The joomla alert used to display the information about the stats message uses a combination of a fake same page link and javascript to optionally disclose the information that is sent

This fake link is classed as an accessibility failure (and personally I see this as bad practice)

Broken same-page link. The link target does not match any element on the page.

We dont need to do it this way. If we use the details disclosure element we can make it work without the fake link and reduce the javascript needed.

However to do this the html5 elements for details and summary need to be added to the DefaultAllowlist in core.es6.js or for slightly more limited use in stats-message.es6.js

As far as I can tell there is no security issue in allowing these html5 elements and I have checked with dompurify and that does allow them.

Before proceeding further I would like confirmation from the JSST and js experts that its ok to do this and if so if it should be globally in core.es6.js or restricted to the stats plugin in stats-message.es6.js

cc @Fedik @dgrammatiko @SniperSister