prettier
This commit is contained in:
parent
77ba8687a6
commit
b28d962a28
@ -1,2 +1,2 @@
|
||||
import './bootstrap.js';
|
||||
import './styles/app.css';
|
||||
import "./bootstrap.js";
|
||||
import "./styles/app.css";
|
||||
|
2
assets/bootstrap.js
vendored
2
assets/bootstrap.js
vendored
@ -1,3 +1,3 @@
|
||||
import { startStimulusApp } from '@symfony/stimulus-bundle';
|
||||
import { startStimulusApp } from "@symfony/stimulus-bundle";
|
||||
|
||||
const app = startStimulusApp();
|
||||
|
@ -1,15 +1,15 @@
|
||||
{
|
||||
"controllers": {
|
||||
"@symfony/ux-turbo": {
|
||||
"turbo-core": {
|
||||
"enabled": true,
|
||||
"fetch": "eager"
|
||||
},
|
||||
"mercure-turbo-stream": {
|
||||
"enabled": false,
|
||||
"fetch": "eager"
|
||||
}
|
||||
}
|
||||
},
|
||||
"entrypoints": []
|
||||
"controllers": {
|
||||
"@symfony/ux-turbo": {
|
||||
"turbo-core": {
|
||||
"enabled": true,
|
||||
"fetch": "eager"
|
||||
},
|
||||
"mercure-turbo-stream": {
|
||||
"enabled": false,
|
||||
"fetch": "eager"
|
||||
}
|
||||
}
|
||||
},
|
||||
"entrypoints": []
|
||||
}
|
||||
|
@ -2,78 +2,116 @@ const nameCheck = /^[-_a-zA-Z0-9]{4,22}$/;
|
||||
const tokenCheck = /^[-_\/+a-zA-Z0-9]{24,}$/;
|
||||
|
||||
// Generate and double-submit a CSRF token in a form field and a cookie, as defined by Symfony's SameOriginCsrfTokenManager
|
||||
document.addEventListener('submit', function (event) {
|
||||
document.addEventListener(
|
||||
"submit",
|
||||
function (event) {
|
||||
generateCsrfToken(event.target);
|
||||
}, true);
|
||||
},
|
||||
true,
|
||||
);
|
||||
|
||||
// When @hotwired/turbo handles form submissions, send the CSRF token in a header in addition to a cookie
|
||||
// The `framework.csrf_protection.check_header` config option needs to be enabled for the header to be checked
|
||||
document.addEventListener('turbo:submit-start', function (event) {
|
||||
const h = generateCsrfHeaders(event.detail.formSubmission.formElement);
|
||||
Object.keys(h).map(function (k) {
|
||||
event.detail.formSubmission.fetchRequest.headers[k] = h[k];
|
||||
});
|
||||
document.addEventListener("turbo:submit-start", function (event) {
|
||||
const h = generateCsrfHeaders(event.detail.formSubmission.formElement);
|
||||
Object.keys(h).map(function (k) {
|
||||
event.detail.formSubmission.fetchRequest.headers[k] = h[k];
|
||||
});
|
||||
});
|
||||
|
||||
// When @hotwired/turbo handles form submissions, remove the CSRF cookie once a form has been submitted
|
||||
document.addEventListener('turbo:submit-end', function (event) {
|
||||
removeCsrfToken(event.detail.formSubmission.formElement);
|
||||
document.addEventListener("turbo:submit-end", function (event) {
|
||||
removeCsrfToken(event.detail.formSubmission.formElement);
|
||||
});
|
||||
|
||||
export function generateCsrfToken (formElement) {
|
||||
const csrfField = formElement.querySelector('input[data-controller="csrf-protection"], input[name="_csrf_token"]');
|
||||
export function generateCsrfToken(formElement) {
|
||||
const csrfField = formElement.querySelector(
|
||||
'input[data-controller="csrf-protection"], input[name="_csrf_token"]',
|
||||
);
|
||||
|
||||
if (!csrfField) {
|
||||
return;
|
||||
}
|
||||
if (!csrfField) {
|
||||
return;
|
||||
}
|
||||
|
||||
let csrfCookie = csrfField.getAttribute('data-csrf-protection-cookie-value');
|
||||
let csrfToken = csrfField.value;
|
||||
let csrfCookie = csrfField.getAttribute("data-csrf-protection-cookie-value");
|
||||
let csrfToken = csrfField.value;
|
||||
|
||||
if (!csrfCookie && nameCheck.test(csrfToken)) {
|
||||
csrfField.setAttribute('data-csrf-protection-cookie-value', csrfCookie = csrfToken);
|
||||
csrfField.defaultValue = csrfToken = btoa(String.fromCharCode.apply(null, (window.crypto || window.msCrypto).getRandomValues(new Uint8Array(18))));
|
||||
csrfField.dispatchEvent(new Event('change', { bubbles: true }));
|
||||
}
|
||||
if (!csrfCookie && nameCheck.test(csrfToken)) {
|
||||
csrfField.setAttribute(
|
||||
"data-csrf-protection-cookie-value",
|
||||
(csrfCookie = csrfToken),
|
||||
);
|
||||
csrfField.defaultValue = csrfToken = btoa(
|
||||
String.fromCharCode.apply(
|
||||
null,
|
||||
(window.crypto || window.msCrypto).getRandomValues(new Uint8Array(18)),
|
||||
),
|
||||
);
|
||||
csrfField.dispatchEvent(new Event("change", { bubbles: true }));
|
||||
}
|
||||
|
||||
if (csrfCookie && tokenCheck.test(csrfToken)) {
|
||||
const cookie = csrfCookie + '_' + csrfToken + '=' + csrfCookie + '; path=/; samesite=strict';
|
||||
document.cookie = window.location.protocol === 'https:' ? '__Host-' + cookie + '; secure' : cookie;
|
||||
}
|
||||
if (csrfCookie && tokenCheck.test(csrfToken)) {
|
||||
const cookie =
|
||||
csrfCookie +
|
||||
"_" +
|
||||
csrfToken +
|
||||
"=" +
|
||||
csrfCookie +
|
||||
"; path=/; samesite=strict";
|
||||
document.cookie =
|
||||
window.location.protocol === "https:"
|
||||
? "__Host-" + cookie + "; secure"
|
||||
: cookie;
|
||||
}
|
||||
}
|
||||
|
||||
export function generateCsrfHeaders (formElement) {
|
||||
const headers = {};
|
||||
const csrfField = formElement.querySelector('input[data-controller="csrf-protection"], input[name="_csrf_token"]');
|
||||
|
||||
if (!csrfField) {
|
||||
return headers;
|
||||
}
|
||||
|
||||
const csrfCookie = csrfField.getAttribute('data-csrf-protection-cookie-value');
|
||||
|
||||
if (tokenCheck.test(csrfField.value) && nameCheck.test(csrfCookie)) {
|
||||
headers[csrfCookie] = csrfField.value;
|
||||
}
|
||||
export function generateCsrfHeaders(formElement) {
|
||||
const headers = {};
|
||||
const csrfField = formElement.querySelector(
|
||||
'input[data-controller="csrf-protection"], input[name="_csrf_token"]',
|
||||
);
|
||||
|
||||
if (!csrfField) {
|
||||
return headers;
|
||||
}
|
||||
|
||||
const csrfCookie = csrfField.getAttribute(
|
||||
"data-csrf-protection-cookie-value",
|
||||
);
|
||||
|
||||
if (tokenCheck.test(csrfField.value) && nameCheck.test(csrfCookie)) {
|
||||
headers[csrfCookie] = csrfField.value;
|
||||
}
|
||||
|
||||
return headers;
|
||||
}
|
||||
|
||||
export function removeCsrfToken (formElement) {
|
||||
const csrfField = formElement.querySelector('input[data-controller="csrf-protection"], input[name="_csrf_token"]');
|
||||
export function removeCsrfToken(formElement) {
|
||||
const csrfField = formElement.querySelector(
|
||||
'input[data-controller="csrf-protection"], input[name="_csrf_token"]',
|
||||
);
|
||||
|
||||
if (!csrfField) {
|
||||
return;
|
||||
}
|
||||
if (!csrfField) {
|
||||
return;
|
||||
}
|
||||
|
||||
const csrfCookie = csrfField.getAttribute('data-csrf-protection-cookie-value');
|
||||
const csrfCookie = csrfField.getAttribute(
|
||||
"data-csrf-protection-cookie-value",
|
||||
);
|
||||
|
||||
if (tokenCheck.test(csrfField.value) && nameCheck.test(csrfCookie)) {
|
||||
const cookie = csrfCookie + '_' + csrfField.value + '=0; path=/; samesite=strict; max-age=0';
|
||||
if (tokenCheck.test(csrfField.value) && nameCheck.test(csrfCookie)) {
|
||||
const cookie =
|
||||
csrfCookie +
|
||||
"_" +
|
||||
csrfField.value +
|
||||
"=0; path=/; samesite=strict; max-age=0";
|
||||
|
||||
document.cookie = window.location.protocol === 'https:' ? '__Host-' + cookie + '; secure' : cookie;
|
||||
}
|
||||
document.cookie =
|
||||
window.location.protocol === "https:"
|
||||
? "__Host-" + cookie + "; secure"
|
||||
: cookie;
|
||||
}
|
||||
}
|
||||
|
||||
/* stimulusFetch: 'lazy' */
|
||||
export default 'csrf-protection-controller';
|
||||
export default "csrf-protection-controller";
|
||||
|
@ -1,55 +1,54 @@
|
||||
import {Controller} from "@hotwired/stimulus";
|
||||
|
||||
import { Controller } from "@hotwired/stimulus";
|
||||
|
||||
export default class extends Controller {
|
||||
addEntry(event) {
|
||||
event.preventDefault();
|
||||
addEntry(event) {
|
||||
event.preventDefault();
|
||||
|
||||
const formClone = this.element.querySelector('form').cloneNode(true);
|
||||
const formClone = this.element.querySelector("form").cloneNode(true);
|
||||
|
||||
formClone.querySelectorAll("select").forEach(input => {
|
||||
input.value = "1";
|
||||
});
|
||||
formClone.querySelector('input').value = '';
|
||||
formClone.querySelectorAll("select").forEach((input) => {
|
||||
input.value = "1";
|
||||
});
|
||||
formClone.querySelector("input").value = "";
|
||||
|
||||
this.element.querySelector('.forms').appendChild(formClone);
|
||||
this.element.querySelector(".forms").appendChild(formClone);
|
||||
}
|
||||
|
||||
removeEntry(event) {
|
||||
event.preventDefault();
|
||||
|
||||
if (document.querySelector(".forms").childElementCount === 1) {
|
||||
return;
|
||||
}
|
||||
|
||||
removeEntry(event) {
|
||||
event.preventDefault();
|
||||
event.target.closest("form").remove();
|
||||
}
|
||||
|
||||
if (document.querySelector('.forms').childElementCount === 1) {
|
||||
return;
|
||||
}
|
||||
submit(event) {
|
||||
event.preventDefault();
|
||||
|
||||
event.target.closest('form').remove();
|
||||
}
|
||||
const forms = document.querySelectorAll("form");
|
||||
const formData = this.getFormData(forms);
|
||||
|
||||
submit(event) {
|
||||
event.preventDefault();
|
||||
fetch("/ticket/submit", {
|
||||
method: "POST",
|
||||
body: JSON.stringify(formData),
|
||||
headers: {
|
||||
"Content-Type": "application/json",
|
||||
},
|
||||
}).then((response) => {
|
||||
if (!response.ok) {
|
||||
alert("An error occurred");
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
const forms = document.querySelectorAll('form');
|
||||
const formData = this.getFormData(forms);
|
||||
getFormData(forms) {
|
||||
const formData = [];
|
||||
forms.forEach((form) => {
|
||||
formData.push(Object.fromEntries(new FormData(form).entries()));
|
||||
});
|
||||
|
||||
fetch('/ticket/submit', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify(formData),
|
||||
headers: {
|
||||
'Content-Type': 'application/json'
|
||||
}
|
||||
}).then(response => {
|
||||
if (!response.ok) {
|
||||
alert('An error occurred');
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
getFormData(forms) {
|
||||
const formData = [];
|
||||
forms.forEach(form => {
|
||||
formData.push(Object.fromEntries(new FormData(form).entries()));
|
||||
})
|
||||
|
||||
return formData;
|
||||
}
|
||||
}
|
||||
return formData;
|
||||
}
|
||||
}
|
||||
|
@ -1,4 +1,3 @@
|
||||
@tailwind base;
|
||||
@tailwind components;
|
||||
@tailwind utilities;
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user