-<script>
+<%= javascript_tag nonce: true do %>
 window.setTimeout(function() {
   const list_item_ids = <%= list_item_ids.to_json %>;
   for(var i in list_item_ids) {
@@ -76,4 +74,4 @@ window.setTimeout(function() {
     mif.attr('srcdoc', html);
   }
 }, 1000);
-</script>
+<% end %>
diff --git a/app/views/admin/reference_data/_accuracy_score_block.html.erb b/app/views/admin/reference_data/_accuracy_score_block.html.erb
index 0ec669b575..05d996ff34 100644
--- a/app/views/admin/reference_data/_accuracy_score_block.html.erb
+++ b/app/views/admin/reference_data/_accuracy_score_block.html.erb
@@ -12,11 +12,11 @@
       </code></p>
 
   </div>
-  <ul id="as-list" style="overflow: auto; background-color: white;">
+  <ul id="as-list" class="admin-ref-data__list">
 
     <% Classification::AccuracyScore.all.each do |p| %>
     <li id="as-<%=p.value%>">
-      <span href="#ifblock-<%=p.value%>" data-toggle="collapse" class="collapsed" style="color: <%= p.disabled ? '#aaa' : 'auto' %>"><%=p.value %> - <%=p.name%></span>
+      <span href="#ifblock-<%=p.value%>" data-toggle="collapse" class="collapsed<%= ' admin-ref-data__list-item--disabled' if p.disabled %>"><%=p.value %> - <%=p.name%></span>
     </li>
     <% end %>
   </ul>
diff --git a/app/views/admin/reference_data/_general_selections_block.html.erb b/app/views/admin/reference_data/_general_selections_block.html.erb
index dbf7fad9b7..04ffe07131 100644
--- a/app/views/admin/reference_data/_general_selections_block.html.erb
+++ b/app/views/admin/reference_data/_general_selections_block.html.erb
@@ -14,15 +14,15 @@
       </code></p>
 
   </div>
-  <ul id="gs-list" style=" overflow: auto; background-color: white;">
+  <ul id="gs-list" class="admin-ref-data__list">
 
     <% Classification::GeneralSelection.item_types.each do |p| %>
     <li id="gs-<%=p%>">
-      <a href="#gsblock-<%=p%>" data-toggle="collapse" class="collapsed" style="color: <%= p ? '#aaa' : 'auto' %>"><%=p %></a>
+      <a href="#gsblock-<%=p%>" data-toggle="collapse" class="collapsed"><%=p %></a>
     </li>
     <ul id="gsblock-<%=p%>" class="collapse">
       <% Classification::GeneralSelection.where(item_type: p).each do |gs| %>
-      <li style="color: <%= gs.disabled ? '#aaa' : 'auto' %>" data-gs-item-type="<%=p%>" id="general_selection-<%=gs.id%>"><%=gs.value%> - <%= gs.name %></li>
+      <li class="<%= 'admin-ref-data__list-item--disabled' if gs.disabled %>" data-gs-item-type="<%=p%>" id="general_selection-<%=gs.id%>"><%=gs.value%> - <%= gs.name %></li>
       <% end %>
     </ul>
     <% end %>
diff --git a/app/views/admin/reference_data/_item_flags_block.html.erb b/app/views/admin/reference_data/_item_flags_block.html.erb
index 876944a0b0..ca08cf47a6 100644
--- a/app/views/admin/reference_data/_item_flags_block.html.erb
+++ b/app/views/admin/reference_data/_item_flags_block.html.erb
@@ -12,15 +12,15 @@
         select * from player_infos where item_flags.item_id = player_infos.id AND item_flags.item_type = 'PlayerInfo' and item_flag_name_id = :must_have_flag
       </code></p>
   </div>
-  <ul id="if-list" style="overflow: auto; background-color: white;">
+  <ul id="if-list" class="admin-ref-data__list">
 
     <% Classification::ItemFlagName.item_types.each do |p| %>
     <li id="gs-<%=p%>">
-      <a href="#ifblock-<%=p%>" data-toggle="collapse" class="collapsed" style="color: <%= p ? '#aaa' : 'auto' %>"><%=p %></a>
+      <a href="#ifblock-<%=p%>" data-toggle="collapse" class="collapsed"><%=p %></a>
     </li>
     <ul id="ifblock-<%=p%>" class="collapse">
       <% Classification::ItemFlagName.where(item_type: p).each do |i| %>
-      <li style="color: <%= i.disabled ? '#aaa' : 'auto' %>" data-if-item-type="<%=p%>" id="general_selection-<%=i.id%>"><%=i.id%> - <%=i.name%></li>
+      <li class="<%= 'admin-ref-data__list-item--disabled' if i.disabled %>" data-if-item-type="<%=p%>" id="general_selection-<%=i.id%>"><%=i.id%> - <%=i.name%></li>
       <% end %>
     </ul>
     <% end %>
diff --git a/app/views/admin/reference_data/_protocol_block.html.erb b/app/views/admin/reference_data/_protocol_block.html.erb
index bc75249eac..ec631380d2 100644
--- a/app/views/admin/reference_data/_protocol_block.html.erb
+++ b/app/views/admin/reference_data/_protocol_block.html.erb
@@ -31,7 +31,7 @@ end
       </div>
 <% end %>
       <div class="<%=tree_list_block_class%>">
-      <ul id="protocols-list" style="overflow: auto; background-color: white;">
+      <ul id="protocols-list" class="admin-ref-data__list">
         <% 
         pid = @filter_protocol_tree_list&.dig(:protocol_id)
         protocols = Classification::Protocol.all
@@ -42,7 +42,7 @@ end
 
         protocols.sort.each do |p| %>
         <li id="protocol-<%=p.id%>" class="protocols-list--protocol">
-          <a href="#pblock-<%=p.id%>" data-toggle="collapse" class="<%=init_collapsed%>" style="color: <%= p.disabled ? '#aaa' : 'auto' %>"><span><%=p.id%></span> <strong><%= p.name %></strong></a>
+          <a href="#pblock-<%=p.id%>" data-toggle="collapse" class="<%=init_collapsed%><%= ' admin-ref-data__list-item--disabled' if p.disabled %>"><span><%=p.id%></span> <strong><%= p.name %></strong></a>
         </li>
         <ul id="pblock-<%=p.id%>" class="<%=init_collapse%>">
           <% 
@@ -50,10 +50,10 @@ end
           sub_processes = p.sub_processes.all
           sub_processes = sub_processes.where(id: sid) if sid
           sub_processes.each do |sp| %>
-          <li style="color: <%= p.disabled || sp.disabled ? '#aaa' : 'auto' %>" data-protocol-id="<%=p.id%>" id="sub_process-<%=sp.id%>" class="protocols-list--sub-process"><span><%=sp.id%></span> <strong><%= sp.name %></strong></li>
+          <li class="protocols-list--sub-process<%= ' admin-ref-data__list-item--disabled' if p.disabled || sp.disabled %>" data-protocol-id="<%=p.id%>" id="sub_process-<%=sp.id%>"><span><%=sp.id%></span> <strong><%= sp.name %></strong></li>
           <ul>
             <% sp.protocol_events.all.each do |pe| %>
-            <li style="color: <%= p.disabled || sp.disabled || pe.disabled ? '#aaa' : 'auto' %>" data-sub-process-id="<%=sp.id%>" id="protocol_event-<%=sp.id%>" class="protocols-list--event"><span><%=pe.id%></span> <strong><%= pe.name %></strong></li>
+            <li class="protocols-list--event<%= ' admin-ref-data__list-item--disabled' if p.disabled || sp.disabled || pe.disabled %>" data-sub-process-id="<%=sp.id%>" id="protocol_event-<%=sp.id%>"><span><%=pe.id%></span> <strong><%= pe.name %></strong></li>
             <% end %>
           </ul>
           <% end %>
diff --git a/app/views/admin/reference_data/_table_list_block_part.html.erb b/app/views/admin/reference_data/_table_list_block_part.html.erb
index 47710a43f9..a7762ffe77 100644
--- a/app/views/admin/reference_data/_table_list_block_part.html.erb
+++ b/app/views/admin/reference_data/_table_list_block_part.html.erb
@@ -1,12 +1,12 @@
 <div>
-  <div class="table-list-block" style="text-align: left" data-result="table-list-block">
+  <div class="table-list-block admin-form__left-aligned" data-result="table-list-block">
     <div class="row">
       <div class="form-group col-md-8">
         <%= select_tag 'primary_tables_schema_select', options_for_select(@schemas), prompt: '-- select schema --', class: 'form-control input-sm ff'  %>
       </div>
       <div class="form-group col-md-8">
         <label class="">
-          <input type="checkbox" id="primary_tables_filter_out_history" checked style="width: initial; display: inline-block" /> filter out history tables
+          <input type="checkbox" id="primary_tables_filter_out_history" checked class="admin-ref-data__checkbox--inline" /> filter out history tables
         </label>
       </div>
     </div>
diff --git a/app/views/admin/reports/_form.html.erb b/app/views/admin/reports/_form.html.erb
index c002b317ec..e6f353bc9a 100644
--- a/app/views/admin/reports/_form.html.erb
+++ b/app/views/admin/reports/_form.html.erb
@@ -4,7 +4,7 @@
 <div class="data-results">
   <div data-result="admin-edit-form-"  class="admin-edit-form admin-report <% if @updated_with %>saved-item<% end %>">
       <div class="row">
-        <div class="col-sm-12" style="text-align: left">
+        <div class="col-sm-12 admin-form__left-aligned">
         <%= form_for(@report, url: url, remote: true, html: { class: "form-formatted keep-notices", 'data-before-send-processor': "report_admin_form" }) do |f| %>
           <%= render partial: 'admin_handler/form_errors' %>
           <%= render partial: 'admin/reports/form/fields', locals: {f: f} %>
@@ -24,7 +24,7 @@
             <%= link_to "loading...", admin_report_search_attr_definer_path, remote: true, class: 'auto-click-link keep-notices' %>
           </div>
           <div class="col-sm-24 collapse" id="search_attr_definer_config">
-            <div class="" style="text-align: left;">
+            <div class="admin-form__left-aligned">
               <%= f.label :attributes_configuration%>
               <div class="report-admin-search-attr-yaml-editor" >
                 <%= f.text_area  :search_attrs, class: "report-admin-search-attr-final-config code-editor code-editor-yml", data: {code_editor_type: "yaml"}%>
diff --git a/app/views/admin/reports/form/_admin_criteria_view.html.erb b/app/views/admin/reports/form/_admin_criteria_view.html.erb
index 2ded757543..7d6507c3b0 100644
--- a/app/views/admin/reports/form/_admin_criteria_view.html.erb
+++ b/app/views/admin/reports/form/_admin_criteria_view.html.erb
@@ -32,7 +32,7 @@
 <% end 
 end%>      
     </div>
-    <div class="row form-actions" style="border-color: transparent;">
+    <div class="row form-actions report-criteria__actions">
       <%= hidden_field_tag  "search_attrs[#{Reports::Runner::ReportIdAttribName}]", ''%>
       <%= hidden_field_tag  "part", 'results', id: nil%>
       <%= hidden_field_tag  "embed", true, id: nil%>
diff --git a/app/views/admin/reports/form/_search_attr_definer.html.erb b/app/views/admin/reports/form/_search_attr_definer.html.erb
index a4538b6bee..e314df8c7f 100644
--- a/app/views/admin/reports/form/_search_attr_definer.html.erb
+++ b/app/views/admin/reports/form/_search_attr_definer.html.erb
@@ -1,7 +1,7 @@
 <div>
 <div class="report-admin-search-attr-block form-inline" data-result="search_attr_definer_block">
   <div class="row" id="search_attr_definer">
-    <div class="col-sm-24" style="text-align: left;" id="search_attr_definer_form">
+    <div class="col-sm-24 admin-form__left-aligned" id="search_attr_definer_form">
       <%= label_tag :search_attributes, 'search attributes' %>
       <ul class="admin-tag-list selectable" id="search_attr_item_list"></ul>
       <div id="report-admin-search-attr-add-block" class="collapse well">
diff --git a/app/views/admin/server_info/index.html.erb b/app/views/admin/server_info/index.html.erb
index 9a1e485181..4a027217ec 100644
--- a/app/views/admin/server_info/index.html.erb
+++ b/app/views/admin/server_info/index.html.erb
@@ -83,10 +83,10 @@
   </div>
 </div>
 
-<script>
+<%= javascript_tag nonce: true do %>
 $('#form-restart-server').on('click', function(){
   window.setTimeout(function(){
     window.location.reload()
   }, 5000)
 })
-</script>
\ No newline at end of file
+<% end %>
\ No newline at end of file
diff --git a/app/views/admin/server_info/rails_log.html.erb b/app/views/admin/server_info/rails_log.html.erb
index fffdba0ce4..45b80d6358 100644
--- a/app/views/admin/server_info/rails_log.html.erb
+++ b/app/views/admin/server_info/rails_log.html.erb
@@ -17,7 +17,7 @@
     <div class="form-group">
       <%= f.button 'search', class: 'btn btn-primary' %>
     </div>
-    <div style="margin-top: 1em;">
+    <div class="rails-log__common-searches">
       <b>Common searches:</b>
       <a href="?" class="btn btn-xs btn-info">Default</a>
       <a href="?search=ERROR" class="btn btn-xs btn-info">ERROR</a>
@@ -30,10 +30,10 @@
   </div>
 </div>
 
-<div class="container-fluid rails-log" style="width: 100vw; max-width: 100vw; padding: 0;">
-  <div class="row" style="margin: 0;">
-    <code style="width: 100vw; display: block; overflow-x: auto;">
-      <pre id="rails-log-listing" style="width: auto; overflow-x: auto; white-space: pre; margin-bottom: 0;">
+<div class="container-fluid rails-log">
+  <div class="row rails-log__row">
+    <code class="rails-log__code-container">
+      <pre id="rails-log-listing" class="rails-log__listing">
 <%= @rails_log.to_s.sub(/^\s*\n/, '') %>
       </pre>
     </code>
diff --git a/app/views/common_templates/_common_page_template_result.html.erb b/app/views/common_templates/_common_page_template_result.html.erb
index fe63df4028..7191035c0b 100644
--- a/app/views/common_templates/_common_page_template_result.html.erb
+++ b/app/views/common_templates/_common_page_template_result.html.erb
@@ -8,7 +8,7 @@
   # Then it simply calls the following partial "common_page_template_result_inner" with appropriate parameters.
   # Logging is included to help diagnose missing template configurations.
 %>
-<script id="common_page_template_result-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('common_page_template_result-partial', css_class: 'hidden handlebars-partial') do %>
   {{# with (fpa_state_item 'template_config' (underscore (or name_with_option_type name)) vdef_version )}}
     {{> common_page_template_result_inner result_data=../result_data name=../name orig_name=../orig_name activity_log_references_name=../activity_log_references_name name_with_option_type=../name_with_option_type template_config=this _created=../_created vdef_version=../vdef_version}}
   {{else}}
@@ -17,7 +17,7 @@
     {{log (fpa_state_item 'template_config' (underscore name) vdef_version)}}
     {{log this}}
   {{/with}}
-</script>
+<% end %>
 
 <%
   # Partial that renders the full activity log result item for a standalone page.
@@ -30,7 +30,7 @@
   # ability to show an edit form or create new activity log records. The attribute 'data-subscription'
   # has been provided, as has a hidden edit button, although this functionality is currently untested.
 %>
-<script id="common_page_template_result_inner-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('common_page_template_result_inner-partial', css_class: 'hidden handlebars-partial') do %>
   {{#is name '!==' full_name }}<div id="{{ hyphenate name }}-{{result_data.master_id}}-{{result_data.id}}"  data-orig-name="{{orig_name}}" {{{ data_sort_str }}}> {{/is}}
   <div class="common-page-templates--result-item common-template-item common-page-template-item index-{{_created}} {{hyphenate name}}-item {{>result_extra_class}} {{is_activity_log_class}} default-layout-{{id_hyphenate result_data.default_layout}}" 
        data-model-data-type="{{model_data_type}}" 
@@ -93,4 +93,4 @@
   </div>
   {{#is name '!==' full_name }}</div> {{/is}}
 
-</script>
+<% end %>
diff --git a/app/views/common_templates/_common_parts.html.erb b/app/views/common_templates/_common_parts.html.erb
index 00395d475e..691c797cbb 100644
--- a/app/views/common_templates/_common_parts.html.erb
+++ b/app/views/common_templates/_common_parts.html.erb
@@ -4,16 +4,16 @@
 <%= render partial: 'common_templates/common_template_references' %>
 <%= render partial: 'common_templates/common_template_list' %>
 
-<script id="ajax_form_fields" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('ajax_form_fields', css_class: 'hidden handlebars-partial') do %>
   <input name="utf8" type="hidden" value="✓">
   <input name="authenticity_token" type="hidden" class="set-auth-token" value="" />
-</script>
+<% end %>
 
-<script id="rank_button" type="text/x-handlebars-template" class="hidden handlebars-partial">
-<span class="pull-right label label-info general-rank-{{rank}} {{name_h}}-{{rank}}" style="margin-right:1em">{{#has 'rank'}}{{#if rank}}{{rank}} - {{rank_name}}{{else}}(no rank){{/if}}{{/has}}</span>
-</script>
+<%= handlebars_template_tag('rank_button', css_class: 'hidden handlebars-partial') do %>
+<span class="pull-right label label-info general-rank-{{rank}} {{name_h}}-{{rank}} rank-label--spaced">{{#has 'rank'}}{{#if rank}}{{rank}} - {{rank_name}}{{else}}(no rank){{/if}}{{/has}}</span>
+<% end %>
 
-<script id="update_metadata-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('update_metadata-partial', css_class: 'hidden handlebars-partial') do %>
   {{#if show_created_at}}
     <span class="meta-created-at glyphicon glyphicon-plus-sign"></span>&nbsp;<span class="meta-created-at-shown" data-toggle="popover" data-trigger="click hover" data-content="created: {{date_time created_at}}">{{date_time created_at}}</span>
   {{else}}
@@ -21,15 +21,15 @@
   {{/if}}
   {{#if updated_at}}  &nbsp; {{#is updated_at_ts '===' created_at_ts }}<span class="meta-last-updated glyphicon glyphicon-unchecked" data-toggle="popover" data-trigger="click hover" data-content="not updated"></span>{{else}}<span class="meta-last-updated glyphicon glyphicon-pencil"></span>&nbsp;<span class="meta-last-updated" data-toggle="popover" data-trigger="click hover" data-content="last updated {{date_time updated_at}}" >{{pretty_string updated_at}}</span>{{/is}}{{else}}<span class="meta-last-updated glyphicon glyphicon-unchecked" data-toggle="popover" data-trigger="click hover" data-content="no update information available"></span>{{/if}}
   {{#if user_name}} &nbsp; <span class="meta-created-by glyphicon glyphicon-user"></span>&nbsp;<span class="meta-created-by-shown" data-toggle="popover" data-trigger="click hover" data-content="edited by">{{user_name}}</span>{{/if}}
-</script>
+<% end %>
 
-<script id="common_template_create_button-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('common_template_create_button-partial', css_class: 'hidden handlebars-partial') do %>
   {{#unless prevent_create}}
   <a href="/masters/{{id}}/{{pluralize resource}}/new" data-remote="true" class="btn btn-sm btn-primary add-item-button" data-toggle="scrollto-result" data-target="{{hyphenate resource}}-{{id}}-"><span class="glyphicon glyphicon-plus"></span> {{#if label}}{{label}}{{else}}{{titleize resource}}{{/if}} record</a>
   {{/unless}}
-</script>
+<% end %>
 
-<script id="field_label" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('field_label', css_class: 'hidden handlebars-partial') do %>
   <small class="ctlabel">
     {{#if labels}}
       {{fpa_state_item labels vdef_version @key }}
@@ -41,10 +41,10 @@
       {{humanize (replace @key replace '')}}
     {{/if}}
   </small>
-</script>
+<% end %>
 
 
-<script id="common_template_result_field_caption_or_dialog" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('common_template_result_field_caption_or_dialog', css_class: 'hidden handlebars-partial') do %>
   {{#if no_caption_before}}
   {{else is field_type 'includes' '^hidden_' }}
   {{else is key 'in' caption_before_keys}}
@@ -63,18 +63,18 @@
       {{log key}}
     {{/if}}
   {{/if}}
-</script>
+<% end %>
 
-<script id="field_result_class" type="text/x-handlebars-template" class="hidden handlebars-partial">list-group-item result-field-container {{hyphenate full_name}}-{{key}} {{#if no_caption_before}}force-no-caption-before{{else is key "in" caption_before_keys_without_keep_label}}has-caption-before{{/if}} {{#is key external_id_attr}}is_external_id_item{{/is}} {{#if (fpa_state_item 'template_config' (underscore name) vdef_version 'field_options' key 'no_downcase')}}fo-no-downcase{{/if}} {{#if (fpa_state_item 'template_config' (underscore (or name_with_option_type name)) vdef_version 'field_options' key 'view_original_case')}}fo-view-original-case{{/if}}</script>
+<%= handlebars_template_tag('field_result_class', css_class: 'hidden handlebars-partial') do %>list-group-item result-field-container {{hyphenate full_name}}-{{key}} {{#if no_caption_before}}force-no-caption-before{{else is key "in" caption_before_keys_without_keep_label}}has-caption-before{{/if}} {{#is key external_id_attr}}is_external_id_item{{/is}} {{#if (fpa_state_item 'template_config' (underscore name) vdef_version 'field_options' key 'no_downcase')}}fo-no-downcase{{/if}} {{#if (fpa_state_item 'template_config' (underscore (or name_with_option_type name)) vdef_version 'field_options' key 'view_original_case')}}fo-view-original-case{{/if}}<% end %>
 
-<script id="edit_item_button" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('edit_item_button', css_class: 'hidden handlebars-partial') do %>
 {{#unless prevent_edit }}
   <a data-toggle="scrollto-result" data-target="#{{hyphenate resource}}-{{master_id}}-{{id}}" title="edit" class="edit-entity edit-{{hyphenate resource}} pull-right glyphicon glyphicon-edit" href="{{run_template edit_button_href}}" data-remote="true" data-{{hyphenate resource}}-id="{{this.id}}" data-result-target=""></a>
   <a data-remote="true" title="refresh" class="hidden refresh-item" href="{{replace (run_template edit_button_href) '\/edit$' ''}}">&nbsp;</a>
 {{/unless}}
-</script>
+<% end %>
 
-<script id="search_results_notes_block" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('search_results_notes_block', css_class: 'hidden handlebars-partial') do %>
   <li class="list-group-item result-notes-container {{full_name_hyphenated}}-{{key}} notes-block {{#unless value}}notes-empty{{/unless}}" data-field-name="{{key}}">
     {{#if label}}
     <small class="notes-block-label">{{> field_label labels=(concat 'labels_' (underscore name)) }}</small>
@@ -93,22 +93,22 @@
       </div>
     {{/is}}
   </li>
-</script>
+<% end %>
 
-<script id="activity_log_data_template_name_partial"  type="text/x-handlebars-template" class="hidden handlebars-partial">activity-log--{{#if rec_type}}{{hyphenate full_name}}-{{pluralize rec_type}}{{else}}{{hyphenate (pluralize full_name)}}{{/if}}-main-result-template</script>
+<%= handlebars_template_tag('activity_log_data_template_name_partial', css_class: 'hidden handlebars-partial') do %>activity-log--{{#if rec_type}}{{hyphenate full_name}}-{{pluralize rec_type}}{{else}}{{hyphenate (pluralize full_name)}}{{/if}}-main-result-template<% end %>
 
 <%
 # The show button appears at the top of a parent item, such as a player_contact with record type phone
 %>
-<script id="activity_log_common_template_show_button" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('activity_log_common_template_show_button', css_class: 'hidden handlebars-partial') do %>
 
   {{#if template_config.supports_activity_log }}
     {{#if rec_type}}
 
-    <a data-toggle="uncollapse" data-target="#activity-log--{{hyphenate template_config.full_name}}-{{pluralize rec_type}}-{{master_id}}" title="open {{rec_type}} log" style="margin-right:1em" class="activity-log-entity-link activity-log--{{hyphenate template_config.full_name}}-{{rec_type}}-link pull-right glyphicon glyphicon-th-list always-scroll-to-expanded" href="/masters/{{master_id}}/{{pluralize name}}/{{this.id}}/activity_log/{{underscore name}}_{{pluralize rec_type}}" data-remote="true" data-{{hyphenate name}}-id="{{this.id}}" data-result-target="#activity-log--{{hyphenate template_config.full_name}}-{{rec_type}}s-{{master_id}}" data-template="{{> activity_log_data_template_name_partial full_name=template_config.full_name }}"></a>
+    <a data-toggle="uncollapse" data-target="#activity-log--{{hyphenate template_config.full_name}}-{{pluralize rec_type}}-{{master_id}}" title="open {{rec_type}} log" class="activity-log-entity-link activity-log-entity-link--spaced activity-log--{{hyphenate template_config.full_name}}-{{rec_type}}-link pull-right glyphicon glyphicon-th-list always-scroll-to-expanded" href="/masters/{{master_id}}/{{pluralize name}}/{{this.id}}/activity_log/{{underscore name}}_{{pluralize rec_type}}" data-remote="true" data-{{hyphenate name}}-id="{{this.id}}" data-result-target="#activity-log--{{hyphenate template_config.full_name}}-{{rec_type}}s-{{master_id}}" data-template="{{> activity_log_data_template_name_partial full_name=template_config.full_name }}"></a>
     {{else}}
-    <a data-toggle="uncollapse" data-target="#activity-log--{{hyphenate (pluralize template_config.full_name)}}-{{master_id}}" title="open {{run_template template_config.caption}}" style="margin-right:1em" class="activity-log-entity-link {{hyphenate template_config.full_name}}-link pull-right glyphicon glyphicon-th-list always-scroll-to-expanded" href="/masters/{{master_id}}/{{pluralize name}}/{{this.id}}/activity_log/{{underscore (pluralize name)}}" data-remote="true" data-{{hyphenate name}}-id="{{this.id}}" data-result-target="#activity-log--{{hyphenate (pluralize template_config.full_name)}}-{{master_id}}" data-template="{{> activity_log_data_template_name_partial full_name=template_config.full_name }}"></a>
+    <a data-toggle="uncollapse" data-target="#activity-log--{{hyphenate (pluralize template_config.full_name)}}-{{master_id}}" title="open {{run_template template_config.caption}}" class="activity-log-entity-link activity-log-entity-link--spaced {{hyphenate template_config.full_name}}-link pull-right glyphicon glyphicon-th-list always-scroll-to-expanded" href="/masters/{{master_id}}/{{pluralize name}}/{{this.id}}/activity_log/{{underscore (pluralize name)}}" data-remote="true" data-{{hyphenate name}}-id="{{this.id}}" data-result-target="#activity-log--{{hyphenate (pluralize template_config.full_name)}}-{{master_id}}" data-template="{{> activity_log_data_template_name_partial full_name=template_config.full_name }}"></a>
     {{/if}}
   {{/if}}
 
-</script>
+<% end %>
diff --git a/app/views/common_templates/_common_template_list.html.erb b/app/views/common_templates/_common_template_list.html.erb
index 1d7c161753..1caf64ff4d 100644
--- a/app/views/common_templates/_common_template_list.html.erb
+++ b/app/views/common_templates/_common_template_list.html.erb
@@ -5,7 +5,7 @@
   # found in `views/common_templates/_search_results_template.html.erb`
 %>
 
-<script id="common_template_list_new_button_container"  type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('common_template_list_new_button_container', css_class: 'hidden handlebars-partial') do %>
   <div class="common-template-list--new-button new-button-container">
     <div class="text-center">
       <a href="{{#if master_id}}/masters/{{master_id}}{{/if}}/{{base_route_segments}}/new"
@@ -18,9 +18,9 @@
       </a>
     </div>
   </div>
-</script>
+<% end %>
 
-<script id="common_template_list-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('common_template_list-partial', css_class: 'hidden handlebars-partial') do %>
   {{#with list_template_config}}
     {{#is orientation '===' 'horizontal' }}
 
@@ -100,4 +100,4 @@
     Template Config not available for {{name}}
   </p>
   {{/with}}
-</script>
+<% end %>
diff --git a/app/views/common_templates/_common_template_references.html.erb b/app/views/common_templates/_common_template_references.html.erb
index 08c0623fcd..4bd21dad1a 100644
--- a/app/views/common_templates/_common_template_references.html.erb
+++ b/app/views/common_templates/_common_template_references.html.erb
@@ -1,7 +1,7 @@
 <%
   # Handle the display of referenced items in search results.
 %>
-<script id="activity_log_common_template_references_list_item"  type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('activity_log_common_template_references_list_item', css_class: 'hidden handlebars-partial') do %>
 <li class="list-group-item {{hyphenate name}}-model-references rr-mr in-item-model-references is-full-width {{#if to_record_viewable}}{{#if ../_show_embedded_as_single_item}} single-model-reference model-reference-auto-shown-caption{{/if}}{{/if}} {{#if disabled}}model-reference-disabled{{/if}} "
     data-template="model-references-{{name}}-result-template"
     data-sub-item="model_reference"
@@ -55,4 +55,4 @@
        data-form-container="{{hyphenate to_record_type_us}}_edit_form" ></div>
 </div>
 {{/if}}
-</script>
+<% end %>
diff --git a/app/views/common_templates/_common_template_result.html.erb b/app/views/common_templates/_common_template_result.html.erb
index a7fc93b9c9..299d70d116 100644
--- a/app/views/common_templates/_common_template_result.html.erb
+++ b/app/views/common_templates/_common_template_result.html.erb
@@ -6,20 +6,20 @@
 %>
 
 <% # Produce HTML attributes to help identify the block of fields, applying tag substitutions to each value %>
-<script id="custom_block_attrs_html" type="text/x-handlebars-template" class="hidden handlebars-partial">{{#each custom_block_attrs}}{{hyphenate @key}}={{{template this}}} {{/each}}</script>
+<%= handlebars_template_tag('custom_block_attrs_html', css_class: 'hidden handlebars-partial') do %>{{#each custom_block_attrs}}{{hyphenate @key}}={{{template this}}} {{/each}}<% end %>
 <% # Get the result heading caption, applying tag substitutions %>
-<script id="show_result_caption" type="text/x-handlebars-template" class="hidden handlebars-partial">{{#with result_data}}{{{run_template ../caption}}}{{/with}}</script>
-<script id="show_result_caption_id_hyphenated" type="text/x-handlebars-template" class="hidden handlebars-partial">{{#with result_data}}{{{id_hyphenate (run_template ../caption)}}}{{/with}}</script>
+<%= handlebars_template_tag('show_result_caption', css_class: 'hidden handlebars-partial') do %>{{#with result_data}}{{{run_template ../caption}}}{{/with}}<% end %>
+<%= handlebars_template_tag('show_result_caption_id_hyphenated', css_class: 'hidden handlebars-partial') do %>{{#with result_data}}{{{id_hyphenate (run_template ../caption)}}}{{/with}}<% end %>
 
 <% 
   # Format extra CSS classes for the result item block. 
   # Adds in the `template_class` value set by the standard mapping. 
   # Will apply tag substitutions to the dynamic definition's `view_options.extra_class` value
 %>
-<script id="result_extra_class" type="text/x-handlebars-template" class="hidden handlebars-partial">{{#with result_data}}{{../template_class}} {{run_template ../extra_class}}{{/with}}</script>
+<%= handlebars_template_tag('result_extra_class', css_class: 'hidden handlebars-partial') do %>{{#with result_data}}{{../template_class}} {{run_template ../extra_class}}{{/with}}<% end %>
 
 
-<script id="result_item_block" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('result_item_block', css_class: 'hidden handlebars-partial') do %>
 
   <div class="{{hyphenate name}}-{{item_name}} sr-item-block">
     <div class="">
@@ -54,7 +54,7 @@
     </div>
   </div>
 
-</script>
+<% end %>
 
 <%
   # Partial that sets up the template config for the display of a full dynamic result item, such
@@ -62,7 +62,7 @@
   # Then it simply calls the following partial "common_template_result_inner" with appropriate parameters.
   # Logging is included to help diagnose missing template configurations.
 %>
-<script id="common_template_result-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('common_template_result-partial', css_class: 'hidden handlebars-partial') do %>
   {{# with (fpa_state_item 'template_config' (underscore (or name_with_option_type name)) vdef_version )}}
     {{> common_template_result_inner result_data=../result_data name=../name orig_name=../orig_name activity_log_references_name=../activity_log_references_name name_with_option_type=../name_with_option_type template_config=this _created=../_created vdef_version=../vdef_version}}
   {{else}}
@@ -71,7 +71,7 @@
     {{log (fpa_state_item 'template_config' (underscore name) vdef_version)}}
     {{log this}}
   {{/with}}
-</script>
+<% end %>
 
 <%
   # Partial that renders the full dynamic result item, such
@@ -81,7 +81,7 @@
   # which are actually built by the OptionConfigs::TemplateOptionMapping
   # method for external identifiers, dynamic models and activity logs.
 %>
-<script id="common_template_result_inner-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('common_template_result_inner-partial', css_class: 'hidden handlebars-partial') do %>
   {{#was _created}}
   {{#is name '!==' full_name }}<div id="{{ hyphenate name }}-{{result_data.master_id}}-{{result_data.id}}" data-orig-name="{{orig_name}}" {{{ data_sort_str }}}> {{/is}}
   <div class="common-templates--result-item common-template-item index-{{_created}} {{hyphenate name}}-item {{>result_extra_class}} {{is_activity_log_class}}" 
@@ -193,6 +193,6 @@
   {{else}}
   </span>
   {{/was}}
-</script>
+<% end %>
 
 
diff --git a/app/views/common_templates/_common_template_result_fields.html.erb b/app/views/common_templates/_common_template_result_fields.html.erb
index 02a9f7f076..1a70418d15 100644
--- a/app/views/common_templates/_common_template_result_fields.html.erb
+++ b/app/views/common_templates/_common_template_result_fields.html.erb
@@ -1,4 +1,4 @@
-<script id="common_template_result_field" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('common_template_result_field', css_class: 'hidden handlebars-partial') do %>
 
   {{> common_template_result_field_caption_or_dialog caption_resource_name=(underscore (or name_with_option_type name)) dialog_resource_name=(underscore name) }}
   
@@ -342,9 +342,9 @@
   {{/is}}
   {{/if}}
 
-</script>
+<% end %>
 
-<script id="common_template_result_fields_filter" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('common_template_result_fields_filter', css_class: 'hidden handlebars-partial') do %>
 {{#if template_config.item_list.length}}
 {{#filter result_data (join template_config.item_list ',') }}
   {{#with ../template_config}}
@@ -352,32 +352,32 @@
   {{/with}}
 {{/filter}}
 {{/if}}
-</script>
+<% end %>
 
-<script id="common_template_result_caption_before_all_fields" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('common_template_result_caption_before_all_fields', css_class: 'hidden handlebars-partial') do %>
 {{#is 'all_fields' 'in' template_config.caption_before_keys}}
   <li class="list-group-item caption-before results-caption-before {{hyphenate full_name}}-all_fields all-fields-caption">{{{fpa_state_item 'caption_before' (underscore (or name_with_option_type name)) vdef_version 'all_fields' 'show_caption'}}}</li>
 {{/is}}
-</script>
+<% end %>
 
 
-<script id="common_template_result_fields" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('common_template_result_fields', css_class: 'hidden handlebars-partial') do %>
 {{> common_template_result_caption_before_all_fields template_config=(fpa_state_item 'template_config' (underscore (or name_with_option_type name)) vdef_version)}}
 {{> common_template_result_fields_filter template_config=(fpa_state_item 'template_config' (underscore (or name_with_option_type name)) vdef_version)}}
-</script>
+<% end %>
 
 
 
-<script id="tag_select_container-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('tag_select_container-partial', css_class: 'hidden handlebars-partial') do %>
   <div id="tag-selects-{{master_id}}-{{item_type}}-{{id}}" class="tag-selects-block">
   <div class="" id="tag-select-{{master_id}}-{{item_type}}-{{id}}-" >
   {{>tag_selects_result field_key=field_key}}
   </div>
   </div>
-</script>
+<% end %>
 
 
-<script id="tag_selects_result-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('tag_selects_result-partial', css_class: 'hidden handlebars-partial') do %>
   <div class="">
     <select multiple="true" disabled="disabled" class="form-control for-tag-select" data-nothing-selected-text="{{nothing_selected_text}}">
     {{#each tag_selects}}
@@ -392,10 +392,10 @@
     {{/each}}
     </select>
   </div>
-</script>
+<% end %>
 
-<script id="tag_select_result-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('tag_select_result-partial', css_class: 'hidden handlebars-partial') do %>
    <option selected="true" class="tag-select" value="{{this_value_id}}">
      {{#if (get result_data._general_selections field_key this_value_id 'name')}}{{get result_data._general_selections field_key this_value_id 'name'}}{{else}}{{pretty_string this_value_name return_string="true" capitalize=false}}{{/if}}
    </option>
-</script>
+<% end %>
diff --git a/app/views/common_templates/_edit_form_filestore.erb b/app/views/common_templates/_edit_form_filestore.erb
index ddb66f8f63..6c1afbda75 100644
--- a/app/views/common_templates/_edit_form_filestore.erb
+++ b/app/views/common_templates/_edit_form_filestore.erb
@@ -16,13 +16,13 @@ if mr
     to_record_editable: !!mr.to_record_editable
   };
 %>
-<script> 
+<%= javascript_tag nonce: true do %> 
 window.setTimeout(function() {
   var data = <%= data.to_json.html_safe %>;
   var block = $('#edit-filestore-block-<%= object_instance.id %>');
   _fpa.view_template(block, 'filestore-view-template', data); 
 
 }, 500);
-</script>
+<% end %>
 <div id="edit-filestore-block-<%= object_instance.id %>" class="edit-filestore-block"></div>
 <% end %>
\ No newline at end of file
diff --git a/app/views/common_templates/_references_results.html.erb b/app/views/common_templates/_references_results.html.erb
index c061f99b5c..e1bbda5209 100644
--- a/app/views/common_templates/_references_results.html.erb
+++ b/app/views/common_templates/_references_results.html.erb
@@ -1,11 +1,11 @@
  
-<script id="model-references-<%=name%>-result-template"  type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag("model-references-#{name}-result-template") do %>
 {{#with model_reference}}
   {{>activity_log_common_template_references_list_item name='<%=name%>' view_as=to_record_options_config.view_as.show to_elt=to_record_options_config.add_with.extra_log_type}}
 {{/with}}
-</script>
+<% end %>
 
-<script id="activity_log_<%=name%>_references"  type="text/x-handlebars-template" class="hidden handlebars-partial references_def_block">
+<%= handlebars_template_tag("activity_log_#{name}_references", css_class: 'hidden handlebars-partial references_def_block') do %>
 <%
   unless defined? embed
     embed = nil
@@ -60,4 +60,4 @@
     {{/each}}
   {{/if}}
 
-</script>
+<% end %>
diff --git a/app/views/common_templates/_search_results_template.html.erb b/app/views/common_templates/_search_results_template.html.erb
index bca0950223..deb9f250cf 100644
--- a/app/views/common_templates/_search_results_template.html.erb
+++ b/app/views/common_templates/_search_results_template.html.erb
@@ -301,8 +301,7 @@
   end
 %>
 
-<script id="fpa_state_config--<%=name_with_option_type.underscore%>--v<%=def_version%>">
-
+<%= javascript_tag id: "fpa_state_config--#{name_with_option_type.underscore}--v#{def_version}", nonce: true do %>
   _fpa.state.caption_before.<%=name_with_option_type.underscore%> = _fpa.state.caption_before.<%=name_with_option_type.underscore%> || {};
   _fpa.state.caption_before.<%=name_with_option_type.underscore%>.v<%=def_version%> = <%= caption_before.to_json.html_safe %>;
   _fpa.state.labels_<%=name_with_option_type.underscore%> = _fpa.state.labels_<%=name_with_option_type.underscore%> || {};
@@ -393,7 +392,7 @@
   _fpa.state.template_config.<%=name.underscore.sub('dynamic_model__', '')%> = _fpa.state.template_config.<%=name.underscore.sub('dynamic_model__', '')%> || _fpa.state.template_config.<%=name.underscore%>
   <% end %>
   
-</script>
+<% end %>
 
 
 <% 
@@ -427,30 +426,30 @@
     } %>
 
 
-<script id="<%=name.underscore.gsub('dynamic_model__', '').hyphenate%>-result-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag("#{name.underscore.gsub('dynamic_model__', '').hyphenate}-result-template") do %>
   {{#with <%=with_data || full_name%>}}
     {{> common_template_result name='<%=name_with_option_type%>' orig_name="<%=name.underscore%>" activity_log_references_name='<%=activity_log_references_name%>' result_data=this}}
   {{/with}}
-</script>
+<% end %>
 
-<script id="<%=name.underscore.hyphenate%>-result-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag("#{name.underscore.hyphenate}-result-template") do %>
   {{#with <%=with_data || full_name%>}}
     {{> common_template_result name='<%=name_with_option_type%>' orig_name="<%=name.underscore%>" activity_log_references_name='<%=activity_log_references_name%>' result_data=this}}
   {{/with}}
-</script>
+<% end %>
 
-<script id="<%=name_with_option_type.hyphenate%>-result-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag("#{name_with_option_type.hyphenate}-result-template") do %>
   {{#with <%=with_data || full_name%>}}
     {{> common_template_result name='<%=name_with_option_type%>' orig_name="<%=name.underscore%>" activity_log_references_name='<%=activity_log_references_name%>' result_data=this}}
   {{/with}}
-</script>
+<% end %>
 
-<script id="<%=full_name.pluralize.hyphenate%>-list-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag("#{full_name.pluralize.hyphenate}-list-template") do %>
   {{>common_template_list name='<%=name%>' list_data=this list_template_config=(fpa_state_item 'template_config' (underscore '<%=name%>') 'v')}}
-</script>
+<% end %>
 
-<script id="<%=full_name.pluralize.hyphenate%>-compact-list-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag("#{full_name.pluralize.hyphenate}-compact-list-template") do %>
   {{>common_template_list name='<%=name%>' list_data=this list_template_config=(fpa_state_item 'template_config' (underscore '<%=name%>') 'v') compact=true prevent_create=true }}
-</script>
+<% end %>
 
 <% end %>
\ No newline at end of file
diff --git a/app/views/common_templates/e_signature/_show_parts.html.erb b/app/views/common_templates/e_signature/_show_parts.html.erb
index b763ada38f..1abbec55ae 100644
--- a/app/views/common_templates/e_signature/_show_parts.html.erb
+++ b/app/views/common_templates/e_signature/_show_parts.html.erb
@@ -1,9 +1,9 @@
-<script id="e_signature_parts-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('e_signature_parts-partial', css_class: 'hidden handlebars-partial') do %>
 {{#is @key 'e_signed_document'}}
   {{#is e_signed_status 'signed'}}
   <li class="list-group-item result-field-container has-caption-before">
-    <div style="width: 812px; margin: 0 auto; height: auto; overflow: hidden;" class="e-signature-container">
-      <iframe class="e_signature_document_iframe" src='javascript:void(0)' srcdoc="" style="width: 810px; border: 0;"></iframe>
+    <div class="e-signature-container">
+      <iframe class="e_signature_document_iframe e-signature-container__iframe" src='javascript:void(0)' srcdoc=""></iframe>
       <p class="text-right">
         <a href="#" class="e-sign-print-frame">print document</a>
       </p>
@@ -19,4 +19,4 @@
 
 {{/is}}
 
-</script>
+<% end %>
diff --git a/app/views/common_templates/edit_fields/_name_is_e_signed_document.html.erb b/app/views/common_templates/edit_fields/_name_is_e_signed_document.html.erb
index 3893926a2e..db04a5e6ed 100644
--- a/app/views/common_templates/edit_fields/_name_is_e_signed_document.html.erb
+++ b/app/views/common_templates/edit_fields/_name_is_e_signed_document.html.erb
@@ -1,4 +1,4 @@
-<div style="width: 812px; margin: 0 auto; height: auto; overflow: hidden;" class="e-signature-container">
-  <iframe class="e_signature_document_iframe" src='javascript:void(0)' srcdoc="" style="width: 810px; border: 0;"></iframe>
+<div class="e-signature-container">
+  <iframe class="e_signature_document_iframe e-signature-container__iframe" src='javascript:void(0)' srcdoc=""></iframe>
   <textarea class='hidden e_signature_document'><%= (form_object_instance.attributes[field_name] || "").html_safe%></textarea>
 </div>
diff --git a/app/views/common_templates/markdown_editor/_show_editor.html.erb b/app/views/common_templates/markdown_editor/_show_editor.html.erb
index 9512cfd3ae..cf9b1d08b0 100644
--- a/app/views/common_templates/markdown_editor/_show_editor.html.erb
+++ b/app/views/common_templates/markdown_editor/_show_editor.html.erb
@@ -9,18 +9,18 @@
 <%= form.text_area field_name_sym, class: "form-control text-notes hidden use-text-area-for-custom-editor", data: {attr_name: field_name_sym, object_name: form_object_item_type_us}  %>
 <div class="btn-toolbar markdown-editor-toolbar" data-role="editor-toolbar" data-target="#<%=editor_id%>">
   <div class="btn-group">
-    <a class="btn btn-default btn-sm" data-edit="formatBlock <p>" title="Paragraph" style="font-weight: normal"><span style="font-size: 12px;">p</span></a>
-    <a class="btn btn-default btn-sm" data-edit="formatBlock <h1>" title="Heading 1" style="font-weight: bold">h1</a>
-    <a class="btn btn-default btn-sm" data-edit="formatBlock <h2>" title="Heading 2" style="font-weight: bold;"><span style="font-size: 14px;">h2</span> </a>
+    <a class="btn btn-default btn-sm markdown-editor-toolbar__btn--paragraph" data-edit="formatBlock <p>" title="Paragraph"><span class="markdown-editor-toolbar__btn--paragraph-text">p</span></a>
+    <a class="btn btn-default btn-sm markdown-editor-toolbar__btn--heading" data-edit="formatBlock <h1>" title="Heading 1">h1</a>
+    <a class="btn btn-default btn-sm markdown-editor-toolbar__btn--heading" data-edit="formatBlock <h2>" title="Heading 2"><span class="markdown-editor-toolbar__btn--h2-text">h2</span> </a>
 		<% if config[:toolbar_type] == 'advanced' %>
-		<a class="btn btn-default btn-sm" data-edit="formatBlock <h3>" title="Heading 3" style="font-weight: bold;"><span style="font-size: 12px;">h3</span> </a>
-		<a class="btn btn-default btn-sm" data-edit="formatBlock <h4>" title="Heading 4" style="font-weight: bold;"><span style="font-size: 10px;">h4</span> </a>
+		<a class="btn btn-default btn-sm markdown-editor-toolbar__btn--heading" data-edit="formatBlock <h3>" title="Heading 3"><span class="markdown-editor-toolbar__btn--h3-text">h3</span> </a>
+		<a class="btn btn-default btn-sm markdown-editor-toolbar__btn--heading" data-edit="formatBlock <h4>" title="Heading 4"><span class="markdown-editor-toolbar__btn--h4-text">h4</span> </a>
 		<% end %>
   </div>
   <div class="btn-group">
 		<a class="btn btn-default btn-sm" data-edit="bold" title="Bold (Ctrl/Cmd+B)"><i class="glyphicon glyphicon-bold"></i></a>
 		<a class="btn btn-default btn-sm" data-edit="italic" title="Italic (Ctrl/Cmd+I)"><i class="glyphicon glyphicon-italic"></i></a>
-		<a class="btn btn-default btn-sm" data-edit="strikethrough" title="Strikethrough" style="text-decoration: line-through;">S</a>
+		<a class="btn btn-default btn-sm markdown-editor-toolbar__btn--strikethrough" data-edit="strikethrough" title="Strikethrough">S</a>
 		<a class="btn btn-default btn-sm" data-edit="underline" title="Underline (Ctrl/Cmd+U)"><i class="glyphicon glyphicon-text-color"></i></a>
 		<a class="btn btn-default btn-sm" data-edit="subscript" title="Subscript">H<sub>2</sub></a>
 		<a class="btn btn-default btn-sm" data-edit="superscript" title="Superscript">A<sup>1</sup></a>
@@ -59,7 +59,7 @@
 			<input class="span2" placeholder="link URL" type="text" data-edit="createLink" >
 			<button class="btn" type="button">Add</button>
 		</div>
-		<a class="btn btn-default btn-sm" data-edit="unlink" title="" data-original-title="Remove Hyperlink"><i class="glyphicon glyphicon-link" style="text-decoration: line-through"></i></a>
+		<a class="btn btn-default btn-sm" data-edit="unlink" title="" data-original-title="Remove Hyperlink"><i class="glyphicon glyphicon-link markdown-editor-toolbar__btn--unlink-icon"></i></a>
 	</div>
 	<div class="btn-group">
 		<a class="btn btn-default btn-sm dropdown-toggle btn-wysiwyg-tb" data-toggle="dropdown" title="" data-original-title="Picture"><i class="glyphicon glyphicon-picture"></i></a>
diff --git a/app/views/devise/registrations/new.html.erb b/app/views/devise/registrations/new.html.erb
index 13cde712bb..1314b0f9c7 100644
--- a/app/views/devise/registrations/new.html.erb
+++ b/app/views/devise/registrations/new.html.erb
@@ -63,12 +63,12 @@
     </div>
 
     <div class='form-group-non checkbox-inline'>
-      <%= f.check_box :terms_of_use, style: 'display: none;', required: true %>
+      <%= f.check_box :terms_of_use, class: 'devise-form__terms-of-use', required: true %>
       <%= f.label :terms_of_use do %>
-            <span id='terms-of-use-default' style='display: none;'>
+            <span id='terms-of-use-default' class='devise-form__terms-of-use'>
               <%= template_block 'ui new user registration terms default' %>
             </span>
-        <span id='terms-of-use-gdpr' style='display: none;'>
+        <span id='terms-of-use-gdpr' class='devise-form__terms-of-use'>
               <%= template_block 'ui new user registration terms gdpr' %>
             </span>
       <% end %>
@@ -93,10 +93,10 @@
 </div>
 
 <% if Settings::ReCaptchaSiteKey %>
-<script src="https://www.google.com/recaptcha/api.js"></script>
-<script>
+<%= javascript_include_tag "https://www.google.com/recaptcha/api.js", nonce: true %>
+<%= javascript_tag nonce: true do %>
   function onSubmit(token) {
     document.getElementById("new_user").submit();
   }
-</script>
+<% end %>
 <% end %>
diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb
index 4ecdf41a4c..074792696d 100644
--- a/app/views/devise/sessions/new.html.erb
+++ b/app/views/devise/sessions/new.html.erb
@@ -30,7 +30,7 @@
     <%= hidden_field_tag :secure_entry, params[:secure_entry] if request.path.start_with?('/admins/sign_in') %>
 
     <% unless resource.two_factor_auth_disabled %>
-    <div class="login-2fa-block" style="display: none;">
+    <div class="login-2fa-block devise-form__2fa-block">
       <div class="form-group-non full-width">
         <%= f.label :otp_attempt, 'Two-Factor Authentication Code' %>
         <p class="help-block">
@@ -44,7 +44,7 @@
 
     <% end %>
 
-    <div class="login-final-submit" style="margin: 0.8em 0; ">
+    <div class="login-final-submit devise-form__final-submit">
       <%= f.submit "Log in", class: 'btn btn-primary btn-login-final-submit', data: {disable_with: 'checking...', orig_value: 'Log in'} %>
     </div>
 
diff --git a/app/views/external_links/_search_results_template.html.erb b/app/views/external_links/_search_results_template.html.erb
index 8a99330df7..cee7ab644c 100644
--- a/app/views/external_links/_search_results_template.html.erb
+++ b/app/views/external_links/_search_results_template.html.erb
@@ -1,4 +1,4 @@
-<script id="external-links-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('external-links-template') do %>
   <div class="row">
     <div class="col-sm-24">
       <% Admin::ExternalLink.selector_name_value_pair_no_downcase.each do |s|%>
@@ -6,4 +6,4 @@
       <% end %>
     </div>
   </div>
-</script>
+<% end %>
diff --git a/app/views/filestore/_browse_icons_templates.html.erb b/app/views/filestore/_browse_icons_templates.html.erb
index e862fdcbc5..c00957da64 100644
--- a/app/views/filestore/_browse_icons_templates.html.erb
+++ b/app/views/filestore/_browse_icons_templates.html.erb
@@ -1,10 +1,10 @@
 <%# Templates to support view type: 'icons' browser %>
 
-<script id="nfs-store-browse-icons-results" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('nfs-store-browse-icons-results') do %>
   {{>nfs_store_browse_icons_results_part}}
-</script>
+<% end %>
 
-<script id="nfs_store_browse_icons_results_part" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('nfs_store_browse_icons_results_part', css_class: 'hidden handlebars-partial') do %>
 
 
   <ul class="container-icons-items">
@@ -13,9 +13,9 @@
     </ul>
   
   </ul>
-</script>
+<% end %>
 
-<script id="nfs_store_browse_icons_folders" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('nfs_store_browse_icons_folders', css_class: 'hidden handlebars-partial') do %>
   
   {{#with @root}}
   
@@ -29,10 +29,10 @@
       {{/with}}
     {{/each}}
   {{/with}} 
-</script>
+<% end %>
 
 
-<script id="nfs_store_browse_icons_folder"   type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('nfs_store_browse_icons_folder', css_class: 'hidden handlebars-partial') do %>
   
   
     {{#is folder '!==' './.'}}
@@ -52,10 +52,10 @@
       {{>nfs_store_browse_icons_folders curr_folder=folder}}
     </ul>
     {{/is}}
-</script>
+<% end %>
 
 
-<script id="nfs_store_browse_icons_entry" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('nfs_store_browse_icons_entry', css_class: 'hidden handlebars-partial') do %>
   <li class="container-icons-entry" id="container-entry-{{nfs_store_container_id}}-{{id}}-{{retrieval_type}}" data-retrieval-type="{{retrieval_type}}" data-download-id="{{id}}">
     {{#if id}}
       <input type="checkbox" 
@@ -120,4 +120,4 @@
     {{/if}}
   </li>
 
-</script>
+<% end %>
diff --git a/app/views/filestore/_browse_list_templates.html.erb b/app/views/filestore/_browse_list_templates.html.erb
index c172d41712..542f6d3e51 100644
--- a/app/views/filestore/_browse_list_templates.html.erb
+++ b/app/views/filestore/_browse_list_templates.html.erb
@@ -1,10 +1,10 @@
 <%# Templates to support view type: 'list' browser %>
 
-<script id="nfs-store-browse-list-results" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('nfs-store-browse-list-results') do %>
   {{>nfs_store_browse_list_results_part}}
-</script>
+<% end %>
 
-<script id="nfs_store_browse_list_results_part" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('nfs_store_browse_list_results_part', css_class: 'hidden handlebars-partial') do %>
 
 
   <ul class="container-list-items">
@@ -19,9 +19,9 @@
     </ul>
   
   </ul>
-</script>
+<% end %>
 
-<script id="nfs_store_browse_list_folders" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('nfs_store_browse_list_folders', css_class: 'hidden handlebars-partial') do %>
   
   {{#with @root}}
   
@@ -35,10 +35,10 @@
       {{/with}}
     {{/each}}
   {{/with}} 
-</script>
+<% end %>
 
 
-<script id="nfs_store_browse_list_folder"   type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('nfs_store_browse_list_folder', css_class: 'hidden handlebars-partial') do %>
   
   
     <li class="container-folder container-folder-{{#if is_archive}}is{{else}}not{{/if}}-archive {{#is show_folder_name '===' 'file status'}}is-file-status-folder{{/is}}">
@@ -61,10 +61,10 @@
     <ul class="container-folder-items collapse {{#is folder_name '===' '.'}}in{{/is}} {{#is show_folder_name '===' 'file status'}}is-file-status-folder-items{{/is}}" data-folder-items="{{folder}}" id="{{container_id}}--{{id_hyphenate folder}}">
       {{>nfs_store_browse_list_folders curr_folder=folder}}
     </ul>
-</script>
+<% end %>
 
 
-<script id="nfs_store_browse_list_entry" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('nfs_store_browse_list_entry', css_class: 'hidden handlebars-partial') do %>
   <li class="container-entry" id="container-entry-{{nfs_store_container_id}}-{{id}}-{{retrieval_type}}" data-retrieval-type="{{retrieval_type}}" data-download-id="{{id}}">
     {{#if id}}
       <input type="checkbox" 
@@ -136,4 +136,4 @@
     {{/if}}
   </li>
 
-</script>
+<% end %>
diff --git a/app/views/filestore/_common_template_view.html.erb b/app/views/filestore/_common_template_view.html.erb
index 97668b9df8..d476c63021 100644
--- a/app/views/filestore/_common_template_view.html.erb
+++ b/app/views/filestore/_common_template_view.html.erb
@@ -13,7 +13,7 @@
   # called by model references to view browser within an activity log
   # and admin pages.
 %>
-<script id="filestore-view-template"  type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('filestore-view-template') do %>
   {{# is view_type '===' 'icons'}}
     {{>filestore_simple_template_view}}
   {{else is view_type '===' 'list'}}
@@ -21,10 +21,10 @@
   {{else}}
     {{>filestore_common_template_view}}
   {{/is}}
-</script>
+<% end %>
 
 
-<script id="filestore-browser-form"  type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('filestore-browser-form') do %>
   <div>
   {{#with nfs_store_container}}
     <div data-result="nfs-store-container-list-items-{{id}}"
@@ -83,9 +83,9 @@
     </div>
   {{/with}}
   </div>
-</script>
+<% end %>
 
-<script id="filestore_valid_files"  type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('filestore_valid_files', css_class: 'hidden handlebars-partial') do %>
 {{#if writable}}
 <div class="nfs-store-valid-files panel">
   <div class="panel-header">
@@ -108,10 +108,10 @@
   </div>
 </div>
 {{/if}}
-</script>
+<% end %>
 
 
-<script id="filestore_browser_outer"  type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('filestore_browser_outer', css_class: 'hidden handlebars-partial') do %>
   <div class="container-browser-outer prevent-scroll"
        data-sub-item="nfs_store_container"
        data-sub-id="{{container_id}}"
@@ -122,10 +122,10 @@
   >
     <div class="container-browser ajax-running"></div>
   </div>
-</script>
+<% end %>
 
 
-<script id="filestore_common_template_view"  type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('filestore_common_template_view', css_class: 'hidden handlebars-partial') do %>
   <div class="browse-container" data-container-use-secure-view="<%= use_secure_view_actions.join(',') %>">
     <%= render partial: 'nfs_store/browse/browser_header', locals: {
           container_id: '{{to_record_id}}',
@@ -182,10 +182,10 @@
       <div class="drop-info">drop files to upload</div>
     </div>
   </div>
-</script>
+<% end %>
 
 
-<script id="filestore_simple_template_view"  type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('filestore_simple_template_view', css_class: 'hidden handlebars-partial') do %>
   <div class="browse-container" data-container-use-secure-view="<%= use_secure_view_actions.join(',') %>">
       <%= link_to "", "/nfs_store/container_list/{{to_record_id}}/content?activity_log_id={{from_record_id}}&activity_log_type={{from_record_type_us}}&view_type=icons", class: "refresh-container-list glyphicon glyphicon-refresh hidden", title: "refresh list", data: { remote: "true", container_id: "{{to_record_id}}", activity_log_id: "{{from_record_id}}", activity_log_type: "{{from_record_type_us}}" } %>
       <div class="nfs-store-container-block" data-container-id="{{to_record_id}}" data-activity-log-id="{{from_record_id}}" data-activity-log-type="{{from_record_type_us}}">
@@ -212,4 +212,4 @@
   
     </div>
   </div>
-</script>
+<% end %>
diff --git a/app/views/filestore/classification/_result_template.html.erb b/app/views/filestore/classification/_result_template.html.erb
index e595359cfe..170425ffd7 100644
--- a/app/views/filestore/classification/_result_template.html.erb
+++ b/app/views/filestore/classification/_result_template.html.erb
@@ -1,4 +1,4 @@
-<script id="filestore-classification-<%=name.hyphenate%>-result-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag("filestore-classification-#{name.hyphenate}-result-template") do %>
   {{#with nfs_store__manage__<%=name%>}}
     <span class="bem-class-flags">
       <% if Classification::ItemFlagName.enabled_for?(full_name, current_user) %>
@@ -12,9 +12,9 @@
       {{#if file_metadata}}<i class="glyphicon glyphicon-list" title="has metadata extracted from the file content"></i>{{else}}<i class="empty-glyphicon"></i>{{/if}}
     </span>
   {{/with}}
-</script>
+<% end %>
 
 
-<script id="filestore-classification-<%=name.hyphenate%>-empty-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag("filestore-classification-#{name.hyphenate}-empty-template") do %>
   <div class="container-classifications is-empty"></div>
-</script>
+<% end %>
diff --git a/app/views/imports/imports/_new_import_form.html.erb b/app/views/imports/imports/_new_import_form.html.erb
index 271b04bbed..a9865f3a41 100644
--- a/app/views/imports/imports/_new_import_form.html.erb
+++ b/app/views/imports/imports/_new_import_form.html.erb
@@ -154,7 +154,7 @@ filled_items = 0
       <% end %>
     <% end %>
   </div>
-<script>
+<%= javascript_tag nonce: true do %>
   $('#confirm_upload').on('change', function(){
     if($(this).is(':checked')){
       $('#submit_import').prop('disabled', null);
@@ -215,4 +215,4 @@ filled_items = 0
     });
   }, 1000);
 
-</script>
+<% end %>
diff --git a/app/views/imports/imports/_table_notes.html.erb b/app/views/imports/imports/_table_notes.html.erb
index a546fbb9b1..f875bf6fca 100644
--- a/app/views/imports/imports/_table_notes.html.erb
+++ b/app/views/imports/imports/_table_notes.html.erb
@@ -60,7 +60,7 @@
 </div>
 
 
-<script>
+<%= javascript_tag nonce: true do %>
   _fpa.import_rules = <%= @table_rules.to_json.html_safe %>;
 
   $('#get_template_for').on('change', function(){
@@ -84,4 +84,4 @@
     }
     $('.import-rules-block').removeClass('hidden');
   });
-</script>
+<% end %>
diff --git a/app/views/imports/imports/index.html.erb b/app/views/imports/imports/index.html.erb
index 9ffa990d8d..d5bc059688 100644
--- a/app/views/imports/imports/index.html.erb
+++ b/app/views/imports/imports/index.html.erb
@@ -34,7 +34,7 @@
 
   </div>
 </div>
-<script>
+<%= javascript_tag nonce: true do %>
 
   $('#get_template_for').on('change', function(){
     var tn = $(this).val();
@@ -45,7 +45,7 @@
 
     }
   });
-</script>
+<% end %>
 
 
 <div class="import-table-container">
diff --git a/app/views/item_flags/_search_results_template.html.erb b/app/views/item_flags/_search_results_template.html.erb
index 34bfe94f67..42706bc75b 100644
--- a/app/views/item_flags/_search_results_template.html.erb
+++ b/app/views/item_flags/_search_results_template.html.erb
@@ -1,20 +1,20 @@
 
-<script id="item_flag_link-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('item_flag_link-partial', css_class: 'hidden handlebars-partial') do %>
   <span class="pull-left item-flags-count-{{item_flags.length}}">
   <a class="flag-entity glyphicon glyphicon-tag" href="/masters/{{master_id}}/{{item_type}}/{{this.id}}/item_flags" data-remote="true" data-result-target="#item-flags-{{master_id}}-{{item_type}}-{{this.id}}" data-template="item-flags-result-template"></a>
   </span>
-</script>
+<% end %>
 
-<script id="item_flag_container-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('item_flag_container-partial', css_class: 'hidden handlebars-partial') do %>
   <div id="item-flags-{{master_id}}-{{item_type}}-{{id}}" class="item-flags-block">
   <div class="" id="item-flag-{{master_id}}-{{item_type}}-{{id}}-" data-subscription="item-flag-edit-form-{{master_id}}-{{item_type}}-{{id}}-"   data-preprocessor="item_flags_edit_form">
   {{>item_flags_result item_id=id id="" readonlyview=readonlyview}}
   </div>
   </div>
-</script>
+<% end %>
 
 
-<script id="item_flags_result-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('item_flags_result-partial', css_class: 'hidden handlebars-partial') do %>
 
   <div class="">
 
@@ -32,21 +32,21 @@
   </div>
 
 
-</script>
+<% end %>
 
-<script id="item_flag_result-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('item_flag_result-partial', css_class: 'hidden handlebars-partial') do %>
    <option selected="true" class="item-flag" value="{{item_flag_name.id}}">{{item_flag_name.name}}</option>
-</script>
+<% end %>
 
 
-<script id="item-flag-result-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('item-flag-result-template') do %>
   {{#with tracker}}
     {{>item_flag_result }}
   {{/with}}
-</script>
+<% end %>
 
-<script id="item-flags-result-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('item-flags-result-template') do %>
   {{#with item_flags}}
     {{>item_flags_result }}
   {{/with}}
-</script>
+<% end %>
diff --git a/app/views/layouts/_force_window_home.html.erb b/app/views/layouts/_force_window_home.html.erb
index 0a1457815f..34b7c32e0a 100644
--- a/app/views/layouts/_force_window_home.html.erb
+++ b/app/views/layouts/_force_window_home.html.erb
@@ -1 +1 @@
-<script>window.location.href="/";</script>
+<%= javascript_tag nonce: true do %>window.location.href="/";<% end %>
diff --git a/app/views/layouts/_setup_app.html.erb b/app/views/layouts/_setup_app.html.erb
index 3c6a66bccf..d00363f43d 100644
--- a/app/views/layouts/_setup_app.html.erb
+++ b/app/views/layouts/_setup_app.html.erb
@@ -1,7 +1,7 @@
 <%
   Application.refresh_dynamic_defs
 %>
-<script>
+<%= javascript_tag nonce: true do %>
 
   _fpa.version = '<%=Application.version%>-<%=Application.server_cache_version%>';
   _fpa.status.session = new _fpa.session(<%= current_user ? current_user.timeout_in :  "null" %>);
@@ -85,4 +85,4 @@
   <% end %>
 
   _fpa.gdpr_county_codes = <%== Settings::GdprCountryCodes %>;
-</script>
+<% end %>
diff --git a/app/views/layouts/admin_application.html.erb b/app/views/layouts/admin_application.html.erb
index 555544a85f..f452c82c2b 100644
--- a/app/views/layouts/admin_application.html.erb
+++ b/app/views/layouts/admin_application.html.erb
@@ -2,18 +2,19 @@
 <html>
   <head>
     <title><%= Settings::PageTitle %></title>
+    <%= csp_meta_tag %>
     <meta name="viewport" content="width=device-width, initial-scale=1">
 
     <%= stylesheet_link_tag    'application', media: 'all' %>
     <%= stylesheet_link_tag    'admin_index', media: 'all' %>
-    <%= javascript_include_tag 'application' %>
-    <%= javascript_include_tag 'admin_index' %>
-    <script>
+    <%= javascript_include_tag 'application', nonce: true %>
+    <%= javascript_include_tag 'admin_index', nonce: true %>
+    <%= javascript_tag nonce: true do %>
       _fpa.status = {
         controller: '<%= controller_name %>',
         action: '<%= action_name %>'
       };
-    </script>
+    <% end %>
     <%= render partial: "layouts/setup_app" if current_user || current_admin %>
     <%= csrf_meta_tags %>
     <link rel="shortcut icon" type="image/png" href="/favicon.png">
@@ -23,7 +24,7 @@
     <%= render partial: 'layouts/flash_alerts' %>
     <%= yield %>
     <%= render partial: 'layouts/help_sidebar' %>
-    <script>
+    <%= javascript_tag nonce: true do %>
       _fpa.translations = <%= YAML.load_file(Rails.root.join('config', 'locales', "#{I18n.locale}.yml")).to_json.html_safe %>;
       _fpa.locale_t = _fpa.translations[_fpa.current_locale];
       _fpa.state.current_user_preference = _fpa.state.current_user_preference || {
@@ -33,15 +34,15 @@
       window.setTimeout(function() {
         _fpa_admin.all.index_page.loaded();
       },10);
-    </script>
+    <% end %>
     <%= render partial: 'layouts/bootstrap_modal' %>
-    <script id="flash_template" type="text/x-handlebars-template" class="handlebars-template">
+    <%= handlebars_template_tag('flash_template') do %>
       {{#if message}}
       <div class="alert alert-info" data-severity="info" >
         <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
         {{message}}
       </div>
       {{/if}}
-    </script>
+    <% end %>
   </body>
 </html>
diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
index 0bc43f4f60..6371cda93a 100644
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@@ -2,6 +2,7 @@
 <html>
 <head>
   <title><%= Settings::PageTitle %></title>
+  <%= csp_meta_tag %>
   <meta name="viewport" content="width=device-width, initial-scale=1">
 
   <%= stylesheet_link_tag    'application', media: 'all' %>
@@ -12,16 +13,16 @@
   <%   end 
      end %>
 
-  <%= javascript_include_tag 'application' %>
+  <%= javascript_include_tag 'application', nonce: true %>
 
   <% if current_user&.app_type&.name
        fn = "app_#{current_user.app_type.name.id_underscore}.js"
        if Rails.root.join("public", "app_specific", fn).exist? %>
-  <script src="/app_specific/<%=fn%>" ></script>
+  <%= javascript_include_tag "/app_specific/#{fn}", nonce: true %>
   <%   end 
      end %>
 
-  <script>
+  <%= javascript_tag nonce: true do %>
   window.onerror = function(message, source, lineno, colno, error) {
     var details;
     if (error) details = error.stack;
@@ -32,12 +33,12 @@
     controller: '<%= controller_name %>',
     action: '<%= action_name %>'
   };
-  </script>
+  <% end %>
   <%= render partial: "layouts/setup_app" %>
   <%= csrf_meta_tags %>
   <link rel="shortcut icon" type="image/png" href="/favicon.png">
-  <style><%= template_block("ui page css - #{current_user&.app_type&.name}", markdown_to_html: false, no_substitutions: true)&.html_safe %></style>
-  <script><%= template_block("ui page js - #{current_user&.app_type&.name}", markdown_to_html: false, no_substitutions: true)&.html_safe %></script>
+  <%= content_tag :style, nonce: true do %><%= template_block("ui page css - #{current_user&.app_type&.name}", markdown_to_html: false, no_substitutions: true)&.html_safe %><% end %>
+  <%= javascript_tag nonce: true do %><%= template_block("ui page js - #{current_user&.app_type&.name}", markdown_to_html: false, no_substitutions: true)&.html_safe %><% end %>
 </head>
 <body <%= body_classes %> id="body-top" data-user-roles="<%= user_roles_for_attr %>" data-user-id="<%= current_user&.id %>" data-admin-id="<%= current_admin&.id %>">
     <%= render partial: 'layouts/navbar/navbar' if @navbar_ready%>
@@ -54,19 +55,19 @@
       </p>
     </div>
   </div>
-  <script>
+  <%= javascript_tag nonce: true do %>
     _fpa.translations = <%= YAML.load_file(Rails.root.join('config', 'locales', "#{I18n.locale}.yml")).to_json.html_safe %>;
     _fpa.locale_t = _fpa.translations[_fpa.current_locale];
-  </script>
+  <% end %>
   <%= render partial: 'layouts/bootstrap_modal' %>
   <%= render partial: 'layouts/bootstrap_modal' %>
-  <script id="flash_template" type="text/x-handlebars-template" class="handlebars-template">
+  <%= handlebars_template_tag('flash_template') do %>
     {{#if message}}
     <div class="alert alert-info" data-severity="info" role="alert">
       <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
       {{message}}
     </div>
     {{/if}}
-  </script>
+  <% end %>
 </body>
 </html>
diff --git a/app/views/layouts/child_error_reporter.html.erb b/app/views/layouts/child_error_reporter.html.erb
index c47b99722d..015f05269a 100644
--- a/app/views/layouts/child_error_reporter.html.erb
+++ b/app/views/layouts/child_error_reporter.html.erb
@@ -1,4 +1,4 @@
-<script>
+<%= javascript_tag nonce: true do %>
   if (window.opener != window.top) {
     
   <% flash.each do |key, value| 
@@ -14,4 +14,4 @@
 
   window.close();
   
-</script>
\ No newline at end of file
+<% end %>
\ No newline at end of file
diff --git a/app/views/layouts/e_signature.html.erb b/app/views/layouts/e_signature.html.erb
index c018300af3..50f0314595 100644
--- a/app/views/layouts/e_signature.html.erb
+++ b/app/views/layouts/e_signature.html.erb
@@ -1,7 +1,7 @@
 <!doctype html>
 <html lang="en-US">
   <head>
-    <style>
+    <%= csp_style_tag("
       body {font-family: sans-serif; font-size: 14px;}
       li.e-sign-group-item, li.e-sign-signature-item {list-style: none; padding: 6px; border-bottom: 1px solid rgb(221, 221, 221);}
       li.e-sign-group-item p {margin: 0 0 10px;}
@@ -17,7 +17,7 @@
       .e-sign-record-meta li small, .e-sign-signature-info li small {font-size: 12px;}
       .e-sign-record-meta:before, .e-sign-signature-info:before {padding: 6px; width: auto; display: block; height: 1em; content: 'Record metadata'; background-color: rgb(222, 222, 222); font-size: 12px;}
       .e-sign-signature-info:before {content: 'Signature metadata';}
-    </style>
+    ") %>
   </head>
   <body>
     <div class="signed-document">
diff --git a/app/views/layouts/nfs_store/filestore.html.erb b/app/views/layouts/nfs_store/filestore.html.erb
index 390bb527e7..b3a69aec24 100644
--- a/app/views/layouts/nfs_store/filestore.html.erb
+++ b/app/views/layouts/nfs_store/filestore.html.erb
@@ -5,7 +5,7 @@
     <%= csrf_meta_tags %>
 
     <%= stylesheet_link_tag    'application', media: 'all' %>
-    <%= javascript_include_tag 'application' %>
+    <%= javascript_include_tag 'application', nonce: true %>
 
 <!-- <%#= javascript_pack_tag 'application' %> -->
 
@@ -13,21 +13,21 @@
 <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
 
 <!-- The jQuery UI widget factory, can be omitted if jQuery UI is already included -->
-<script src="/js/vendor/jquery.ui.widget.js"></script>
+<%= javascript_include_tag "/js/vendor/jquery.ui.widget.js", nonce: true %>
 <!-- The Load Image plugin is included for the preview images and image resizing functionality -->
-<script src="https://blueimp.github.io/JavaScript-Load-Image/js/load-image.all.min.js"></script>
+<%= javascript_include_tag "https://blueimp.github.io/JavaScript-Load-Image/js/load-image.all.min.js", nonce: true %>
 <!-- The Canvas to Blob plugin is included for image resizing functionality -->
-<script src="https://blueimp.github.io/JavaScript-Canvas-to-Blob/js/canvas-to-blob.min.js"></script>
+<%= javascript_include_tag "https://blueimp.github.io/JavaScript-Canvas-to-Blob/js/canvas-to-blob.min.js", nonce: true %>
 <!-- Bootstrap JS is not required, but included for the responsive demo navigation -->
-<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
+<%= javascript_include_tag "https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js", nonce: true %>
 <!-- The Iframe Transport is required for browsers without support for XHR file uploads -->
-<script src="/js/jquery.iframe-transport.js"></script>
+<%= javascript_include_tag "/js/jquery.iframe-transport.js", nonce: true %>
 <!-- The basic File Upload plugin -->
-<script src="/js/jquery.fileupload.js"></script>
+<%= javascript_include_tag "/js/jquery.fileupload.js", nonce: true %>
 
 
 
-<script>
+<%= javascript_tag nonce: true do %>
     _fpa.session = function(timeout) {
     };
     _fpa.status = {
@@ -38,7 +38,7 @@
     $(document).ready(function(){
       _fpa.handle_remotes();
     });
-</script>
+<% end %>
 
   </head>
 
diff --git a/app/views/layouts/public_application.html.erb b/app/views/layouts/public_application.html.erb
index 4508b23f9f..1b2eef61dd 100644
--- a/app/views/layouts/public_application.html.erb
+++ b/app/views/layouts/public_application.html.erb
@@ -5,7 +5,7 @@
     <meta name="viewport" content="width=device-width, initial-scale=1">
 
     <%= stylesheet_link_tag    'application', media: 'all' %>
-    <%= javascript_include_tag 'application' %>
+    <%= javascript_include_tag 'application', nonce: true %>
     <%= csrf_meta_tags %>
     <link rel="shortcut icon" type="image/png" href="/favicon.png">
   </head>
diff --git a/app/views/masters/_master_panels.html.erb b/app/views/masters/_master_panels.html.erb
index 3569d15a18..2980ffffcc 100644
--- a/app/views/masters/_master_panels.html.erb
+++ b/app/views/masters/_master_panels.html.erb
@@ -14,13 +14,13 @@
   sort_sublists = (details_view_options&.sort_sublists || {}).with_indifferent_access
 %>
 
-<script id="master_external_links_panel" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('master_external_links_panel', css_class: 'hidden handlebars-partial') do %>
   <% if current_user && current_user.can?(:view_external_links) %>
   <div class="master-panels--external-links-block external-links row collapse " id="external-links-{{id}}" data-master-id="{{id}}" data-panel-name="external-links"></div>
   <% end %>
-</script>
+<% end %>
 
-<script id="master_external_ids_panel" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('master_external_ids_panel', css_class: 'hidden handlebars-partial') do %>
     <div class="master-panels--external-id-block row panel-body panel-with-sublists external-ids-panel reorder-sublist-columns">
       <div class="on-open-click hidden">
       <%  external_id_types.each do |e|%>
@@ -41,9 +41,9 @@
       <% end %>
     </div>
 
-</script>
+<% end %>
 
-<script id="master_details_panel" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('master_details_panel', css_class: 'hidden handlebars-partial') do %>
 
    <div class="master-panels--details-block panel-body panel-with-sublists master-details-panel">
     <div class="row">
@@ -151,23 +151,23 @@
     </div>
    </div>
 
-</script>
+<% end %>
 
 
-<script id="tracker_completions" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('tracker_completions') do %>
   {{#with tracker}}
     {{>tracker_completions}}
   {{/with}}
-</script>
+<% end %>
 
-<script id="tracker_completions-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('tracker_completions-partial', css_class: 'hidden handlebars-partial') do %>
   {{#each tracker_completions}}
     <span class="label label-primary" title="{{protocol_name}} {{sub_process_name}}" data-sub-item="{{sub_process_id}}"><i class="glyphicon glyphicon-ok"></i>&nbsp;{{protocol_name}}</span>
   {{/each}}
-</script>
+<% end %>
 
 
-<script id="master_trackers_panel" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('master_trackers_panel', css_class: 'hidden handlebars-partial') do %>
   <% unless app_config_set(:hide_tracker_panel) %>
     <div id="trackers-{{id}}" class="master-panels--trackers-block panel panel-default section-panel page-layout-panel contains-categories collapse trackers-block format-block-on-expand">
       <div class="is-header default-header section-panel-header">
@@ -192,4 +192,4 @@
       </div>
     </div>
   <% end %>
-</script>
+<% end %>
diff --git a/app/views/masters/_modal_pi_search_results_template.html.erb b/app/views/masters/_modal_pi_search_results_template.html.erb
index 6a69b5428f..c0217ebf9b 100644
--- a/app/views/masters/_modal_pi_search_results_template.html.erb
+++ b/app/views/masters/_modal_pi_search_results_template.html.erb
@@ -6,7 +6,7 @@
   no_subject_details_label = '' if no_subject_details_label == 'none'
 %>
 
-<script id="modal-pi-search-results-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('modal-pi-search-results-template') do %>
   {{#if masters.length}}
   <div class="panel-group" id="results-accordion modal-pi-search-results" role="tablist" aria-multiselectable="true">
     <div class="panel panel-default results-panel">
@@ -141,4 +141,4 @@
   {{/if}}
 
 
-</script>
+<% end %>
diff --git a/app/views/masters/_search_form_advanced.html.erb b/app/views/masters/_search_form_advanced.html.erb
index bf52a0c1ea..2a797f6575 100644
--- a/app/views/masters/_search_form_advanced.html.erb
+++ b/app/views/masters/_search_form_advanced.html.erb
@@ -60,7 +60,7 @@
 
       <div class="col-sm-2 text-right">
           <br/>
-          <p style="font-size: 18px;">
+          <p class="search-form__clear-icon">
             <a href="#" class="clear-fields glyphicon glyphicon-erase" title="clear fields"></a>
           </p>
 
@@ -254,8 +254,8 @@
 <% end %>
 </div>
 
-<script>
+<%= javascript_tag nonce: true do %>
   _fpa.cache.get_definition('colleges', function(){
     _fpa.form_utils.setup_typeahead('input.advanced-college-input', 'colleges', "colleges");
   });
-</script>
+<% end %>
diff --git a/app/views/masters/_search_form_simple.erb b/app/views/masters/_search_form_simple.erb
index 452b842a1b..8c746bfd49 100644
--- a/app/views/masters/_search_form_simple.erb
+++ b/app/views/masters/_search_form_simple.erb
@@ -39,7 +39,7 @@
       </div>
       <div class="col-sm-1 text-right">
           <br/>
-          <p style="font-size: 18px;">
+          <p class="search-form__clear-icon">
             <a href="#" class="clear-fields glyphicon glyphicon-erase" title="clear fields"></a>
           </p>
       </div>
@@ -51,11 +51,10 @@
     <span id="search_count_simple" class="search-results-count pull-right" data-sub-item="count" data-template="search-count-template" ></span>
   </div>
 <%end%>
-<script>
+<%= javascript_tag nonce: true do %>
   _fpa.cache.get_definition('colleges', function(){
     _fpa.form_utils.setup_typeahead('input.simple-college-input', 'colleges', "colleges");
   });
-
-</script>
+<% end %>
 
 </div>
diff --git a/app/views/masters/_search_results_master_tabs.html.erb b/app/views/masters/_search_results_master_tabs.html.erb
index 391c411b4e..73a8391b5d 100644
--- a/app/views/masters/_search_results_master_tabs.html.erb
+++ b/app/views/masters/_search_results_master_tabs.html.erb
@@ -1,5 +1,5 @@
 
-<script id="master_tabs" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('master_tabs', css_class: 'hidden handlebars-partial') do %>
   <ul class="nav nav-pills details-tabs <%= hide_player_tabs? ? 'hidden' : '' %> hide-player-tabs-<%= hide_player_tabs?%>">
 
   <% # Tabs shown are based on the panels in the page layout.
@@ -102,4 +102,4 @@
     end %>
 
   </ul>
-</script>
+<% end %>
diff --git a/app/views/masters/_search_results_master_tabs_default.html.erb b/app/views/masters/_search_results_master_tabs_default.html.erb
index bc3410706a..f01735aa4e 100644
--- a/app/views/masters/_search_results_master_tabs_default.html.erb
+++ b/app/views/masters/_search_results_master_tabs_default.html.erb
@@ -2,7 +2,7 @@
    # The app configuration "open panels" sets if any of these are opened by default.
 default_panels = app_config_items(:open_panels) %>
 
-<script id="master_tabs" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('master_tabs', css_class: 'hidden handlebars-partial') do %>
   <ul class="nav nav-pills default-master-tabs details-tabs <%= hide_player_tabs? ? 'hidden' : '' %> hide-player-tabs-<%= hide_player_tabs?%>">
 
     <% unless app_config_set(:hide_tracker_panel) %>
@@ -73,4 +73,4 @@ default_panels = app_config_items(:open_panels) %>
       <% end %>
     <% end %>
   </ul>
-</script>
+<% end %>
diff --git a/app/views/masters/_search_results_parts.html.erb b/app/views/masters/_search_results_parts.html.erb
index 4c5cf4e797..206184659c 100644
--- a/app/views/masters/_search_results_parts.html.erb
+++ b/app/views/masters/_search_results_parts.html.erb
@@ -3,32 +3,31 @@
   no_subject_details_label = app_config_text(:header_no_subject_details_label, '(no subject details)')
   no_subject_details_label = '' if no_subject_details_label == 'none'
 %>
-<script id="search-count-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('search-count-template') do %>
   <span>
   {{#with count}}
   <span class="search_count">{{count}}</span> record{{#is count '!==' 1}}s{{/is}}
   {{#is count '>' show_count }} - showing {{show_count}} results - refine search to show others{{/is}}
   </span>
   {{/with}}
-</script>
+<% end %>
 
-<script id="search-action-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('search-action-template') do %>
   <span id="search-action" class="hidden search-action">{{search_action}}</span>
-</script>
+<% end %>
 
 
-<script id="empty-template" type="text/x-handlebars-template" class="hidden handlebars-template">
-</script>
+<%= handlebars_template_tag('empty-template') do %><% end %>
 
-<script id="master_header_prefix-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('master_header_prefix-partial', css_class: 'hidden handlebars-partial') do %>
   <span class="master-header-prefix">{{{header_prefix}}}</span>
-</script>
+<% end %>
 
-<script id="master_header_title-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('master_header_title-partial', css_class: 'hidden handlebars-partial') do %>
   <span class="master-header-title">{{{header_title}}}</span>
-</script>
+<% end %>
 
-<script id="subject_info_summary_result-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('subject_info_summary_result-partial', css_class: 'hidden handlebars-partial') do %>
   <strong class="player-names">
     {{capitalize first_name}}
     <span class="middle-name">{{capitalize middle_name}}</span>
@@ -49,9 +48,9 @@
     {{>accuracy_badge player_info=this}}
   </span>
   <% end %>
-</script>
+<% end %>
 
-<script id="master_panel_heading" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('master_panel_heading', css_class: 'hidden handlebars-partial') do %>
   <div class="panel-heading master-result num-masters-{{num_masters}} {{#is num_masters '===' 1}}selected-result{{/is}}" role="tab" id="master-{{id}}">
     <h3 class="panel-title">
       <a class="glyphicon glyphicon-link pull-right" href="/masters/{{id}}" title="link to this record"> </a>
@@ -90,11 +89,11 @@
       </div>
     </h3>
   </div>
-</script>
+<% end %>
 
 
 
-<script id="master_id_summary_result-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('master_id_summary_result-partial', css_class: 'hidden handlebars-partial') do %>
 <% id_list = app_config_items(:show_ids_in_master_result, ['master_id']) %>
 <%
   # Get the alternative ID labels for display
@@ -119,9 +118,9 @@
   <span>&nbsp;</span>
 </div>
 <% end %>
-</script>
+<% end %>
 
-<script id="secondary_info_summary_result-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('secondary_info_summary_result-partial', css_class: 'hidden handlebars-partial') do %>
         <strong class="pro-names">
                   {{capitalize first_name}}
                   <span class="middle-name">{{capitalize middle_name}}</span>
@@ -136,34 +135,34 @@
         {{#if death_date}}
                 <small>DOD</small> {{local_date death_date '-'}}
         {{/if}}
-</script>
+<% end %>
 
-<script id="tracker_badge-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('tracker_badge-partial', css_class: 'hidden handlebars-partial') do %>
 <span class="badge tracker-button-badge" id="tracker-count-{{master_id}}">{{#is trackers_length null}}{{trackers.length}}{{else}}{{trackers_length}}{{/is}}</span>
-</script>
+<% end %>
 
-<script id="accuracy_badge-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('accuracy_badge-partial', css_class: 'hidden handlebars-partial') do %>
 <span class="label label-info player-info-badge-{{player_info.rank}}" title="{{player_info.accuracy_score_name}}">{{player_info.rank}}</span>
-</script>
+<% end %>
 
 
 
-<script id="tracker-badge-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('tracker-badge-template') do %>
   {{>tracker_badge}}
-</script>
+<% end %>
 
-<script id="accuracy-badge-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('accuracy-badge-template') do %>
   {{>accuracy_badge}}
-</script>
+<% end %>
 
-<script id="subject-info-summary-result-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('subject-info-summary-result-template') do %>
   {{#with <%=subject_data_type%>}}
   {{>subject_info_summary_result}}
   {{/with}}
-</script>
+<% end %>
 
 
-<script id="sublist_controls" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('sublist_controls', css_class: 'hidden handlebars-partial') do %>
   <div class="sublist-controls">
     {{#if filter_attr}}
     <div class="sublist-filter-selectors">
@@ -195,4 +194,4 @@
     </div>
     {{/if}}
   </div>
-</script>
+<% end %>
diff --git a/app/views/masters/_search_results_template.html.erb b/app/views/masters/_search_results_template.html.erb
index 6ea94659f0..aaee35f9d0 100644
--- a/app/views/masters/_search_results_template.html.erb
+++ b/app/views/masters/_search_results_template.html.erb
@@ -143,13 +143,13 @@
 <%= render partial: 'common_templates/e_signature/show_parts', locals: {} %>
 
 
-<script id="empty" type="text/x-handlebars-template" class="hidden handlebars-template"></script>
+<%= handlebars_template_tag('empty') do %><% end %>
 
 <% 
   # Display the set of search results in the "master search" format 
   # Is rendered by the AJAX request made by `app/views/masters/search.html.erb`
 %>
-<script id="search-results-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('search-results-template') do %>
   {{#if masters.length}}
   <div class="panel-group search-results-template" id="results-accordion" role="tablist" aria-multiselectable="true">
     <div class="panel panel-default results-panel <%= app_config_text(:master_results_panel_css_class) %>">
@@ -169,19 +169,19 @@
   {{else}}
       <h2 class="no-results-msg">No Results</h2>
   {{/if}}
-</script>
+<% end %>
 
-<script id="master_main" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('master_main', css_class: 'hidden handlebars-partial') do %>
   <div id="master-{{id}}-main-container" class="panel-collapse collapse {{#is num_masters 1}}in loaded-master-main{{/is}} master-panel num-masters-{{num_masters}}" data-master-id="{{id}}" data-template="master-main-template" role="tabpanel" aria-labelledby="master-{{id}}">
     {{>master_main_inner}}
   </div>
-</script>
+<% end %>
 
-<script id="master-main-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('master-main-template') do %>
   {{#with master}}
     {{>master_main_inner}}
   {{/with}}
-</script>
+<% end %>
 
 <%
   # Render the master record tabs and panels.
@@ -189,7 +189,7 @@
   # trackers, details and external IDs are provided.
   # Otherwise the panels defined in the page layout(s) are used.
 %>
-<script id="master_main_inner" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('master_main_inner', css_class: 'hidden handlebars-partial') do %>
   {{>master_tabs}}
   <div class="panel-body master-main-panel">
     <%
@@ -233,4 +233,4 @@
       <% end %>
     <% end %>
   </div>
-</script>
+<% end %>
diff --git a/app/views/page_layouts/index.html.erb b/app/views/page_layouts/index.html.erb
index 5e5af04574..4a12fb6d90 100644
--- a/app/views/page_layouts/index.html.erb
+++ b/app/views/page_layouts/index.html.erb
@@ -18,9 +18,9 @@
         <tr class="<%=list_item.disabled ? 'disabled-result' : ''%>" data-report-id="<%=list_item.id %>">
 
 
-          <td style="width: 15%"><%= link_to  list_item.panel_label, page_layout_path(list_item.panel_name) %></td>
+          <td class="page-layout-index__label-cell"><%= link_to  list_item.panel_label, page_layout_path(list_item.panel_name) %></td>
 
-          <td style="width: 30%"><%= list_item.description %></td>
+          <td class="page-layout-index__description-cell"><%= list_item.description %></td>
 
         </tr>
       <% end %>
diff --git a/app/views/redcap/data_dictionaries/_tab_panels.html.erb b/app/views/redcap/data_dictionaries/_tab_panels.html.erb
index f91e6627a2..4ebc21f136 100644
--- a/app/views/redcap/data_dictionaries/_tab_panels.html.erb
+++ b/app/views/redcap/data_dictionaries/_tab_panels.html.erb
@@ -35,7 +35,7 @@
   <h4>Metadata</h4>
   <% if @rc_data_dictionary.captured_metadata.present?%>
     <div class="admin-options-ref-textarea-block">
-      <textarea style="font-size: 12px" class="extra-help-info">
+      <textarea class="extra-help-info admin-form__help-info">
 <%= @rc_data_dictionary.captured_metadata.map(&:stringify_keys).to_yaml%>
           </textarea>
     </div>
diff --git a/app/views/redcap/project_admins/_files_block.html.erb b/app/views/redcap/project_admins/_files_block.html.erb
index 2ffe1f476b..2c0b76e73c 100644
--- a/app/views/redcap/project_admins/_files_block.html.erb
+++ b/app/views/redcap/project_admins/_files_block.html.erb
@@ -13,7 +13,7 @@
               ) %>
   project to view the stored REDCap files</p>
 <% elsif object_instance&.file_store&.id %>
-<script> 
+<%= javascript_tag nonce: true do %> 
 window.setTimeout(function() {
   var data = {
     to_record_id: <%= object_instance.file_store.id %>,
@@ -28,7 +28,7 @@ window.setTimeout(function() {
   _fpa.view_template(block, 'filestore-view-template', data); 
 
 }, 500);
-</script>
+<% end %>
 <% else %>
 <p>File store not configured</p>
 <% end %>
\ No newline at end of file
diff --git a/app/views/redcap/project_admins/_metadata_block.html.erb b/app/views/redcap/project_admins/_metadata_block.html.erb
index 75e847ef35..0aa17671db 100644
--- a/app/views/redcap/project_admins/_metadata_block.html.erb
+++ b/app/views/redcap/project_admins/_metadata_block.html.erb
@@ -2,7 +2,7 @@
 <h4>Metadata</h4>
 <% if object_instance.captured_project_info.present?%>
   <div class="admin-options-ref-textarea-block">
-    <textarea style="font-size: 12px" class="extra-help-info">
+    <textarea class="extra-help-info admin-form__help-info">
 <%= object_instance.captured_project_info.stringify_keys.to_yaml%>
     </textarea>
   </div>
diff --git a/app/views/reports/_criteria.html.erb b/app/views/reports/_criteria.html.erb
index fc3e5b1278..43b1cc3679 100644
--- a/app/views/reports/_criteria.html.erb
+++ b/app/views/reports/_criteria.html.erb
@@ -30,7 +30,7 @@
       <%= render partial: 'reports/criteria/fields' %>
       <%= render partial: 'reports/criteria/inline_search_button_block' %>
     </div>
-    <div class="form-group form-actions clearfix" style="border-color: transparent;">
+    <div class="form-group form-actions clearfix report-criteria__actions">
       <%= hidden_field_tag  "search_attrs[#{Reports::Runner::ReportIdAttribName}]", ''%>
       <%= hidden_field_tag  "part", '', id: nil%>
       <%= hidden_field_tag  "embed", embedded_report, id: nil%>
diff --git a/app/views/reports/_index.html.erb b/app/views/reports/_index.html.erb
index 30f021e727..2c6a3b0a56 100644
--- a/app/views/reports/_index.html.erb
+++ b/app/views/reports/_index.html.erb
@@ -33,14 +33,14 @@ extra_params[:embed] = true if link_extras[:data] && link_extras[:data][:remote]
           end    
     %>
     <tr class="<%=list_item.disabled ? 'disabled-result' : ''%> report-type-<%= list_item.report_type %> <%= list_item.auto ? 'report-auto' : '' %>" data-report-id="<%=list_item.id %>">
-      <td style="width: 5%"><span class="hidden"><%= list_item.report_type %></span><span class="glyphicon <%= list_item.report_type == 'count' ? 'glyphicon-record' : list_item.report_type == 'regular_report' ? 'glyphicon-list-alt' : 'glyphicon-search'  %>" title="<%= list_item.report_type.humanize %>"></span></td>
+      <td class="report-index__type-cell"><span class="hidden"><%= list_item.report_type %></span><span class="glyphicon <%= list_item.report_type == 'count' ? 'glyphicon-record' : list_item.report_type == 'regular_report' ? 'glyphicon-list-alt' : 'glyphicon-search'  %>" title="<%= list_item.report_type.humanize %>"></span></td>
 
-      <td style="width: 15%"><%= link_to  list_item.name, report_path(list_item.alt_resource_name, extra_params), link_extras %></td>
+      <td class="report-index__name-cell"><%= link_to  list_item.name, report_path(list_item.alt_resource_name, extra_params), link_extras %></td>
 
-      <td style="width: 30%"><%= markdown_to_html content %></td>
+      <td class="report-index__description-cell"><%= markdown_to_html content %></td>
       <% unless simple_view %>
-      <td style="width: 25%" class="report-search-attr"></td>
-      <td style="width: 25%" class="report-measure"></td>
+      <td class="report-index__search-attr-cell report-search-attr"></td>
+      <td class="report-index__measure-cell report-measure"></td>
       <% end %>
 
     </tr>
diff --git a/app/views/reports/_insert_options_css.html.erb b/app/views/reports/_insert_options_css.html.erb
index a05bda180c..0e56103b22 100644
--- a/app/views/reports/_insert_options_css.html.erb
+++ b/app/views/reports/_insert_options_css.html.erb
@@ -58,7 +58,5 @@ end
 if res
   res = res.join("\n")
 %>
-<style>
-  <%= res.html_safe %>
-</style>
+<%= csp_style_tag(res) %>
 <% end %>
\ No newline at end of file
diff --git a/app/views/reports/_results.html.erb b/app/views/reports/_results.html.erb
index 8d9369a3f7..a3e24fe4e9 100644
--- a/app/views/reports/_results.html.erb
+++ b/app/views/reports/_results.html.erb
@@ -31,7 +31,7 @@
       <% unless no_results_scroll %>
         <div class="text-center back-to-search-form">
           <a href="#body-top" class="btn btn-default small back-to-search-form-btn"><i class="caret up"></i> back to search form</a>
-          <a href="#<%=@outer_block_id%>-results-block" class="btn btn-default small show-results-btn" style="display: none;"><i class="caret"></i> show all results</a>
+          <a href="#<%=@outer_block_id%>-results-block" class="btn btn-default small show-results-btn report-results__show-btn--hidden"><i class="caret"></i> show all results</a>
         </div>
       <% end %>
       <div class="report-results-inner">
diff --git a/app/views/reports/_show.html.erb b/app/views/reports/_show.html.erb
index 51c41a5f8c..3f49eeb432 100644
--- a/app/views/reports/_show.html.erb
+++ b/app/views/reports/_show.html.erb
@@ -4,10 +4,10 @@
   extra_classes += " report-rn--#{@report.alt_resource_name}"
 %>
 <%= render partial: 'masters/modal_pi_search_results_template' %>
-<script id="edit-report-result" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('edit-report-result') do %>
   <span>
   </span>
-</script>
+<% end %>
 <% if @report.editable_data? %>
   <span id="editable_data"></span>
 <% end %>
diff --git a/app/views/reports/criteria/_fields.html.erb b/app/views/reports/criteria/_fields.html.erb
index f42120ba80..1d43b652bb 100644
--- a/app/views/reports/criteria/_fields.html.erb
+++ b/app/views/reports/criteria/_fields.html.erb
@@ -20,7 +20,7 @@ configs.each do |name, config|
       field_res = report_criteria_field name, config, field_val, options 
       next if field_res.blank?
   %>
-  <div class="col-md-8 col-lg-6 <%= config.hidden ? 'hidden' : '' %>" style="padding-bottom: 1em;">
+  <div class="col-md-8 col-lg-6 <%= config.hidden ? 'hidden' : '' %> report-criteria__field-group">
     <%= field_res %>
   </div>
 <% 
diff --git a/app/views/reports/criteria/_inline_search_button_block.html.erb b/app/views/reports/criteria/_inline_search_button_block.html.erb
index cbd1749f0a..306abee200 100644
--- a/app/views/reports/criteria/_inline_search_button_block.html.erb
+++ b/app/views/reports/criteria/_inline_search_button_block.html.erb
@@ -1,5 +1,5 @@
 <% if @report.editable_data? || !@report_criteria  %>
-  <div class="col-md-2 col-lg-2 inline-search-button <%= @hidden_class %>" style="padding-bottom: 1em;">
+  <div class="col-md-2 col-lg-2 inline-search-button <%= @hidden_class %> report-criteria__field-group">
     <label>&nbsp;</label>
     <div>
       <% 
diff --git a/app/views/reports/index.html.erb b/app/views/reports/index.html.erb
index 1cf76ffee5..41fba4e630 100644
--- a/app/views/reports/index.html.erb
+++ b/app/views/reports/index.html.erb
@@ -11,6 +11,6 @@
     </div>
   </div>
 </div>
-<script>
+<%= javascript_tag nonce: true do %>
   _fpa.reports.run_autos();
-</script>
+<% end %>
diff --git a/app/views/reports/result_template/_calendar.html.erb b/app/views/reports/result_template/_calendar.html.erb
index 6fa640be04..5e952d2b51 100644
--- a/app/views/reports/result_template/_calendar.html.erb
+++ b/app/views/reports/result_template/_calendar.html.erb
@@ -5,7 +5,7 @@
 %>
 <div id="<%=block_id%>" class="report-calendar <%=@view_options&.add_classes&.join(' ')%>" data-result-handlers="<%=@view_options&.result_handlers&.join(' ')%>">
 </div>
-<script>
+<%= javascript_tag nonce: true do %>
   window.setTimeout(function() {
   
     var $block = $('#<%=block_id%>');
@@ -34,4 +34,4 @@
     var calendar = new FullCalendar.Calendar(calendarEl, opts);
     calendar.render();
   }, 100);
-</script>
+<% end %>
diff --git a/app/views/reports/result_template/_chart.html.erb b/app/views/reports/result_template/_chart.html.erb
index d0e6b877fb..7581365fca 100644
--- a/app/views/reports/result_template/_chart.html.erb
+++ b/app/views/reports/result_template/_chart.html.erb
@@ -5,7 +5,7 @@
 %>
 <div id="<%=block_id%>" class="report-chart <%=@view_options&.add_classes&.join(' ')%>"  data-result-handlers="<%=@view_options&.result_handlers&.join(' ')%>" data-results-count="<%=@results.count%>">
 </div>
-<script>
+<%= javascript_tag nonce: true do %>
   window.setTimeout(function() {
   
     var $block = $('#<%=block_id%>');
@@ -85,10 +85,10 @@
   
     var new_html = $('<canvas width="'+width+'" height="'+height+'" class="report-chart-canvas"></canvas>');
   
-    $block.html(new_html);
+  $block.html(new_html);
     var ctx = $block.find('canvas');
   
     var myPieChart = new Chart(ctx, opts);
   
     }, 100);
-</script>
+<% end %>
diff --git a/app/views/secure_view/_preview.html.erb b/app/views/secure_view/_preview.html.erb
index 821769783c..a67945b737 100644
--- a/app/views/secure_view/_preview.html.erb
+++ b/app/views/secure_view/_preview.html.erb
@@ -1,7 +1,7 @@
 <%
   secure_view_defaults
 %>
-<div class="secure-view" style="display: none;" data-preview-as="">
+<div class="secure-view secure-view--hidden" data-preview-as="">
 
 
   <div class="secure-view-control-panel navbar-default" role="navigation">
diff --git a/app/views/tracker_histories/_search_results_template.html.erb b/app/views/tracker_histories/_search_results_template.html.erb
index 8bda34e111..8cb0836c00 100644
--- a/app/views/tracker_histories/_search_results_template.html.erb
+++ b/app/views/tracker_histories/_search_results_template.html.erb
@@ -1,7 +1,7 @@
 
 
 
-<script id="tracker_history_result-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('tracker_history_result-partial', css_class: 'hidden handlebars-partial') do %>
 
       <td class="tracker-history">
 
@@ -20,9 +20,9 @@
       </td>
 
 
-</script>
+<% end %>
 
-<script id="tracker-histories-result-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('tracker-histories-result-template') do %>
 
   {{#each tracker_histories}}
     <tr class="tracker-history-item" data-tracker-protocol="{{underscore protocol_name}}"  id="tracker-history-{{master_id}}-{{tracker_id}}-{{id}}" >
@@ -30,4 +30,4 @@
     </tr>
   {{/each}}
 
-</script>
+<% end %>
diff --git a/app/views/trackers/_search_results_template.html.erb b/app/views/trackers/_search_results_template.html.erb
index 6e913d6226..f105139fa7 100644
--- a/app/views/trackers/_search_results_template.html.erb
+++ b/app/views/trackers/_search_results_template.html.erb
@@ -1,4 +1,4 @@
-<script id="tracker_result-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('tracker_result-partial', css_class: 'hidden handlebars-partial') do %>
 
       <td class="tracker-edit">
       {{#is tracker_history_length '>' 1}}
@@ -24,9 +24,9 @@
       </td>
 
 
-</script>
+<% end %>
 
-<script id="empty_tracker_tree_results-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('empty_tracker_tree_results-partial', css_class: 'hidden handlebars-partial') do %>
   <table class="table tracker-tree-results from-empty-tracker-tree">
     <thead><tr>
       <th><a href="/masters/{{master_id}}/tracker_histories" data-remote="true" data-result-target="#trackers-{{master_id}}-inner" data-template="tracker-chron-result-template" title="view as sortable list" class="glyphicon glyphicon-align-justify"></a></th>
@@ -41,9 +41,9 @@
     </tr>
     </tbody>
 </table>
-</script>
+<% end %>
 
-<script id="tracker_tree_results-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('tracker_tree_results-partial', css_class: 'hidden handlebars-partial') do %>
   <table class="table tracker-tree-results from-tracker-tree-results">
     <thead><tr>
       <th><a href="/masters/{{master_id}}/tracker_histories" data-remote="true" data-result-target="#trackers-{{master_id}}-inner" data-template="tracker-chron-result-template" title="view as sortable list" class="glyphicon glyphicon-align-justify"></a></th>
@@ -73,10 +73,10 @@
     {{/each}}
   </table>
 
-</script>
+<% end %>
 
 
-<script id="tracker_chron_results-partial" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('tracker_chron_results-partial', css_class: 'hidden handlebars-partial') do %>
   <table class="table tablesorter tracker-chron-results">
     <thead><tr>
       <th class="no-sort"><a href="/masters/{{master_id}}/trackers" data-remote="true" data-result-target="#trackers-{{master_id}}-inner" data-template="tracker-tree-result-template" title="view as events"  class="glyphicon glyphicon-list"></a></th>
@@ -103,11 +103,11 @@
     </tbody>
   </table>
 
-</script>
+<% end %>
 
 
 
-<script id="tracker-result-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('tracker-result-template') do %>
   {{#with tracker}}
     {{#was _created}}
     <tbody id="tracker-{{master_id}}-{{id}}" data-preprocessor="tracker_edit_form" class="index-created"  data-subscription="tracker-edit-form-{{master_id}}-{{id}}" data-tracker-protocol="{{underscore protocol_name}}" data-template="tracker-result-template" data-sub-item="tracker" data-sub-id="{{id}}">
@@ -126,19 +126,19 @@
 
     {{/was}}
   {{/with}}
-</script>
+<% end %>
 
-<script id="tracker-chron-result-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('tracker-chron-result-template') do %>
   {{#with tracker_histories}}
     {{>tracker_chron_results master_id=../master_id}}
   {{else}}
     {{>empty_tracker_tree_results master_id=master_id}}
   {{/with}}
-</script>
-<script id="tracker-tree-result-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<% end %>
+<%= handlebars_template_tag('tracker-tree-result-template') do %>
   {{#with trackers}}
     {{>tracker_tree_results master_id=../master_id}}
   {{else}}
       {{>empty_tracker_tree_results master_id=master_id}}
   {{/with}}
-</script>
+<% end %>
diff --git a/app/views/user_profiles/_container_template.html.erb b/app/views/user_profiles/_container_template.html.erb
index 7f1071ba4b..aca86d5396 100644
--- a/app/views/user_profiles/_container_template.html.erb
+++ b/app/views/user_profiles/_container_template.html.erb
@@ -11,15 +11,15 @@
 
 <%= render partial: 'user_profiles/tabs' %>
 
-<script id="user-profile-container-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('user-profile-container-template') do %>
   <div class="user-profile-container-block" id="user-profile-container">
     {{#with user_profile}}
       {{>user_profile_main}}
     {{/with}}
   </div>
-</script>
+<% end %>
 
-<script id="user_profile_inner" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('user_profile_inner', css_class: 'hidden handlebars-partial') do %>
   {{>user_profile_tabs}}
   <div class="panel-body user-profile-panel">
     <% if @panels.present? %>  
@@ -28,9 +28,9 @@
     <div class="well">no user profile panels defined</div>
     <% end %>
   </div>
-</script>
+<% end %>
 
-<script id="user_profile_main" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('user_profile_main', css_class: 'hidden handlebars-partial') do %>
   <div id="user-{{user.id}}-main-container" 
        class="panel-no-collapse user-profile-panel" 
        data-user-id="{{user.id}}" 
@@ -40,10 +40,10 @@
   >
     {{>user_profile_inner}}
   </div>
-</script>
+<% end %>
 
-<script id="user-profile-main-template" type="text/x-handlebars-template" class="hidden handlebars-template">
+<%= handlebars_template_tag('user-profile-main-template') do %>
   {{#with user}}
     {{>user_profile_main}}
   {{/with}}
-</script>
+<% end %>
diff --git a/app/views/user_profiles/_tabs.html.erb b/app/views/user_profiles/_tabs.html.erb
index a8d55abd8f..114e66ca3c 100644
--- a/app/views/user_profiles/_tabs.html.erb
+++ b/app/views/user_profiles/_tabs.html.erb
@@ -1,6 +1,6 @@
 
-<script id="user_profile_tabs" type="text/x-handlebars-template" class="hidden handlebars-partial">
+<%= handlebars_template_tag('user_profile_tabs', css_class: 'hidden handlebars-partial') do %>
   <ul class="nav nav-pills details-tabs user-profiles-tabs" id="user-profiles-tabs">
     <%= render partial: 'user_profiles/tabs_item' %>
   </ul>
-</script>
+<% end %>
diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
index 54f47cf15f..f49bb2549b 100644
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@@ -1,25 +1,34 @@
+# frozen_string_literal: true
+
 # Be sure to restart your server when you modify this file.
 
 # Define an application-wide content security policy.
 # See the Securing Rails Applications Guide for more information:
 # https://guides.rubyonrails.org/security.html#content-security-policy-header
 
-# Rails.application.configure do
-#   config.content_security_policy do |policy|
-#     policy.default_src :self, :https
-#     policy.font_src    :self, :https, :data
-#     policy.img_src     :self, :https, :data
-#     policy.object_src  :none
-#     policy.script_src  :self, :https
-#     policy.style_src   :self, :https
-#     # Specify URI for violation reports
-#     # policy.report_uri "/csp-violation-report-endpoint"
-#   end
-#
-#   # Generate session nonces for permitted importmap and inline scripts
-#   config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
-#   config.content_security_policy_nonce_directives = %w(script-src)
-#
-#   # Report violations without enforcing the policy.
-#   # config.content_security_policy_report_only = true
-# end
+Rails.application.configure do
+  config.content_security_policy do |policy|
+    policy.default_src :self, :https
+    policy.font_src    :self, :https, :data
+    policy.img_src     :self, :https, :data
+    policy.object_src  :none
+    policy.script_src  :self, :https, :unsafe_eval, :strict_dynamic
+    policy.style_src   :self, :https, :unsafe_inline
+    # Explicit CSP Level 3 directives for inline styles on elements
+    policy.style_src_attr  :unsafe_inline
+    policy.style_src_elem  :self, :https, :unsafe_inline
+    # Script elements require nonces with strict-dynamic to allow AJAX-loaded scripts
+    policy.script_src_elem :self, :https, :strict_dynamic
+    # Specify URI for violation reports
+    policy.report_uri '/csp-violation-report-endpoint'
+  end
+
+  # Generate session nonces for permitted importmap and inline scripts
+  config.content_security_policy_nonce_generator = lambda { |_request|
+    SecureRandom.base64(16)
+  }
+  config.content_security_policy_nonce_directives = %w[script-src script-src-elem]
+
+  # Report violations without enforcing the policy.
+  config.content_security_policy_report_only = true
+end
diff --git a/config/routes.rb b/config/routes.rb
index 8cd1517ee1..683981c673 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -22,6 +22,8 @@
 
   resources :client_logs, only: [:create]
 
+  post '/csp-violation-report-endpoint', to: 'csp_reports#create'
+
   namespace :admin do
     resources :external_identifiers, except: %i[show destroy]
     get :external_identifier_details, to: 'external_identifiers#details'
diff --git a/spec/support/feature_support.rb b/spec/support/feature_support.rb
index 029daa0c84..d03870c184 100644
--- a/spec/support/feature_support.rb
+++ b/spec/support/feature_support.rb
@@ -804,6 +804,104 @@ def save_html_snapshot(filename)
     puts_debug "Saved HTML snapshot to #{filename}"
   end
 
+  #
+  # Set up browser console log capture. Call this AFTER initial page load but BEFORE
+  # navigating to the page you want to debug. Captures console.log, console.error,
+  # console.warn, and CSP violation events.
+  #
+  # Usage:
+  #   visit '/some/page'
+  #   setup_browser_console_capture
+  #   visit '/page/to/debug'  # Console capture active for this navigation
+  #   finish_page_loading
+  #   print_browser_console_logs('After visiting debug page')
+  #
+  def setup_browser_console_capture
+    page.execute_script(<<~JS)
+      window.browserLogs = [];
+      window.cspViolations = [];
+      if (!window._consoleIntercepted) {
+        window._consoleIntercepted = true;
+        var origLog = console.log;
+        var origError = console.error;
+        var origWarn = console.warn;
+        console.log = function() {
+          window.browserLogs.push('LOG: ' + Array.from(arguments).join(' '));
+          origLog.apply(console, arguments);
+        };
+        console.error = function() {
+          window.browserLogs.push('ERROR: ' + Array.from(arguments).join(' '));
+          origError.apply(console, arguments);
+        };
+        console.warn = function() {
+          window.browserLogs.push('WARN: ' + Array.from(arguments).join(' '));
+          origWarn.apply(console, arguments);
+        };
+
+        // Listen for CSP violation events
+        document.addEventListener('securitypolicyviolation', function(e) {
+          var violation = {
+            blockedURI: e.blockedURI,
+            violatedDirective: e.violatedDirective,
+            sourceFile: e.sourceFile,
+            lineNumber: e.lineNumber,
+            columnNumber: e.columnNumber,
+            sample: e.sample
+          };
+          window.cspViolations.push(violation);
+          window.browserLogs.push('CSP VIOLATION: ' + e.violatedDirective +
+            ' - blocked: ' + e.blockedURI +
+            ' at ' + e.sourceFile + ':' + e.lineNumber + ':' + e.columnNumber +
+            ' sample: ' + e.sample);
+        });
+      }
+    JS
+  end
+
+  #
+  # Retrieve and print captured browser console logs. Call after setup_browser_console_capture
+  # and after performing the actions you want to debug.
+  #
+  # @param context [String] Description of what was being tested (for output header)
+  # @return [Hash] { logs: Array, csp_violations: Array }
+  #
+  def print_browser_console_logs(context = 'Browser Console')
+    logs = page.evaluate_script('window.browserLogs || []')
+    violations = page.evaluate_script('window.cspViolations || []')
+
+    puts "\n#{'=' * 80}"
+    puts "CONTEXT: #{context}"
+    puts '-' * 80
+    puts "BROWSER CONSOLE LOGS (#{logs.length} entries):"
+    logs.each { |log| puts "  #{log}" }
+
+    if violations.any?
+      puts "\nCSP VIOLATIONS CAPTURED (#{violations.length}):"
+      violations.each_with_index do |v, i|
+        puts "  Violation ##{i + 1}:"
+        puts "    Directive: #{v['violatedDirective']}"
+        puts "    Blocked URI: #{v['blockedURI']}"
+        puts "    Source: #{v['sourceFile']}:#{v['lineNumber']}:#{v['columnNumber']}"
+        puts "    Sample: #{v['sample']}"
+      end
+    else
+      puts "\nNo CSP violations captured"
+    end
+    puts '=' * 80
+
+    { logs:, csp_violations: violations }
+  end
+
+  #
+  # Get captured browser console logs without printing.
+  # @return [Hash] { logs: Array, csp_violations: Array }
+  #
+  def get_browser_console_logs
+    logs = page.evaluate_script('window.browserLogs || []')
+    violations = page.evaluate_script('window.cspViolations || []')
+    { logs:, csp_violations: violations }
+  end
+
   # Click a tab in the top report tabs bar
   def click_report_tab(tab_name)
     puts_debug "Clicking report tab: #{tab_name}"
diff --git a/spec/system/admin/server_info_rails_log_spec.rb b/spec/system/admin/server_info_rails_log_spec.rb
index b8445292bc..df098dac19 100644
--- a/spec/system/admin/server_info_rails_log_spec.rb
+++ b/spec/system/admin/server_info_rails_log_spec.rb
@@ -68,8 +68,8 @@
     visit '/admin/server_info/rails_log?search=ERROR'
     finish_page_loading
     log_pre = find('#rails-log-listing', visible: true)
-    # The <pre> should have style that doesn't break the container's width
-    expect(log_pre[:style]).to include('width: auto')
+    # The <pre> should have CSS class for proper width styling with horizontal scroll
+    expect(log_pre[:class]).to include('rails-log__listing')
   end
 
   it 'safely handles regex patterns that could contain injection attempts' do

From d7895c8686a3e28e3b4c74202e9cbfb320237560 Mon Sep 17 00:00:00 2001
From: Phil <phil.ayres@consected.com>
Date: Tue, 27 Jan 2026 21:12:42 +0000
Subject: [PATCH 5/7] Fixed big-select JSON parsing and enabled CSP enforcement

- Fixed _fpa_form_utils.js to use JSON.parse() for data attributes
  (jQuery .data() may not parse HTML-escaped JSON correctly)
- Added null check for big_select_hash before calling $.big_select
- Added null guard in big_select.js set_hash function
- Changed CSP from report-only to enforcement mode
---
 app/assets/javascripts/app/_fpa_form_utils.js | 28 ++++++++++++++++---
 .../javascripts/big_select/big_select.js      |  1 +
 .../initializers/content_security_policy.rb   |  3 +-
 3 files changed, 27 insertions(+), 5 deletions(-)

diff --git a/app/assets/javascripts/app/_fpa_form_utils.js b/app/assets/javascripts/app/_fpa_form_utils.js
index 1448804cd8..035e769ad3 100644
--- a/app/assets/javascripts/app/_fpa_form_utils.js
+++ b/app/assets/javascripts/app/_fpa_form_utils.js
@@ -200,8 +200,22 @@ _fpa.form_utils = {
     block.find('script.big-select-data[type="application/json"]').each(function() {
       var $dataEl = $(this);
       var fieldId = $dataEl.data('field-id');
-      var options = $dataEl.data('options') || {};
-      var hashData = $dataEl.data('hash') || {};
+      var optionsAttr = $dataEl.attr('data-options');
+      var hashAttr = $dataEl.attr('data-hash');
+      
+      // Parse JSON from attributes (jQuery .data() may not parse HTML-escaped JSON correctly)
+      var options = {};
+      var hashData = {};
+      try {
+        if (optionsAttr) options = JSON.parse(optionsAttr);
+      } catch (e) {
+        // Ignore parse errors - field will work without options
+      }
+      try {
+        if (hashAttr) hashData = JSON.parse(hashAttr);
+      } catch (e) {
+        // Ignore parse errors - field will be skipped if no hash data
+      }
       
       var field = document.getElementById(fieldId);
       if (field) {
@@ -219,17 +233,23 @@ _fpa.form_utils = {
       .not('.big-select-su')
       .each(function () {
         var label = '';
+        var hash = $(this)[0].big_select_hash;
+        var opts = $(this)[0].big_select_options;
+        // Skip this field if no data available
+        if (!hash || Object.keys(hash).length === 0) {
+          return;
+        }
         $.big_select(
           $(this),
           $('#primary-modal .modal-body'),
-          $(this)[0].big_select_hash,
+          hash,
           function () {
             _fpa.show_modal('', label);
           },
           function () {
             _fpa.hide_modal();
           },
-          $(this)[0].big_select_options
+          opts
         );
       })
       .addClass('big-select-su');
diff --git a/app/assets/javascripts/big_select/big_select.js b/app/assets/javascripts/big_select/big_select.js
index c626366858..19b82492b7 100644
--- a/app/assets/javascripts/big_select/big_select.js
+++ b/app/assets/javascripts/big_select/big_select.js
@@ -142,6 +142,7 @@ $.big_select = function ($field, $target, full_hash, before, after, options) {
   }
 
   var set_hash = function (full_hash) {
+    if (!full_hash) return null;
     var subtype = $field.attr('data-big-select-subtype') || 'big_select_default'
     return full_hash[subtype]
   }
diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
index f49bb2549b..4a582a4398 100644
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@@ -30,5 +30,6 @@
   config.content_security_policy_nonce_directives = %w[script-src script-src-elem]
 
   # Report violations without enforcing the policy.
-  config.content_security_policy_report_only = true
+  # Set to false to enforce CSP and block violations
+  config.content_security_policy_report_only = false
 end

From f6d404ef137ef64e84ae6741a1055dd21237479b Mon Sep 17 00:00:00 2001
From: Phil <phil.ayres@consected.com>
Date: Wed, 28 Jan 2026 12:47:20 +0000
Subject: [PATCH 6/7] Added definition of new handlebars precompilation

---
 .../app-ui/handlebars-compilation-plan.md     | 505 ++++++++++++++++++
 1 file changed, 505 insertions(+)
 create mode 100644 docs/dev_reference/app-ui/handlebars-compilation-plan.md

diff --git a/docs/dev_reference/app-ui/handlebars-compilation-plan.md b/docs/dev_reference/app-ui/handlebars-compilation-plan.md
new file mode 100644
index 0000000000..de781df30b
--- /dev/null
+++ b/docs/dev_reference/app-ui/handlebars-compilation-plan.md
@@ -0,0 +1,505 @@
+# Handlebars Server-Side Precompilation Plan
+
+**GitHub Issue:** [#873 - Move handlebars template and partial compilation to the server](https://github.com/consected/restructure/issues/873)
+
+## Overview
+
+Move Handlebars template and partial compilation from client-side JavaScript to server-side precompilation using the `handlebars` CLI. Templates will be precompiled to JavaScript files served as static assets from `public/handlebars/`, significantly reducing browser workload and improving page load performance.
+
+## Current Architecture
+
+### Current Flow
+
+```
+Page Load → AJAX fetch templates (/pages/<version>/template)
+         → Returns HTML with <script type="text/x-handlebars-template"> tags
+         → Client calls _fpa.compile_templates()
+         → For each template: Handlebars.compile(source)
+         → Store compiled functions in _fpa.templates and _fpa.partials
+```
+
+### Current Template Loading
+
+1. **Inline templates:** Some templates embedded directly in main page markup
+2. **AJAX-loaded templates:** Most templates fetched via `/pages/<version>/template` endpoint
+3. **Client-side compilation:** All templates compiled in browser using `Handlebars.compile()`
+
+## New Architecture
+
+### New Flow
+
+```
+Page Load → Include precompiled JS for inline templates (<script src="...">)
+         → AJAX fetch template response (contains <script src="..."> tags)
+         → Browser loads precompiled JS files
+         → Precompiled JS self-registers to Handlebars.templates/partials
+         → _fpa.templates = Handlebars.templates (aliased reference)
+```
+
+### Key Design Decisions
+
+| Decision | Choice | Rationale |
+|----------|--------|-----------|
+| Cleanup strategy | Delete ALL files on startup | No value in keeping stale compiled files |
+| Fallback behavior | None - fail if CLI unavailable | Consistent behavior, avoid silent degradation |
+| Template registry | `_fpa.templates = Handlebars.templates` | Use Handlebars' built-in registries |
+| Partial registration | CLI `--partial` flag | Auto-registers to `Handlebars.partials` |
+| Minification | Production only (`-m` flag) | Reduce file sizes in production |
+| Source maps | Development only | Enable debugging in development |
+| Handlebars library | Keep full version | Required for `{{template}}`, `{{compile_template}}` helpers |
+
+## Implementation Components
+
+### 1. New Initializer: `config/initializers/handlebars_precompiler.rb`
+
+Sets up directories, validates CLI availability, and cleans up on startup.
+
+```ruby
+# frozen_string_literal: true
+
+module HandlebarsPrecompiler
+  HANDLEBARS_CLI = ENV.fetch('HANDLEBARS_CLI', 'handlebars')
+  TMP_DIR = Rails.root.join('tmp', 'handlebars')
+  PUBLIC_DIR = Rails.root.join('public', 'handlebars')
+
+  class << self
+    def cli_available?
+      @cli_available ||= system("which #{HANDLEBARS_CLI} > /dev/null 2>&1")
+    end
+
+    def cli_path
+      @cli_path ||= `which #{HANDLEBARS_CLI}`.strip
+    end
+
+    def setup_directories
+      FileUtils.mkdir_p(TMP_DIR)
+      FileUtils.mkdir_p(PUBLIC_DIR)
+    end
+
+    def cleanup_tmp_dir
+      FileUtils.rm_rf(Dir.glob(TMP_DIR.join('*')))
+    end
+
+    def cleanup_public_dir
+      # Delete ALL precompiled files on startup
+      FileUtils.rm_rf(Dir.glob(PUBLIC_DIR.join('*.js')))
+      FileUtils.rm_rf(Dir.glob(PUBLIC_DIR.join('*.map')))
+    end
+
+    def minify?
+      Rails.env.production?
+    end
+
+    def source_maps?
+      !Rails.env.production?
+    end
+  end
+end
+
+Rails.application.config.after_initialize do
+  HandlebarsPrecompiler.setup_directories
+  HandlebarsPrecompiler.cleanup_tmp_dir
+  HandlebarsPrecompiler.cleanup_public_dir
+
+  unless HandlebarsPrecompiler.cli_available?
+    msg = "Handlebars CLI not found. Install with: npm install --global handlebars"
+    Rails.logger.error msg
+    raise msg
+  end
+
+  Rails.logger.info "HandlebarsPrecompiler initialized. CLI: #{HandlebarsPrecompiler.cli_path}"
+end
+```
+
+### 2. New Helper Module: `app/helpers/handlebars_precompiler_helper.rb`
+
+Provides cache key generation, template preprocessing, and compilation logic.
+
+```ruby
+# frozen_string_literal: true
+
+module HandlebarsPrecompilerHelper
+  extend ActiveSupport::Concern
+
+  # Generate a cache key common to all users
+  # Uses server_cache_version and item_updates from dynamic definitions
+  def handlebars_cache_key
+    @handlebars_cache_key ||= begin
+      ver = Application.server_cache_version
+      items = handlebars_item_updates_key
+      Digest::SHA256.hexdigest("#{ver}-#{items}")[0..12]
+    end
+  end
+
+  # Extract item_updates logic (refactored from partial_cache_key)
+  def handlebars_item_updates_key
+    @hbs_item_updates ||= begin
+      cs = [Admin::MessageTemplate, DynamicModel, ActivityLog, ExternalIdentifier,
+            Admin::ConfigLibrary, Admin::PageLayout, Admin::AppConfiguration]
+      cs.map { |c| c.reorder(updated_at: :desc).limit(1).pluck(:updated_at)&.first.to_i.to_s }.join('-')
+    end
+  end
+
+  # Generate filename for compiled output
+  def handlebars_compiled_filename(template_id)
+    safe_id = template_id.to_s.gsub(/[^a-zA-Z0-9_-]/, '_')
+    "#{safe_id}-#{handlebars_cache_key}.js"
+  end
+
+  # Preprocess handlebars source (port of _fpa.setup_template_source)
+  def preprocess_handlebars_source(source)
+    result = source.dup
+
+    # Handle embedded_report and glyphicon patterns
+    # {{embedded_report_name}} -> {{embedded_report 'name' true}}
+    %w[embedded_report glyphicon].each do |pre|
+      result.gsub!(/\{\{#{pre}_([a-zA-Z0-9_]+)\}\}/) do
+        "{{#{pre} '#{::Regexp.last_match(1)}' true}}"
+      end
+    end
+
+    # Handle tag_format patterns
+    # {{tag::format::args}} -> {{tag_format tag 'format' 'args'}}
+    result.gsub(/\{\{([a-zA-Z0-9_]+)::([0-9a-z:_.]+)\}\}/) do
+      tag = ::Regexp.last_match(1)
+      parts = ::Regexp.last_match(2).split('::').map { |p| "'#{p}'" }.join(' ')
+      "{{tag_format #{tag} #{parts}}}"
+    end
+  end
+
+  # Compile a single template using handlebars CLI
+  # Returns the filename of the compiled JS, or raises on failure
+  def compile_handlebars_template(template_id, template_content, is_partial: false)
+    filename = handlebars_compiled_filename(template_id)
+    output_path = HandlebarsPrecompiler::PUBLIC_DIR.join(filename)
+
+    # Return existing file if already compiled
+    return filename if File.exist?(output_path)
+
+    # Preprocess the template content
+    processed = preprocess_handlebars_source(template_content)
+
+    # Build CLI command using -i for string input
+    cmd_parts = [HandlebarsPrecompiler::HANDLEBARS_CLI]
+    cmd_parts << "-i #{Shellwords.escape(processed)}"
+    cmd_parts << "-f #{output_path}"
+    cmd_parts << "-N #{Shellwords.escape(template_id)}"
+    cmd_parts << '--partial' if is_partial
+    cmd_parts << '-m' if HandlebarsPrecompiler.minify?
+
+    if HandlebarsPrecompiler.source_maps?
+      map_path = output_path.to_s.gsub('.js', '.map')
+      cmd_parts << "--map #{map_path}"
+    end
+
+    cmd = cmd_parts.join(' ')
+
+    Rails.logger.debug "Compiling Handlebars template: #{template_id}"
+
+    success = system(cmd)
+    unless success
+      error_msg = "Handlebars compilation failed for #{template_id}. Command: #{cmd}"
+      Rails.logger.error error_msg
+      raise error_msg
+    end
+
+    filename
+  end
+end
+```
+
+### 3. Modify `ApplicationHelper#handlebars_template_tag`
+
+**File:** `app/helpers/application_helper.rb`
+
+Update to emit `<script src="...">` tags instead of inline templates:
+
+```ruby
+#
+# Generate a precompiled Handlebars template script include
+# @param id [String] the template identifier
+# @param css_class [String] CSS class indicating template type (default: 'hidden handlebars-template')
+# @param block [Block] the Handlebars template content
+# @return [String] HTML safe javascript_include_tag for the precompiled template
+def handlebars_template_tag(id, css_class: 'hidden handlebars-template', &block)
+  content = capture(&block) if block_given?
+
+  is_partial = css_class.include?('handlebars-partial')
+  compiled_filename = compile_handlebars_template(id, content, is_partial: is_partial)
+
+  # Include the precompiled JS file
+  javascript_include_tag(
+    "/handlebars/#{compiled_filename}",
+    nonce: true,
+    data: {
+      handlebars_id: id,
+      handlebars_type: is_partial ? 'partial' : 'template'
+    }
+  )
+end
+```
+
+### 4. Modify Client-Side `_fpa.compile_templates()`
+
+**File:** `app/assets/javascripts/app/_fpa.js`
+
+Simplify to just alias the Handlebars registries:
+
+```javascript
+compile_templates: function () {
+  $('body').addClass('status-compiling');
+
+  // Alias Handlebars registries to _fpa for compatibility
+  // Precompiled templates auto-register to Handlebars.templates and Handlebars.partials
+  _fpa.templates = Handlebars.templates = Handlebars.templates || {};
+  _fpa.partials = Handlebars.partials = Handlebars.partials || {};
+
+  // Mark compilation complete - precompiled JS files have already registered themselves
+  $('body').removeClass('status-compiling initial-compiling').addClass('status-compiled');
+},
+```
+
+Also update the initialization at the top of `_fpa`:
+
+```javascript
+_fpa = {
+  templates: null,  // Will be aliased to Handlebars.templates
+  partials: null,   // Will be aliased to Handlebars.partials
+  // ... rest of _fpa
+```
+
+### 5. Modify AJAX Template Loading
+
+**File:** `app/views/layouts/_setup_app.html.erb`
+
+Handle `<script src="...">` tags in the AJAX response:
+
+```erb
+<% if current_user&.app_type_id && !(controller_name == 'app_types' && action_name == 'upload') %>
+$.get({ url: '/pages/<%= template_version %>/template', cache: true }).done(function(data) {
+  // Create a temporary container to parse the response
+  var container = document.createElement('div');
+  container.innerHTML = data;
+  
+  // Find all script tags with src and load them
+  var scripts = container.querySelectorAll('script[src]');
+  var loadPromises = [];
+  
+  scripts.forEach(function(script) {
+    var promise = new Promise(function(resolve, reject) {
+      var newScript = document.createElement('script');
+      newScript.src = script.src;
+      newScript.onload = resolve;
+      newScript.onerror = reject;
+      document.head.appendChild(newScript);
+    });
+    loadPromises.push(promise);
+  });
+  
+  // Also append any inline scripts (non-src) like fpa_state_config
+  var inlineScripts = container.querySelectorAll('script:not([src])');
+  inlineScripts.forEach(function(script) {
+    var newScript = document.createElement('script');
+    newScript.textContent = script.textContent;
+    newScript.nonce = script.nonce;
+    document.body.appendChild(newScript);
+  });
+  
+  // Wait for all precompiled templates to load
+  Promise.all(loadPromises).then(function() {
+    _fpa.status.loaded_templates = true;
+    one_time_setup();
+  }).catch(function(err) {
+    console.error('Failed to load precompiled templates:', err);
+    _fpa.flash_notice('Failed to load page templates. Please refresh.', 'danger');
+  });
+}).fail(function(jqXHR, textStatus, errorThrown) {
+  // ... existing error handling
+});
+<% end %>
+```
+
+### 6. Update `.gitignore`
+
+Add generated directories:
+
+```gitignore
+# Handlebars precompilation
+/public/handlebars/
+/tmp/handlebars/
+```
+
+## CLI Command Patterns
+
+### Templates
+
+```bash
+handlebars -i "{{content}}" -f public/handlebars/template-id-hash.js -N "template-id" [-m]
+```
+
+### Partials
+
+```bash
+handlebars -i "{{content}}" -f public/handlebars/partial-id-hash.js -N "partial-id" --partial [-m]
+```
+
+### Generated Output Structure
+
+**Template (registers to `Handlebars.templates['template-id']`):**
+
+```javascript
+(function() {
+  var template = Handlebars.template, templates = Handlebars.templates = Handlebars.templates || {};
+  templates['template-id'] = template({/* compiled template function */});
+})();
+```
+
+**Partial (registers to `Handlebars.partials['partial-id']`):**
+
+```javascript
+(function() {
+  var template = Handlebars.template, templates = Handlebars.templates = Handlebars.templates || {};
+  Handlebars.partials['partial-id'] = template({/* compiled template function */});
+})();
+```
+
+## Cache Key Generation
+
+The cache key ensures recompilation when configurations change:
+
+```
+handlebars_cache_key = SHA256(
+  Application.server_cache_version + 
+  latest_updated_at(Admin::MessageTemplate) +
+  latest_updated_at(DynamicModel) +
+  latest_updated_at(ActivityLog) +
+  latest_updated_at(ExternalIdentifier) +
+  latest_updated_at(Admin::ConfigLibrary) +
+  latest_updated_at(Admin::PageLayout) +
+  latest_updated_at(Admin::AppConfiguration)
+)[0..12]
+```
+
+## Directory Structure
+
+```
+fphs-restructure/
+├── tmp/
+│   └── handlebars/           # Temporary files (cleaned on startup)
+├── public/
+│   └── handlebars/           # Compiled JS files
+│       ├── search-results-template-abc123def.js
+│       ├── search-results-template-abc123def.map  (dev only)
+│       ├── master_main-abc123def.js
+│       └── ...
+```
+
+## File Changes Summary
+
+| File | Action | Description |
+|------|--------|-------------|
+| `config/initializers/handlebars_precompiler.rb` | Create | Initialization, directory setup, cleanup |
+| `app/helpers/handlebars_precompiler_helper.rb` | Create | Compilation logic, preprocessing |
+| `app/helpers/application_helper.rb` | Modify | Include helper, update `handlebars_template_tag` |
+| `app/assets/javascripts/app/_fpa.js` | Modify | Simplify `compile_templates()`, alias registries |
+| `app/views/layouts/_setup_app.html.erb` | Modify | Handle script-src loading for AJAX templates |
+| `.gitignore` | Modify | Add `/public/handlebars/` and `/tmp/handlebars/` |
+
+## Error Handling
+
+| Scenario | Behavior |
+|----------|----------|
+| CLI not available at startup | Raise fatal error - server won't start |
+| Compilation failure | Raise error with details - page won't render |
+| File write failure | Raise error with path details |
+| Script load failure in browser | Show user-facing error, suggest refresh |
+
+## Deployment Requirements
+
+### Install Handlebars CLI
+
+```bash
+npm install --global handlebars
+```
+
+### AWS Elastic Beanstalk
+
+Add to `.platform/hooks/predeploy/install_handlebars.sh`:
+
+```bash
+#!/bin/bash
+npm install --global handlebars
+```
+
+### Docker
+
+Add to Dockerfile:
+
+```dockerfile
+RUN npm install --global handlebars
+```
+
+### Verify Installation
+
+```bash
+which handlebars
+handlebars --version
+```
+
+## Testing Plan
+
+### Model Specs
+
+- Test `handlebars_cache_key` generation consistency
+- Test `preprocess_handlebars_source` with all patterns:
+  - `{{embedded_report_name}}` → `{{embedded_report 'name' true}}`
+  - `{{glyphicon_icon}}` → `{{glyphicon 'icon' true}}`
+  - `{{tag::format}}` → `{{tag_format tag 'format'}}`
+- Test `compile_handlebars_template` creates correct files
+
+### System Specs
+
+- Test page loads with precompiled templates
+- Test AJAX template loading works correctly
+- Test template rendering produces correct output
+- Compare output with current client-side compilation
+
+### Performance Tests
+
+- Measure page load time improvement
+- Measure Time to Interactive improvement
+- Compare JavaScript execution time
+
+## Future Optimizations
+
+### 1. Switch to Handlebars Runtime
+
+If `{{template}}`, `{{compile_template}}`, and `{{run_template}}` helpers can be eliminated or refactored:
+
+- Switch from `handlebars/dist/handlebars` (88KB) to `handlebars.runtime.min.js` (28KB)
+- ~60KB reduction in JavaScript payload
+
+### 2. Bundle Templates
+
+Instead of one JS file per template, bundle related templates:
+
+```bash
+handlebars templates/*.hbs -f public/handlebars/bundle-hash.js
+```
+
+Benefits:
+
+- Fewer HTTP requests
+- Better compression ratios
+- Simpler cache management
+
+### 3. CDN Caching
+
+Configure CDN to cache `/handlebars/*.js` with long TTL since filenames include content hash.
+
+## References
+
+- [Handlebars Precompilation Documentation](https://handlebarsjs.com/installation/precompilation.html)
+- [Handlebars CLI Options](https://handlebarsjs.com/api-reference/compilation.html)
+- Current template implementation: `app/helpers/application_helper.rb#handlebars_template_tag`
+- Current client compilation: `app/assets/javascripts/app/_fpa.js#compile_templates`

From 9e2fcc3c41ae642fd85bc1b34e7b3d48717d687b Mon Sep 17 00:00:00 2001
From: Phil <phil.ayres@consected.com>
Date: Thu, 29 Jan 2026 22:24:38 +0000
Subject: [PATCH 7/7] Added Handlebars CLI precompilation with batched template
 loading - fixes #873

---
 .github/agents/tdd-green.agent.md             |  11 +-
 .github/agents/tdd-red.agent.md               |   7 +-
 .github/agents/tdd-refactor.agent.md          |   2 +-
 .gitignore                                    |   4 +-
 app-scripts/clean-test-assets-and-cache.sh    |   2 +-
 app-scripts/parallel_test_retest.sh           |   3 +-
 app/assets/javascripts/app/_fpa.js            | 135 +++++-
 .../app/_fpa_loaded_registrations.js          |   2 +-
 .../concerns/app_exception_handler.rb         |  12 +
 app/controllers/concerns/master_handler.rb    |   9 +
 app/controllers/csp_reports_controller.rb     |   2 +-
 app/helpers/application_helper.rb             |  45 +-
 app/helpers/handlebars_precompiler_helper.rb  | 330 +++++++++++++
 ...ommon_search_results_template_set.html.erb |   3 +-
 ...ommon_search_results_template_set.html.erb |   3 +-
 app/views/layouts/_setup_app.html.erb         |  66 +--
 app/views/layouts/admin_application.html.erb  |   1 +
 app/views/layouts/application.html.erb        |   1 +
 .../_cache_search_results_template.html.erb   |   7 +-
 .../masters/_search_results_template.html.erb |   3 +-
 config/initializers/handlebars_precompiler.rb |  82 ++++
 spec/helpers/application_helper_spec.rb       |  79 ++++
 .../handlebars_precompiler_helper_spec.rb     | 444 ++++++++++++++++++
 .../handlebars_precompiler_spec.rb            | 106 +++++
 .../_fpa_compile_templates_spec.js            | 179 +++++++
 spec/rails_helper.rb                          |   1 +
 spec/setup_helper.rb                          |   7 +
 spec/support/feature_support.rb               |  80 ++--
 spec/system/handlebars_precompilation_spec.rb |  84 ++++
 29 files changed, 1568 insertions(+), 142 deletions(-)
 create mode 100644 app/helpers/handlebars_precompiler_helper.rb
 create mode 100644 config/initializers/handlebars_precompiler.rb
 create mode 100644 spec/helpers/handlebars_precompiler_helper_spec.rb
 create mode 100644 spec/initializers/handlebars_precompiler_spec.rb
 create mode 100644 spec/javascripts/_fpa_compile_templates_spec.js
 create mode 100644 spec/system/handlebars_precompilation_spec.rb

diff --git a/.github/agents/tdd-green.agent.md b/.github/agents/tdd-green.agent.md
index 5889370ad4..ae1360ca1e 100644
--- a/.github/agents/tdd-green.agent.md
+++ b/.github/agents/tdd-green.agent.md
@@ -1,7 +1,16 @@
 ---
 description: 'Implement minimal code to satisfy GitHub issue requirements and make failing tests pass without over-engineering.'
 name: 'TDD Green Phase - Make Tests Pass Quickly'
-tools: ['github', 'findTestFiles', 'edit/editFiles', 'runTests', 'runCommands', 'codebase', 'filesystem', 'search', 'problems', 'testFailure', 'terminalLastCommand']
+tools: ["vscode/*", "findTestFiles", "edit/editFiles", "edit/createFile", "edit/createDirectory", "execute/runInTerminal", "search/codebase", "filesystem", "search", "read/problems", "execute/testFailure", "read/terminalLastCommand"]
+handoffs:
+  - label: Return to TDD RED Phase
+    agent: tdd-red
+    prompt: Now create more test specs.
+    send: true
+  - label: Start Refactor
+    agent: tdd-refactor
+    prompt: Now refactor this work.
+    send: true
 ---
 # TDD Green Phase - Make Tests Pass Quickly
 
diff --git a/.github/agents/tdd-red.agent.md b/.github/agents/tdd-red.agent.md
index 5c12967d2a..3cee52bf3b 100644
--- a/.github/agents/tdd-red.agent.md
+++ b/.github/agents/tdd-red.agent.md
@@ -1,7 +1,12 @@
 ---
 description: "Guide test-first development by writing failing tests that describe desired behaviour from GitHub issue context before implementation exists."
 name: "TDD Red Phase - Write Failing Tests First"
-tools: ["github", "findTestFiles", "edit/editFiles", "runTests", "runCommands", "codebase", "filesystem", "search", "problems", "testFailure", "terminalLastCommand"]
+tools: ["vscode/*", "findTestFiles", "edit/editFiles", "edit/createFile", "edit/createDirectory", "execute/runInTerminal", "search/codebase", "filesystem", "search", "read/problems", "execute/testFailure", "read/terminalLastCommand"]
+handoffs:
+  - label: Start Implementation
+    agent: tdd-green
+    prompt: Now implement the plan outlined above.
+    send: true
 ---
 
 # TDD Red Phase - Write Failing Tests First
diff --git a/.github/agents/tdd-refactor.agent.md b/.github/agents/tdd-refactor.agent.md
index 527bf476a8..ccce2ace59 100644
--- a/.github/agents/tdd-refactor.agent.md
+++ b/.github/agents/tdd-refactor.agent.md
@@ -1,7 +1,7 @@
 ---
 description: "Improve code quality, apply security best practices, and enhance design whilst maintaining green tests and GitHub issue compliance."
 name: "TDD Refactor Phase - Improve Quality & Security"
-tools: ["github", "findTestFiles", "edit/editFiles", "runTests", "runCommands", "codebase", "filesystem", "search", "problems", "testFailure", "terminalLastCommand"]
+tools: ["vscode/*", "findTestFiles", "edit/editFiles", "edit/createFile", "edit/createDirectory", "execute/runInTerminal", "search/codebase", "filesystem", "search", "read/problems", "execute/testFailure", "read/terminalLastCommand"]
 ---
 
 # TDD Refactor Phase - Improve Quality & Security
diff --git a/.gitignore b/.gitignore
index 1e4c276461..3230b52bc5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -93,4 +93,6 @@ yarn-debug.log*
 /public/assets
 
 # Test related NfsStore processing file
-.__processing-index__
\ No newline at end of file
+.__processing-index__
+
+public/handlebars*
diff --git a/app-scripts/clean-test-assets-and-cache.sh b/app-scripts/clean-test-assets-and-cache.sh
index 6e076f7fcb..1b319f751d 100755
--- a/app-scripts/clean-test-assets-and-cache.sh
+++ b/app-scripts/clean-test-assets-and-cache.sh
@@ -2,4 +2,4 @@
 
 RAILS_ENV=test bundle exec rails assets:clobber
 RAILS_ENV=test bundle exec rails assets:precompile
-rm -rf tmp/cache
\ No newline at end of file
+rm -rf tmp/cache public/handlebars-*/* tmp/handlebars-*/*
diff --git a/app-scripts/parallel_test_retest.sh b/app-scripts/parallel_test_retest.sh
index 423b5af3a3..cd8f86f152 100755
--- a/app-scripts/parallel_test_retest.sh
+++ b/app-scripts/parallel_test_retest.sh
@@ -16,7 +16,7 @@ echo "Retesting failed specs"
 old_ifs=$IFS
 IFS=$'\n'
 retest=''
-for line in $(grep -P '\e\[[0-9]+mrspec ' tmp/failing_specs.log) ; do 
+for line in $(grep -P '(\e\[[0-9]+m)?rspec ' tmp/failing_specs.log) ; do 
   [[ $line =~ rspec\ ([a-zA-Z0-9_\./]+) ]]
   retest="${retest}"$'\n'"$(echo ${BASH_REMATCH[1]})"
 done 
@@ -25,6 +25,7 @@ IFS=$old_ifs
 
 if [ -z "${retest}" ]; then
   echo "No failed specs found in tmp/failing_specs.log"
+  echo "No failed specs found in tmp/failing_specs.log" >> tmp/failing_specs.log
   exit 0
 fi
 
diff --git a/app/assets/javascripts/app/_fpa.js b/app/assets/javascripts/app/_fpa.js
index a20bf98639..31e82b8cdd 100644
--- a/app/assets/javascripts/app/_fpa.js
+++ b/app/assets/javascripts/app/_fpa.js
@@ -9,6 +9,9 @@ _fpa = {
     template_config_versions: {},
   },
 
+  preprocessors: {},
+  loaded: {},
+
   before_send_processors: {},
   view_handlers: {},
   app_specific: {},
@@ -130,29 +133,13 @@ _fpa = {
   },
   compile_templates: function () {
     $('body').addClass('status-compiling');
-    $('script.handlebars-partial')
-      .not('.compiled')
-      .each(function () {
-        $(this).addClass('compiled');
-        var id = $(this).attr('id');
-        var source = $(this).html();
-        source = _fpa.setup_template_source(source);
-        id = id.replace('-partial', '');
-
-        var fnTemplate = Handlebars.compile(source, _fpa.HandlebarsCompileOptions);
-        Handlebars.registerPartial(id, fnTemplate);
-        _fpa.partials[id] = fnTemplate;
-      });
 
-    $('script.handlebars-template')
-      .not('.compiled')
-      .each(function () {
-        $(this).addClass('compiled');
-        var id = $(this).attr('id');
-        var source = $(this).html();
-        source = _fpa.setup_template_source(source);
-        _fpa.templates[id] = Handlebars.compile(source, _fpa.HandlebarsCompileOptions);
-      });
+    // Alias Handlebars registries to _fpa for compatibility
+    // Precompiled templates auto-register to Handlebars.templates and Handlebars.partials
+    _fpa.templates = Handlebars.templates = Handlebars.templates || {};
+    _fpa.partials = Handlebars.partials = Handlebars.partials || {};
+
+    // Mark compilation complete - precompiled JS files have already registered themselves
     $('body').removeClass('status-compiling initial-compiling').addClass('status-compiled');
   },
 
@@ -264,7 +251,9 @@ _fpa = {
 
     // Pull the template from the pre-compiled templates
     var template = _fpa.templates[template_name];
-    if (!template) console.log('template for ' + template_name + ' was not found');
+    if (!template) {
+      console.log('Template not found: ' + template_name);
+    }
 
     // Pass the template back in the options for use later
     options.template = template;
@@ -1425,7 +1414,101 @@ _fpa = {
     _fpa.page_transition_callback = null;
     $('body').removeClass('prevent-page-change');
   },
-};
 
-_fpa.preprocessors = {};
-_fpa.loaded = {};
+  load_template_version: function (template_version, rails_env) {
+    $.get({ url: `/pages/${template_version}/template`, cache: true }).done(function (data) {
+      // Inject the template HTML into the page and run any included scripts
+      $('body').append(data);
+
+      window.setTimeout(function () {
+        _fpa.status.loaded_templates = true;
+        _fpa.one_time_setup();
+      }, 1);
+    }).fail(function (jqXHR, textStatus, errorThrown) {
+      console.log(jqXHR, textStatus, errorThrown);
+      if (rails_env != 'test') {
+        _fpa.flash_notice('The page failed to load correctly. Please refresh to try again.', 'danger');
+        $('body').removeClass('status-compiling initial-compiling').addClass('status-failed-compilation');
+      }
+      _fpa.cache.clean();
+    });
+  },
+
+
+  one_time_setup: function () {
+    if (_fpa.status.one_time_setup_run || !_fpa.status.loaded_templates || !_fpa.status.html_ready) return;
+
+    _fpa.status.one_time_setup_run = true;
+    _fpa.compile_templates();
+    _fpa.reset_page_size();
+    _fpa.loaded.default();
+  },
+
+  retrieve_requested_handlebars_templates: function (url, rails_env, file_id) {
+    // Use $.ajax with dataType 'script' to fetch and execute the precompiled template JavaScript
+    // $.getScript disables caching by default, so we use $.ajax directly
+    $.ajax({
+      url: url,
+      dataType: 'script',
+      cache: true
+    }).done(function () {
+      // Script executed - templates are now registered, just need to compile them
+      _fpa.compile_templates();
+      $('body').addClass(`loaded-templates--${file_id}`);
+    }).fail(function (jqXHR, textStatus, errorThrown) {
+      console.log(jqXHR, textStatus, errorThrown);
+      if (rails_env != 'test') {
+        _fpa.flash_notice('The requested templates failed to load correctly. Please refresh to try again.', 'danger');
+        $('body').removeClass('status-compiling initial-compiling').addClass('status-failed-compilation');
+      }
+      _fpa.cache.clean();
+    });
+  },
+
+  initialize_app: function () {
+
+    var current_user = _fpa.state.current_user, current_admin = _fpa.state.current_admin,
+      controller_name = _fpa.state.controller_name, action_name = _fpa.state.action_name;
+
+    if (_fpa.state.current_user) {
+      window.localStorage.setItem('session_app_type_id', _fpa.state.current_user.app_type_id);
+    }
+    _fpa.loaded.preload();
+    _fpa.handle_remotes();
+    if (current_user || current_admin) {
+
+      if (current_user && current_user.app_type_id && !(controller_name == 'app_types' && action_name == 'upload')) {
+        _fpa.load_template_version(_fpa.state.template_version, _fpa.state.rails_env);
+
+
+      }
+      else {
+        _fpa.cache.clean();
+        window.setTimeout(function () {
+          _fpa.status.loaded_templates = true;
+          _fpa.one_time_setup();
+        }, 1);
+
+      }
+
+      $('html').ready(function () {
+        _fpa.status.html_ready = true;
+        _fpa.one_time_setup();
+      });
+    }
+
+    if (controller_name == 'sessions') {
+      $('html').ready(function () {
+        _fpa.loaded.login();
+      });
+    }
+
+    if (controller_name == 'registrations') {
+      $('html').ready(() => {
+        _fpa.loaded.registrations();
+      });
+    }
+
+  }
+
+};
diff --git a/app/assets/javascripts/app/_fpa_loaded_registrations.js b/app/assets/javascripts/app/_fpa_loaded_registrations.js
index 4ba76838ed..1055787695 100644
--- a/app/assets/javascripts/app/_fpa_loaded_registrations.js
+++ b/app/assets/javascripts/app/_fpa_loaded_registrations.js
@@ -34,7 +34,7 @@ _fpa.loaded.registrations = () => {
      United Kingdom GR
      */
 
-    const GDPR_COUNTRY_CODES = _fpa.gdpr_county_codes;
+    const GDPR_COUNTRY_CODES = _fpa.gdpr_country_codes;
 
     const isGdprCountry = (countryCode) => {
         return GDPR_COUNTRY_CODES.includes(countryCode);
diff --git a/app/controllers/concerns/app_exception_handler.rb b/app/controllers/concerns/app_exception_handler.rb
index 438b2a798e..bed32e1967 100644
--- a/app/controllers/concerns/app_exception_handler.rb
+++ b/app/controllers/concerns/app_exception_handler.rb
@@ -28,6 +28,17 @@ def child_error_reporter
 
   protected
 
+  def exceptions_logger
+    @@exceptions_logger ||= Logger.new("#{Rails.root}/log/#{Rails.env}-exceptions.log")
+  end
+
+  def log_exception(error)
+    return if Rails.env.production?
+
+    exceptions_logger.error(error)
+    exceptions_logger.error(error.short_string_backtrace) if error.backtrace
+  end
+
   #
   # Consistent flash handling, to avoid long messages from
   # overloading the header length passed to the client.
@@ -162,6 +173,7 @@ def return_and_log_error(error, msg, code, log_level: nil)
     log_level ||= :error
     logger.send(log_level, error.inspect)
     logger.send(log_level, error.short_string_backtrace) if error.backtrace
+    log_exception(error)
 
     if code.in? [400, 500]
       user_id = current_user&.id
diff --git a/app/controllers/concerns/master_handler.rb b/app/controllers/concerns/master_handler.rb
index 6be71ea02d..1a792fe65b 100644
--- a/app/controllers/concerns/master_handler.rb
+++ b/app/controllers/concerns/master_handler.rb
@@ -21,6 +21,8 @@ module MasterHandler
     before_action :check_creatable?, only: %i[new create]
     before_action :capture_ref_item, only: %i[create update]
 
+    after_action :check_template_requests unless Rails.env.production?
+
     helper_method :primary_model, :permitted_params, :edit_form_helper_prefix, :item_type_id, :object_name,
                   :current_admin_sample
   end
@@ -714,4 +716,11 @@ def translate_params_to_persistable
       secure_params[:embedded_item].delete k
     end
   end
+
+  def check_template_requests
+    return unless @requested_handlebars_template_count != @retrieved_requested_handlebars_template_count
+
+    raise FphsException,
+          'Template requests not handled properly'
+  end
 end
diff --git a/app/controllers/csp_reports_controller.rb b/app/controllers/csp_reports_controller.rb
index 154f9ccf09..954d32324b 100644
--- a/app/controllers/csp_reports_controller.rb
+++ b/app/controllers/csp_reports_controller.rb
@@ -5,7 +5,7 @@ class CspReportsController < ApplicationController
   skip_before_action :verify_authenticity_token
 
   def create
-    Rails.logger.warn("CSP Violation: #{request.body.read}")
+    Rails.logger.error("CSP Violation: #{request.body.read}")
     head :no_content
   end
 end
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 79f3141829..c41dfcb3c1 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 module ApplicationHelper
+  include HandlebarsPrecompilerHelper
+
   DoNotDisplayErrorMessage = '' # Indicate an empty error message whenever an error message should not be displayed to the user
 
   def is_current_admin_sample?
@@ -405,13 +407,44 @@ def csp_script_tag(&)
   end
 
   #
-  # Generate a Handlebars template script tag with CSP nonce
-  # @param id [String] the id attribute for the script tag
-  # @param css_class [String] the CSS class(es) for the script tag (default: 'hidden handlebars-template')
+  # Generate a precompiled Handlebars template script include
+  # @param id [String] the template identifier
+  # @param css_class [String] CSS class indicating template type (default: 'hidden handlebars-template')
   # @param block [Block] the Handlebars template content
-  # @return [String] HTML safe script tag with nonce and type="text/x-handlebars-template"
+  # @return [String] HTML safe javascript_include_tag for the precompiled template
   def handlebars_template_tag(id, css_class: 'hidden handlebars-template', &)
-    content = capture(&) if block_given?
-    content_tag(:script, content, id:, type: 'text/x-handlebars-template', class: css_class, nonce: true)
+    raise FphsException, 'handlebars_template_tag requires a block' unless block_given?
+
+    is_partial = css_class.include?('handlebars-partial')
+    compiled_file_path = write_handlebars_template(id, is_partial:, &)
+    @requested_handlebars_templates ||= []
+    @requested_handlebars_templates << { id:, is_partial:, compiled_file_path: }
+    # javascript_include_tag(
+    #   compiled_file_path,
+    #   nonce: true,
+    #   data: {
+    #     handlebars_id: id,
+    #     handlebars_type: is_partial ? 'partial' : 'template'
+    #   }
+    # )
+    ''
+  end
+
+  def retrieve_requested_handlebars_templates(from_file_path)
+    return unless @requested_handlebars_templates.present?
+
+    from_file_path = from_file_path.to_s.split('/').last(2).join('-').gsub('.html.erb', '').id_underscore
+    compile_handlebars_templates
+    url, handlebars_template_ids, handlebars_partial_ids = write_multiple_handlebars_templates(@requested_handlebars_templates)
+    @requested_handlebars_template_count = @requested_handlebars_templates.length
+    @retrieved_requested_handlebars_template_count = (handlebars_template_ids + handlebars_partial_ids).length
+    # Clean up before the next set of handlebars templates
+    @requested_handlebars_templates = nil
+    javascript_tag nonce: true do
+      <<~JS
+        _fpa.retrieve_requested_handlebars_templates('#{url}', '#{Rails.env}', '#{from_file_path}');
+      JS
+        .html_safe
+    end
   end
 end
diff --git a/app/helpers/handlebars_precompiler_helper.rb b/app/helpers/handlebars_precompiler_helper.rb
new file mode 100644
index 0000000000..8abfc12e49
--- /dev/null
+++ b/app/helpers/handlebars_precompiler_helper.rb
@@ -0,0 +1,330 @@
+# frozen_string_literal: true
+
+# Helper module for server-side Handlebars template precompilation.
+# Provides cache key generation, template preprocessing, and batch CLI compilation.
+#
+# Workflow:
+# 1. View helpers call #write_handlebars_template to write preprocessed templates to temp files
+# 2. After all templates written, #compile_handlebars_templates runs single CLI call per type
+# 3. CLI output is post-processed to split into individual compiled JS files
+# 4. Compiled files are served from public/handlebars-{env}/ directory
+#
+# Thread Safety:
+# Each request uses a unique request ID for its temp subdirectory to prevent
+# race conditions when multiple concurrent requests are compiling templates.
+module HandlebarsPrecompilerHelper
+  extend ActiveSupport::Concern
+
+  # JavaScript wrapper used by Handlebars CLI to register compiled templates
+  COMPILED_HEAD = <<~ENDJS
+    (function() {
+      var template = Handlebars.template, templates = Handlebars.templates = Handlebars.templates || {};
+  ENDJS
+
+  # Generate unique request ID for temp directory isolation.
+  # Uses Thread.current to ensure each request thread gets its own ID.
+  # @return [String] unique identifier for this request
+  def handlebars_request_id
+    @handlebars_request_id ||= SecureRandom.hex(8)
+  end
+
+  # Get request-specific temp directory for templates.
+  # Each request gets isolated temp files to prevent race conditions.
+  # @param is_partial [Boolean] whether this is for partials
+  # @return [Pathname] path to request-specific temp directory
+  def handlebars_temp_dir(is_partial:)
+    base = is_partial ? HandlebarsPrecompiler::PARTIALS_TMP_DIR : HandlebarsPrecompiler::TEMPLATES_TMP_DIR
+    base.join(handlebars_request_id)
+  end
+
+  # Get public directory for compiled templates or partials.
+  # @param is_partial [Boolean] whether this is for partials
+  # @return [Pathname] path to public directory for compiled files
+  def handlebars_public_dir(is_partial:)
+    is_partial ? HandlebarsPrecompiler::PARTIALS_PUBLIC_DIR : HandlebarsPrecompiler::TEMPLATES_PUBLIC_DIR
+  end
+
+  # Get URL relative path for templates or partials.
+  # @param is_partial [Boolean] whether this is for partials
+  # @return [String] URL relative path
+  def handlebars_url_path(is_partial:)
+    subdir = is_partial ? 'partials' : 'templates'
+    "#{HandlebarsPrecompiler::URL_RELATIVE_PATH}#{subdir}/"
+  end
+
+  # Generate a cache key common to all users.
+  # Uses server_cache_version and item_updates from dynamic definitions.
+  # @return [String] 13-character hex string (truncated SHA256)
+  def handlebars_cache_key
+    @handlebars_cache_key ||= begin
+      ver = Application.server_cache_version
+      items = handlebars_item_updates_key
+      Digest::SHA256.hexdigest("#{ver}-#{items}")[0..12]
+    end
+  end
+
+  # Extract item_updates logic for cache key generation.
+  # @return [String] concatenated timestamps of dynamic definitions
+  def handlebars_item_updates_key
+    @handlebars_item_updates_key ||= begin
+      cs = [Admin::MessageTemplate, DynamicModel, ActivityLog, ExternalIdentifier,
+            Admin::ConfigLibrary, Admin::PageLayout, Admin::AppConfiguration]
+      cs.map { |c| c.reorder(updated_at: :desc).limit(1).pluck(:updated_at)&.first.to_i.to_s }.join('-')
+    end
+  end
+
+  # Generate filename for compiled output.
+  # @param template_id [String] the template identifier
+  # @return [String] safe filename with cache key suffix
+  def handlebars_compiled_filename(template_id)
+    safe_id = template_id.to_s.gsub(/[^a-zA-Z0-9_-]/, '_')
+    "#{safe_id}-#{handlebars_cache_key}.js"
+  end
+
+  # Preprocess handlebars source to convert shorthand syntax to CLI-compatible format.
+  # Ports the logic from _fpa.setup_template_source in JavaScript.
+  # @param source [String] the raw Handlebars template source
+  # @return [String] preprocessed source ready for CLI compilation
+  def preprocess_handlebars_source(source)
+    return '' if source.nil?
+
+    result = source.dup
+
+    # Handle embedded_report and glyphicon patterns
+    # {{embedded_report_name}} -> {{embedded_report 'name' true}}
+    %w[embedded_report glyphicon].each do |pre|
+      result.gsub!(/\{\{#{pre}_([a-zA-Z0-9_]+)\}\}/) do
+        "{{#{pre} '#{::Regexp.last_match(1)}' true}}"
+      end
+    end
+
+    # Handle tag_format patterns (double colon syntax)
+    # {{tag::format::args}} -> {{tag_format tag 'format' 'args'}}
+    result.gsub!(/\{\{([a-zA-Z0-9_]+)::([0-9a-z:_.]+)\}\}/) do
+      tag = ::Regexp.last_match(1)
+      parts = ::Regexp.last_match(2).split('::').map { |p| "'#{p}'" }.join(' ')
+      "{{tag_format #{tag} #{parts}}}"
+    end
+
+    result
+  end
+
+  def read_handlebars_template(template_id, is_partial: false)
+    public_dir = handlebars_public_dir(is_partial:)
+    safe_id = template_id.to_s.gsub(/[^a-zA-Z0-9_-]/, '_')
+    effective_id = is_partial ? safe_id.sub(/-partial\z/, '') : safe_id
+    compiled_filename = handlebars_compiled_filename(effective_id)
+    compiled_file = public_dir.join(compiled_filename)
+    raise FphsException, "Compiled Handlebars template not found: #{compiled_file}" unless File.exist?(compiled_file)
+
+    File.read(compiled_file)
+  end
+
+  # Write a template to temp file for batch compilation.
+  # Template content is preprocessed before writing.
+  # Uses request-specific temp directory to prevent race conditions.
+  # @param template_id [String] the template identifier
+  # @param content [String, nil] template content (if nil, captures from block)
+  # @param is_partial [Boolean] whether this is a partial (default: false)
+  # @yield Block that returns template content if content is nil
+  # @return [String] relative URL path to the compiled file (for javascript_include_tag)
+  def write_handlebars_template(template_id, content = nil, is_partial: false, &)
+    dir = handlebars_temp_dir(is_partial:)
+    public_dir = handlebars_public_dir(is_partial:)
+    url_path = handlebars_url_path(is_partial:)
+    safe_id = template_id.to_s.gsub(/[^a-zA-Z0-9_-]/, '_')
+
+    # For partials, strip the -partial suffix from both temp and compiled filenames
+    # The Handlebars CLI uses the filename as the partial registration name
+    # e.g., master_id_summary_result-partial -> master_id_summary_result
+    # This ensures {{>master_id_summary_result}} finds the correct partial
+    effective_id = is_partial ? safe_id.sub(/-partial\z/, '') : safe_id
+    temp_file = dir.join("#{effective_id}.handlebars")
+
+    # Use the effective_id (without -partial suffix for partials) for the compiled filename
+    # Templates and partials are stored in separate subdirectories to avoid name collisions
+    compiled_filename = handlebars_compiled_filename(effective_id)
+    compiled_file = public_dir.join(compiled_filename)
+    relative_path = "#{url_path}#{compiled_filename}"
+
+    # Skip if compiled file already exists (avoid recompilation)
+    return relative_path if File.exist?(compiled_file)
+
+    # Skip if temp file already written (deduplication within same request)
+    return relative_path if File.exist?(temp_file)
+
+    # Get content from block if not provided
+    content ||= capture(&) if block_given?
+
+    # Use placeholder for empty/blank templates - they still need to be registered
+    # in Handlebars.templates even if they render nothing
+    content = ' ' if content.blank?
+
+    # Ensure directory exists before writing
+    FileUtils.mkdir_p(dir)
+
+    # Preprocess and write to temp file
+    processed = preprocess_handlebars_source(content)
+    File.write(temp_file, processed)
+
+    relative_path
+  end
+
+  def write_multiple_handlebars_templates(requested_handlebars_templates)
+    template_html = []
+    handlebars_partial_ids = []
+    handlebars_template_ids = []
+    requested_handlebars_templates.each do |template_info|
+      id = template_info[:id]
+      is_partial = template_info[:is_partial]
+      compiled_file_path = template_info[:compiled_file_path]
+      template_html << read_handlebars_template(id, is_partial:)
+      if is_partial
+        handlebars_partial_ids << id
+      else
+        handlebars_template_ids << id
+      end
+    end
+
+    u = current_user || current_admin
+    app_type_id = u&.app_type_id if u.respond_to? :app_type_id
+    req_digest = Digest::SHA256.hexdigest([handlebars_template_ids, handlebars_partial_ids].join(','))
+    filename = "requested-templates-#{u&.id}-#{u&.current_sign_in_at.to_i}-#{app_type_id}-#{req_digest}.js"
+    dir = HandlebarsPrecompiler::MULTI_PUBLIC_DIR.join(filename)
+
+    # Add initialization header to ensure Handlebars.partials exists before partials register themselves
+    # The CLI-compiled partials assume Handlebars.partials already exists
+    init_header = <<~JS
+      (function() {
+        Handlebars.partials = Handlebars.partials || {};
+        Handlebars.templates = Handlebars.templates || {};
+      })();
+    JS
+    File.write(dir, (init_header + template_html.join("\n")).html_safe)
+
+    url_path = HandlebarsPrecompiler::URL_RELATIVE_PATH
+    ["#{url_path}/multi/#{filename}", handlebars_template_ids, handlebars_partial_ids]
+  end
+
+  # Compile all templates from temp directories in a single CLI call per type.
+  # The CLI output is post-processed to split into individual compiled JS files.
+  # @raise [RuntimeError] if compilation fails
+  def compile_handlebars_templates
+    [false, true].each do |is_partial|
+      compile_handlebars_templates_for_type(is_partial:)
+    end
+  end
+
+  private
+
+  # Compile templates or partials from their respective temp directory.
+  # Uses request-specific temp directory to prevent race conditions.
+  # @param is_partial [Boolean] true for partials, false for templates
+  def compile_handlebars_templates_for_type(is_partial:)
+    dir = handlebars_temp_dir(is_partial:)
+
+    # Skip if request-specific directory doesn't exist or is empty
+    return unless Dir.exist?(dir)
+
+    file_list = Dir.glob(dir.join('*.handlebars'))
+    return if file_list.empty?
+
+    type_name = is_partial ? 'partials' : 'templates'
+    Rails.logger.info do
+      "Compiling Handlebars #{type_name}: #{file_list.size} files (request: #{handlebars_request_id})"
+    end
+
+    # Compile to a request-specific temporary output file
+    temp_output = HandlebarsPrecompiler::TMP_DIR.join("compiled_#{type_name}_#{handlebars_request_id}.js")
+
+    # Build CLI command for batch compilation
+    handlebars_cmd = HandlebarsPrecompiler::HANDLEBARS_CLI.split
+    handlebars_cmd += file_list
+    handlebars_cmd += ['-f', temp_output.to_s]
+    handlebars_cmd << '--partial' if is_partial
+    # NOTE: Minify and source maps not supported in directory mode
+
+    begin
+      Utilities::ProcessPipes.pipe_in_out(nil, handlebars_cmd)
+    rescue FphsException, StandardError => e
+      # Save a copy of the files for debugging before they might be cleaned up
+      debug_dir = Rails.root.join('tmp', 'agent-tmp', 'failed-templates')
+      FileUtils.mkdir_p(debug_dir)
+      file_list.each do |f|
+        FileUtils.cp(f, debug_dir.join(File.basename(f)))
+      rescue StandardError
+        nil
+      end
+      Rails.logger.error "Saved failed templates to #{debug_dir}"
+
+      # Log files for debugging
+      Rails.logger.error "Files that failed: #{file_list.map { |f| File.basename(f) }.join(', ')}"
+      file_list.each do |f|
+        content = begin
+          File.read(f)
+        rescue StandardError
+          'UNREADABLE'
+        end
+        Rails.logger.error "#{File.basename(f)}: #{content.length} bytes, first 100 chars: #{content[0..99]}"
+      end
+      error_msg = "Handlebars batch compilation failed for #{type_name}: #{e.message}"
+      Rails.logger.error error_msg
+      raise error_msg
+    end
+
+    # Split combined output into individual files
+    split_compiled_output(temp_output, is_partial:)
+
+    # Clean up request-specific temp directory
+    cleanup_temp_files(dir, temp_output)
+  end
+
+  # Split the combined CLI output into individual compiled JS files.
+  # @param output_file [Pathname] path to the combined output file
+  # @param is_partial [Boolean] whether these are partials
+  def split_compiled_output(output_file, is_partial:)
+    return unless File.exist?(output_file)
+
+    full_content = File.read(output_file)
+    public_dir = handlebars_public_dir(is_partial:)
+
+    # Remove the outer IIFE wrapper that CLI adds
+    # Header: (function() {\n  var template = Handlebars.template, templates = ...
+    # Footer: })();
+    full_content = full_content.sub(COMPILED_HEAD, '')
+    full_content = full_content.sub(/\}\)\(\);\s*\z/, '')
+
+    # Split on template boundaries using regex
+    # Pattern: end of one template (});) followed by start of next (templates[... or Handlebars.partials[...)
+    template_parts = full_content.split(/(?<=\}\);)\s*(?=(?:templates|Handlebars\.partials)\[)/)
+
+    # Ensure public directory exists
+    FileUtils.mkdir_p(public_dir)
+
+    # Write each template to its own file in the appropriate subdirectory
+    template_parts.each do |part|
+      next if part.strip.empty?
+
+      # Extract template name from the registration line
+      name_match = part.match(/^(?:Handlebars\.partials|templates)\['(.+?)'\]/)
+      next unless name_match
+
+      template_name = name_match[1]
+
+      # Wrap in IIFE and write to file
+      content = "#{COMPILED_HEAD}#{part}\n})();"
+      compiled_filename = handlebars_compiled_filename(template_name)
+      output_path = public_dir.join(compiled_filename)
+      File.write(output_path, content)
+    end
+  end
+
+  # Clean up temp files after compilation.
+  # Removes the request-specific temp directory and its contents.
+  # @param dir [Pathname] request-specific temp directory to remove
+  # @param temp_output [Pathname] temp combined output file to remove
+  def cleanup_temp_files(dir, temp_output)
+    FileUtils.rm_rf(dir)
+    FileUtils.rm_f(temp_output)
+  end
+end
diff --git a/app/views/dynamic_models/_common_search_results_template_set.html.erb b/app/views/dynamic_models/_common_search_results_template_set.html.erb
index 701ce80855..9f1803e8f5 100644
--- a/app/views/dynamic_models/_common_search_results_template_set.html.erb
+++ b/app/views/dynamic_models/_common_search_results_template_set.html.erb
@@ -76,4 +76,5 @@ done_templates = []
     end
   end
 end 
-%>
\ No newline at end of file
+%>
+<%= retrieve_requested_handlebars_templates __FILE__ %>
diff --git a/app/views/external_identifiers/_common_search_results_template_set.html.erb b/app/views/external_identifiers/_common_search_results_template_set.html.erb
index 3f7c6cbfd5..578ddce4c9 100644
--- a/app/views/external_identifiers/_common_search_results_template_set.html.erb
+++ b/app/views/external_identifiers/_common_search_results_template_set.html.erb
@@ -11,4 +11,5 @@
 <% 
   end
 end  
-%>
\ No newline at end of file
+%>
+<%= retrieve_requested_handlebars_templates __FILE__ %>
diff --git a/app/views/layouts/_setup_app.html.erb b/app/views/layouts/_setup_app.html.erb
index d00363f43d..848096233e 100644
--- a/app/views/layouts/_setup_app.html.erb
+++ b/app/views/layouts/_setup_app.html.erb
@@ -8,6 +8,11 @@
   _fpa.current_locale = 'en';
   _fpa.env_name = '<%=Settings::EnvironmentName%>';
   _fpa.layout = {item_blocks: <%= layout_item_block_sizes.to_json.html_safe %> };
+  _fpa.gdpr_country_codes = <%= Settings::GdprCountryCodes.to_json.html_safe %>;  
+  _fpa.state.controller_name = _fpa.state.controller_name || '<%=controller_name%>';
+  _fpa.state.action_name = _fpa.state.action_name || '<%=action_name%>';
+  _fpa.state.template_version = '<%=template_version%>';
+  _fpa.state.rails_env = '<%=Rails.env%>';
   <% if current_user %>
   _fpa.state.app_configs = <%= Admin::AppConfiguration.all_for(current_user).to_json.html_safe %>;
   _fpa.state.current_user_roles = <%= current_user.app_type ? current_user.role_names.to_json.html_safe : [] %>;
@@ -25,64 +30,13 @@
     address_country: <%= country_hash_lower_keys.to_json.html_safe %>,
     address_us_state: <%= state_hash_lower_keys.to_json.html_safe %>
   }
-  window.localStorage.setItem('session_app_type_id', _fpa.state.current_user.app_type_id);
   <% end %>
-  _fpa.loaded.preload();
-
-  _fpa.handle_remotes();
-  <% if current_user || current_admin %>
-
-  var one_time_setup = function () {
-    if (_fpa.status.one_time_setup_run || !_fpa.status.loaded_templates || !_fpa.status.html_ready) return;
-    _fpa.status.one_time_setup_run = true;
-    _fpa.compile_templates();
-    _fpa.reset_page_size();
-
-    _fpa.loaded.default();
-  }
-
-  <% if current_user&.app_type_id && !(controller_name == 'app_types' && action_name == 'upload') %>
-  $.get({ url: '/pages/<%= template_version %>/template', cache: true }).done(function(data) {
-    $('body').append(data);
-
-    window.setTimeout(function() {
-      _fpa.status.loaded_templates = true;
-      one_time_setup();
-    }, 1);
-  }).fail(function(jqXHR, textStatus, errorThrown) {
-    console.log(jqXHR, textStatus, errorThrown);
-    <% unless Rails.env.test? %>
-    _fpa.flash_notice('The page failed to load correctly. Please refresh to try again.', 'danger');
-    $('body').removeClass('status-compiling initial-compiling').addClass('status-failed-compilation');
-    <% end %>
-    _fpa.cache.clean();
-  });
-  <% else %>
-    _fpa.cache.clean();
-    window.setTimeout(function() {
-      _fpa.status.loaded_templates = true;
-      one_time_setup();
-    }, 1);
-
+  <% if current_admin %>
+  _fpa.state.current_admin = <%= current_admin.attributes.slice('id', 'email', 'first_name', 'last_name', 'sign_in_count', 'current_sign_in_at','last_sign_in_at', 'otp_required_for_login', 'password_updated_at', 'do_not_email').to_json.html_safe %>;
   <% end %>
 
-  $('html').ready(function () {
-    _fpa.status.html_ready = true;
-    one_time_setup();
-  });
-  <% end %>
-
-  <% if controller_name == 'sessions' %>
-  $('html').ready(function () {
-    _fpa.loaded.login();
-  });
-  <% end %>
+  _fpa.initialize_app();
+<% end %>
 
-  <% if controller_name == 'registrations' %>
-  $('html').ready( () => {
-      _fpa.loaded.registrations();
-  });
-  <% end %>
 
-  _fpa.gdpr_county_codes = <%== Settings::GdprCountryCodes %>;
-<% end %>
+<%= render partial: 'secure_view/preview' if current_user&.can?(:view_files_as_html) || current_user&.can?(:view_files_as_image) %>
diff --git a/app/views/layouts/admin_application.html.erb b/app/views/layouts/admin_application.html.erb
index f452c82c2b..4dc395b674 100644
--- a/app/views/layouts/admin_application.html.erb
+++ b/app/views/layouts/admin_application.html.erb
@@ -44,5 +44,6 @@
       </div>
       {{/if}}
     <% end %>
+    <%= retrieve_requested_handlebars_templates __FILE__ %>
   </body>
 </html>
diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
index 6371cda93a..ab8b92a7a6 100644
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@@ -69,5 +69,6 @@
     </div>
     {{/if}}
   <% end %>
+<%= retrieve_requested_handlebars_templates __FILE__ %>
 </body>
 </html>
diff --git a/app/views/masters/_cache_search_results_template.html.erb b/app/views/masters/_cache_search_results_template.html.erb
index 0c4cf073f5..ab06e5393b 100644
--- a/app/views/masters/_cache_search_results_template.html.erb
+++ b/app/views/masters/_cache_search_results_template.html.erb
@@ -1,13 +1,10 @@
 <%
   part = nil
   if Rails.configuration.action_controller.perform_caching == false
-    # part, _ = render_and_compress_partial('masters/search_results_template')
-    part = render partial: 'masters/search_results_template'
+    part = render(partial: 'masters/search_results_template')
   else
     part = Rails.cache.fetch partial_cache_key(:master__search_results_template) do
-      render partial: 'masters/search_results_template'
-      # part, comp = render_and_compress_partial('masters/search_results_template')
-      # comp
+      render(partial: 'masters/search_results_template')
     end
   end
 %>
diff --git a/app/views/masters/_search_results_template.html.erb b/app/views/masters/_search_results_template.html.erb
index aaee35f9d0..5049d7e21f 100644
--- a/app/views/masters/_search_results_template.html.erb
+++ b/app/views/masters/_search_results_template.html.erb
@@ -138,7 +138,6 @@
 <%= render partial: 'common_templates/common_parts' %>
 <%= render partial: 'item_flags/search_results_template' %>
 <%= render partial: 'filestore/result_templates' if current_user.has_access_to?(:access, :table, :nfs_store__manage__containers) %>
-<%= render partial: 'secure_view/preview' if current_user.can?(:view_files_as_html) || current_user.can?(:view_files_as_image) %>
 <%= render partial: 'filestore/common_template_view', locals: {} if current_user.has_access_to?(:access, :table, :nfs_store__manage__containers) %>
 <%= render partial: 'common_templates/e_signature/show_parts', locals: {} %>
 
@@ -234,3 +233,5 @@
     <% end %>
   </div>
 <% end %>
+
+<%= retrieve_requested_handlebars_templates __FILE__ %>
\ No newline at end of file
diff --git a/config/initializers/handlebars_precompiler.rb b/config/initializers/handlebars_precompiler.rb
new file mode 100644
index 0000000000..600b8c7008
--- /dev/null
+++ b/config/initializers/handlebars_precompiler.rb
@@ -0,0 +1,82 @@
+# frozen_string_literal: true
+
+# HandlebarsPrecompiler Module
+#
+# Provides server-side Handlebars template precompilation using the handlebars CLI.
+# Sets up directories, validates CLI availability, and cleans up compiled files on startup.
+module HandlebarsPrecompiler
+  HANDLEBARS_CLI = ENV.fetch('HANDLEBARS_CLI', 'npx handlebars')
+
+  # Environment-specific directory naming for test isolation
+  # In test mode with parallel execution, TEST_ENV_NUMBER provides isolation
+  HANDLEBARS_DIR_NAME = begin
+    base_name = "handlebars-#{Rails.env}"
+    test_suffix = ENV['TEST_ENV_NUMBER'].to_s.strip
+    test_suffix.empty? ? base_name : "#{base_name}-#{test_suffix}"
+  end
+
+  TMP_DIR = Rails.root.join('tmp', HANDLEBARS_DIR_NAME)
+  TEMPLATES_TMP_DIR = TMP_DIR.join('templates')
+  PARTIALS_TMP_DIR = TMP_DIR.join('partials')
+  PUBLIC_DIR = Rails.root.join('public', HANDLEBARS_DIR_NAME)
+  TEMPLATES_PUBLIC_DIR = PUBLIC_DIR.join('templates')
+  PARTIALS_PUBLIC_DIR = PUBLIC_DIR.join('partials')
+  MULTI_PUBLIC_DIR = PUBLIC_DIR.join('multi')
+
+  URL_RELATIVE_PATH = "/#{HANDLEBARS_DIR_NAME}/"
+
+  class << self
+    def cli_available?
+      @cli_available ||= system("#{HANDLEBARS_CLI} --version > /dev/null 2>&1")
+    end
+
+    def cli_path
+      # For npx, just return the command itself since it's not a direct path
+      @cli_path ||= if HANDLEBARS_CLI.start_with?('npx')
+                      HANDLEBARS_CLI
+                    else
+                      `which #{HANDLEBARS_CLI}`.strip
+                    end
+    end
+
+    def setup_directories
+      FileUtils.mkdir_p(TMP_DIR)
+      FileUtils.mkdir_p(TEMPLATES_TMP_DIR)
+      FileUtils.mkdir_p(PARTIALS_TMP_DIR)
+      FileUtils.mkdir_p(PUBLIC_DIR)
+      FileUtils.mkdir_p(TEMPLATES_PUBLIC_DIR)
+      FileUtils.mkdir_p(PARTIALS_PUBLIC_DIR)
+      FileUtils.mkdir_p(MULTI_PUBLIC_DIR)
+    end
+
+    def cleanup_tmp_dir
+      FileUtils.rm_rf(Dir.glob(TEMPLATES_TMP_DIR.join('*')))
+      FileUtils.rm_rf(Dir.glob(PARTIALS_TMP_DIR.join('*')))
+    end
+
+    # Delete ALL precompiled files on startup
+    def cleanup_public_dir
+      FileUtils.rm_rf(Dir.glob(TEMPLATES_PUBLIC_DIR.join('*.js')))
+      FileUtils.rm_rf(Dir.glob(PARTIALS_PUBLIC_DIR.join('*.js')))
+      FileUtils.rm_rf(Dir.glob(MULTI_PUBLIC_DIR.join('*.js')))
+    end
+  end
+end
+
+# Initialize on Rails startup (but not during asset precompilation or rake tasks)
+Rails.application.config.after_initialize do
+  next if defined?(Rake) && Rake.application.top_level_tasks.any? { |t| t.start_with?('assets:') }
+
+  HandlebarsPrecompiler.setup_directories
+  HandlebarsPrecompiler.cleanup_tmp_dir
+  HandlebarsPrecompiler.cleanup_public_dir
+
+  unless HandlebarsPrecompiler.cli_available?
+    msg = 'Handlebars CLI not found. Install with: npm install --global handlebars'
+    Rails.logger.error msg
+    # Don't raise in test environment to allow tests to run
+    raise msg unless Rails.env.test?
+  end
+
+  Rails.logger.info "HandlebarsPrecompiler initialized. CLI: #{HandlebarsPrecompiler.cli_path}"
+end
diff --git a/spec/helpers/application_helper_spec.rb b/spec/helpers/application_helper_spec.rb
index fb2b7c6de3..53ecad778a 100644
--- a/spec/helpers/application_helper_spec.rb
+++ b/spec/helpers/application_helper_spec.rb
@@ -43,3 +43,82 @@
     end
   end
 end
+
+describe '#handlebars_template_tag' do
+  # Batched precompilation: templates are queued and retrieved together via retrieve_requested_handlebars_templates
+  # Individual calls return empty string; templates are loaded as a single batch via AJAX
+
+  before do
+    # Stub write_handlebars_template to avoid actual file writes
+    allow(helper).to receive(:write_handlebars_template).and_return('/handlebars-test/my-template-abc123def4567.js')
+  end
+
+  context 'with batched precompilation' do
+    it 'returns empty string since templates are batched for later retrieval' do
+      result = helper.handlebars_template_tag('search-results-template') do
+        '<div>{{name}}</div>'.html_safe
+      end
+
+      # Templates are now batched and retrieved via retrieve_requested_handlebars_templates
+      expect(result).to eq('')
+    end
+
+    it 'does not include inline template content in the output' do
+      result = helper.handlebars_template_tag('my-template') do
+        '<div>{{content}}</div>'.html_safe
+      end
+
+      expect(result).not_to include('{{content}}')
+    end
+
+    it 'queues template for batched retrieval' do
+      helper.handlebars_template_tag('my-template') do
+        '<div>test</div>'.html_safe
+      end
+
+      queued = helper.instance_variable_get(:@requested_handlebars_templates)
+      expect(queued).to be_an(Array)
+      expect(queued.first[:id]).to eq('my-template')
+    end
+
+    it 'identifies templates by css_class containing handlebars-template' do
+      helper.handlebars_template_tag('my-template', css_class: 'hidden handlebars-template') do
+        '<div>test</div>'.html_safe
+      end
+
+      queued = helper.instance_variable_get(:@requested_handlebars_templates)
+      expect(queued.first[:is_partial]).to be false
+    end
+
+    it 'identifies partials by css_class containing handlebars-partial' do
+      helper.handlebars_template_tag('my-partial', css_class: 'hidden handlebars-partial') do
+        '<div>test</div>'.html_safe
+      end
+
+      queued = helper.instance_variable_get(:@requested_handlebars_templates)
+      expect(queued.first[:is_partial]).to be true
+    end
+
+    it 'calls write_handlebars_template with template id and is_partial' do
+      expect(helper).to receive(:write_handlebars_template)
+        .with('my-template', is_partial: false)
+        .and_yield
+        .and_return('/handlebars-test/my-template-abc123.js')
+
+      helper.handlebars_template_tag('my-template') do
+        '<div>test</div>'.html_safe
+      end
+    end
+
+    it 'passes is_partial: true when css_class includes handlebars-partial' do
+      expect(helper).to receive(:write_handlebars_template)
+        .with('my-partial', is_partial: true)
+        .and_yield
+        .and_return('/handlebars-test/my-partial-abc123.js')
+
+      helper.handlebars_template_tag('my-partial', css_class: 'hidden handlebars-partial') do
+        '<span>partial</span>'.html_safe
+      end
+    end
+  end
+end
diff --git a/spec/helpers/handlebars_precompiler_helper_spec.rb b/spec/helpers/handlebars_precompiler_helper_spec.rb
new file mode 100644
index 0000000000..9ba09b63b9
--- /dev/null
+++ b/spec/helpers/handlebars_precompiler_helper_spec.rb
@@ -0,0 +1,444 @@
+# frozen_string_literal: true
+
+# HandlebarsPrecompilerHelper Spec
+#
+# Tests helper methods for server-side Handlebars template precompilation.
+# This helper provides cache key generation, template preprocessing, and CLI compilation.
+#
+# Test Coverage:
+# - #preprocess_handlebars_source: Converts shorthand Handlebars syntax to CLI-compatible format
+#   - Transforms {{embedded_report_name}} → {{embedded_report 'name' true}}
+#   - Transforms {{glyphicon_icon}} → {{glyphicon 'icon' true}}
+#   - Transforms {{tag::format::args}} → {{tag_format tag 'format' 'args'}}
+#   - Preserves standard Handlebars syntax unchanged
+#
+# - #handlebars_cache_key: Generates consistent cache keys for template versioning
+#   - Uses server_cache_version and dynamic definition updated_at timestamps
+#   - Returns 13-character hex string (truncated SHA256)
+#
+# - #handlebars_compiled_filename: Generates safe filenames for compiled output
+#   - Sanitizes template IDs to alphanumeric, underscore, hyphen
+#   - Appends cache key suffix
+#
+# - #write_handlebars_template: Writes preprocessed templates to temp files
+#   - Writes to partials or templates directory based on is_partial flag
+#   - Returns relative URL path to compiled file
+#   - Skips if temp file already exists (deduplication)
+#
+# - #compile_handlebars_templates: Batch compiles all templates from temp directories
+#   - Runs single CLI call per type (templates and partials)
+#   - Splits combined output into individual JS files
+#   - Creates compiled files in public directory
+
+require 'rails_helper'
+
+RSpec.describe HandlebarsPrecompilerHelper, type: :helper do
+  describe '#preprocess_handlebars_source' do
+    context 'with embedded_report shorthand' do
+      it 'converts embedded_report shorthand to full helper syntax' do
+        source = '{{embedded_report_my_report_name}}'
+        expected = "{{embedded_report 'my_report_name' true}}"
+
+        result = helper.preprocess_handlebars_source(source)
+
+        expect(result).to eq(expected)
+      end
+
+      it 'handles embedded_report with underscores in name' do
+        source = '{{embedded_report_my_complex_report_name}}'
+        expected = "{{embedded_report 'my_complex_report_name' true}}"
+
+        result = helper.preprocess_handlebars_source(source)
+
+        expect(result).to eq(expected)
+      end
+    end
+
+    context 'with glyphicon shorthand' do
+      it 'converts glyphicon shorthand to full helper syntax' do
+        source = '{{glyphicon_pencil}}'
+        expected = "{{glyphicon 'pencil' true}}"
+
+        result = helper.preprocess_handlebars_source(source)
+
+        expect(result).to eq(expected)
+      end
+
+      it 'handles glyphicon with underscores in name' do
+        source = '{{glyphicon_triangle_right}}'
+        expected = "{{glyphicon 'triangle_right' true}}"
+
+        result = helper.preprocess_handlebars_source(source)
+
+        expect(result).to eq(expected)
+      end
+    end
+
+    context 'with tag_format shorthand (double colon syntax)' do
+      it 'converts simple tag::format to tag_format helper' do
+        source = '{{name::uppercase}}'
+        expected = "{{tag_format name 'uppercase'}}"
+
+        result = helper.preprocess_handlebars_source(source)
+
+        expect(result).to eq(expected)
+      end
+
+      it 'converts tag::format::arg to tag_format helper with multiple args' do
+        source = '{{name::uppercase::3}}'
+        expected = "{{tag_format name 'uppercase' '3'}}"
+
+        result = helper.preprocess_handlebars_source(source)
+
+        expect(result).to eq(expected)
+      end
+
+      it 'converts tag with multiple format arguments' do
+        source = '{{date_time::date_time_show_zone}}'
+        expected = "{{tag_format date_time 'date_time_show_zone'}}"
+
+        result = helper.preprocess_handlebars_source(source)
+
+        expect(result).to eq(expected)
+      end
+
+      it 'handles numeric format arguments' do
+        source = '{{value::format::1::2::3}}'
+        expected = "{{tag_format value 'format' '1' '2' '3'}}"
+
+        result = helper.preprocess_handlebars_source(source)
+
+        expect(result).to eq(expected)
+      end
+    end
+
+    context 'with multiple transformations' do
+      it 'transforms multiple patterns in one source' do
+        source = '<div>{{glyphicon_edit}} Report: {{embedded_report_summary}} Value: {{amount::currency}}</div>'
+        expected = "<div>{{glyphicon 'edit' true}} Report: {{embedded_report 'summary' true}} Value: {{tag_format amount 'currency'}}</div>"
+
+        result = helper.preprocess_handlebars_source(source)
+
+        expect(result).to eq(expected)
+      end
+    end
+
+    context 'with standard Handlebars syntax' do
+      it 'preserves standard variable expressions' do
+        source = '{{name}}'
+
+        result = helper.preprocess_handlebars_source(source)
+
+        expect(result).to eq('{{name}}')
+      end
+
+      it 'preserves standard helper expressions' do
+        source = '{{#if condition}}content{{/if}}'
+
+        result = helper.preprocess_handlebars_source(source)
+
+        expect(result).to eq('{{#if condition}}content{{/if}}')
+      end
+
+      it 'preserves helper expressions with arguments' do
+        source = "{{some_helper 'arg1' 'arg2'}}"
+
+        result = helper.preprocess_handlebars_source(source)
+
+        expect(result).to eq("{{some_helper 'arg1' 'arg2'}}")
+      end
+
+      it 'preserves partial expressions' do
+        source = '{{> my_partial}}'
+
+        result = helper.preprocess_handlebars_source(source)
+
+        expect(result).to eq('{{> my_partial}}')
+      end
+    end
+  end
+
+  describe '#handlebars_cache_key' do
+    it 'returns a 13-character hex string' do
+      result = helper.handlebars_cache_key
+
+      expect(result).to match(/\A[a-f0-9]{13}\z/)
+    end
+
+    it 'returns consistent value on multiple calls' do
+      first_call = helper.handlebars_cache_key
+      second_call = helper.handlebars_cache_key
+
+      expect(first_call).to eq(second_call)
+    end
+
+    it 'changes when dynamic model updated_at changes' do
+      first_key = helper.handlebars_cache_key
+
+      # Clear memoization (variable name matches rubocop-corrected implementation)
+      helper.instance_variable_set(:@handlebars_cache_key, nil)
+      helper.instance_variable_set(:@handlebars_item_updates_key, nil)
+
+      # Simulate a configuration change by touching a dynamic model
+      dm = DynamicModel.first
+      if dm
+        dm.touch
+        second_key = helper.handlebars_cache_key
+        expect(second_key).not_to eq(first_key)
+      else
+        skip 'No DynamicModel records available for this test'
+      end
+    end
+  end
+
+  describe '#handlebars_compiled_filename' do
+    before do
+      # Stub cache key for predictable filenames
+      allow(helper).to receive(:handlebars_cache_key).and_return('abc123def4567')
+    end
+
+    it 'generates filename with template id and cache key' do
+      result = helper.handlebars_compiled_filename('my-template')
+
+      expect(result).to eq('my-template-abc123def4567.js')
+    end
+
+    it 'sanitizes special characters in template id' do
+      result = helper.handlebars_compiled_filename('template.with/special:chars')
+
+      expect(result).to eq('template_with_special_chars-abc123def4567.js')
+    end
+
+    it 'preserves underscores and hyphens' do
+      result = helper.handlebars_compiled_filename('my_template-name')
+
+      expect(result).to eq('my_template-name-abc123def4567.js')
+    end
+  end
+
+  describe '#write_handlebars_template' do
+    let(:template_id) { 'test-template' }
+    let(:template_content) { '<div>{{name}}</div>' }
+    let(:cache_key) { 'abc123def4567' }
+    let(:expected_filename) { "#{template_id}-#{cache_key}.js" }
+
+    before do
+      allow(helper).to receive(:handlebars_cache_key).and_return(cache_key)
+      # Ensure clean state and directories exist
+      HandlebarsPrecompiler.setup_directories
+      FileUtils.rm_rf(Dir.glob(HandlebarsPrecompiler::TEMPLATES_TMP_DIR.join('*')))
+      FileUtils.rm_rf(Dir.glob(HandlebarsPrecompiler::PARTIALS_TMP_DIR.join('*')))
+      FileUtils.rm_rf(Dir.glob(HandlebarsPrecompiler::PUBLIC_DIR.join('*')))
+    end
+
+    context 'when temp file does not exist' do
+      it 'writes preprocessed content to temp templates directory' do
+        helper.write_handlebars_template(template_id, template_content)
+
+        # Files are now in request-specific subdirectories
+        request_dir = helper.handlebars_temp_dir(is_partial: false)
+        temp_file = request_dir.join("#{template_id}.handlebars")
+        expect(File.exist?(temp_file)).to be true
+        expect(File.read(temp_file)).to eq(template_content)
+      end
+
+      it 'writes to partials directory when is_partial is true' do
+        helper.write_handlebars_template(template_id, template_content, is_partial: true)
+
+        request_dir = helper.handlebars_temp_dir(is_partial: true)
+        temp_file = request_dir.join("#{template_id}.handlebars")
+        expect(File.exist?(temp_file)).to be true
+      end
+
+      it 'returns URL path to compiled file location' do
+        result = helper.write_handlebars_template(template_id, template_content)
+
+        expect(result).to eq("#{HandlebarsPrecompiler::URL_RELATIVE_PATH}templates/#{expected_filename}")
+      end
+
+      it 'preprocesses content before writing to temp file' do
+        source_with_shorthand = '{{embedded_report_summary}}'
+
+        helper.write_handlebars_template(template_id, source_with_shorthand)
+
+        request_dir = helper.handlebars_temp_dir(is_partial: false)
+        temp_file = request_dir.join("#{template_id}.handlebars")
+        content = File.read(temp_file)
+        expect(content).to include("embedded_report 'summary' true")
+      end
+    end
+
+    context 'when temp file already exists' do
+      before do
+        # Create the request-specific directory and file
+        request_dir = helper.handlebars_temp_dir(is_partial: false)
+        FileUtils.mkdir_p(request_dir)
+        temp_file = request_dir.join("#{template_id}.handlebars")
+        File.write(temp_file, 'existing content')
+      end
+
+      it 'does not overwrite existing temp file (deduplication within request)' do
+        helper.write_handlebars_template(template_id, template_content)
+
+        request_dir = helper.handlebars_temp_dir(is_partial: false)
+        temp_file = request_dir.join("#{template_id}.handlebars")
+        expect(File.read(temp_file)).to eq('existing content')
+      end
+
+      it 'still returns correct URL path' do
+        result = helper.write_handlebars_template(template_id, template_content)
+
+        expect(result).to eq("#{HandlebarsPrecompiler::URL_RELATIVE_PATH}templates/#{expected_filename}")
+      end
+    end
+
+    context 'when compiled file already exists in public directory' do
+      before do
+        FileUtils.mkdir_p(HandlebarsPrecompiler::TEMPLATES_PUBLIC_DIR)
+        compiled_file = HandlebarsPrecompiler::TEMPLATES_PUBLIC_DIR.join(expected_filename)
+        File.write(compiled_file, '// already compiled')
+      end
+
+      it 'does not write temp file (avoids recompilation)' do
+        helper.write_handlebars_template(template_id, template_content)
+
+        temp_file = HandlebarsPrecompiler::TEMPLATES_TMP_DIR.join("#{template_id}.handlebars")
+        expect(File.exist?(temp_file)).to be false
+      end
+
+      it 'returns correct URL path to existing compiled file' do
+        result = helper.write_handlebars_template(template_id, template_content)
+
+        expect(result).to eq("#{HandlebarsPrecompiler::URL_RELATIVE_PATH}templates/#{expected_filename}")
+      end
+    end
+  end
+
+  describe '#compile_handlebars_templates' do
+    let(:cache_key) { 'batch123456789' }
+
+    before do
+      allow(helper).to receive(:handlebars_cache_key).and_return(cache_key)
+      # Ensure clean state and directories exist
+      HandlebarsPrecompiler.setup_directories
+      FileUtils.rm_rf(Dir.glob(HandlebarsPrecompiler::TEMPLATES_TMP_DIR.join('*')))
+      FileUtils.rm_rf(Dir.glob(HandlebarsPrecompiler::PARTIALS_TMP_DIR.join('*')))
+      FileUtils.rm_rf(Dir.glob(HandlebarsPrecompiler::PUBLIC_DIR.join('*')))
+    end
+
+    context 'when no templates have been written' do
+      it 'does nothing when temp directories are empty' do
+        expect(Utilities::ProcessPipes).not_to receive(:pipe_in_out)
+
+        helper.compile_handlebars_templates
+      end
+    end
+
+    context 'when templates have been written' do
+      before do
+        # Write templates using the helper (creates request-specific directory)
+        helper.write_handlebars_template('template-one', '<div>{{one}}</div>')
+        helper.write_handlebars_template('template-two', '<div>{{two}}</div>')
+      end
+
+      it 'calls Handlebars CLI with template file paths' do
+        allow(Utilities::ProcessPipes).to receive(:pipe_in_out).and_return('')
+
+        helper.compile_handlebars_templates
+
+        expect(Utilities::ProcessPipes).to have_received(:pipe_in_out) do |_stdin, cmd|
+          # The command should include file paths within the templates directory
+          expect(cmd.any? { |arg| arg.include?('template-one.handlebars') }).to be true
+        end
+      end
+
+      it 'cleans up temp files after compilation' do
+        allow(Utilities::ProcessPipes).to receive(:pipe_in_out).and_return('')
+
+        helper.compile_handlebars_templates
+
+        # Request-specific directory should be removed
+        request_dir = helper.handlebars_temp_dir(is_partial: false)
+        expect(Dir.exist?(request_dir)).to be false
+      end
+    end
+
+    context 'when partials have been written' do
+      before do
+        # Write partials using the helper
+        helper.write_handlebars_template('partial-one', '<span>{{item}}</span>', is_partial: true)
+      end
+
+      it 'includes --partial flag for partials directory' do
+        allow(Utilities::ProcessPipes).to receive(:pipe_in_out).and_return('')
+
+        helper.compile_handlebars_templates
+
+        expect(Utilities::ProcessPipes).to have_received(:pipe_in_out) do |_stdin, cmd|
+          expect(cmd).to include('--partial')
+        end
+      end
+    end
+
+    context 'when both templates and partials exist' do
+      before do
+        helper.write_handlebars_template('template', '<div>{{t}}</div>')
+        helper.write_handlebars_template('partial', '<span>{{p}}</span>', is_partial: true)
+      end
+
+      it 'compiles both templates and partials with separate CLI calls' do
+        allow(Utilities::ProcessPipes).to receive(:pipe_in_out).and_return('')
+
+        helper.compile_handlebars_templates
+
+        # Should call CLI twice (once for templates, once for partials)
+        expect(Utilities::ProcessPipes).to have_received(:pipe_in_out).twice
+      end
+    end
+
+    context 'with real CLI integration', :cli_integration do
+      before do
+        allow(helper).to receive(:handlebars_cache_key).and_call_original
+      end
+
+      it 'creates compiled JavaScript files' do
+        skip 'Handlebars CLI not available' unless system('which npx > /dev/null 2>&1')
+
+        # Write template using the helper
+        helper.write_handlebars_template('integration-test', '<div>{{name}}</div>')
+
+        helper.compile_handlebars_templates
+
+        # Should have created compiled file in templates public subdirectory
+        compiled_files = Dir.glob(HandlebarsPrecompiler::TEMPLATES_PUBLIC_DIR.join('integration-test-*.js'))
+        expect(compiled_files).not_to be_empty
+
+        content = File.read(compiled_files.first)
+        expect(content).to include('Handlebars.template')
+      end
+    end
+
+    context 'error handling' do
+      before do
+        # Write template using the helper
+        helper.write_handlebars_template('test', '<div>{{x}}</div>')
+        allow(Utilities::ProcessPipes).to receive(:pipe_in_out).and_raise(FphsException.new('CLI error'))
+      end
+
+      it 'raises error when CLI compilation fails' do
+        expect do
+          helper.compile_handlebars_templates
+        end.to raise_error(/Handlebars batch compilation failed/)
+      end
+
+      it 'logs error to Rails.logger on compilation failure' do
+        expect(Rails.logger).to receive(:error).with(/Handlebars batch compilation failed/).at_least(:once)
+        allow(Rails.logger).to receive(:error).with(any_args)
+
+        expect do
+          helper.compile_handlebars_templates
+        end.to raise_error(RuntimeError)
+      end
+    end
+  end
+end
diff --git a/spec/initializers/handlebars_precompiler_spec.rb b/spec/initializers/handlebars_precompiler_spec.rb
new file mode 100644
index 0000000000..4e370b4979
--- /dev/null
+++ b/spec/initializers/handlebars_precompiler_spec.rb
@@ -0,0 +1,106 @@
+# frozen_string_literal: true
+
+# HandlebarsPrecompiler Initializer Spec
+#
+# Tests the HandlebarsPrecompiler module that sets up directories, validates CLI availability,
+# and cleans up compiled files on startup.
+#
+# Test Coverage:
+# - CLI availability detection via `which handlebars` command
+# - CLI path retrieval
+# - Directory creation for tmp/handlebars and public/handlebars
+# - Cleanup operations for temporary and compiled files
+# - Environment-based flags for minification and source maps
+
+require 'rails_helper'
+
+RSpec.describe HandlebarsPrecompiler do
+  describe '.cli_available?' do
+    it 'returns true when handlebars CLI is installed' do
+      # This test relies on npx handlebars being available in the dev environment
+      expect(described_class.cli_available?).to be true
+    end
+  end
+
+  describe '.cli_path' do
+    it 'returns the path to the handlebars CLI' do
+      path = described_class.cli_path
+
+      expect(path).to be_a(String)
+      expect(path).not_to be_empty
+    end
+  end
+
+  describe '.setup_directories' do
+    before do
+      FileUtils.rm_rf(described_class::TMP_DIR)
+      FileUtils.rm_rf(described_class::PUBLIC_DIR)
+    end
+
+    after do
+      # Restore directories for other tests
+      described_class.setup_directories
+    end
+
+    it 'creates the tmp/handlebars directory' do
+      described_class.setup_directories
+
+      expect(Dir.exist?(described_class::TMP_DIR)).to be true
+    end
+
+    it 'creates the public/handlebars directory' do
+      described_class.setup_directories
+
+      expect(Dir.exist?(described_class::PUBLIC_DIR)).to be true
+    end
+  end
+
+  describe '.cleanup_tmp_dir' do
+    before do
+      described_class.setup_directories
+      # Create test files in the subdirectories that cleanup_tmp_dir actually cleans
+      FileUtils.touch(described_class::TEMPLATES_TMP_DIR.join('test1.tmp'))
+      FileUtils.touch(described_class::PARTIALS_TMP_DIR.join('test2.tmp'))
+    end
+
+    it 'removes all files from templates and partials tmp directories' do
+      described_class.cleanup_tmp_dir
+
+      template_files = Dir.glob(described_class::TEMPLATES_TMP_DIR.join('*'))
+      partial_files = Dir.glob(described_class::PARTIALS_TMP_DIR.join('*'))
+      expect(template_files).to be_empty
+      expect(partial_files).to be_empty
+    end
+  end
+
+  describe '.cleanup_public_dir' do
+    before do
+      described_class.setup_directories
+      # Create test files in the subdirectories that cleanup_public_dir actually cleans
+      FileUtils.touch(described_class::TEMPLATES_PUBLIC_DIR.join('template-abc123.js'))
+      FileUtils.touch(described_class::PARTIALS_PUBLIC_DIR.join('partial-def456.js'))
+      FileUtils.touch(described_class::MULTI_PUBLIC_DIR.join('multi-abc123.js'))
+    end
+
+    it 'removes all .js files from templates public directory' do
+      described_class.cleanup_public_dir
+
+      js_files = Dir.glob(described_class::TEMPLATES_PUBLIC_DIR.join('*.js'))
+      expect(js_files).to be_empty
+    end
+
+    it 'removes all .js files from partials public directory' do
+      described_class.cleanup_public_dir
+
+      js_files = Dir.glob(described_class::PARTIALS_PUBLIC_DIR.join('*.js'))
+      expect(js_files).to be_empty
+    end
+
+    it 'removes all .js files from multi public directory' do
+      described_class.cleanup_public_dir
+
+      js_files = Dir.glob(described_class::MULTI_PUBLIC_DIR.join('*.js'))
+      expect(js_files).to be_empty
+    end
+  end
+end
diff --git a/spec/javascripts/_fpa_compile_templates_spec.js b/spec/javascripts/_fpa_compile_templates_spec.js
new file mode 100644
index 0000000000..ddda9127d4
--- /dev/null
+++ b/spec/javascripts/_fpa_compile_templates_spec.js
@@ -0,0 +1,179 @@
+//= require app/_fpa.js
+
+// _fpa.compile_templates Spec
+//
+// Tests the client-side template compilation behaviour after server-side precompilation.
+// With precompiled templates, compile_templates() should:
+// - Alias _fpa.templates to Handlebars.templates
+// - Alias _fpa.partials to Handlebars.partials
+// - Add status-compiled class to body
+// - Remove status-compiling class from body
+// - Make precompiled templates available via _fpa.templates
+//
+// The new architecture eliminates client-side Handlebars.compile() calls since
+// templates are precompiled on the server and self-register to Handlebars.templates.
+
+describe('_fpa.compile_templates', function () {
+  beforeEach(function () {
+    // Reset body classes
+    $('body').removeClass('status-compiling status-compiled initial-compiling');
+    
+    // Clear any existing templates
+    _fpa.templates = {};
+    _fpa.partials = {};
+    Handlebars.templates = {};
+    Handlebars.partials = {};
+  });
+
+  describe('registry aliasing', function () {
+    it('sets _fpa.templates to reference Handlebars.templates', function () {
+      _fpa.compile_templates();
+
+      expect(_fpa.templates).toBe(Handlebars.templates);
+    });
+
+    it('sets _fpa.partials to reference Handlebars.partials', function () {
+      _fpa.compile_templates();
+
+      expect(_fpa.partials).toBe(Handlebars.partials);
+    });
+
+    it('preserves existing templates in Handlebars.templates', function () {
+      // Simulate a precompiled template that registered itself
+      Handlebars.templates['precompiled-template'] = function () { return '<div>test</div>'; };
+
+      _fpa.compile_templates();
+
+      expect(_fpa.templates['precompiled-template']).toBeDefined();
+      expect(_fpa.templates['precompiled-template']()).toEqual('<div>test</div>');
+    });
+
+    it('preserves existing partials in Handlebars.partials', function () {
+      // Simulate a precompiled partial that registered itself
+      Handlebars.partials['precompiled-partial'] = function () { return '<span>partial</span>'; };
+
+      _fpa.compile_templates();
+
+      expect(_fpa.partials['precompiled-partial']).toBeDefined();
+    });
+  });
+
+  describe('body class management', function () {
+    it('adds status-compiled class to body', function () {
+      _fpa.compile_templates();
+
+      expect($('body').hasClass('status-compiled')).toBe(true);
+    });
+
+    it('removes status-compiling class from body', function () {
+      $('body').addClass('status-compiling');
+
+      _fpa.compile_templates();
+
+      expect($('body').hasClass('status-compiling')).toBe(false);
+    });
+
+    it('removes initial-compiling class from body', function () {
+      $('body').addClass('initial-compiling');
+
+      _fpa.compile_templates();
+
+      expect($('body').hasClass('initial-compiling')).toBe(false);
+    });
+  });
+
+  describe('template availability after compilation', function () {
+    beforeEach(function () {
+      // Simulate precompiled templates that have self-registered
+      Handlebars.templates['search-results-template'] = Handlebars.compile('<div class="search-results">{{query}}</div>');
+      Handlebars.templates['master-panel-template'] = Handlebars.compile('<div class="master-panel">{{title}}</div>');
+      Handlebars.partials['field_label'] = Handlebars.compile('<label>{{label}}</label>');
+    });
+
+    it('makes templates accessible via _fpa.templates', function () {
+      _fpa.compile_templates();
+
+      expect(_fpa.templates['search-results-template']).toBeDefined();
+      expect(_fpa.templates['master-panel-template']).toBeDefined();
+    });
+
+    it('makes partials accessible via _fpa.partials', function () {
+      _fpa.compile_templates();
+
+      expect(_fpa.partials['field_label']).toBeDefined();
+    });
+
+    it('templates render correctly with data', function () {
+      _fpa.compile_templates();
+
+      var result = _fpa.templates['search-results-template']({ query: 'test search' });
+
+      expect(result).toContain('test search');
+      expect(result).toContain('search-results');
+    });
+  });
+});
+
+describe('_fpa.setup_template_source', function () {
+  // Tests for the preprocessing function that should match server-side behaviour
+  
+  describe('embedded_report shorthand', function () {
+    it('converts embedded_report_name to helper syntax', function () {
+      var source = '{{embedded_report_my_report}}';
+      var result = _fpa.setup_template_source(source);
+
+      expect(result).toEqual("{{embedded_report 'my_report' true}}");
+    });
+  });
+
+  describe('glyphicon shorthand', function () {
+    it('converts glyphicon_name to helper syntax', function () {
+      var source = '{{glyphicon_pencil}}';
+      var result = _fpa.setup_template_source(source);
+
+      expect(result).toEqual("{{glyphicon 'pencil' true}}");
+    });
+  });
+
+  describe('tag_format shorthand', function () {
+    it('converts tag::format to tag_format helper', function () {
+      var source = '{{name::uppercase}}';
+      var result = _fpa.setup_template_source(source);
+
+      expect(result).toEqual("{{tag_format name 'uppercase'}}");
+    });
+
+    it('converts tag::format::args to tag_format helper with multiple args', function () {
+      var source = '{{value::format::1::2}}';
+      var result = _fpa.setup_template_source(source);
+
+      expect(result).toEqual("{{tag_format value 'format' '1' '2'}}");
+    });
+  });
+
+  describe('mixed content', function () {
+    it('transforms multiple patterns in one source', function () {
+      var source = '<div>{{glyphicon_edit}} {{name::uppercase}}</div>';
+      var result = _fpa.setup_template_source(source);
+
+      expect(result).toContain("{{glyphicon 'edit' true}}");
+      expect(result).toContain("{{tag_format name 'uppercase'}}");
+    });
+  });
+
+  describe('standard syntax preservation', function () {
+    it('preserves regular variables', function () {
+      var source = '{{name}}';
+      var result = _fpa.setup_template_source(source);
+
+      expect(result).toEqual('{{name}}');
+    });
+
+    it('preserves block helpers', function () {
+      var source = '{{#if test}}content{{/if}}';
+      var result = _fpa.setup_template_source(source);
+
+      expect(result).toEqual('{{#if test}}content{{/if}}');
+    });
+  });
+});
diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb
index 67b932879c..9b1696e7cd 100644
--- a/spec/rails_helper.rb
+++ b/spec/rails_helper.rb
@@ -106,6 +106,7 @@ def expect_to_be_bad_route(for_request)
 SetupHelper.clean_conflicting_activity_logs
 SetupHelper.setup_nfs_directories
 SetupHelper.clean_app_migrations_dirs
+SetupHelper.clean_handlebars_dirs
 
 put_now 'Devise and warden'
 require 'devise'
diff --git a/spec/setup_helper.rb b/spec/setup_helper.rb
index c19085bdbf..eba4804e78 100644
--- a/spec/setup_helper.rb
+++ b/spec/setup_helper.rb
@@ -99,6 +99,13 @@ def self.clean_app_migrations_dirs
     `rm -f db/app_migrations/test/*test_*.rb`
   end
 
+  def self.clean_handlebars_dirs
+    put_now 'Clean Handlebars precompiled dirs'
+    HandlebarsPrecompiler.setup_directories
+    HandlebarsPrecompiler.cleanup_tmp_dir
+    HandlebarsPrecompiler.cleanup_public_dir
+  end
+
   def self.run_test_migrations
     # Checks for pending migrations before tests are run.
     # If you are not using ActiveRecord, you can remove this line.
diff --git a/spec/support/feature_support.rb b/spec/support/feature_support.rb
index d03870c184..ff5e2f4e18 100644
--- a/spec/support/feature_support.rb
+++ b/spec/support/feature_support.rb
@@ -40,7 +40,7 @@ module FeatureSupport
   def js_console_log
     nil unless ENV['DEBUG_JS'] == 'true'
 
-    # puts page.driver.browser.logs.get(:browser).select { |l| l.start_with?('console.') }.join("\n")
+    # puts_debug_plain page.driver.browser.logs.get(:browser).select { |l| l.start_with?('console.') }.join("\n")
   end
 
   def login
@@ -799,6 +799,10 @@ def puts_debug(msg, force: false)
     puts "[FeatureSupport DEBUG] #{msg}" if ENV['FEATURE_DEBUG'] == 'true' || force
   end
 
+  def puts_debug_plain(msg, force: false)
+    puts msg if ENV['FEATURE_DEBUG'] == 'true' || force
+  end
+
   def save_html_snapshot(filename)
     File.write(filename, page.html)
     puts_debug "Saved HTML snapshot to #{filename}"
@@ -869,25 +873,25 @@ def print_browser_console_logs(context = 'Browser Console')
     logs = page.evaluate_script('window.browserLogs || []')
     violations = page.evaluate_script('window.cspViolations || []')
 
-    puts "\n#{'=' * 80}"
-    puts "CONTEXT: #{context}"
-    puts '-' * 80
-    puts "BROWSER CONSOLE LOGS (#{logs.length} entries):"
-    logs.each { |log| puts "  #{log}" }
+    puts_debug "\n#{'=' * 80}"
+    puts_debug "CONTEXT: #{context}"
+    puts_debug '-' * 80
+    puts_debug "BROWSER CONSOLE LOGS (#{logs.length} entries):"
+    logs.each { |log| puts_debug "  #{log}" }
 
     if violations.any?
-      puts "\nCSP VIOLATIONS CAPTURED (#{violations.length}):"
+      puts_debug "\nCSP VIOLATIONS CAPTURED (#{violations.length}):"
       violations.each_with_index do |v, i|
-        puts "  Violation ##{i + 1}:"
-        puts "    Directive: #{v['violatedDirective']}"
-        puts "    Blocked URI: #{v['blockedURI']}"
-        puts "    Source: #{v['sourceFile']}:#{v['lineNumber']}:#{v['columnNumber']}"
-        puts "    Sample: #{v['sample']}"
+        puts_debug "  Violation ##{i + 1}:"
+        puts_debug "    Directive: #{v['violatedDirective']}"
+        puts_debug "    Blocked URI: #{v['blockedURI']}"
+        puts_debug "    Source: #{v['sourceFile']}:#{v['lineNumber']}:#{v['columnNumber']}"
+        puts_debug "    Sample: #{v['sample']}"
       end
     else
-      puts "\nNo CSP violations captured"
+      puts_debug "\nNo CSP violations captured"
     end
-    puts '=' * 80
+    puts_debug '=' * 80
 
     { logs:, csp_violations: violations }
   end
@@ -988,9 +992,9 @@ def user_instructions_placeholders
       res_html = res_html.gsub("\r", '').gsub(/\n\n+/, "\n")
       res_md = res_html.html_to_markdown
       puts_debug 'Caption for user:'
-      puts '---'
-      puts res_md
-      puts '---'
+      puts_debug_plain '---'
+      puts_debug_plain res_md
+      puts_debug_plain '---'
       results[field_name] = res_md
     end
     results
@@ -1017,8 +1021,8 @@ def available_report_tabs
       res[:is_active] = (tab['aria-expanded'] == 'true')
       results << res
     end
-    puts String.yaml_dump(results)
-    puts '---'
+    puts_debug_plain String.yaml_dump(results)
+    puts_debug_plain '---'
     results
   end
 
@@ -1063,8 +1067,8 @@ def available_form_fields
       res[:is_in_show_mode] = true
       results << res
     end
-    puts String.yaml_dump(results)
-    puts '---'
+    puts_debug_plain String.yaml_dump(results)
+    puts_debug_plain '---'
     results
   end
 
@@ -1080,8 +1084,8 @@ def available_submit_fields
       res[:visible] = f.visible?
       results << res
     end
-    puts String.yaml_dump(results)
-    puts '---'
+    puts_debug_plain String.yaml_dump(results)
+    puts_debug_plain '---'
     results
   end
 
@@ -1098,8 +1102,8 @@ def available_embedded_model_reference_add_buttons
       res[:data_target] = mr_action['data-target']
       results << res
     end
-    puts String.yaml_dump(results)
-    puts '---'
+    puts_debug_plain String.yaml_dump(results)
+    puts_debug_plain '---'
     results
   end
 
@@ -1127,8 +1131,8 @@ def available_model_reference_expanders
       end
       results << res
     end
-    puts String.yaml_dump(results)
-    puts '---'
+    puts_debug_plain String.yaml_dump(results)
+    puts_debug_plain '---'
     results
   end
 
@@ -1146,8 +1150,8 @@ def puts_form_validation_errors
 
     if results.present?
       puts_debug '⚠️  Form validation errors:'
-      puts String.yaml_dump(results)
-      puts '---'
+      puts_debug_plain String.yaml_dump(results)
+      puts_debug_plain '---'
     else
       puts_debug 'Form validation errors: none'
     end
@@ -1158,9 +1162,9 @@ def current_form_field_names
   end
 
   def puts_highlighted(text)
-    puts "\n#{'=' * 80}"
-    puts text
-    puts "#{'=' * 80}\n"
+    puts_debug_plain "\n#{'=' * 80}"
+    puts_debug_plain text
+    puts_debug_plain "#{'=' * 80}\n"
   end
 
   def puts_error_page
@@ -1170,8 +1174,8 @@ def puts_error_page
       return
     end
     puts_debug '⚠️  Error page message:'
-    puts epb.html.html_to_markdown
-    puts '---'
+    puts_debug_plain epb.html.html_to_markdown
+    puts_debug_plain '---'
   end
 
   def puts_alerts
@@ -1188,8 +1192,8 @@ def puts_modals
       res[:body] = m.all('.modal-body').first&.text
       results << res
     end
-    puts String.yaml_dump(results)
-    puts '---'
+    puts_debug_plain String.yaml_dump(results)
+    puts_debug_plain '---'
     results
   end
 
@@ -1215,8 +1219,8 @@ def take_screenshot(name = nil, description = nil, force: false)
     page.save_screenshot(filepath)
 
     # Log the screenshot
-    puts "[Screenshot] #{name}: #{filepath}"
-    puts "[Screenshot] #{description}" if description
+    puts_debug_plain "[Screenshot] #{name}: #{filepath}"
+    puts_debug_plain "[Screenshot] #{description}" if description
 
     # Return relative path for documentation
     filepath.to_s
diff --git a/spec/system/handlebars_precompilation_spec.rb b/spec/system/handlebars_precompilation_spec.rb
new file mode 100644
index 0000000000..317b1b783c
--- /dev/null
+++ b/spec/system/handlebars_precompilation_spec.rb
@@ -0,0 +1,84 @@
+# frozen_string_literal: true
+
+# Handlebars Precompilation System Spec
+#
+# End-to-end tests for server-side Handlebars template precompilation.
+# Verifies that precompiled templates load correctly in the browser and
+# render properly with data.
+#
+# Test Coverage:
+# - Page loads without JavaScript errors
+# - Precompiled templates are available in _fpa.templates
+# - Precompiled partials are available in _fpa.partials
+# - Templates render correctly with data
+# - Body has status-compiled class after template loading
+
+require 'rails_helper'
+
+RSpec.describe 'Handlebars Precompilation', type: :system, js: true, driver: $browser_driver do
+  include ModelSupport
+  include FeatureSupport
+
+  before(:all) do
+    SetupHelper.feature_setup
+    @user, = create_user
+    change_setting('TwoFactorAuthDisabledForUser', true)
+  end
+
+  before do
+    login_as(@user, scope: :user)
+  end
+
+  describe 'page load with precompiled templates' do
+    it 'has status-compiled class on body after loading' do
+      visit '/'
+      finish_page_loading
+
+      # Wait for templates to load (longer timeout for compilation)
+      sleep 5
+
+      expect(page).to have_css('body.status-compiled', wait: 30)
+
+      # Verify _fpa status flags are set
+      loaded = page.evaluate_script('_fpa.status.loaded_templates')
+      expect(loaded).to be true
+
+      setup_run = page.evaluate_script('_fpa.status.one_time_setup_run')
+      expect(setup_run).to be true
+    end
+
+    it 'has templates available in _fpa.templates' do
+      visit '/'
+      finish_page_loading
+
+      templates_available = page.evaluate_script('Object.keys(_fpa.templates || {}).length > 0')
+
+      expect(templates_available).to be true
+    end
+
+    it 'has partials available in _fpa.partials' do
+      visit '/'
+      finish_page_loading
+
+      # Wait for search results templates to be loaded via retrieve_requested_handlebars_templates
+      # The body gets class 'loaded-templates--masters__search_results_template' when the full template set is loaded
+      # This is the file that contains all the partials
+      expect(page).to have_css('body.loaded-templates--masters__search_results_template', wait: 30)
+
+      partials_available = page.evaluate_script('Object.keys(_fpa.partials || {}).length > 0')
+
+      expect(partials_available).to be true
+    end
+  end
+
+  describe 'template rendering' do
+    it 'renders page without template errors' do
+      visit '/'
+      finish_page_loading
+
+      # Check page doesn't have error indicators
+      expect(page).not_to have_css('.ajax-running', wait: 5)
+      expect(page).not_to have_content('Template error')
+    end
+  end
+end