hof 20.0.0-beta.1 → 20.0.0-beta.12

package/frontend/template-mixins/mixins/template-mixins.js

@@ -213,7 +213,7 @@ module.exports = function (options) {
         date: extension.date,
         autocomplete: autocomplete,
         child: field.child,
-        noHeading: field.noHeading,
+        isPageHeading: field.isPageHeading,
         attributes: field.attributes,
         renderChild: renderChild.bind(this)
       });
@@ -240,8 +240,7 @@ module.exports = function (options) {
         legend: t(legendValue),
         legendClassName: legendClassName,
         role: opts.type === 'radio' ? 'radiogroup' : 'group',
-        ariaRequired: opts.type === 'radio',
-        noHeading: field.noHeading,
+        isPageHeading: field.isPageHeading,
         detail: detail ? detail : '',
         hint: conditionalTranslate(getTranslationKey(field, key, 'hint')),
         options: _.map(field.options, function (obj) {
@@ -276,6 +275,7 @@ module.exports = function (options) {
             value: value,
             type: opts.type,
             selected: selected,
+            radioOption: opts.type === 'radio',
             toggle: toggle,
             child: child,
             optionHint: conditionalTranslate(optionHint) || ''
@@ -431,8 +431,8 @@ module.exports = function (options) {
                 year: autocomplete + '-year'
               };
             }
-            const isRequired = field.validate ? field.validate.indexOf('required') > -1 : false;
-            const formGroupClassName = (field.formGroup && field.formGroup.className) ? field.formGroup.className : ''
+            const isThisRequired = field.validate ? field.validate.indexOf('required') > -1 : false;
+            const formGroupClassName = (field.formGroup && field.formGroup.className) ? field.formGroup.className : '';
             const classNameDay = (field.controlsClass && field.controlsClass.day) ? field.controlsClass.day : 'govuk-date-input__input govuk-input--width-2';
             const classNameMonth = (field.controlsClass && field.controlsClass.month) ? field.controlsClass.month : 'govuk-date-input__input govuk-input--width-2';
             const classNameYear = (field.controlsClass && field.controlsClass.year) ? field.controlsClass.year : 'govuk-date-input__input govuk-input--width-4';
@@ -440,12 +440,12 @@ module.exports = function (options) {
             const parts = [];
 
             if (isExact) {
-              const dayPart = compiled['partials/forms/input-text-date'].render(inputText.call(this, key + '-day', { pattern: '[0-9]*', min: 1, max: 31, maxlength: 2, hintId: key + '-hint', date: true, autocomplete: autocomplete.day, formGroupClassName, className: classNameDay, isRequired }));
+              const dayPart = compiled['partials/forms/input-text-date'].render(inputText.call(this, key + '-day', { pattern: '[0-9]*', min: 1, max: 31, maxlength: 2, hintId: key + '-hint', date: true, autocomplete: autocomplete.day, formGroupClassName, className: classNameDay, isThisRequired }));
               parts.push(dayPart);
             }
 
-            const monthPart = compiled['partials/forms/input-text-date'].render(inputText.call(this, key + '-month', { pattern: '[0-9]*', min: 1, max: 12, maxlength: 2, hintId: key + '-hint', date: true, autocomplete: autocomplete.month, formGroupClassName, className: classNameMonth, isRequired }));
-            const yearPart = compiled['partials/forms/input-text-date'].render(inputText.call(this, key + '-year', { pattern: '[0-9]*', maxlength: 4, hintId: key + '-hint', date: true, autocomplete: autocomplete.year, formGroupClassName, className: classNameYear, isRequired }));
+            const monthPart = compiled['partials/forms/input-text-date'].render(inputText.call(this, key + '-month', { pattern: '[0-9]*', min: 1, max: 12, maxlength: 2, hintId: key + '-hint', date: true, autocomplete: autocomplete.month, formGroupClassName, className: classNameMonth, isThisRequired }));
+            const yearPart = compiled['partials/forms/input-text-date'].render(inputText.call(this, key + '-year', { pattern: '[0-9]*', maxlength: 4, hintId: key + '-hint', date: true, autocomplete: autocomplete.year, formGroupClassName, className: classNameYear, isThisRequired }));
 
             return parts.concat(monthPart, yearPart).join('\n');
           };

package/frontend/template-mixins/partials/forms/checkbox-group.html

@@ -1,9 +1,9 @@
 <div id="{{key}}-group" class="govuk-form-group{{#className}} {{className}} {{/className}}{{#formGroupClassName}} {{formGroupClassName}}{{/formGroupClassName}}{{#error}} govuk-form-group--error{{/error}}">
     <fieldset class="govuk-fieldset" {{#hint}} aria-describedby="{{key}}-hint"{{/hint}}>
-        <legend class="govuk-fieldset__legend govuk-fieldset__legend--l{{#legendClassName}} {{legendClassName}}{{/legendClassName}}">
-            {{^noHeading}}<h1 class="govuk-fieldset__heading">{{/noHeading}}
+        <legend class="govuk-fieldset__legend {{#isPageHeading}}govuk-fieldset__legend--l{{/isPageHeading}}{{#legendClassName}} {{legendClassName}}{{/legendClassName}}">
+            {{#isPageHeading}}<h1 class="govuk-fieldset__heading">{{/isPageHeading}}
                 {{legend}}
-            {{^noHeading}}</h1>{{/noHeading}}
+            {{#isPageHeading}}</h1>{{/isPageHeading}}
         </legend>
         {{#hint}}<div id="{{key}}-hint" class="govuk-hint">{{hint}}</div>{{/hint}}
         {{#error}}

package/frontend/template-mixins/partials/forms/input-text-group.html

@@ -1,8 +1,8 @@
 <div id="{{id}}-group" class="{{#compound}} form-group-compound{{/compound}}{{#formGroupClassName}}{{formGroupClassName}}{{/formGroupClassName}}{{#error}} govuk-form-group--error{{/error}}">
-    {{^noHeading}}<h1 class="govuk-label-wrapper">{{/noHeading}}<label for="{{id}}" class="{{labelClassName}}">
+    {{#isPageHeading}}<h1 class="govuk-label-wrapper">{{/isPageHeading}}<label for="{{id}}" class="{{labelClassName}}">
         {{{label}}}
       </label>
-    {{^noHeading}}</h1>{{/noHeading}}
+    {{#isPageHeading}}</h1>{{/isPageHeading}}
     {{#hint}}<span {{$hintId}}id="{{hintId}}" {{/hintId}}class="govuk-hint">{{hint}}</span>{{/hint}}
     {{#error}}
       <p class="govuk-error-message">
@@ -19,7 +19,7 @@
             type="{{type}}"
             name="{{id}}"
             id="{{id}}"
-            class="govuk-input{{#className}} {{className}}{{/className}}{{#error}} invalid-input{{/error}}"
+            class="{{^className}}govuk-input{{/className}}{{#className}}{{className}}{{/className}}{{#error}} invalid-input{{/error}}"
             aria-required="{{required}}"
             {{#value}} value="{{value}}"{{/value}}
             {{#min}} min="{{min}}"{{/min}}

package/frontend/template-mixins/partials/forms/option-group.html

@@ -1,9 +1,9 @@
 <div id="{{key}}-group" class="govuk-form-group{{#className}} {{className}} {{/className}}{{#formGroupClassName}} {{formGroupClassName}}{{/formGroupClassName}}{{#error}} govuk-form-group--error{{/error}}">
   <fieldset class="govuk-fieldset" {{#hint}} aria-describedby="{{key}}-hint"{{/hint}}>
-      <legend class="govuk-fieldset__legend govuk-fieldset__legend--l{{#legendClassName}} {{legendClassName}}{{/legendClassName}}">
-          {{^noHeading}}<h1 class="govuk-fieldset__heading">{{/noHeading}}
+      <legend class="govuk-fieldset__legend {{#isPageHeading}}govuk-fieldset__legend--l{{/isPageHeading}}{{#legendClassName}} {{legendClassName}}{{/legendClassName}}">
+          {{#isPageHeading}}<h1 class="govuk-fieldset__heading">{{/isPageHeading}}
               {{legend}}
-          {{^noHeading}}</h1>{{/noHeading}}
+          {{#isPageHeading}}</h1>{{/isPageHeading}}
       </legend>
       {{#hint}}<div id="{{key}}-hint" class="govuk-hint">{{hint}}</div>{{/hint}}
       {{#error}}<p id="{{key}}-error" class="govuk-error-message"><span class="govuk-visually-hidden">Error:</span> {{error.message}}</p>{{/error}}

package/frontend/template-mixins/partials/forms/select.html

@@ -1,5 +1,5 @@
 <div id="{{id}}-group" class="{{#compound}} form-group-compound{{/compound}}{{#formGroupClassName}} {{formGroupClassName}}{{/formGroupClassName}}{{#error}} govuk-form-group--error{{/error}}">
-    {{^noHeading}}<h1 class="govuk-label-wrapper">{{/noHeading}}<label for="{{id}}" class="{{labelClassName}}{{^noHeading}}govuk-label--l{{/noHeading}}">
+    {{#isPageHeading}}<h1 class="govuk-label-wrapper">{{/isPageHeading}}<label for="{{id}}" class="{{labelClassName}}{{#isPageHeading}}govuk-label--l{{/isPageHeading}}">
         {{{label}}}
         {{#hint}}<span {{$hintId}}id="{{hintId}}" {{/hintId}}class="govuk-hint">{{hint}}</span>{{/hint}}
         {{#error}}
@@ -8,7 +8,7 @@
           </p>
         {{/error}}
     </label>
-    {{^noHeading}}</h1>{{/noHeading}}
+    {{#isPageHeading}}</h1>{{/isPageHeading}}
     <select id="{{id}}" class="govuk-select{{#className}} {{className}}{{/className}}{{#error}} invalid-input{{/error}}" name="{{id}}" aria-required="{{required}}">
     {{#options}}
         <option value="{{value}}" {{#selected}}selected{{/selected}}>{{label}}</option>

package/frontend/template-mixins/partials/forms/textarea-group.html

@@ -2,7 +2,7 @@
 <div class="govuk-character-count" data-module="govuk-character-count" data-maxlength="{{maxlength}}">
 {{/maxlength}}
 <div id="{{id}}-group" class="{{#compound}}form-group-compound {{/compound}}{{#formGroupClassName}}{{formGroupClassName}}{{/formGroupClassName}}{{#error}} govuk-form-group--error{{/error}}">
-    {{^noHeading}}<h1 class="govuk-label-wrapper">{{/noHeading}}<label for="{{id}}" class="{{labelClassName}}">
+    {{#isPageHeading}}<h1 class="govuk-label-wrapper">{{/isPageHeading}}<label for="{{id}}" class="{{labelClassName}}">
         {{{label}}}
         {{#error}} 
         <p id="{{id}}-error" class="govuk-error-message">
@@ -10,7 +10,7 @@
           </p>
         {{/error}}
     </label>
-    {{^noHeading}}</h1>{{/noHeading}}
+    {{#isPageHeading}}</h1>{{/isPageHeading}}
     {{#hint}}<div {{$hintId}}id="{{hintId}}" {{/hintId}}class="govuk-hint">{{hint}}</div>{{/hint}}
     {{#renderChild}}{{/renderChild}}
     <textarea

package/frontend/template-mixins/partials/mixins/panel.html

@@ -1,5 +1,4 @@
-<div id="{{toggle}}-panel" class="reveal js-hidden">
-    <div class="govuk-inset-text">
-        {{#renderMixin}}{{/renderMixin}}
-    </div>
+<div id="{{toggle}}-panel" class="{{#radioOption}}govuk-radios__conditional govuk-radios__conditional--hidden{{/radioOption}}
+  {{^radioOption}}govuk-checkboxes__conditional govuk-checkboxes__conditional--hidden{{/radioOption}}">
+  {{#renderMixin}}{{/renderMixin}}
 </div>

package/frontend/template-partials/translations/src/en/errors.json

@@ -14,5 +14,17 @@
   "cookies-required": {
     "title": "Cookies are required to use this service",
     "message": "Cookies are required in order to use this service.<br /><br /> Please <a href=\"http://www.aboutcookies.org/how-to-control-cookies/\" rel=\"external\">enable cookies</a> and try again. Find out <a href=\"/cookies\">how to we use cookies</a>."
+  },
+  "ddos-rate-limit": {
+    "title": "Too many requests submitted",
+    "message": "You have submitted too many requests in quick succession.",
+    "pre-time-to-wait": "Please try again in ",
+    "post-time-to-wait": " minutes."
+  },
+  "submission-rate-limit": {
+    "title": "Too many submissions",
+    "message": "You have submitted too many applications in a short space of time.",
+    "pre-time-to-wait": "Please try again in ",
+    "post-time-to-wait": " minutes."
   }
 }

package/frontend/template-partials/views/partials/form.html

@@ -1,7 +1,8 @@
 <form action="" method="POST" {{$encoding}}{{/encoding}} autocomplete="off" novalidate="true" spellcheck="false">
   {{$intro}}
-    {{#intro}}<span class="govuk-hint" >{{intro}}</span>{{/intro}}
+    {{#intro}}<p>{{intro}}</p>{{/intro}}
   {{/intro}}
+
   {{$form}}{{/form}}
   {{#csrf-token}}
     <input type="hidden" name="x-csrf-token" value="{{csrf-token}}" />

package/frontend/template-partials/views/rate-limit-error.html

@@ -0,0 +1,10 @@
+{{<layout}}
+  {{$header}}
+    {{content.title}}
+  {{/header}}
+  {{$content}}
+    <p>{{content.message}}</p>
+    <p>{{content.preTimeToWait}}{{content.timeToWait}}{{content.postTimeToWait}}</p>
+    <a href="/" class="button" role="button">{{#t}}buttons.try-again{{/t}}</a>
+  {{/content}}
+{{/layout}}

package/frontend/themes/gov-uk/client-js/govuk-cookies.js

@@ -1,6 +1,7 @@
+/* eslint-disable no-undef, no-param-reassign, no-unused-vars */
 (function () {
-  "use strict"
-  var root = this;
+  'use strict';
+  const root = this;
   if(typeof root.GOVUK === 'undefined') { root.GOVUK = {}; }
 
   /*
@@ -19,37 +20,35 @@
       GOVUK.cookie('hobnob', null);
   */
   GOVUK.cookie = function (name, value, options) {
-    if(typeof value !== 'undefined'){
+    if(typeof value !== 'undefined') {
       if(value === false || value === null) {
         return GOVUK.setCookie(name, '', { days: -1 });
-      } else {
-        return GOVUK.setCookie(name, value, options);
       }
-    } else {
-      return GOVUK.getCookie(name);
+      return GOVUK.setCookie(name, value, options);
     }
+    return GOVUK.getCookie(name);
   };
   GOVUK.setCookie = function (name, value, options) {
     if(typeof options === 'undefined') {
       options = {};
     }
-    var cookieString = name + "=" + value + "; path=/";
+    let cookieString = name + '=' + value + '; path=/';
     if (options.days) {
-      var date = new Date();
+      const date = new Date();
       date.setTime(date.getTime() + (options.days * 24 * 60 * 60 * 1000));
-      cookieString = cookieString + "; expires=" + date.toGMTString();
+      cookieString = cookieString + '; expires=' + date.toGMTString();
     }
-    if (document.location.protocol == 'https:'){
-      cookieString = cookieString + "; Secure";
+    if (document.location.protocol === 'https:') {
+      cookieString = cookieString + '; Secure';
     }
     document.cookie = cookieString;
   };
   GOVUK.getCookie = function (name) {
-    var nameEQ = name + "=";
-    var cookies = document.cookie.split(';');
-    for(var i = 0, len = cookies.length; i < len; i++) {
-      var cookie = cookies[i];
-      while (cookie.charAt(0) == ' ') {
+    const nameEQ = name + '=';
+    const cookies = document.cookie.split(';');
+    for(let i = 0, len = cookies.length; i < len; i++) {
+      let cookie = cookies[i];
+      while (cookie.charAt(0) === ' ') {
         cookie = cookie.substring(1, cookie.length);
       }
       if (cookie.indexOf(nameEQ) === 0) {
@@ -60,33 +59,33 @@
   };
 }).call(this);
 (function () {
-  'use strict'
-  var root = this
-  if (typeof root.GOVUK === 'undefined') { root.GOVUK = {} }
+  'use strict';
+  const root = this;
+  if (typeof root.GOVUK === 'undefined') { root.GOVUK = {}; }
 
   GOVUK.addCookieMessage = function () {
-    var message = document.getElementById('global-cookie-message')
+    const message = document.getElementById('global-cookie-message');
 
-    var hasCookieMessage = (message && GOVUK.cookie('seen_cookie_message') === null)
+    const hasCookieMessage = (message && GOVUK.cookie('seen_cookie_message') === null);
 
     if (hasCookieMessage) {
-      message.style.display = 'block'
-      GOVUK.cookie('seen_cookie_message', 'yes', { days: 28 })
+      message.style.display = 'block';
+      GOVUK.cookie('seen_cookie_message', 'yes', { days: 28 });
 
       document.addEventListener('DOMContentLoaded', function (event) {
         if (GOVUK.analytics && typeof GOVUK.analytics.trackEvent === 'function') {
           GOVUK.analytics.trackEvent('cookieBanner', 'Cookie banner shown', {
             value: 1,
             nonInteraction: true
-          })
+          });
         }
-      })
-    };
-  }
+      });
+    }
+  };
 }).call(this)
 ;
-(function() {
-  "use strict"
+(function () {
+  'use strict';
 
   // add cookie message
   if (window.GOVUK && GOVUK.addCookieMessage) {
@@ -94,28 +93,28 @@
   }
 
   // header navigation toggle
-  if (document.querySelectorAll && document.addEventListener){
-    var els = document.querySelectorAll('.js-header-toggle'),
-        i, _i;
-    for(i=0,_i=els.length; i<_i; i++){
-      els[i].addEventListener('click', function(e){
+  if (document.querySelectorAll && document.addEventListener) {
+    const els = document.querySelectorAll('.js-header-toggle');
+    let i; let _i;
+    for(i = 0, _i = els.length; i < _i; i++) {
+      els[i].addEventListener('click', function (e) {
         e.preventDefault();
-        var target = document.getElementById(this.getAttribute('href').substr(1)),
-            targetClass = target.getAttribute('class') || '',
-            sourceClass = this.getAttribute('class') || '';
+        const target = document.getElementById(this.getAttribute('href').substr(1));
+        const targetClass = target.getAttribute('class') || '';
+        const sourceClass = this.getAttribute('class') || '';
 
-        if(targetClass.indexOf('js-visible') !== -1){
+        if(targetClass.indexOf('js-visible') !== -1) {
           target.setAttribute('class', targetClass.replace(/(^|\s)js-visible(\s|$)/, ''));
         } else {
-          target.setAttribute('class', targetClass + " js-visible");
+          target.setAttribute('class', targetClass + ' js-visible');
         }
-        if(sourceClass.indexOf('js-visible') !== -1){
+        if(sourceClass.indexOf('js-visible') !== -1) {
           this.setAttribute('class', sourceClass.replace(/(^|\s)js-visible(\s|$)/, ''));
         } else {
-          this.setAttribute('class', sourceClass + " js-visible");
+          this.setAttribute('class', sourceClass + ' js-visible');
         }
-        this.setAttribute('aria-expanded', this.getAttribute('aria-expanded') !== "true");
-        target.setAttribute('aria-hidden', target.getAttribute('aria-hidden') === "false");
+        this.setAttribute('aria-expanded', this.getAttribute('aria-expanded') !== 'true');
+        target.setAttribute('aria-hidden', target.getAttribute('aria-hidden') === 'false');
       });
     }
   }

package/frontend/themes/gov-uk/client-js/index.js

@@ -1,4 +1,4 @@
-/* eslint-disable no-var */
+/* eslint-disable no-var, vars-on-top, no-unused-vars */
 'use strict';
 
 var toolkit = require('../../../toolkit');
@@ -8,7 +8,7 @@ var formFocus = toolkit.formFocus;
 var characterCount = toolkit.characterCount;
 var validation = toolkit.validation;
 
-var GOVUK = require('govuk-frontend')
+var GOVUK = require('govuk-frontend');
 GOVUK.initAll();
 window.GOVUK = GOVUK;
 var skipToMain = require('./skip-to-main');

package/frontend/themes/gov-uk/client-js/skip-to-main.js

@@ -1,18 +1,19 @@
 const skipToMain = function () {
-    const skipToMainLink = document.getElementById("skip-to-main");
-    const firstControlId = skipToMainLink.hash.split('#')[1] ? skipToMainLink.hash.split('#')[1] : "main-content";
-    if(firstControlId === "main-content"){
-      skipToMainLink.setAttribute("href", "#main-content");
-    }
-    if(firstControlId) {
-      skipToMainLink.onclick = function(e) {
-        //here timeout added just to make this functionality asynchronous 
-        //to focus on form as well as non form contents
-        setTimeout(() => {
-          const firstControl = document.getElementById(firstControlId);
-          firstControl.focus();
-        }, 10);      
-      }
-    }
-  };
-  skipToMain();
+  const skipToMainLink = document.getElementById('skip-to-main');
+  const firstControlId = skipToMainLink.hash.split('#')[1] ? skipToMainLink.hash.split('#')[1] : 'main-content';
+  if(firstControlId === 'main-content') {
+    skipToMainLink.setAttribute('href', '#main-content');
+  }
+  if(firstControlId) {
+    // eslint-disable-next-line no-unused-vars
+    skipToMainLink.onclick = function (e) {
+      // here timeout added just to make this functionality asynchronous
+      // to focus on form as well as non form contents
+      setTimeout(() => {
+        const firstControl = document.getElementById(firstControlId);
+        firstControl.focus();
+      }, 10);
+    };
+  }
+};
+skipToMain();

package/frontend/themes/gov-uk/styles/_cookie-banner.scss

@@ -10,7 +10,6 @@
 }
 
 #cookie-banner {
-  max-width: 960px;
   margin: 0 15px;
   p {
     margin: 0;
@@ -62,3 +61,54 @@
     height: fit-content;
   }
 }
+
+// the following are additional hof specific govuk cookie banner styling
+.govuk-banner--success {
+  border-color: #00703c;
+  color: #00703c;
+}
+
+.govuk-banner {
+  border: 5px solid #1d70b8;
+  font-size: 0;
+  margin-bottom: 30px;
+  padding: 10px;
+}
+
+.govuk-banner__icon{
+  display: inline-block;
+}
+
+.govuk-banner__message {
+  font-family: "GDS Transport", Arial, sans-serif;
+  -webkit-font-smoothing: antialiased;
+  font-weight: 400;
+  font-size: 1rem;
+  line-height: 1.25;
+  color: #0b0c0c;
+  display: block;
+  overflow: hidden;
+  display: inline-block;
+  margin-left: 10px;
+}
+
+.govuk-banner__assistive {
+  position: absolute !important;
+  width: 1px !important;
+  height: 1px !important;
+  margin: 0 !important;
+  padding: 0 !important;
+  overflow: hidden !important;
+  clip: rect(0 0 0 0) !important;
+  clip-path: inset(50%) !important;
+  border: 0 !important;
+  white-space: nowrap !important;
+  }
+
+.cookie-table-holder > table > tbody > tr > td:first-child{
+  font-weight:bold;
+}
+
+.js-enabled #global-cookie-message {
+  display: none;
+}

package/frontend/themes/gov-uk/styles/govuk.scss

@@ -12,6 +12,11 @@ $path: "/public/images/" !default;
 // https://github.com/alphagov/govuk_elements/blob/master/packages/govuk-elements-sass/public/sass/_elements.scss
 @import "govuk-elements-sass/public/sass/elements";
 
+// Govuk frontend
+// https://github.com/alphagov/govuk-frontend-docs
+// @import "node_modules/govuk-frontend/govuk/all";
+@import "../../../../node_modules/govuk-frontend/govuk/all";
+
 // Custom
 @import "base";
 @import "layout";

package/frontend/toolkit/assets/javascript/form-focus.js

@@ -71,11 +71,20 @@ function formFocus() {
   var labels;
   var summaries;
 
-  if (getElementFromSummaryLink && getEditPath === 'edit') {
+  var editMode = getElementFromSummaryLink && getEditPath === 'edit';
+
+  if (getElementFromSummaryLink && document.getElementById(getElementFromSummaryLink) && editMode) {
     document.getElementById(getElementFromSummaryLink).focus();
+  }
+
+  if (getElementFromSummaryLink && document.getElementById(getElementFromSummaryLink + '-group') && editMode) {
     document.getElementById(getElementFromSummaryLink + '-group').scrollIntoView();
   }
 
+  if (document.getElementById(getElementFromSummaryLink + '-day') && forms.length === 1 && editMode) {
+    document.getElementById(getElementFromSummaryLink + '-day').focus();
+  }
+
   if (forms.length > 0) {
     labels = document.getElementsByTagName('label');
     if (labels) {

package/frontend/toolkit/assets/javascript/validation.js

@@ -24,7 +24,12 @@ function clicked(e) {
     }
 
     if (inputs) {
-      inputs[0].focus();
+      if (inputs[0].getAttribute('type') === 'hidden') {
+        var getVisibleElements = group.querySelectorAll('input[type=text]');
+        getVisibleElements[0].focus();
+      } else {
+        inputs[0].focus();
+      }
     }
   }
 }

package/index.js

@@ -120,8 +120,9 @@ const getContentSecurityPolicy = (config, res) => {
  * @param options.getTerms {boolean} Optional boolean - whether to mount the /terms endpoint
  * @param options.getCookies {boolean} Optional boolean - whether to mount the /cookies endpoint
  * @param options.noCache {boolean} Optional boolean - whether to disable caching
- * @param options.getAccessibilityStatement {boolean} Optional boolean - whether to mount the /accessibility-statement endpoint
- * 
+ * @param options.getAccessibilityStatement {boolean} Optional boolean - whether to mount the
+ * /accessibility-statement endpoint
+ *
  * @returns {object} A new HOF application using the configuration supplied in options
  */
 function bootstrap(options) {
@@ -205,9 +206,13 @@ function bootstrap(options) {
   }));
   app.use(mixins());
   app.use(markdown(config.markdown));
-  
+  // rate limits have to be loaded before all routes so it is applied to them
+  if (config.rateLimits.requests.active) {
+    app.use(hofMiddleware.rateLimiter(config, 'requests'));
+  }
+
   // Set up routing so <YOUR-SITE-URL>/assets are served from /node_modules/govuk-frontend/govuk/assets
-  app.use('/assets', express.static(path.join(__dirname, '/node_modules/govuk-frontend/govuk/assets')))
+  app.use('/assets', express.static(path.join(__dirname, '/node_modules/govuk-frontend/govuk/assets')));
 
   if (config.getAccessibility === true) {
     deprecate(

package/lib/router.js

@@ -19,7 +19,8 @@ function getWizardConfig(config) {
   const wizardConfig = {
     name: config.route.name || (config.route.baseUrl || '').replace('/', ''),
     protocol: config.protocol,
-    env: config.env
+    env: config.env,
+    sanitiseInputs: config.sanitiseInputs
   };
 
   if (config.appConfig) {

package/lib/settings.js

@@ -7,7 +7,22 @@ const hoganExpressStrict = require('hogan-express-strict');
 const expressPartialTemplates = require('express-partial-templates');
 const bodyParser = require('body-parser');
 
-module.exports = (app, config) => {
+const dirExists = dir => {
+  try {
+    if (fs.existsSync(dir)) {
+      return true;
+    }
+    return false;
+  } catch(err) {
+    throw new Error(`${err}: Cannot check if the directory path exists`);
+  }
+};
+
+const filterEmptyViews = views => {
+  return views.filter(view => dirExists(view));
+};
+
+module.exports = async (app, config) => {
   const viewEngine = config.viewEngine || 'html';
 
   app.use((req, res, next) => {
@@ -17,7 +32,8 @@ module.exports = (app, config) => {
 
   app.use(config.theme());
 
-  const viewPaths = [].concat(config.theme.views);
+  const filteredViews = filterEmptyViews(config.theme.views);
+  const viewPaths = [].concat(filteredViews);
   app.set('view engine', viewEngine);
   app.enable('view cache');
 

package/middleware/errors.js

@@ -1,6 +1,8 @@
 /* eslint-disable no-unused-vars */
 'use strict';
 
+const rateLimitsConfig = require('../config/rate-limits');
+
 const errorTitle = code => `${code}_ERROR`;
 const errorMsg = code => `There is a ${code}_ERROR`;
 // eslint-disable-next-line complexity
@@ -21,6 +23,36 @@ const getContent = (err, translate) => {
     content.message = (translate && translate('errors.cookies-required.message'));
   }
 
+  if (err.code === 'DDOS_RATE_LIMIT') {
+    err.status = 429;
+    err.template = 'rate-limit-error';
+    err.title = (translate && translate('errors.ddos-rate-limit.title'));
+    err.message = (translate && translate('errors.ddos-rate-limit.message'));
+    err.preTimeToWait = (translate && translate('errors.ddos-rate-limit.pre-time-to-wait'));
+    err.timeToWait = rateLimitsConfig.rateLimits.requests.windowSizeInMinutes;
+    err.postTimeToWait = (translate && translate('errors.ddos-rate-limit.post-time-to-wait'));
+    content.title = (translate && translate('errors.ddos-rate-limit.title'));
+    content.message = (translate && translate('errors.ddos-rate-limit.message'));
+    content.preTimeToWait = (translate && translate('errors.ddos-rate-limit.pre-time-to-wait'));
+    content.timeToWait = rateLimitsConfig.rateLimits.requests.windowSizeInMinutes;
+    content.postTimeToWait = (translate && translate('errors.ddos-rate-limit.post-time-to-wait'));
+  }
+
+  if (err.code === 'SUBMISSION_RATE_LIMIT') {
+    err.status = 429;
+    err.template = 'rate-limit-error';
+    err.title = (translate && translate('errors.submission-rate-limit.title'));
+    err.message = (translate && translate('errors.submission-rate-limit.message'));
+    err.preTimeToWait = (translate && translate('errors.submission-rate-limit.pre-time-to-wait'));
+    err.timeToWait = rateLimitsConfig.rateLimits.submissions.windowSizeInMinutes;
+    err.postTimeToWait = (translate && translate('errors.submission-rate-limit.post-time-to-wait'));
+    content.title = (translate && translate('errors.submission-rate-limit.title'));
+    content.message = (translate && translate('errors.submission-rate-limit.message'));
+    content.preTimeToWait = (translate && translate('errors.submission-rate-limit.pre-time-to-wait'));
+    content.timeToWait = rateLimitsConfig.rateLimits.submissions.windowSizeInMinutes;
+    content.postTimeToWait = (translate && translate('errors.submission-rate-limit.post-time-to-wait'));
+  }
+
   err.code = err.code || 'UNKNOWN';
   err.status = err.status || 500;
 

package/middleware/index.js

@@ -4,5 +4,6 @@ module.exports = {
   cookies: require('./cookies'),
   errors: require('./errors'),
   notFound: require('./not-found'),
-  deepTranslate: require('./deep-translate')
+  deepTranslate: require('./deep-translate'),
+  rateLimiter: require('./rate-limiter')
 };