dwindown/formipay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7a6765a5790516c8b77f9d0e4220b65bfa024596
formipay/node_modules/csp_evaluator/dist/evaluator.js
dwindown e8fbfb14c1 fix: prevent asset conflicts between React and Grid.js versions 
Add coexistence checks to all enqueue methods to prevent loading
both React and Grid.js assets simultaneously.

Changes:
- ReactAdmin.php: Only enqueue React assets when ?react=1
- Init.php: Skip Grid.js when React active on admin pages
- Form.php, Coupon.php, Access.php: Restore classic assets when ?react=0
- Customer.php, Product.php, License.php: Add coexistence checks

Now the toggle between Classic and React versions works correctly.

Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-18 17:02:14 +07:00

66 lines
2.9 KiB
JavaScript
Raw Blame History

"use strict";
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod);
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.STRICTCSP_CHECKS = exports.DEFAULT_CHECKS = exports.CspEvaluator = void 0;
const parserChecks = __importStar(require("./checks/parser_checks"));
const securityChecks = __importStar(require("./checks/security_checks"));
const strictcspChecks = __importStar(require("./checks/strictcsp_checks"));
const csp = __importStar(require("./csp"));
class CspEvaluator {
constructor(parsedCsp, cspVersion) {
this.findings = [];
this.version = cspVersion || csp.Version.CSP3;
this.csp = parsedCsp;
}
evaluate(parsedCspChecks, effectiveCspChecks) {
this.findings = [];
const checks = effectiveCspChecks || exports.DEFAULT_CHECKS;
const effectiveCsp = this.csp.getEffectiveCsp(this.version, this.findings);
if (parsedCspChecks) {
for (const check of parsedCspChecks) {
this.findings = this.findings.concat(check(this.csp));
}
}
for (const check of checks) {
this.findings = this.findings.concat(check(effectiveCsp));
}
return this.findings;
}
}
exports.CspEvaluator = CspEvaluator;
exports.DEFAULT_CHECKS = [
securityChecks.checkScriptUnsafeInline, securityChecks.checkScriptUnsafeEval,
securityChecks.checkPlainUrlSchemes, securityChecks.checkWildcards,
securityChecks.checkMissingDirectives,
securityChecks.checkScriptAllowlistBypass,
securityChecks.checkFlashObjectAllowlistBypass, securityChecks.checkIpSource,
securityChecks.checkNonceLength, securityChecks.checkSrcHttp,
securityChecks.checkDeprecatedDirective, parserChecks.checkUnknownDirective,
parserChecks.checkMissingSemicolon, parserChecks.checkInvalidKeyword
];
exports.STRICTCSP_CHECKS = [
strictcspChecks.checkStrictDynamic,
strictcspChecks.checkStrictDynamicNotStandalone,
strictcspChecks.checkUnsafeInlineFallback,
strictcspChecks.checkAllowlistFallback,
strictcspChecks.checkRequiresTrustedTypesForScripts
];
//# sourceMappingURL=evaluator.js.map
Reference in New Issue View Git Blame Copy Permalink