whop 1.0.3 → 1.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +10 -0
- data/lib/generators/whop/install/templates/whop_iframe.rb +6 -0
- data/lib/whop/iframe_helper.rb +53 -0
- data/lib/whop/version.rb +1 -1
- metadata +2 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3c6ea2caf5959059d7e27c54eecb479e8007420a1e3989fcc8ab9b3cf3d6be4e
|
|
4
|
+
data.tar.gz: 9f2d86766b0cd27d265e9fd87c1be3102b9baf0c9d836539d4217427d864e998
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7e08a3e8c6bc48cad71cfc3bd5c7e67feb0718df8077bbdbbbd046d24de8e27e5a29e60b8c37a9c30a82952ba11c15a21708e215f62fff670a1bff4a3881054d
|
|
7
|
+
data.tar.gz: f9697d3d60918f218c6bc61798733cc83bc7d46b4a6e679042e7434c39c5d84d8ec3d0d16f623603ebe9ae32ddb05993f7a0e52f6210adb5f16259823341ad6e
|
data/README.md
CHANGED
|
@@ -116,6 +116,16 @@ curl -i -X POST http://localhost:3000/whop/webhooks \
|
|
|
116
116
|
```
|
|
117
117
|
|
|
118
118
|
## Using the client
|
|
119
|
+
# Frontend (iframe) helper
|
|
120
|
+
|
|
121
|
+
Add the SDK tags in your layout head:
|
|
122
|
+
|
|
123
|
+
```erb
|
|
124
|
+
<%= extend(Whop::IframeHelper) && whop_iframe_sdk_tags %>
|
|
125
|
+
```
|
|
126
|
+
|
|
127
|
+
Ensure your CSP allows Whop domains; the installer adds `config/initializers/whop_iframe.rb` with sensible defaults (script/connect/frame to unpkg.com, esm.sh, whop.com/*).
|
|
128
|
+
|
|
119
129
|
|
|
120
130
|
```ruby
|
|
121
131
|
# With app/company context from env
|
|
@@ -4,6 +4,12 @@ Rails.application.config.action_dispatch.default_headers.delete('X-Frame-Options
|
|
|
4
4
|
|
|
5
5
|
Rails.application.config.content_security_policy do |policy|
|
|
6
6
|
policy.frame_ancestors :self, "https://whop.com", "https://*.whop.com"
|
|
7
|
+
# Allow Whop iframe SDK (UMD) and ESM fallback
|
|
8
|
+
policy.script_src :self, :https, "https://unpkg.com", "https://esm.sh"
|
|
9
|
+
# Allow network calls to Whop API from the browser as needed
|
|
10
|
+
policy.connect_src :self, :https, "https://whop.com", "https://*.whop.com"
|
|
11
|
+
# Allow embedding Whop frames
|
|
12
|
+
policy.frame_src :self, "https://whop.com", "https://*.whop.com"
|
|
7
13
|
end
|
|
8
14
|
|
|
9
15
|
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
require "erb"
|
|
2
|
+
|
|
3
|
+
module Whop
|
|
4
|
+
module IframeHelper
|
|
5
|
+
# Renders the Whop iframe SDK UMD script and a small inline initializer that creates
|
|
6
|
+
# a global window.iframeSdk instance. The initializer uses the provided app_id, or
|
|
7
|
+
# falls back to ENV["WHOP_APP_ID"] / Whop.config.app_id, then finally to
|
|
8
|
+
# document.body.dataset.whopAppId if present.
|
|
9
|
+
#
|
|
10
|
+
# Usage in layout head:
|
|
11
|
+
# <%= whop_iframe_sdk_tags %>
|
|
12
|
+
# Optionally add <body data-whop-app-id="..."> if you prefer not to expose ENV.
|
|
13
|
+
def whop_iframe_sdk_tags(app_id: nil, nonce: nil)
|
|
14
|
+
resolved_app_id = app_id || ENV["WHOP_APP_ID"] || (Whop.config.app_id rescue nil) || ""
|
|
15
|
+
begin
|
|
16
|
+
# Prefer CSP nonce from Rails if available
|
|
17
|
+
nonce ||= respond_to?(:content_security_policy_nonce) ? content_security_policy_nonce : nil
|
|
18
|
+
rescue StandardError
|
|
19
|
+
# ignore
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
nonce_attr = nonce ? " nonce=\"#{ERB::Util.html_escape(nonce)}\"" : ""
|
|
23
|
+
init = <<~JS
|
|
24
|
+
(function () {
|
|
25
|
+
try {
|
|
26
|
+
var g = window;
|
|
27
|
+
var create = (g.WhopIframe && g.WhopIframe.createSdk) ||
|
|
28
|
+
(g.WhopIframeSdk && g.WhopIframeSdk.createSdk) ||
|
|
29
|
+
g.createWhopIframeSdk ||
|
|
30
|
+
g.createSdk;
|
|
31
|
+
if (create && !g.iframeSdk) {
|
|
32
|
+
var appId = #{resolved_app_id.to_s.strip.empty? ? '""' : ERB::Util.html_escape(resolved_app_id).inspect};
|
|
33
|
+
if (!appId) {
|
|
34
|
+
var body = document.body;
|
|
35
|
+
appId = (body && body.dataset && body.dataset.whopAppId) || "";
|
|
36
|
+
}
|
|
37
|
+
if (appId) {
|
|
38
|
+
g.iframeSdk = create({ appId: appId });
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
} catch (e) {
|
|
42
|
+
// swallow init errors
|
|
43
|
+
}
|
|
44
|
+
})();
|
|
45
|
+
JS
|
|
46
|
+
|
|
47
|
+
html = %Q(<script src="https://unpkg.com/@whop/iframe@latest"#{nonce_attr}></script>\n<script#{nonce_attr}>#{init.strip}</script>)
|
|
48
|
+
html.respond_to?(:html_safe) ? html.html_safe : html
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
|
data/lib/whop/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: whop
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nikhil Nelson
|
|
@@ -175,6 +175,7 @@ files:
|
|
|
175
175
|
- lib/whop/dsl.rb
|
|
176
176
|
- lib/whop/dsl_prelude.rb
|
|
177
177
|
- lib/whop/error.rb
|
|
178
|
+
- lib/whop/iframe_helper.rb
|
|
178
179
|
- lib/whop/token.rb
|
|
179
180
|
- lib/whop/version.rb
|
|
180
181
|
- lib/whop/webhooks/engine.rb
|