@dwp/govuk-casa 9.0.0 → 9.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +9 -9
- package/dist/assets/css/casa.css +1 -1
- package/dist/assets/css/casa.css.map +1 -1
- package/dist/casa.d.ts +122 -95
- package/dist/casa.js +119 -86
- package/dist/casa.js.map +1 -1
- package/dist/lib/CasaTemplateLoader.d.ts +4 -4
- package/dist/lib/CasaTemplateLoader.js +16 -16
- package/dist/lib/CasaTemplateLoader.js.map +1 -1
- package/dist/lib/JourneyContext.d.ts +38 -40
- package/dist/lib/JourneyContext.js +81 -75
- package/dist/lib/JourneyContext.js.map +1 -1
- package/dist/lib/MutableRouter.d.ts +40 -41
- package/dist/lib/MutableRouter.js +64 -71
- package/dist/lib/MutableRouter.js.map +1 -1
- package/dist/lib/Plan.d.ts +29 -26
- package/dist/lib/Plan.js +85 -71
- package/dist/lib/Plan.js.map +1 -1
- package/dist/lib/ValidationError.d.ts +16 -15
- package/dist/lib/ValidationError.js +21 -20
- package/dist/lib/ValidationError.js.map +1 -1
- package/dist/lib/ValidatorFactory.d.ts +15 -13
- package/dist/lib/ValidatorFactory.js +14 -12
- package/dist/lib/ValidatorFactory.js.map +1 -1
- package/dist/lib/configuration-ingestor.d.ts +37 -40
- package/dist/lib/configuration-ingestor.js +93 -93
- package/dist/lib/configuration-ingestor.js.map +1 -1
- package/dist/lib/configure.d.ts +6 -6
- package/dist/lib/configure.js +14 -12
- package/dist/lib/configure.js.map +1 -1
- package/dist/lib/constants.d.ts +1 -3
- package/dist/lib/constants.js +9 -11
- package/dist/lib/constants.js.map +1 -1
- package/dist/lib/context-id-generators.d.ts +3 -5
- package/dist/lib/context-id-generators.js +7 -6
- package/dist/lib/context-id-generators.js.map +1 -1
- package/dist/lib/end-session.d.ts +4 -4
- package/dist/lib/end-session.js +5 -5
- package/dist/lib/field.d.ts +20 -18
- package/dist/lib/field.js +35 -48
- package/dist/lib/field.js.map +1 -1
- package/dist/lib/index.d.ts +13 -13
- package/dist/lib/logger.d.ts +7 -6
- package/dist/lib/logger.js +7 -7
- package/dist/lib/logger.js.map +1 -1
- package/dist/lib/mount.d.ts +5 -5
- package/dist/lib/mount.js +11 -10
- package/dist/lib/mount.js.map +1 -1
- package/dist/lib/nunjucks-filters.d.ts +10 -12
- package/dist/lib/nunjucks-filters.js +35 -35
- package/dist/lib/nunjucks-filters.js.map +1 -1
- package/dist/lib/nunjucks.d.ts +7 -5
- package/dist/lib/nunjucks.js +10 -8
- package/dist/lib/nunjucks.js.map +1 -1
- package/dist/lib/utils.d.ts +19 -19
- package/dist/lib/utils.js +62 -55
- package/dist/lib/utils.js.map +1 -1
- package/dist/lib/validators/dateObject.d.ts +29 -22
- package/dist/lib/validators/dateObject.js +58 -49
- package/dist/lib/validators/dateObject.js.map +1 -1
- package/dist/lib/validators/email.d.ts +4 -4
- package/dist/lib/validators/email.js +4 -4
- package/dist/lib/validators/inArray.d.ts +4 -4
- package/dist/lib/validators/inArray.js +7 -8
- package/dist/lib/validators/inArray.js.map +1 -1
- package/dist/lib/validators/index.d.ts +10 -10
- package/dist/lib/validators/index.js +1 -3
- package/dist/lib/validators/index.js.map +1 -1
- package/dist/lib/validators/nino.d.ts +9 -8
- package/dist/lib/validators/nino.js +14 -10
- package/dist/lib/validators/nino.js.map +1 -1
- package/dist/lib/validators/postalAddressObject.d.ts +37 -24
- package/dist/lib/validators/postalAddressObject.js +65 -46
- package/dist/lib/validators/postalAddressObject.js.map +1 -1
- package/dist/lib/validators/range.d.ts +12 -8
- package/dist/lib/validators/range.js +11 -9
- package/dist/lib/validators/range.js.map +1 -1
- package/dist/lib/validators/regex.d.ts +4 -4
- package/dist/lib/validators/regex.js +5 -5
- package/dist/lib/validators/required.d.ts +6 -6
- package/dist/lib/validators/required.js +9 -11
- package/dist/lib/validators/required.js.map +1 -1
- package/dist/lib/validators/strlen.d.ts +12 -8
- package/dist/lib/validators/strlen.js +13 -11
- package/dist/lib/validators/strlen.js.map +1 -1
- package/dist/lib/validators/wordCount.d.ts +12 -8
- package/dist/lib/validators/wordCount.js +15 -11
- package/dist/lib/validators/wordCount.js.map +1 -1
- package/dist/lib/waypoint-url.d.ts +16 -13
- package/dist/lib/waypoint-url.js +39 -36
- package/dist/lib/waypoint-url.js.map +1 -1
- package/dist/middleware/body-parser.d.ts +1 -1
- package/dist/middleware/body-parser.js +6 -6
- package/dist/middleware/body-parser.js.map +1 -1
- package/dist/middleware/data.d.ts +1 -1
- package/dist/middleware/data.js +8 -7
- package/dist/middleware/data.js.map +1 -1
- package/dist/middleware/gather-fields.d.ts +2 -2
- package/dist/middleware/gather-fields.js +6 -4
- package/dist/middleware/gather-fields.js.map +1 -1
- package/dist/middleware/i18n.js +13 -15
- package/dist/middleware/i18n.js.map +1 -1
- package/dist/middleware/post.js +30 -18
- package/dist/middleware/post.js.map +1 -1
- package/dist/middleware/pre.d.ts +2 -2
- package/dist/middleware/pre.js +46 -27
- package/dist/middleware/pre.js.map +1 -1
- package/dist/middleware/progress-journey.d.ts +1 -1
- package/dist/middleware/progress-journey.js +5 -5
- package/dist/middleware/progress-journey.js.map +1 -1
- package/dist/middleware/sanitise-fields.d.ts +1 -1
- package/dist/middleware/sanitise-fields.js +13 -11
- package/dist/middleware/sanitise-fields.js.map +1 -1
- package/dist/middleware/serve-first-waypoint.d.ts +3 -3
- package/dist/middleware/serve-first-waypoint.js +8 -6
- package/dist/middleware/serve-first-waypoint.js.map +1 -1
- package/dist/middleware/session.js +14 -11
- package/dist/middleware/session.js.map +1 -1
- package/dist/middleware/skip-waypoint.d.ts +1 -1
- package/dist/middleware/skip-waypoint.js +3 -3
- package/dist/middleware/skip-waypoint.js.map +1 -1
- package/dist/middleware/steer-journey.d.ts +1 -1
- package/dist/middleware/steer-journey.js +16 -14
- package/dist/middleware/steer-journey.js.map +1 -1
- package/dist/middleware/strip-proxy-path.d.ts +1 -1
- package/dist/middleware/strip-proxy-path.js +3 -3
- package/dist/middleware/strip-proxy-path.js.map +1 -1
- package/dist/middleware/validate-fields.d.ts +1 -1
- package/dist/middleware/validate-fields.js +2 -5
- package/dist/middleware/validate-fields.js.map +1 -1
- package/dist/routes/ancillary.d.ts +3 -3
- package/dist/routes/ancillary.js +4 -4
- package/dist/routes/ancillary.js.map +1 -1
- package/dist/routes/journey.d.ts +2 -2
- package/dist/routes/journey.js +91 -39
- package/dist/routes/journey.js.map +1 -1
- package/dist/routes/static.d.ts +7 -5
- package/dist/routes/static.js +20 -19
- package/dist/routes/static.js.map +1 -1
- package/package.json +19 -18
- package/src/casa.js +133 -100
- package/src/lib/CasaTemplateLoader.js +24 -19
- package/src/lib/JourneyContext.js +138 -107
- package/src/lib/MutableRouter.js +72 -74
- package/src/lib/Plan.js +145 -97
- package/src/lib/ValidationError.js +25 -21
- package/src/lib/ValidatorFactory.js +17 -13
- package/src/lib/configuration-ingestor.js +147 -110
- package/src/lib/configure.js +34 -32
- package/src/lib/constants.js +9 -11
- package/src/lib/context-id-generators.js +40 -43
- package/src/lib/end-session.js +6 -6
- package/src/lib/field.js +69 -58
- package/src/lib/index.js +12 -12
- package/src/lib/logger.js +9 -9
- package/src/lib/mount.js +70 -74
- package/src/lib/nunjucks-filters.js +56 -59
- package/src/lib/nunjucks.js +23 -18
- package/src/lib/utils.js +78 -57
- package/src/lib/validators/dateObject.js +71 -60
- package/src/lib/validators/email.js +8 -8
- package/src/lib/validators/inArray.js +10 -11
- package/src/lib/validators/index.js +12 -14
- package/src/lib/validators/nino.js +29 -15
- package/src/lib/validators/postalAddressObject.js +87 -63
- package/src/lib/validators/range.js +14 -12
- package/src/lib/validators/regex.js +8 -8
- package/src/lib/validators/required.js +16 -16
- package/src/lib/validators/strlen.js +16 -14
- package/src/lib/validators/wordCount.js +22 -14
- package/src/lib/waypoint-url.js +64 -46
- package/src/middleware/body-parser.js +10 -10
- package/src/middleware/csrf.js +1 -1
- package/src/middleware/data.js +28 -24
- package/src/middleware/gather-fields.js +10 -9
- package/src/middleware/i18n.js +35 -37
- package/src/middleware/post.js +41 -21
- package/src/middleware/pre.js +62 -41
- package/src/middleware/progress-journey.js +32 -18
- package/src/middleware/sanitise-fields.js +43 -20
- package/src/middleware/serve-first-waypoint.js +14 -12
- package/src/middleware/session.js +74 -61
- package/src/middleware/skip-waypoint.js +7 -9
- package/src/middleware/steer-journey.js +40 -28
- package/src/middleware/strip-proxy-path.js +8 -7
- package/src/middleware/validate-fields.js +5 -12
- package/src/routes/ancillary.js +5 -7
- package/src/routes/journey.js +159 -85
- package/src/routes/static.js +62 -29
- package/views/casa/components/character-count/README.md +2 -2
- package/views/casa/components/checkboxes/README.md +6 -6
- package/views/casa/components/date-input/README.md +7 -7
- package/views/casa/components/input/README.md +2 -2
- package/views/casa/components/journey-form/README.md +33 -14
- package/views/casa/components/postal-address-object/README.md +4 -4
- package/views/casa/components/radios/README.md +6 -6
- package/views/casa/components/select/README.md +6 -6
- package/views/casa/components/textarea/README.md +2 -2
- package/views/casa/layouts/main.njk +2 -1
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
export function verifyBody(req: any, res: any, buf: any, encoding: any): void;
|
|
2
|
-
export default function bodyParserMiddleware({ formMaxParams, formMaxBytes
|
|
2
|
+
export default function bodyParserMiddleware({ formMaxParams, formMaxBytes }: {
|
|
3
3
|
formMaxParams: any;
|
|
4
4
|
formMaxBytes: any;
|
|
5
5
|
}): import("connect").NextHandleFunction[];
|
|
@@ -6,23 +6,23 @@ const rProto = /__proto__/i;
|
|
|
6
6
|
const rPrototype = /prototype[='"[\]]/i;
|
|
7
7
|
const rConstructor = /constructor[='"[\]]/i;
|
|
8
8
|
function verifyBody(req, res, buf, encoding) {
|
|
9
|
-
const body = decodeURI(buf.toString(encoding)).replace(/[\s\u200B-\u200D\uFEFF]/g,
|
|
9
|
+
const body = decodeURI(buf.toString(encoding)).replace(/[\s\u200B-\u200D\uFEFF]/g, "");
|
|
10
10
|
if (rProto.test(body)) {
|
|
11
|
-
throw new Error(
|
|
11
|
+
throw new Error("Request body verification failed (__proto__)");
|
|
12
12
|
}
|
|
13
13
|
if (rPrototype.test(body)) {
|
|
14
|
-
throw new Error(
|
|
14
|
+
throw new Error("Request body verification failed (prototype)");
|
|
15
15
|
}
|
|
16
16
|
if (rConstructor.test(body)) {
|
|
17
|
-
throw new Error(
|
|
17
|
+
throw new Error("Request body verification failed (constructor)");
|
|
18
18
|
}
|
|
19
19
|
}
|
|
20
20
|
exports.verifyBody = verifyBody;
|
|
21
|
-
function bodyParserMiddleware({ formMaxParams, formMaxBytes
|
|
21
|
+
function bodyParserMiddleware({ formMaxParams, formMaxBytes }) {
|
|
22
22
|
return [
|
|
23
23
|
(0, express_1.urlencoded)({
|
|
24
24
|
extended: true,
|
|
25
|
-
type:
|
|
25
|
+
type: "application/x-www-form-urlencoded",
|
|
26
26
|
inflate: true,
|
|
27
27
|
parameterLimit: formMaxParams,
|
|
28
28
|
limit: formMaxBytes,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"body-parser.js","sourceRoot":"","sources":["../../src/middleware/body-parser.js"],"names":[],"mappings":";;;AAAA,qCAA0D;AAE1D,MAAM,MAAM,GAAG,YAAY,CAAC;AAC5B,MAAM,UAAU,GAAG,oBAAoB,CAAC;AACxC,MAAM,YAAY,GAAG,sBAAsB,CAAC;AAE5C,SAAgB,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ;IAChD,MAAM,IAAI,GAAG,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,
|
|
1
|
+
{"version":3,"file":"body-parser.js","sourceRoot":"","sources":["../../src/middleware/body-parser.js"],"names":[],"mappings":";;;AAAA,qCAA0D;AAE1D,MAAM,MAAM,GAAG,YAAY,CAAC;AAC5B,MAAM,UAAU,GAAG,oBAAoB,CAAC;AACxC,MAAM,YAAY,GAAG,sBAAsB,CAAC;AAE5C,SAAgB,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ;IAChD,MAAM,IAAI,GAAG,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CACpD,0BAA0B,EAC1B,EAAE,CACH,CAAC;IACF,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAClE,CAAC;IACD,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAClE,CAAC;IACD,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpE,CAAC;AACH,CAAC;AAdD,gCAcC;AAED,SAAwB,oBAAoB,CAAC,EAAE,aAAa,EAAE,YAAY,EAAE;IAC1E,OAAO;QACL,IAAA,oBAAiB,EAAC;YAChB,QAAQ,EAAE,IAAI;YACd,IAAI,EAAE,mCAAmC;YACzC,OAAO,EAAE,IAAI;YACb,cAAc,EAAE,aAAa;YAC7B,KAAK,EAAE,YAAY;YACnB,MAAM,EAAE,UAAU;SACnB,CAAC;KACH,CAAC;AACJ,CAAC;AAXD,uCAWC"}
|
package/dist/middleware/data.js
CHANGED
|
@@ -11,15 +11,15 @@ const utils_js_1 = require("../lib/utils.js");
|
|
|
11
11
|
const waypoint_url_js_1 = __importDefault(require("../lib/waypoint-url.js"));
|
|
12
12
|
const { has } = lodash_1.default;
|
|
13
13
|
const editOrigin = (req) => {
|
|
14
|
-
if (has(req.query,
|
|
14
|
+
if (has(req.query, "editorigin")) {
|
|
15
15
|
return (0, waypoint_url_js_1.default)({ waypoint: req.query.editorigin });
|
|
16
16
|
}
|
|
17
|
-
if (has(req === null || req === void 0 ? void 0 : req.body,
|
|
17
|
+
if (has(req === null || req === void 0 ? void 0 : req.body, "editorigin")) {
|
|
18
18
|
return (0, waypoint_url_js_1.default)({ waypoint: req.body.editorigin });
|
|
19
19
|
}
|
|
20
|
-
return
|
|
20
|
+
return "";
|
|
21
21
|
};
|
|
22
|
-
function dataMiddleware({ plan, events, contextIdGenerator
|
|
22
|
+
function dataMiddleware({ plan, events, contextIdGenerator }) {
|
|
23
23
|
return [
|
|
24
24
|
(req, res, next) => {
|
|
25
25
|
/* ------------------------------------------------ Request decorations */
|
|
@@ -31,7 +31,8 @@ function dataMiddleware({ plan, events, contextIdGenerator, }) {
|
|
|
31
31
|
// `contextid` request parameter
|
|
32
32
|
journeyContext: JourneyContext_js_1.default.extractContextFromRequest(req).addEventListeners(events),
|
|
33
33
|
// Edit mode
|
|
34
|
-
editMode: (has(req === null || req === void 0 ? void 0 : req.query,
|
|
34
|
+
editMode: (has(req === null || req === void 0 ? void 0 : req.query, "edit") && has(req === null || req === void 0 ? void 0 : req.query, "editorigin")) ||
|
|
35
|
+
(has(req === null || req === void 0 ? void 0 : req.body, "edit") && has(req === null || req === void 0 ? void 0 : req.body, "editorigin")), editOrigin: editOrigin(req) });
|
|
35
36
|
// Grab chosen language from session
|
|
36
37
|
req.casa.journeyContext.nav.language = req.session.language;
|
|
37
38
|
// Context ID generator
|
|
@@ -42,7 +43,7 @@ function dataMiddleware({ plan, events, contextIdGenerator, }) {
|
|
|
42
43
|
});
|
|
43
44
|
/* ------------------------------------------------- Template variables */
|
|
44
45
|
// Capture mount URL that will be used in generating all browser URLs
|
|
45
|
-
const mountUrl = (0, utils_js_1.validateUrlPath)(`${req.baseUrl}/`.replace(/\/+/g,
|
|
46
|
+
const mountUrl = (0, utils_js_1.validateUrlPath)(`${req.baseUrl}/`.replace(/\/+/g, "/"));
|
|
46
47
|
// If this CASA app is mounted on a parameterised route, then all of its
|
|
47
48
|
// static assets (served by `staticRouter`) will, by default, be served
|
|
48
49
|
// from that dynamic path, for example:
|
|
@@ -62,7 +63,7 @@ function dataMiddleware({ plan, events, contextIdGenerator, }) {
|
|
|
62
63
|
// Router, the `baseUrl` is different in each case, so we cannot rely
|
|
63
64
|
// on it to be consistent. Hence the need for this property, which will
|
|
64
65
|
// always be the non-parameterised version of the baseUrl.
|
|
65
|
-
const staticMountUrl = (0, utils_js_1.validateUrlPath)(`${req.unparameterisedBaseUrl}/`.replace(/\/+/g,
|
|
66
|
+
const staticMountUrl = (0, utils_js_1.validateUrlPath)(`${req.unparameterisedBaseUrl}/`.replace(/\/+/g, "/"));
|
|
66
67
|
// CASA and userland templates
|
|
67
68
|
res.locals.casa = {
|
|
68
69
|
mountUrl,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"data.js","sourceRoot":"","sources":["../../src/middleware/data.js"],"names":[],"mappings":";AAAA,2EAA2E;AAC3E,gFAAgF;;;;;AAEhF,oDAA4B;AAC5B,iFAAsD;AACtD,8CAAkD;AAClD,6EAAiD;AAEjD,MAAM,EAAE,GAAG,EAAE,GAAG,gBAAM,CAAC;AAEvB,MAAM,UAAU,GAAG,CAAC,GAAG,EAAE,EAAE;IACzB,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,EAAE,CAAC;QACjC,OAAO,IAAA,yBAAW,EAAC,EAAE,QAAQ,EAAE,GAAG,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;IACzD,CAAC;IACD,IAAI,GAAG,CAAC,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI,EAAE,YAAY,CAAC,EAAE,CAAC;QACjC,OAAO,IAAA,yBAAW,EAAC,EAAE,QAAQ,EAAE,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC,
|
|
1
|
+
{"version":3,"file":"data.js","sourceRoot":"","sources":["../../src/middleware/data.js"],"names":[],"mappings":";AAAA,2EAA2E;AAC3E,gFAAgF;;;;;AAEhF,oDAA4B;AAC5B,iFAAsD;AACtD,8CAAkD;AAClD,6EAAiD;AAEjD,MAAM,EAAE,GAAG,EAAE,GAAG,gBAAM,CAAC;AAEvB,MAAM,UAAU,GAAG,CAAC,GAAG,EAAE,EAAE;IACzB,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,EAAE,CAAC;QACjC,OAAO,IAAA,yBAAW,EAAC,EAAE,QAAQ,EAAE,GAAG,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;IACzD,CAAC;IACD,IAAI,GAAG,CAAC,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI,EAAE,YAAY,CAAC,EAAE,CAAC;QACjC,OAAO,IAAA,yBAAW,EAAC,EAAE,QAAQ,EAAE,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC,CAAC;AAEF,SAAwB,cAAc,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,kBAAkB,EAAE;IACzE,OAAO;QACL,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;YACjB,0EAA0E;YAE1E,OAAO;YACP,GAAG,CAAC,IAAI,mCACH,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI;gBAEZ,WAAW;gBACX,IAAI;gBAEJ,6DAA6D;gBAC7D,gCAAgC;gBAChC,cAAc,EACZ,2BAAc,CAAC,yBAAyB,CAAC,GAAG,CAAC,CAAC,iBAAiB,CAC7D,MAAM,CACP;gBAEH,YAAY;gBACZ,QAAQ,EACN,CAAC,GAAG,CAAC,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,KAAK,EAAE,MAAM,CAAC,IAAI,GAAG,CAAC,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,KAAK,EAAE,YAAY,CAAC,CAAC;oBAC1D,CAAC,GAAG,CAAC,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI,EAAE,MAAM,CAAC,IAAI,GAAG,CAAC,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI,EAAE,YAAY,CAAC,CAAC,EAC1D,UAAU,EAAE,UAAU,CAAC,GAAG,CAAC,GAC5B,CAAC;YAEF,oCAAoC;YACpC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC;YAE5D,uBAAuB;YACvB,MAAM,CAAC,cAAc,CAAC,GAAG,EAAE,2BAAc,CAAC,oBAAoB,EAAE;gBAC9D,KAAK,EAAE,kBAAkB;gBACzB,UAAU,EAAE,KAAK;gBACjB,QAAQ,EAAE,KAAK;aAChB,CAAC,CAAC;YAEH,0EAA0E;YAE1E,qEAAqE;YACrE,MAAM,QAAQ,GAAG,IAAA,0BAAe,EAAC,GAAG,GAAG,CAAC,OAAO,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;YAEzE,wEAAwE;YACxE,uEAAuE;YACvE,uCAAuC;YACvC,+DAA+D;YAC/D,uDAAuD;YACvD,mCAAmC;YACnC,EAAE;YACF,yEAAyE;YACzE,sEAAsE;YACtE,0EAA0E;YAC1E,6BAA6B;YAC7B,qEAAqE;YACrE,wCAAwC;YACxC,yBAAyB;YACzB,EAAE;YACF,wEAAwE;YACxE,qEAAqE;YACrE,uEAAuE;YACvE,0DAA0D;YAC1D,MAAM,cAAc,GAAG,IAAA,0BAAe,EACpC,GAAG,GAAG,CAAC,sBAAsB,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CACtD,CAAC;YAEF,8BAA8B;YAC9B,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG;gBAChB,QAAQ;gBACR,cAAc;gBACd,QAAQ,EAAE,GAAG,CAAC,IAAI,CAAC,QAAQ;gBAC3B,UAAU,EAAE,GAAG,CAAC,IAAI,CAAC,UAAU;aAChC,CAAC;YACF,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC,QAAQ,CAAC;YAEjC,kCAAkC;YAClC,gEAAgE;YAChE,+EAA+E;YAC/E,GAAG,CAAC,MAAM,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;YACnC,GAAG,CAAC,MAAM,CAAC,SAAS,GAAG,GAAG,cAAc,cAAc,CAAC;YAEvD,wEAAwE;YACxE,wEAAwE;YACxE,sEAAsE;YACtE,sEAAsE;YACtE,sCAAsC;YACtC,GAAG,CAAC,MAAM,CAAC,WAAW,GAAG,CAAC,IAAI,EAAE,EAAE,CAChC,IAAA,yBAAW,kBACT,QAAQ,EACR,cAAc,EAAE,GAAG,CAAC,IAAI,CAAC,cAAc,EACvC,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,QAAQ,EACvB,UAAU,EAAE,GAAG,CAAC,IAAI,CAAC,UAAU,IAC5B,IAAI,EACP,CAAC;YAEL,IAAI,EAAE,CAAC;QACT,CAAC;KACF,CAAC;AACJ,CAAC;AAhGD,iCAgGC"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
declare function _default({ waypoint, fields
|
|
1
|
+
declare function _default({ waypoint, fields }: {
|
|
2
2
|
waypoint: string;
|
|
3
3
|
fields?: import("../lib/field").PageField[] | undefined;
|
|
4
4
|
}): any[];
|
|
5
5
|
export default _default;
|
|
6
|
-
export type PageField = import(
|
|
6
|
+
export type PageField = import("../lib/field").PageField;
|
|
@@ -10,21 +10,22 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
10
10
|
const JourneyContext_js_1 = __importDefault(require("../lib/JourneyContext.js"));
|
|
11
11
|
const constants_js_1 = require("../lib/constants.js");
|
|
12
12
|
/**
|
|
13
|
+
* @typedef {import("../lib/field").PageField} PageField
|
|
13
14
|
* @access private
|
|
14
|
-
* @typedef {import('../lib/field').PageField} PageField
|
|
15
15
|
*/
|
|
16
16
|
/**
|
|
17
17
|
* Gather the field data from `req.body` into the current JourneyContext
|
|
18
|
+
*
|
|
18
19
|
* - Store in the current session
|
|
19
20
|
* - Update the user's journey context with the new data
|
|
20
21
|
* - Remove validation date of JourneyContext so it can re-evaluted
|
|
21
22
|
*
|
|
22
23
|
* @param {object} obj Options
|
|
23
24
|
* @param {string} obj.waypoint Waypoint
|
|
24
|
-
* @param {PageField[]} [obj.fields=[]] Fields
|
|
25
|
+
* @param {PageField[]} [obj.fields=[]] Fields. Default is `[]`
|
|
25
26
|
* @returns {Array} Array of middleware
|
|
26
27
|
*/
|
|
27
|
-
exports.default = ({ waypoint, fields = []
|
|
28
|
+
exports.default = ({ waypoint, fields = [] }) => [
|
|
28
29
|
(req, res, next) => {
|
|
29
30
|
// Store a copy of the journey context before modifying it. This is useful
|
|
30
31
|
// for any comparison work that may be done in subsequent middleware.
|
|
@@ -34,7 +35,8 @@ exports.default = ({ waypoint, fields = [], }) => [
|
|
|
34
35
|
/* eslint-disable security/detect-object-injection */
|
|
35
36
|
const persistentBody = Object.create(null);
|
|
36
37
|
for (let i = 0, l = fields.length; i < l; i++) {
|
|
37
|
-
if (fields[i].meta.persist &&
|
|
38
|
+
if (fields[i].meta.persist &&
|
|
39
|
+
fields[i].getValue(req.body) !== undefined) {
|
|
38
40
|
persistentBody[fields[i].name] = fields[i].getValue(req.body);
|
|
39
41
|
}
|
|
40
42
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"gather-fields.js","sourceRoot":"","sources":["../../src/middleware/gather-fields.js"],"names":[],"mappings":";AAAA,wEAAwE;AACxE,iCAAiC;AACjC,wDAAwD;AACxD,mEAAmE;;;;;AAEnE,iFAAsD;AACtD,sDAA2D;AAE3D;;;GAGG;AAEH
|
|
1
|
+
{"version":3,"file":"gather-fields.js","sourceRoot":"","sources":["../../src/middleware/gather-fields.js"],"names":[],"mappings":";AAAA,wEAAwE;AACxE,iCAAiC;AACjC,wDAAwD;AACxD,mEAAmE;;;;;AAEnE,iFAAsD;AACtD,sDAA2D;AAE3D;;;GAGG;AAEH;;;;;;;;;;;GAWG;AACH,kBAAe,CAAC,EAAE,QAAQ,EAAE,MAAM,GAAG,EAAE,EAAE,EAAE,EAAE,CAAC;IAC5C,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACjB,0EAA0E;QAC1E,qEAAqE;QACrE,GAAG,CAAC,IAAI,CAAC,sBAAsB,GAAG,2BAAc,CAAC,WAAW,CAC1D,GAAG,CAAC,IAAI,CAAC,cAAc,EACvB,GAAG,CACJ,CAAC;QAEF,4CAA4C;QAC5C,iEAAiE;QACjE,qDAAqD;QACrD,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC3C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC9C,IACE,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO;gBACtB,MAAM,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,SAAS,EAC1C,CAAC;gBACD,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAChE,CAAC;QACH,CAAC;QACD,oDAAoD;QAEpD,wEAAwE;QACxE,2EAA2E;QAC3E,0EAA0E;QAC1E,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;QACjE,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,4BAA4B,CAAC,QAAQ,CAAC,CAAC;QAC/D,2BAAc,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE;YAC9D,QAAQ,EAAE;gBACR,gBAAgB,EAAE,mCAAoB;aACvC;SACF,CAAC,CAAC;QAEH,IAAI,EAAE,CAAC;IACT,CAAC;CACF,CAAC"}
|
package/dist/middleware/i18n.js
CHANGED
|
@@ -10,19 +10,19 @@ const fs_1 = require("fs");
|
|
|
10
10
|
const deepmerge_1 = __importDefault(require("deepmerge"));
|
|
11
11
|
const js_yaml_1 = __importDefault(require("js-yaml"));
|
|
12
12
|
const logger_js_1 = __importDefault(require("../lib/logger.js"));
|
|
13
|
-
const log = (0, logger_js_1.default)(
|
|
13
|
+
const log = (0, logger_js_1.default)("middleware:i18n");
|
|
14
14
|
const loadJson = (file) => {
|
|
15
15
|
// Strip out newlines (this is a legacy feature which we're keeping for
|
|
16
16
|
// backwards compatibility).
|
|
17
17
|
/* eslint-disable-next-line security/detect-non-literal-fs-filename */
|
|
18
|
-
const json = (0, fs_1.readFileSync)(file,
|
|
19
|
-
return JSON.parse(json.replace(/[\r\n]/g,
|
|
18
|
+
const json = (0, fs_1.readFileSync)(file, "utf8");
|
|
19
|
+
return JSON.parse(json.replace(/[\r\n]/g, ""));
|
|
20
20
|
};
|
|
21
21
|
/* eslint-disable-next-line security/detect-non-literal-fs-filename */
|
|
22
|
-
const loadYaml = (file) => js_yaml_1.default.load((0, fs_1.readFileSync)(file,
|
|
22
|
+
const loadYaml = (file) => js_yaml_1.default.load((0, fs_1.readFileSync)(file, "utf8"));
|
|
23
23
|
const extract = (file) => {
|
|
24
|
-
const ext = /.yaml$/i.test(file) ?
|
|
25
|
-
const data = ext ===
|
|
24
|
+
const ext = /.yaml$/i.test(file) ? ".yaml" : ".json";
|
|
25
|
+
const data = ext === ".yaml" ? loadYaml(file) : loadJson(file);
|
|
26
26
|
return {
|
|
27
27
|
ns: (0, path_1.basename)(file, ext),
|
|
28
28
|
data,
|
|
@@ -41,7 +41,7 @@ const loadResources = (languages, directories) => {
|
|
|
41
41
|
if (!(0, fs_1.existsSync)(dir)) {
|
|
42
42
|
return;
|
|
43
43
|
}
|
|
44
|
-
log.info(
|
|
44
|
+
log.info("Loading %s language from %s ...", language, dir);
|
|
45
45
|
/* eslint-disable-next-line security/detect-non-literal-fs-filename */
|
|
46
46
|
(0, fs_1.readdirSync)(dir).forEach((file) => {
|
|
47
47
|
const { ns, data } = extract((0, path_1.resolve)(dir, file));
|
|
@@ -55,26 +55,24 @@ const loadResources = (languages, directories) => {
|
|
|
55
55
|
});
|
|
56
56
|
return store;
|
|
57
57
|
};
|
|
58
|
-
function i18nMiddleware({ languages = [
|
|
58
|
+
function i18nMiddleware({ languages = ["en", "cy"], directories = [], }) {
|
|
59
59
|
// Load _all_ translations, from all directories into memory.
|
|
60
60
|
const resources = loadResources(languages, directories);
|
|
61
61
|
// Configure i18next
|
|
62
62
|
const i18nInstance = (0, i18next_1.createInstance)();
|
|
63
|
-
i18nInstance
|
|
64
|
-
.use(i18next_http_middleware_1.LanguageDetector)
|
|
65
|
-
.init({
|
|
63
|
+
i18nInstance.use(i18next_http_middleware_1.LanguageDetector).init({
|
|
66
64
|
initImmediate: false, // because we need synchronous loading
|
|
67
65
|
supportedLngs: languages,
|
|
68
66
|
fallbackLng: false,
|
|
69
|
-
defaultNS:
|
|
67
|
+
defaultNS: "common",
|
|
70
68
|
// debug: true,
|
|
71
69
|
// All translation resources
|
|
72
70
|
resources,
|
|
73
71
|
// LanguageDetector options
|
|
74
72
|
detection: {
|
|
75
|
-
lookupQuerystring:
|
|
76
|
-
lookupSession:
|
|
77
|
-
order: [
|
|
73
|
+
lookupQuerystring: "lang",
|
|
74
|
+
lookupSession: "language",
|
|
75
|
+
order: ["querystring", "session"],
|
|
78
76
|
},
|
|
79
77
|
});
|
|
80
78
|
// 2 middleware: one to read/set the session language, and one to enhance the
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"i18n.js","sourceRoot":"","sources":["../../src/middleware/i18n.js"],"names":[],"mappings":";;;;;AAAA,qCAAyC;AACzC,qEAAmE;AACnE,+BAAyC;AACzC,2BAA2D;AAC3D,0DAAkC;AAClC,sDAA2B;AAC3B,iEAAsC;AAEtC,MAAM,GAAG,GAAG,IAAA,mBAAM,EAAC,iBAAiB,CAAC,CAAC;AAEtC,MAAM,QAAQ,GAAG,CAAC,IAAI,EAAE,EAAE;IACxB,uEAAuE;IACvE,4BAA4B;IAC5B,sEAAsE;IACtE,MAAM,IAAI,GAAG,IAAA,iBAAY,EAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACxC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC;AACjD,CAAC,
|
|
1
|
+
{"version":3,"file":"i18n.js","sourceRoot":"","sources":["../../src/middleware/i18n.js"],"names":[],"mappings":";;;;;AAAA,qCAAyC;AACzC,qEAAmE;AACnE,+BAAyC;AACzC,2BAA2D;AAC3D,0DAAkC;AAClC,sDAA2B;AAC3B,iEAAsC;AAEtC,MAAM,GAAG,GAAG,IAAA,mBAAM,EAAC,iBAAiB,CAAC,CAAC;AAEtC,MAAM,QAAQ,GAAG,CAAC,IAAI,EAAE,EAAE;IACxB,uEAAuE;IACvE,4BAA4B;IAC5B,sEAAsE;IACtE,MAAM,IAAI,GAAG,IAAA,iBAAY,EAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACxC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC;AACjD,CAAC,CAAC;AAEF,sEAAsE;AACtE,MAAM,QAAQ,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,iBAAI,CAAC,IAAI,CAAC,IAAA,iBAAY,EAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;AAEjE,MAAM,OAAO,GAAG,CAAC,IAAI,EAAE,EAAE;IACvB,MAAM,GAAG,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC;IACrD,MAAM,IAAI,GAAG,GAAG,KAAK,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAE/D,OAAO;QACL,EAAE,EAAE,IAAA,eAAQ,EAAC,IAAI,EAAE,GAAG,CAAC;QACvB,IAAI;KACL,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,aAAa,GAAG,CAAC,SAAS,EAAE,WAAW,EAAE,EAAE;IAC/C,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAElC,SAAS,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;QAC7B,0EAA0E;QAC1E,uDAAuD;QACvD,qDAAqD;QACrD,KAAK,CAAC,QAAQ,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAEtC,WAAW,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC9B,MAAM,GAAG,GAAG,IAAA,cAAO,EAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;YACvC,sEAAsE;YACtE,IAAI,CAAC,IAAA,eAAU,EAAC,GAAG,CAAC,EAAE,CAAC;gBACrB,OAAO;YACT,CAAC;YAED,GAAG,CAAC,IAAI,CAAC,iCAAiC,EAAE,QAAQ,EAAE,GAAG,CAAC,CAAC;YAC3D,sEAAsE;YACtE,IAAA,gBAAW,EAAC,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;gBAChC,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,IAAA,cAAO,EAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;gBAEjD,IAAI,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,KAAK,SAAS,EAAE,CAAC;oBACtC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;gBAC5C,CAAC;gBAED,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,GAAG,IAAA,mBAAS,EAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;YAC7D,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QACH,oDAAoD;IACtD,CAAC,CAAC,CAAC;IAEH,OAAO,KAAK,CAAC;AACf,CAAC,CAAC;AAEF,SAAwB,cAAc,CAAC,EACrC,SAAS,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,EACxB,WAAW,GAAG,EAAE,GACjB;IACC,6DAA6D;IAC7D,MAAM,SAAS,GAAG,aAAa,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;IAExD,oBAAoB;IACpB,MAAM,YAAY,GAAG,IAAA,wBAAc,GAAE,CAAC;IACtC,YAAY,CAAC,GAAG,CAAC,0CAAgB,CAAC,CAAC,IAAI,CAAC;QACtC,aAAa,EAAE,KAAK,EAAE,sCAAsC;QAC5D,aAAa,EAAE,SAAS;QACxB,WAAW,EAAE,KAAK;QAClB,SAAS,EAAE,QAAQ;QACnB,eAAe;QAEf,4BAA4B;QAC5B,SAAS;QAET,2BAA2B;QAC3B,SAAS,EAAE;YACT,iBAAiB,EAAE,MAAM;YACzB,aAAa,EAAE,UAAU;YACzB,KAAK,EAAE,CAAC,aAAa,EAAE,SAAS,CAAC;SAClC;KACF,CAAC,CAAC;IAEH,6EAA6E;IAC7E,qCAAqC;IACrC,OAAO;QACL,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;YACjB,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;gBAC1B,mDAAmD;gBACnD,GAAG,CAAC,OAAO,CAAC,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;YACtC,CAAC;YACD,IAAI,CAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,KAAK,CAAC,IAAI,KAAI,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC1D,GAAG,CAAC,OAAO,CAAC,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAChD,CAAC;YACD,IAAI,EAAE,CAAC;QACT,CAAC;QACD,IAAA,gCAAM,EAAC,YAAY,CAAC;KACrB,CAAC;AACJ,CAAC;AA1CD,iCA0CC"}
|
package/dist/middleware/post.js
CHANGED
|
@@ -5,11 +5,11 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
6
|
// 2 middleware: one as a fallback 404 handler, one to handle thrown errors
|
|
7
7
|
const logger_js_1 = __importDefault(require("../lib/logger.js"));
|
|
8
|
-
const log = (0, logger_js_1.default)(
|
|
8
|
+
const log = (0, logger_js_1.default)("middleware:post");
|
|
9
9
|
function postMiddleware() {
|
|
10
10
|
return [
|
|
11
11
|
(req, res) => {
|
|
12
|
-
res.status(404).render(
|
|
12
|
+
res.status(404).render("casa/errors/404.njk");
|
|
13
13
|
},
|
|
14
14
|
/* eslint-disable-next-line no-unused-vars */
|
|
15
15
|
(err, req, res, next) => {
|
|
@@ -17,36 +17,48 @@ function postMiddleware() {
|
|
|
17
17
|
// In some cases, an error may have been thrown before the template assets
|
|
18
18
|
// have had a chance to initialise. So we use a hardcoded template in
|
|
19
19
|
// these cases to ensure the user sees an appropriate message.
|
|
20
|
-
let TEMPLATE =
|
|
20
|
+
let TEMPLATE = "casa/errors/500.njk";
|
|
21
21
|
if (!res.locals.t) {
|
|
22
|
-
res.locals.t = () =>
|
|
22
|
+
res.locals.t = () => "";
|
|
23
23
|
res.locals.casa = Object.assign(Object.assign({}, (_a = res.locals) === null || _a === void 0 ? void 0 : _a.casa), { mountUrl: `${req.baseUrl}/` });
|
|
24
|
-
TEMPLATE =
|
|
24
|
+
TEMPLATE = "casa/errors/static.njk";
|
|
25
25
|
}
|
|
26
26
|
// CSRF token is invalid in some way
|
|
27
|
-
if ((err === null || err === void 0 ? void 0 : err.code) ===
|
|
28
|
-
log.info(
|
|
29
|
-
return res
|
|
27
|
+
if ((err === null || err === void 0 ? void 0 : err.code) === "EBADCSRFTOKEN") {
|
|
28
|
+
log.info("CSRF validation has failed. This may be caused by the user submitting a stale form from a previous session [EBADCSRFTOKEN]");
|
|
29
|
+
return res
|
|
30
|
+
.status(403)
|
|
31
|
+
.render(TEMPLATE, { errorCode: "bad_csrf_token", error: err });
|
|
30
32
|
}
|
|
31
33
|
// Body parsing verification check failed
|
|
32
|
-
if ((err === null || err === void 0 ? void 0 : err.type) ===
|
|
33
|
-
log.info(
|
|
34
|
-
return res
|
|
34
|
+
if ((err === null || err === void 0 ? void 0 : err.type) === "entity.verify.failed") {
|
|
35
|
+
log.info("Body parser verification has failed. This has been caused by the user submitting a payload containing invalid data [entity.verify.failed]");
|
|
36
|
+
return res
|
|
37
|
+
.status(403)
|
|
38
|
+
.render(TEMPLATE, { errorCode: "invalid_payload", error: err });
|
|
35
39
|
}
|
|
36
40
|
// Too many parameters submitted
|
|
37
|
-
if ((err === null || err === void 0 ? void 0 : err.type) ===
|
|
38
|
-
log.info(
|
|
39
|
-
return res.status(413).render(TEMPLATE, {
|
|
41
|
+
if ((err === null || err === void 0 ? void 0 : err.type) === "parameters.too.many") {
|
|
42
|
+
log.info("The request contains more parameters than is currently allowed [parameters.too.many]");
|
|
43
|
+
return res.status(413).render(TEMPLATE, {
|
|
44
|
+
errorCode: "parameter_limit_exceeded",
|
|
45
|
+
error: err,
|
|
46
|
+
});
|
|
40
47
|
}
|
|
41
48
|
// Overall payload too large
|
|
42
|
-
if ((err === null || err === void 0 ? void 0 : err.type) ===
|
|
49
|
+
if ((err === null || err === void 0 ? void 0 : err.type) === "entity.too.large") {
|
|
43
50
|
log.info(`The request payload is too large. Received ${err.length}b with a maximum of ${err.limit}b [parameters.too.many]`);
|
|
44
|
-
return res
|
|
51
|
+
return res
|
|
52
|
+
.status(413)
|
|
53
|
+
.render(TEMPLATE, { errorCode: "payload_size_exceeded", error: err });
|
|
45
54
|
}
|
|
46
55
|
// Unaccept request method
|
|
47
|
-
if ((err === null || err === void 0 ? void 0 : err.code) ===
|
|
56
|
+
if ((err === null || err === void 0 ? void 0 : err.code) === "unaccepted_request_method") {
|
|
48
57
|
log.info(err.message);
|
|
49
|
-
return res.status(400).render(TEMPLATE, {
|
|
58
|
+
return res.status(400).render(TEMPLATE, {
|
|
59
|
+
errorCode: "unaccepted_request_method",
|
|
60
|
+
error: err,
|
|
61
|
+
});
|
|
50
62
|
}
|
|
51
63
|
// Unknown error
|
|
52
64
|
log.error(`Unknown error: ${err.message}; stacktrace: ${err.stack}`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"post.js","sourceRoot":"","sources":["../../src/middleware/post.js"],"names":[],"mappings":";;;;;AAAA,2EAA2E;AAC3E,iEAAsC;AAEtC,MAAM,GAAG,GAAG,IAAA,mBAAM,EAAC,iBAAiB,CAAC,CAAC;AAEtC,SAAwB,cAAc;IACpC,OAAO;QACL,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;YACX,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;QAChD,CAAC;QACD,6CAA6C;QAC7C,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;;YACtB,0EAA0E;YAC1E,qEAAqE;YACrE,8DAA8D;YAC9D,IAAI,QAAQ,GAAG,qBAAqB,CAAC;YACrC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;gBAClB,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,GAAG,EAAE,CAAC,
|
|
1
|
+
{"version":3,"file":"post.js","sourceRoot":"","sources":["../../src/middleware/post.js"],"names":[],"mappings":";;;;;AAAA,2EAA2E;AAC3E,iEAAsC;AAEtC,MAAM,GAAG,GAAG,IAAA,mBAAM,EAAC,iBAAiB,CAAC,CAAC;AAEtC,SAAwB,cAAc;IACpC,OAAO;QACL,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;YACX,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;QAChD,CAAC;QACD,6CAA6C;QAC7C,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;;YACtB,0EAA0E;YAC1E,qEAAqE;YACrE,8DAA8D;YAC9D,IAAI,QAAQ,GAAG,qBAAqB,CAAC;YACrC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;gBAClB,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,CAAC;gBACxB,GAAG,CAAC,MAAM,CAAC,IAAI,mCACV,MAAA,GAAG,CAAC,MAAM,0CAAE,IAAI,KACnB,QAAQ,EAAE,GAAG,GAAG,CAAC,OAAO,GAAG,GAC5B,CAAC;gBACF,QAAQ,GAAG,wBAAwB,CAAC;YACtC,CAAC;YAED,oCAAoC;YACpC,IAAI,CAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI,MAAK,eAAe,EAAE,CAAC;gBAClC,GAAG,CAAC,IAAI,CACN,4HAA4H,CAC7H,CAAC;gBACF,OAAO,GAAG;qBACP,MAAM,CAAC,GAAG,CAAC;qBACX,MAAM,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,gBAAgB,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;YACnE,CAAC;YAED,yCAAyC;YACzC,IAAI,CAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI,MAAK,sBAAsB,EAAE,CAAC;gBACzC,GAAG,CAAC,IAAI,CACN,2IAA2I,CAC5I,CAAC;gBACF,OAAO,GAAG;qBACP,MAAM,CAAC,GAAG,CAAC;qBACX,MAAM,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,iBAAiB,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;YACpE,CAAC;YAED,gCAAgC;YAChC,IAAI,CAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI,MAAK,qBAAqB,EAAE,CAAC;gBACxC,GAAG,CAAC,IAAI,CACN,sFAAsF,CACvF,CAAC;gBACF,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE;oBACtC,SAAS,EAAE,0BAA0B;oBACrC,KAAK,EAAE,GAAG;iBACX,CAAC,CAAC;YACL,CAAC;YAED,4BAA4B;YAC5B,IAAI,CAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI,MAAK,kBAAkB,EAAE,CAAC;gBACrC,GAAG,CAAC,IAAI,CACN,8CAA8C,GAAG,CAAC,MAAM,uBAAuB,GAAG,CAAC,KAAK,yBAAyB,CAClH,CAAC;gBACF,OAAO,GAAG;qBACP,MAAM,CAAC,GAAG,CAAC;qBACX,MAAM,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,uBAAuB,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;YAC1E,CAAC;YAED,0BAA0B;YAC1B,IAAI,CAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI,MAAK,2BAA2B,EAAE,CAAC;gBAC9C,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;gBACtB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE;oBACtC,SAAS,EAAE,2BAA2B;oBACtC,KAAK,EAAE,GAAG;iBACX,CAAC,CAAC;YACL,CAAC;YAED,gBAAgB;YAChB,GAAG,CAAC,KAAK,CAAC,kBAAkB,GAAG,CAAC,OAAO,iBAAiB,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;YACrE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1D,CAAC;KACF,CAAC;AACJ,CAAC;AA3ED,iCA2EC"}
|
package/dist/middleware/pre.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
declare function _default({ helmetConfigurator
|
|
1
|
+
declare function _default({ helmetConfigurator }?: {
|
|
2
2
|
helmetConfigurator: HelmetConfigurator;
|
|
3
3
|
}): Function[];
|
|
4
4
|
export default _default;
|
|
5
|
-
export type HelmetConfigurator = import(
|
|
5
|
+
export type HelmetConfigurator = import("../casa").HelmetConfigurator;
|
package/dist/middleware/pre.js
CHANGED
|
@@ -6,13 +6,13 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
6
6
|
const crypto_1 = require("crypto");
|
|
7
7
|
const helmet_1 = __importDefault(require("helmet"));
|
|
8
8
|
/**
|
|
9
|
+
* @typedef {import("../casa").HelmetConfigurator} HelmetConfigurator
|
|
9
10
|
* @access private
|
|
10
|
-
* @typedef {import('../casa').HelmetConfigurator} HelmetConfigurator
|
|
11
11
|
*/
|
|
12
|
-
const GA_DOMAIN =
|
|
13
|
-
const GA_ANALYTICS_DOMAIN =
|
|
14
|
-
const GTM_DOMAIN =
|
|
15
|
-
const GTM_PREVIEW_DOMAIN =
|
|
12
|
+
const GA_DOMAIN = "*.google-analytics.com";
|
|
13
|
+
const GA_ANALYTICS_DOMAIN = "*.analytics.google.com";
|
|
14
|
+
const GTM_DOMAIN = "*.googletagmanager.com";
|
|
15
|
+
const GTM_PREVIEW_DOMAIN = "https://tagmanager.google.com";
|
|
16
16
|
/**
|
|
17
17
|
* Extracts the CSP nonce used in every template, and makes it available as a
|
|
18
18
|
* nonce value in the CSP header.
|
|
@@ -21,9 +21,9 @@ const GTM_PREVIEW_DOMAIN = 'https://tagmanager.google.com';
|
|
|
21
21
|
* to identify this function specifically, most likely to remove it from CSP
|
|
22
22
|
* headers for custom purposes.
|
|
23
23
|
*
|
|
24
|
-
* @param {import(
|
|
25
|
-
* @param {import(
|
|
26
|
-
* @returns {string}
|
|
24
|
+
* @param {import("express").Request} req Request
|
|
25
|
+
* @param {import("express").Response} res Response
|
|
26
|
+
* @returns {string} Nonce value suitable for use in CSP header
|
|
27
27
|
*/
|
|
28
28
|
function casaCspNonce(req, res) {
|
|
29
29
|
return `'nonce-${res.locals.cspNonce}'`;
|
|
@@ -32,15 +32,16 @@ function casaCspNonce(req, res) {
|
|
|
32
32
|
* Pre middleware.
|
|
33
33
|
*
|
|
34
34
|
* @param {object} opts Options
|
|
35
|
-
* @param {HelmetConfigurator} opts.helmetConfigurator Function to customise
|
|
35
|
+
* @param {HelmetConfigurator} opts.helmetConfigurator Function to customise
|
|
36
|
+
* Helmet configuration
|
|
36
37
|
* @returns {Function[]} List of middleware
|
|
37
38
|
*/
|
|
38
|
-
exports.default = ({ helmetConfigurator = (config) =>
|
|
39
|
+
exports.default = ({ helmetConfigurator = (config) => config } = {}) => [
|
|
39
40
|
// Only allow certain request methods
|
|
40
41
|
(req, res, next) => {
|
|
41
|
-
if (req.method !==
|
|
42
|
+
if (req.method !== "GET" && req.method !== "POST") {
|
|
42
43
|
const err = new Error(`Unaccepted request method, "${String(req.method).substr(0, 7)}"`);
|
|
43
|
-
err.code =
|
|
44
|
+
err.code = "unaccepted_request_method";
|
|
44
45
|
next(err);
|
|
45
46
|
}
|
|
46
47
|
else {
|
|
@@ -52,16 +53,16 @@ exports.default = ({ helmetConfigurator = (config) => (config), } = {}) => [
|
|
|
52
53
|
// The `no-store` setting is to specifically disable the bfcache and prevent
|
|
53
54
|
// possible leakage of information.
|
|
54
55
|
(req, res, next) => {
|
|
55
|
-
res.set(
|
|
56
|
-
res.set(
|
|
57
|
-
res.set(
|
|
58
|
-
res.set(
|
|
56
|
+
res.set("cache-control", "no-cache, no-store, must-revalidate, private");
|
|
57
|
+
res.set("pragma", "no-cache");
|
|
58
|
+
res.set("expires", 0);
|
|
59
|
+
res.set("x-robots-tag", "noindex, nofollow");
|
|
59
60
|
next();
|
|
60
61
|
},
|
|
61
62
|
// Generate nonces ready for use in Content-Security-Policy header and
|
|
62
63
|
// govuk-frontend template. This same none can be used wherever required.
|
|
63
64
|
(req, res, next) => {
|
|
64
|
-
res.locals.cspNonce = (0, crypto_1.randomBytes)(16).toString(
|
|
65
|
+
res.locals.cspNonce = (0, crypto_1.randomBytes)(16).toString("hex");
|
|
65
66
|
next();
|
|
66
67
|
},
|
|
67
68
|
// Helmet suite of headers
|
|
@@ -70,16 +71,34 @@ exports.default = ({ helmetConfigurator = (config) => (config), } = {}) => [
|
|
|
70
71
|
contentSecurityPolicy: {
|
|
71
72
|
useDefaults: true,
|
|
72
73
|
directives: {
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
74
|
+
"default-src": ["'none'"],
|
|
75
|
+
"script-src": [
|
|
76
|
+
"'self'",
|
|
77
|
+
GA_DOMAIN,
|
|
78
|
+
GTM_DOMAIN,
|
|
79
|
+
GTM_PREVIEW_DOMAIN,
|
|
80
|
+
casaCspNonce,
|
|
81
|
+
],
|
|
82
|
+
"img-src": [
|
|
83
|
+
"'self'",
|
|
84
|
+
GA_DOMAIN,
|
|
85
|
+
GA_ANALYTICS_DOMAIN,
|
|
86
|
+
GTM_DOMAIN,
|
|
87
|
+
"https://ssl.gstatic.com",
|
|
88
|
+
"https://www.gstatic.com",
|
|
89
|
+
],
|
|
90
|
+
"connect-src": ["'self'", GA_DOMAIN, GA_ANALYTICS_DOMAIN, GTM_DOMAIN],
|
|
91
|
+
"frame-src": ["'self'", GTM_DOMAIN],
|
|
92
|
+
"frame-ancestors": ["'self'"],
|
|
93
|
+
"form-action": ["'self'"],
|
|
94
|
+
"style-src": [
|
|
95
|
+
"'self'",
|
|
96
|
+
"https://fonts.googleapis.com",
|
|
97
|
+
GTM_PREVIEW_DOMAIN,
|
|
98
|
+
casaCspNonce,
|
|
99
|
+
],
|
|
100
|
+
"font-src": ["'self'", "data:", "https://fonts.gstatic.com"],
|
|
101
|
+
"manifest-src": ["'self'"],
|
|
83
102
|
},
|
|
84
103
|
},
|
|
85
104
|
// // Require referrer to aid navigation
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pre.js","sourceRoot":"","sources":["../../src/middleware/pre.js"],"names":[],"mappings":";;;;;AAAA,mCAAqC;AACrC,oDAA4B;AAE5B;;;GAGG;AAEH,MAAM,SAAS,GAAG,wBAAwB,CAAC;AAC3C,MAAM,mBAAmB,GAAG,wBAAwB,CAAC;AACrD,MAAM,UAAU,GAAG,wBAAwB,CAAC;AAC5C,MAAM,kBAAkB,GAAG,+BAA+B,CAAC;AAE3D;;;;;;;;;;;GAWG;AACH,SAAS,YAAY,CAAC,GAAG,EAAE,GAAG;IAC5B,OAAO,UAAU,GAAG,CAAC,MAAM,CAAC,QAAQ,GAAG,CAAC;AAC1C,CAAC;AAED
|
|
1
|
+
{"version":3,"file":"pre.js","sourceRoot":"","sources":["../../src/middleware/pre.js"],"names":[],"mappings":";;;;;AAAA,mCAAqC;AACrC,oDAA4B;AAE5B;;;GAGG;AAEH,MAAM,SAAS,GAAG,wBAAwB,CAAC;AAC3C,MAAM,mBAAmB,GAAG,wBAAwB,CAAC;AACrD,MAAM,UAAU,GAAG,wBAAwB,CAAC;AAC5C,MAAM,kBAAkB,GAAG,+BAA+B,CAAC;AAE3D;;;;;;;;;;;GAWG;AACH,SAAS,YAAY,CAAC,GAAG,EAAE,GAAG;IAC5B,OAAO,UAAU,GAAG,CAAC,MAAM,CAAC,QAAQ,GAAG,CAAC;AAC1C,CAAC;AAED;;;;;;;GAOG;AACH,kBAAe,CAAC,EAAE,kBAAkB,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC;IACnE,qCAAqC;IACrC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACjB,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAClD,MAAM,GAAG,GAAG,IAAI,KAAK,CACnB,+BAA+B,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAClE,CAAC;YACF,GAAG,CAAC,IAAI,GAAG,2BAA2B,CAAC;YACvC,IAAI,CAAC,GAAG,CAAC,CAAC;QACZ,CAAC;aAAM,CAAC;YACN,IAAI,EAAE,CAAC;QACT,CAAC;IACH,CAAC;IAED,wEAAwE;IACxE,2BAA2B;IAC3B,4EAA4E;IAC5E,mCAAmC;IACnC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACjB,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,8CAA8C,CAAC,CAAC;QACzE,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QAC9B,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QACtB,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,mBAAmB,CAAC,CAAC;QAC7C,IAAI,EAAE,CAAC;IACT,CAAC;IAED,sEAAsE;IACtE,yEAAyE;IACzE,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACjB,GAAG,CAAC,MAAM,CAAC,QAAQ,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,EAAE,CAAC;IACT,CAAC;IAED,0BAA0B;IAC1B,IAAA,gBAAM,EACJ,kBAAkB,CAAC;QACjB,qEAAqE;QACrE,qBAAqB,EAAE;YACrB,WAAW,EAAE,IAAI;YACjB,UAAU,EAAE;gBACV,aAAa,EAAE,CAAC,QAAQ,CAAC;gBACzB,YAAY,EAAE;oBACZ,QAAQ;oBACR,SAAS;oBACT,UAAU;oBACV,kBAAkB;oBAClB,YAAY;iBACb;gBACD,SAAS,EAAE;oBACT,QAAQ;oBACR,SAAS;oBACT,mBAAmB;oBACnB,UAAU;oBACV,yBAAyB;oBACzB,yBAAyB;iBAC1B;gBACD,aAAa,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,mBAAmB,EAAE,UAAU,CAAC;gBACrE,WAAW,EAAE,CAAC,QAAQ,EAAE,UAAU,CAAC;gBACnC,iBAAiB,EAAE,CAAC,QAAQ,CAAC;gBAC7B,aAAa,EAAE,CAAC,QAAQ,CAAC;gBACzB,WAAW,EAAE;oBACX,QAAQ;oBACR,8BAA8B;oBAC9B,kBAAkB;oBAClB,YAAY;iBACb;gBACD,UAAU,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,2BAA2B,CAAC;gBAC5D,cAAc,EAAE,CAAC,QAAQ,CAAC;aAC3B;SACF;QAED,wCAAwC;QACxC,8CAA8C;KAC/C,CAAC,CACH;CACF,CAAC"}
|
|
@@ -11,7 +11,7 @@ const JourneyContext_js_1 = __importDefault(require("../lib/JourneyContext.js"))
|
|
|
11
11
|
const waypoint_url_js_1 = __importDefault(require("../lib/waypoint-url.js"));
|
|
12
12
|
const logger_js_1 = __importDefault(require("../lib/logger.js"));
|
|
13
13
|
const constants_js_1 = require("../lib/constants.js");
|
|
14
|
-
const log = (0, logger_js_1.default)(
|
|
14
|
+
const log = (0, logger_js_1.default)("middleware:progress-journey");
|
|
15
15
|
const saveAndRedirect = (session, journeyContext, url, res, next) => {
|
|
16
16
|
JourneyContext_js_1.default.putContext(session, journeyContext, {
|
|
17
17
|
userInfo: {
|
|
@@ -25,7 +25,7 @@ const saveAndRedirect = (session, journeyContext, url, res, next) => {
|
|
|
25
25
|
res.redirect(302, url);
|
|
26
26
|
});
|
|
27
27
|
};
|
|
28
|
-
exports.default = ({ waypoint, plan
|
|
28
|
+
exports.default = ({ waypoint, plan }) => [
|
|
29
29
|
(req, res, next) => {
|
|
30
30
|
// Determine the next available waypoint after the current one
|
|
31
31
|
const traversed = plan.traverse(req.casa.journeyContext);
|
|
@@ -48,9 +48,9 @@ exports.default = ({ waypoint, plan, }) => [
|
|
|
48
48
|
// they want to force the user to re-visit particular waypoints during this
|
|
49
49
|
// "jumping" phase.
|
|
50
50
|
if (req.casa.editMode && req.casa.editOrigin) {
|
|
51
|
-
const url = new URL(req.casa.editOrigin,
|
|
52
|
-
url.searchParams.append(
|
|
53
|
-
url.searchParams.append(
|
|
51
|
+
const url = new URL(req.casa.editOrigin, "https://placeholder.test/");
|
|
52
|
+
url.searchParams.append("edit", "true");
|
|
53
|
+
url.searchParams.append("editorigin", req.casa.editOrigin);
|
|
54
54
|
const redirectUrl = (0, waypoint_url_js_1.default)({ waypoint: url.pathname }) + url.search.toString();
|
|
55
55
|
log.debug(`Edit mode detected; redirecting to ${redirectUrl}`);
|
|
56
56
|
return saveAndRedirect(req.session, req.casa.journeyContext, redirectUrl, res, next);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"progress-journey.js","sourceRoot":"","sources":["../../src/middleware/progress-journey.js"],"names":[],"mappings":";AAAA,wCAAwC;AACxC,wEAAwE;AACxE,cAAc;;;;;AAEd,6DAAkC;AAClC,iFAAsD;AACtD,6EAAiD;AACjD,iEAAsC;AACtC,sDAA6D;AAE7D,MAAM,GAAG,GAAG,IAAA,mBAAM,EAAC,6BAA6B,CAAC,CAAC;AAElD,MAAM,eAAe,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IAClE,2BAAc,CAAC,UAAU,CAAC,OAAO,EAAE,cAAc,EAAE;QACjD,QAAQ,EAAE;YACR,gBAAgB,EAAE,qCAAsB;SACzC;KACF,CAAC,CAAC;IAEH,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE;QACnB,IAAI,GAAG,EAAE,CAAC;YACR,IAAI,CAAC,GAAG,CAAC,CAAC;QACZ,CAAC;QACD,GAAG,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACzB,CAAC,CAAC,CAAC;AACL,CAAC,CAAC;AAEF,kBAAe,CAAC,
|
|
1
|
+
{"version":3,"file":"progress-journey.js","sourceRoot":"","sources":["../../src/middleware/progress-journey.js"],"names":[],"mappings":";AAAA,wCAAwC;AACxC,wEAAwE;AACxE,cAAc;;;;;AAEd,6DAAkC;AAClC,iFAAsD;AACtD,6EAAiD;AACjD,iEAAsC;AACtC,sDAA6D;AAE7D,MAAM,GAAG,GAAG,IAAA,mBAAM,EAAC,6BAA6B,CAAC,CAAC;AAElD,MAAM,eAAe,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IAClE,2BAAc,CAAC,UAAU,CAAC,OAAO,EAAE,cAAc,EAAE;QACjD,QAAQ,EAAE;YACR,gBAAgB,EAAE,qCAAsB;SACzC;KACF,CAAC,CAAC;IAEH,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE;QACnB,IAAI,GAAG,EAAE,CAAC;YACR,IAAI,CAAC,GAAG,CAAC,CAAC;QACZ,CAAC;QACD,GAAG,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACzB,CAAC,CAAC,CAAC;AACL,CAAC,CAAC;AAEF,kBAAe,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IACrC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACjB,8DAA8D;QAC9D,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACzD,MAAM,YAAY,GAAG,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACjD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CACxB,YAAY,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAC3C,IAAI,CAAC,GAAG,CAAC,YAAY,GAAG,CAAC,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CACjD,CAAC;QACF,MAAM,YAAY,GAAG,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC;QACxD,GAAG,CAAC,KAAK,CACP,kBAAkB,YAAY,iBAAiB,SAAS,uBAAuB,QAAQ,oBAAoB,YAAY,EAAE,CAC1H,CAAC;QAEF,YAAY;QACZ,sEAAsE;QACtE,wEAAwE;QACxE,yEAAyE;QACzE,yEAAyE;QACzE,oCAAoC;QACpC,EAAE;QACF,yEAAyE;QACzE,yEAAyE;QACzE,4BAA4B;QAC5B,EAAE;QACF,yEAAyE;QACzE,2EAA2E;QAC3E,mBAAmB;QACnB,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ,IAAI,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YAC7C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,2BAA2B,CAAC,CAAC;YACtE,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YACxC,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,YAAY,EAAE,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC3D,MAAM,WAAW,GACf,IAAA,yBAAW,EAAC,EAAE,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YAElE,GAAG,CAAC,KAAK,CAAC,sCAAsC,WAAW,EAAE,CAAC,CAAC;YAE/D,OAAO,eAAe,CACpB,GAAG,CAAC,OAAO,EACX,GAAG,CAAC,IAAI,CAAC,cAAc,EACvB,WAAW,EACX,GAAG,EACH,IAAI,CACL,CAAC;QACJ,CAAC;QAED,kEAAkE;QAClE,yEAAyE;QACzE,uDAAuD;QACvD,0EAA0E;QAC1E,oDAAoD;QACpD,yEAAyE;QACzE,gCAAgC;QAChC,wBAAwB;QACxB,sCAAsC;QACtC,8EAA8E;QAC9E,IAAI,iBAAI,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YAClC,GAAG,CAAC,KAAK,CACP,+DAA+D,YAAY,EAAE,CAC9E,CAAC;YACF,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,4BAA4B,CAAC,YAAY,CAAC,CAAC;QACrE,CAAC;QAED,yBAAyB;QACzB,MAAM,OAAO,GAAG,IAAA,yBAAW,EAAC;YAC1B,QAAQ,EAAE,YAAY;YACtB,QAAQ,EAAE,GAAG,GAAG,CAAC,OAAO,GAAG;YAC3B,cAAc,EAAE,GAAG,CAAC,IAAI,CAAC,cAAc;YACvC,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,QAAQ;YACvB,UAAU,EAAE,GAAG,CAAC,IAAI,CAAC,UAAU;SAChC,CAAC,CAAC;QAEH,mBAAmB;QACnB,GAAG,CAAC,KAAK,CAAC,kBAAkB,OAAO,EAAE,CAAC,CAAC;QACvC,OAAO,eAAe,CACpB,GAAG,CAAC,OAAO,EACX,GAAG,CAAC,IAAI,CAAC,cAAc,EACvB,OAAO,EACP,GAAG,EACH,IAAI,CACL,CAAC;IACJ,CAAC;CACF,CAAC"}
|
|
@@ -9,12 +9,12 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
9
9
|
const lodash_1 = __importDefault(require("lodash"));
|
|
10
10
|
const field_js_1 = __importDefault(require("../lib/field.js"));
|
|
11
11
|
const JourneyContext_js_1 = __importDefault(require("../lib/JourneyContext.js"));
|
|
12
|
-
exports.default = ({ waypoint, fields = []
|
|
12
|
+
exports.default = ({ waypoint, fields = [] }) => {
|
|
13
13
|
// Add some common, transient fields to ensure they survive beyond this sanitisation process
|
|
14
|
-
fields.push((0, field_js_1.default)(
|
|
15
|
-
fields.push((0, field_js_1.default)(
|
|
16
|
-
fields.push((0, field_js_1.default)(
|
|
17
|
-
fields.push((0, field_js_1.default)(
|
|
14
|
+
fields.push((0, field_js_1.default)("_csrf", { persist: false }).processor((value) => String(value)));
|
|
15
|
+
fields.push((0, field_js_1.default)("contextid", { persist: false }).processor((value) => String(value)));
|
|
16
|
+
fields.push((0, field_js_1.default)("edit", { persist: false }).processor((value) => String(value)));
|
|
17
|
+
fields.push((0, field_js_1.default)("editorigin", { persist: false }).processor((value) => String(value)));
|
|
18
18
|
// Middleware
|
|
19
19
|
return [
|
|
20
20
|
(req, res, next) => {
|
|
@@ -24,7 +24,8 @@ exports.default = ({ waypoint, fields = [], }) => {
|
|
|
24
24
|
/* eslint-disable security/detect-object-injection */
|
|
25
25
|
const prunedBody = Object.create(null);
|
|
26
26
|
for (let i = 0, l = fields.length; i < l; i++) {
|
|
27
|
-
if (lodash_1.default.has(req.body, fields[i].name) &&
|
|
27
|
+
if (lodash_1.default.has(req.body, fields[i].name) &&
|
|
28
|
+
req.body[fields[i].name] !== undefined) {
|
|
28
29
|
prunedBody[fields[i].name] = req.body[fields[i].name];
|
|
29
30
|
}
|
|
30
31
|
}
|
|
@@ -37,11 +38,12 @@ exports.default = ({ waypoint, fields = [], }) => {
|
|
|
37
38
|
for (let i = 0, l = fields.length; i < l; i++) {
|
|
38
39
|
const field = fields[i]; /* eslint-disable-line security/detect-object-injection */
|
|
39
40
|
const fieldValue = field.getValue(prunedBody);
|
|
40
|
-
if (fieldValue !== undefined &&
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
41
|
+
if (fieldValue !== undefined &&
|
|
42
|
+
field.testConditions({
|
|
43
|
+
fieldValue,
|
|
44
|
+
waypoint,
|
|
45
|
+
journeyContext,
|
|
46
|
+
})) {
|
|
45
47
|
field.putValue(sanitisedBody, field.applyProcessors(fieldValue));
|
|
46
48
|
}
|
|
47
49
|
}
|