siarashield_workspace 0.0.19 → 0.0.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/README.md +44 -9
  2. package/fesm2022/siarashield_workspace.mjs +127 -13
  3. package/fesm2022/siarashield_workspace.mjs.map +1 -1
  4. package/package.json +1 -1
  5. package/types/siarashield_workspace.d.ts +23 -5
package/README.md CHANGED
@@ -68,14 +68,18 @@ export class FormComponent implements OnInit {
68
68
  initializeCaptcha() {
69
69
  initSiaraShield({
70
70
  publicKey: environment.siaraShieldPublicKey,
71
- // If your project does NOT use jQuery, set this to true.
72
- // Default is false, so package jQuery will not load.
73
- loadJQuery: false,
74
- })
71
+ // Optional for strict CSP pages when your server provides a nonce.
72
+ // cspNonce: 'server-generated-nonce',
73
+ });
75
74
  }
76
75
 
77
76
  onSubmit() {
78
77
  const result = checkSiaraShieldCaptcha();
78
+ if (!result.ok) {
79
+ console.log('Captcha not completed yet');
80
+ return; // IMPORTANT
81
+ }
82
+
79
83
  if (result.ok) {
80
84
  console.log(result.token);
81
85
  // API call here (Login/Contact/Signup/etc.)
@@ -89,23 +93,54 @@ Important: keep your submit API logic inside `if (result.ok)`.
89
93
 
90
94
  ## jQuery loading behavior
91
95
 
92
- - Package checks existing jQuery (`window.jQuery`, `window.$`, or existing jquery script tag)
93
- - If jQuery already exists, package does not load again
94
- - If missing, package loads:
96
+ - Default `loadJQuery` is `true`
97
+ - For most customers, nothing extra is needed
98
+ - If your app already has jQuery and you do not want package fallback loading, set `loadJQuery: false`
99
+ - When needed, package loads:
95
100
  - `https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js`
96
101
  - Package also loads:
97
102
  - `https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js`
103
+ - `https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js`
98
104
 
99
105
  ## CSP note
100
106
 
101
- Allow this host in CSP:
107
+ To make CSP setup easier for customers, the plugin now exports helpers:
108
+
109
+ ```ts
110
+ import { getSiaraShieldCspPolicy, mergeSiaraShieldCspPolicy } from 'siarashield_workspace';
111
+
112
+ const policy = getSiaraShieldCspPolicy({ nonce: 'server-generated-nonce' });
113
+
114
+ const mergedPolicy = mergeSiaraShieldCspPolicy("default-src 'self'", {
115
+ nonce: 'server-generated-nonce',
116
+ });
117
+ ```
118
+
119
+ Recommended CSP baseline:
120
+
121
+ ```http
122
+ script-src 'self' 'nonce-<server-generated-nonce>' https://embedcdn.mycybersiara.com https://embed.mycybersiara.com;
123
+ script-src-elem 'self' 'nonce-<server-generated-nonce>' https://embedcdn.mycybersiara.com https://embed.mycybersiara.com;
124
+ connect-src 'self' https://embed.mycybersiara.com;
125
+ img-src 'self' data: https://embed.mycybersiara.com;
126
+ style-src 'self' 'unsafe-inline';
127
+ ```
128
+
129
+ If the customer still loads jQuery from another CDN like Google, they should also allow that CDN in `script-src`.
130
+
131
+ You can use `getSiaraShieldCspPolicy(...)` to generate the plugin baseline from the plugin side instead of hardcoding it in customer projects.
132
+
133
+ If your site uses nonce-based CSP, pass `cspNonce` to `initSiaraShield(...)` or `SiaraShieldComponent`.
134
+
135
+ This package now preloads `SiaraShield_Validation.js` with the same nonce to reduce CSP issues from the vendor bootstrap chain.
102
136
 
103
- - `https://embedcdn.mycybersiara.com`
137
+ The plugin can help generate the CSP string, but the final CSP header/meta must still be applied by the customer project.
104
138
 
105
139
  ## Quick troubleshooting
106
140
 
107
141
  - Captcha not visible -> confirm `<div class="SiaraShield"></div>` is present
108
142
  - `CheckCaptcha` not available -> ensure `initSiaraShield(...)` ran successfully
143
+ - CSP warning or script load failure -> allow the `script-src`, `connect-src`, and `img-src` hosts above and reuse your page nonce with `cspNonce`
109
144
  - Token empty -> check browser console and network calls after clicking submit
110
145
 
111
146
  ## Build and pack (library maintainers)
package/fesm2022/siarashield_workspace.mjs CHANGED
@@ -42,7 +42,7 @@ class SiaraShieldLoaderService {
42
42
  };
43
43
  script.onerror = () => {
44
44
  this.statusBySrc.set(src, 'error');
45
- reject(new Error(`Failed to load script: ${src}`));
45
+ reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));
46
46
  };
47
47
  this.document.head.appendChild(script);
48
48
  });
@@ -61,6 +61,8 @@ i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "21.2.5", ngImpor
61
61
  }] }] });
62
62
 
63
63
  const JQUERY_FALLBACK_SRC$1 = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';
64
+ const CAPTCHA_SCRIPT_SRC$1 = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';
65
+ const VALIDATION_SCRIPT_SRC$1 = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';
64
66
  const CAPTCHA_READY_TIMEOUT_MS$1 = 8000;
65
67
  class SiaraShieldComponent {
66
68
  host;
@@ -92,13 +94,17 @@ class SiaraShieldComponent {
92
94
  if ((options.loadJQuery ?? true) && !this.isJQueryAlreadyAvailable()) {
93
95
  await this.loader.loadScript(JQUERY_FALLBACK_SRC$1, { nonce: cspNonce });
94
96
  }
95
- await this.loader.loadScript('https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js', {
97
+ await this.loader.loadScript(CAPTCHA_SCRIPT_SRC$1, {
98
+ nonce: cspNonce,
99
+ });
100
+ await this.loader.loadScript(VALIDATION_SCRIPT_SRC$1, {
96
101
  nonce: cspNonce,
97
102
  });
98
103
  const g = getSiaraShieldGlobals();
104
+ this.preventDuplicateValidationBootstrap(g);
99
105
  const initCaptchaFn = getInitCaptchaFn(g);
100
106
  if (!initCaptchaFn) {
101
- throw new Error('SiaraShield: InitCaptcha() is not available after loading scripts.');
107
+ throw new Error('SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.');
102
108
  }
103
109
  initCaptchaFn(options.publicKey);
104
110
  await this.waitForCheckCaptchaApi();
@@ -129,6 +135,19 @@ class SiaraShieldComponent {
129
135
  const nonceMeta = doc.querySelector('meta[name="csp-nonce"]');
130
136
  return nonceMeta?.content || undefined;
131
137
  }
138
+ preventDuplicateValidationBootstrap(g) {
139
+ const originalAppendValidation = g.AppendValidationJS;
140
+ if (typeof originalAppendValidation !== 'function') {
141
+ return;
142
+ }
143
+ g.AppendValidationJS = () => {
144
+ const existing = this.host.nativeElement.ownerDocument.querySelector(`script[src="${VALIDATION_SCRIPT_SRC$1}"]`);
145
+ if (existing) {
146
+ return;
147
+ }
148
+ originalAppendValidation();
149
+ };
150
+ }
132
151
  async waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS$1) {
133
152
  const startedAt = Date.now();
134
153
  while (Date.now() - startedAt < timeoutMs) {
@@ -137,7 +156,7 @@ class SiaraShieldComponent {
137
156
  }
138
157
  await new Promise((resolve) => setTimeout(resolve, 100));
139
158
  }
140
- throw new Error('SiaraShield: CheckCaptcha() was not available within timeout.');
159
+ throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');
141
160
  }
142
161
  /**
143
162
  * Calls the global `CheckCaptcha()` from SiaraShield script.
@@ -146,7 +165,7 @@ class SiaraShieldComponent {
146
165
  checkCaptcha() {
147
166
  const g = getSiaraShieldGlobals();
148
167
  if (!g.CheckCaptcha) {
149
- throw new Error('SiaraShield: CheckCaptcha() is not available. Did init() run?');
168
+ throw new Error('SiaraShield: CheckCaptcha() is not available. Did init() run, and is CSP allowing the captcha scripts?');
150
169
  }
151
170
  const ok = g.CheckCaptcha();
152
171
  if (ok && typeof g.CyberSiaraToken === 'string') {
@@ -196,10 +215,12 @@ i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "21.2.5", ngImpor
196
215
  }] } });
197
216
 
198
217
  const JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';
218
+ const CAPTCHA_SCRIPT_SRC = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';
219
+ const VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';
199
220
  const CAPTCHA_READY_TIMEOUT_MS = 8000;
200
221
  let pending = null;
201
222
  let initialized = false;
202
- function loadScript(src) {
223
+ function loadScript(src, options) {
203
224
  const existing = document.querySelector(`script[src="${src}"]`);
204
225
  if (existing)
205
226
  return Promise.resolve();
@@ -207,8 +228,11 @@ function loadScript(src) {
207
228
  const script = document.createElement('script');
208
229
  script.src = src;
209
230
  script.async = true;
231
+ if (options?.nonce) {
232
+ script.nonce = options.nonce;
233
+ }
210
234
  script.onload = () => resolve();
211
- script.onerror = () => reject(new Error(`Failed to load script: ${src}`));
235
+ script.onerror = () => reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));
212
236
  document.head.appendChild(script);
213
237
  });
214
238
  }
@@ -220,6 +244,28 @@ function isJQueryAlreadyAvailable() {
220
244
  const existingJqueryScript = document.querySelector('script[src*="jquery"]');
221
245
  return Boolean(existingJqueryScript);
222
246
  }
247
+ function resolveCspNonce(explicitNonce) {
248
+ if (explicitNonce)
249
+ return explicitNonce;
250
+ const scriptWithNonce = document.querySelector('script[nonce]');
251
+ if (scriptWithNonce?.nonce)
252
+ return scriptWithNonce.nonce;
253
+ const nonceMeta = document.querySelector('meta[name="csp-nonce"]');
254
+ return nonceMeta?.content || undefined;
255
+ }
256
+ function preventDuplicateValidationBootstrap(g) {
257
+ const originalAppendValidation = g.AppendValidationJS;
258
+ if (typeof originalAppendValidation !== 'function') {
259
+ return;
260
+ }
261
+ g.AppendValidationJS = () => {
262
+ const existing = document.querySelector(`script[src="${VALIDATION_SCRIPT_SRC}"]`);
263
+ if (existing) {
264
+ return;
265
+ }
266
+ originalAppendValidation();
267
+ };
268
+ }
223
269
  async function waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS) {
224
270
  const startedAt = Date.now();
225
271
  while (Date.now() - startedAt < timeoutMs) {
@@ -228,7 +274,7 @@ async function waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS) {
228
274
  }
229
275
  await new Promise((resolve) => setTimeout(resolve, 100));
230
276
  }
231
- throw new Error('SiaraShield: CheckCaptcha() was not available within timeout.');
277
+ throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');
232
278
  }
233
279
  /**
234
280
  * Drop-in initializer for SiaraShield.
@@ -247,14 +293,21 @@ async function initSiaraShield(options) {
247
293
  throw new Error('initSiaraShield: publicKey is required.');
248
294
  }
249
295
  pending = (async () => {
296
+ const cspNonce = resolveCspNonce(options.cspNonce);
250
297
  if ((options.loadJQuery ?? true) && !isJQueryAlreadyAvailable()) {
251
- await loadScript(JQUERY_FALLBACK_SRC);
298
+ await loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });
252
299
  }
253
- await loadScript('https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js');
300
+ await loadScript(CAPTCHA_SCRIPT_SRC, {
301
+ nonce: cspNonce,
302
+ });
303
+ await loadScript(VALIDATION_SCRIPT_SRC, {
304
+ nonce: cspNonce,
305
+ });
254
306
  const g = getSiaraShieldGlobals();
307
+ preventDuplicateValidationBootstrap(g);
255
308
  const initCaptchaFn = getInitCaptchaFn(g);
256
309
  if (!initCaptchaFn) {
257
- throw new Error('SiaraShield: InitCaptcha() is not available after loading scripts.');
310
+ throw new Error('SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.');
258
311
  }
259
312
  initCaptchaFn(options.publicKey);
260
313
  await waitForCheckCaptchaApi();
@@ -274,7 +327,7 @@ async function initSiaraShield(options) {
274
327
  function checkSiaraShieldCaptcha() {
275
328
  const g = getSiaraShieldGlobals();
276
329
  if (!g.CheckCaptcha) {
277
- throw new Error('SiaraShield: CheckCaptcha() is not available. Did initSiaraShield() run?');
330
+ throw new Error('SiaraShield: CheckCaptcha() is not available. Did initSiaraShield() run, and is CSP allowing the captcha scripts?');
278
331
  }
279
332
  const ok = g.CheckCaptcha();
280
333
  const token = typeof g.CyberSiaraToken === 'string' ? g.CyberSiaraToken : undefined;
@@ -303,6 +356,67 @@ async function checkSiaraShieldCaptchaAsync(options) {
303
356
  return { ok: true };
304
357
  }
305
358
 
359
+ const SELF = "'self'";
360
+ const DATA = 'data:';
361
+ const UNSAFE_INLINE = "'unsafe-inline'";
362
+ const SCRIPT_HOSTS = ['https://embedcdn.mycybersiara.com', 'https://embed.mycybersiara.com'];
363
+ const OPTIONAL_SCRIPT_HOSTS = ['https://ajax.googleapis.com'];
364
+ const CONNECT_HOSTS = ['https://embed.mycybersiara.com'];
365
+ const IMG_HOSTS = ['https://embed.mycybersiara.com'];
366
+ function unique(values) {
367
+ return [...new Set(values.filter((value) => Boolean(value && value.trim())))];
368
+ }
369
+ function nonceSource(nonce) {
370
+ return nonce ? `'nonce-${nonce}'` : undefined;
371
+ }
372
+ function serializeDirective(name, values) {
373
+ return values.length > 0 ? `${name} ${values.join(' ')}` : name;
374
+ }
375
+ function parsePolicy(policy) {
376
+ const directives = new Map();
377
+ for (const rawDirective of policy.split(';')) {
378
+ const directive = rawDirective.trim();
379
+ if (!directive) {
380
+ continue;
381
+ }
382
+ const parts = directive.split(/\s+/).filter(Boolean);
383
+ const [name, ...values] = parts;
384
+ if (!name) {
385
+ continue;
386
+ }
387
+ directives.set(name, values);
388
+ }
389
+ return directives;
390
+ }
391
+ function getSiaraShieldCspDirectives(options) {
392
+ const includeGoogleApis = options?.includeGoogleApis ?? false;
393
+ const includeUnsafeInlineStyle = options?.includeUnsafeInlineStyle ?? true;
394
+ const nonce = nonceSource(options?.nonce);
395
+ const scriptHosts = includeGoogleApis ? [...SCRIPT_HOSTS, ...OPTIONAL_SCRIPT_HOSTS] : [...SCRIPT_HOSTS];
396
+ return {
397
+ 'script-src': unique([SELF, nonce, ...scriptHosts]),
398
+ 'script-src-elem': unique([SELF, nonce, ...scriptHosts]),
399
+ 'connect-src': unique([SELF, ...CONNECT_HOSTS]),
400
+ 'img-src': unique([SELF, DATA, ...IMG_HOSTS]),
401
+ 'style-src': unique([SELF, includeUnsafeInlineStyle ? UNSAFE_INLINE : undefined]),
402
+ };
403
+ }
404
+ function getSiaraShieldCspPolicy(options) {
405
+ return Object.entries(getSiaraShieldCspDirectives(options))
406
+ .map(([name, values]) => serializeDirective(name, values))
407
+ .join('; ');
408
+ }
409
+ function mergeSiaraShieldCspPolicy(existingPolicy, options) {
410
+ const directives = parsePolicy(existingPolicy);
411
+ const recommended = getSiaraShieldCspDirectives(options);
412
+ for (const [name, values] of Object.entries(recommended)) {
413
+ directives.set(name, unique([...(directives.get(name) ?? []), ...values]));
414
+ }
415
+ return [...directives.entries()]
416
+ .map(([name, values]) => serializeDirective(name, values))
417
+ .join('; ');
418
+ }
419
+
306
420
  /*
307
421
  * Public API Surface of siarashield-workspace
308
422
  */
@@ -311,5 +425,5 @@ async function checkSiaraShieldCaptchaAsync(options) {
311
425
  * Generated bundle index. Do not edit.
312
426
  */
313
427
 
314
- export { SiaraShieldComponent, SiaraShieldLoaderService, checkSiaraShieldCaptcha, checkSiaraShieldCaptchaAsync, getInitCaptchaFn, getSiaraShieldGlobals, initSiaraShield };
428
+ export { SiaraShieldComponent, SiaraShieldLoaderService, checkSiaraShieldCaptcha, checkSiaraShieldCaptchaAsync, getInitCaptchaFn, getSiaraShieldCspDirectives, getSiaraShieldCspPolicy, getSiaraShieldGlobals, initSiaraShield, mergeSiaraShieldCspPolicy };
315
429
  //# sourceMappingURL=siarashield_workspace.mjs.map
package/fesm2022/siarashield_workspace.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"siarashield_workspace.mjs","sources":["../../../projects/siarashield-workspace/src/lib/siara-shield.globals.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-loader.service.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.component.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.ts","../../../projects/siarashield-workspace/src/public-api.ts","../../../projects/siarashield-workspace/src/siarashield_workspace.ts"],"sourcesContent":["export type InitCaptchaFn = (publicKey: string) => void;\nexport type CheckCaptchaFn = () => boolean;\n\nexport interface SiaraShieldGlobals {\n initCaptcha?: InitCaptchaFn;\n InitCaptcha?: InitCaptchaFn;\n CheckCaptcha?: CheckCaptchaFn;\n CyberSiaraToken?: string;\n jQuery?: unknown;\n $?: unknown;\n}\n\nexport function getSiaraShieldGlobals(): SiaraShieldGlobals {\n return (globalThis as unknown as { [k: string]: unknown }) as SiaraShieldGlobals;\n}\n\nexport function getInitCaptchaFn(g: SiaraShieldGlobals): InitCaptchaFn | undefined {\n return g.initCaptcha ?? g.InitCaptcha;\n}\n\n","import { DOCUMENT } from '@angular/common';\nimport { Inject, Injectable } from '@angular/core';\n\ntype ScriptStatus = 'idle' | 'loading' | 'loaded' | 'error';\n\nexport interface ScriptLoadOptions {\n nonce?: string;\n}\n\n@Injectable({ providedIn: 'root' })\nexport class SiaraShieldLoaderService {\n private statusBySrc = new Map<string, ScriptStatus>();\n private pendingBySrc = new Map<string, Promise<void>>();\n\n constructor(@Inject(DOCUMENT) private readonly document: Document) {}\n\n loadScript(src: string, options?: ScriptLoadOptions): Promise<void> {\n const existing = this.document.querySelector<HTMLScriptElement>(`script[src=\"${src}\"]`);\n if (existing) return Promise.resolve();\n\n const status = this.statusBySrc.get(src);\n if (status === 'loaded') return Promise.resolve();\n if (status === 'loading') {\n const pending = this.pendingBySrc.get(src);\n if (pending) return pending;\n }\n\n this.statusBySrc.set(src, 'loading');\n\n const pending = new Promise<void>((resolve, reject) => {\n const script = this.document.createElement('script');\n script.src = src;\n script.async = true;\n if (options?.nonce) {\n script.nonce = options.nonce;\n }\n script.onload = () => {\n this.statusBySrc.set(src, 'loaded');\n resolve();\n };\n script.onerror = () => {\n this.statusBySrc.set(src, 'error');\n reject(new Error(`Failed to load script: ${src}`));\n };\n this.document.head.appendChild(script);\n });\n\n this.pendingBySrc.set(src, pending);\n return pending;\n }\n}\n\n","import { AfterViewInit, Component, ElementRef, EventEmitter, Input, Output, ViewEncapsulation } from '@angular/core';\nimport { SiaraShieldLoaderService } from './siara-shield-loader.service';\nimport { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\n\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\nexport interface SiaraShieldInitOptions {\n /** SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. */\n publicKey: string;\n /** Loads jQuery before SiaraShield script. Keep true if your page doesn't already include jQuery. */\n loadJQuery?: boolean;\n /** CSP nonce for strict policies (`script-src 'nonce-...'`). */\n cspNonce?: string;\n}\n\n@Component({\n selector: 'siara-shield',\n standalone: true,\n template: `<div class=\"SiaraShield\"></div>`,\n encapsulation: ViewEncapsulation.None,\n})\nexport class SiaraShieldComponent implements AfterViewInit {\n @Input({ required: true }) publicKey!: string;\n @Input() loadJQuery = true;\n @Input() cspNonce?: string;\n\n /**\n * Emits the current `CyberSiaraToken` right after a successful `checkCaptcha()`.\n */\n @Output() token = new EventEmitter<string>();\n\n private initialized = false;\n\n constructor(\n private readonly host: ElementRef<HTMLElement>,\n private readonly loader: SiaraShieldLoaderService,\n ) {}\n\n async ngAfterViewInit(): Promise<void> {\n await this.init({ publicKey: this.publicKey, loadJQuery: this.loadJQuery, cspNonce: this.cspNonce });\n }\n\n async init(options: SiaraShieldInitOptions): Promise<void> {\n if (this.initialized) return;\n\n // Ensure the host element is in DOM before scripts run.\n void this.host.nativeElement;\n\n if (!options.publicKey) {\n throw new Error('SiaraShieldComponent: publicKey is required.');\n }\n const cspNonce = this.resolveCspNonce(options.cspNonce);\n\n if ((options.loadJQuery ?? true) && !this.isJQueryAlreadyAvailable()) {\n await this.loader.loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });\n }\n\n await this.loader.loadScript('https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js', {\n nonce: cspNonce,\n });\n\n const g = getSiaraShieldGlobals();\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error('SiaraShield: InitCaptcha() is not available after loading scripts.');\n }\n\n initCaptchaFn(options.publicKey);\n await this.waitForCheckCaptchaApi();\n this.initialized = true;\n }\n\n /**\n * Detect preloaded jQuery from global object or an existing script tag.\n */\n private isJQueryAlreadyAvailable(): boolean {\n const g = getSiaraShieldGlobals();\n if (typeof g.jQuery === 'function' || typeof g.$ === 'function') {\n return true;\n }\n\n const existingJqueryScript = this.host.nativeElement.ownerDocument.querySelector<HTMLScriptElement>(\n 'script[src*=\"jquery\"]',\n );\n return Boolean(existingJqueryScript);\n }\n\n /**\n * Uses explicit nonce first. If not provided, tries to reuse nonce\n * from the first script tag or from `<meta name=\"csp-nonce\">`.\n */\n private resolveCspNonce(explicitNonce?: string): string | undefined {\n if (explicitNonce) return explicitNonce;\n const doc = this.host.nativeElement.ownerDocument;\n const scriptWithNonce = doc.querySelector<HTMLScriptElement>('script[nonce]');\n if (scriptWithNonce?.nonce) return scriptWithNonce.nonce;\n\n const nonceMeta = doc.querySelector<HTMLMetaElement>('meta[name=\"csp-nonce\"]');\n return nonceMeta?.content || undefined;\n }\n\n private async waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\n const startedAt = Date.now();\n while (Date.now() - startedAt < timeoutMs) {\n if (getSiaraShieldGlobals().CheckCaptcha) {\n return;\n }\n await new Promise((resolve) => setTimeout(resolve, 100));\n }\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout.');\n }\n\n /**\n * Calls the global `CheckCaptcha()` from SiaraShield script.\n * Returns true when captcha is valid; emits token if available.\n */\n checkCaptcha(): boolean {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did init() run?');\n }\n\n const ok = g.CheckCaptcha();\n if (ok && typeof g.CyberSiaraToken === 'string') {\n this.token.emit(g.CyberSiaraToken);\n }\n return ok;\n }\n\n /**\n * Async-friendly captcha validation to avoid first-click timing issues.\n * Retries briefly until token/check API settles.\n */\n async checkCaptchaAsync(options?: { timeoutMs?: number; pollIntervalMs?: number }): Promise<boolean> {\n const timeoutMs = options?.timeoutMs ?? 2000;\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\n const startedAt = Date.now();\n\n if (this.checkCaptcha()) {\n return true;\n }\n\n while (Date.now() - startedAt < timeoutMs) {\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\n if (this.checkCaptcha()) {\n return true;\n }\n }\n\n return false;\n }\n}\n\n","import { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\n\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\nexport interface InitSiaraShieldOptions {\n /** SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. */\n publicKey: string;\n /**\n * Loads jQuery before SiaraShield script.\n * If your site/app already loads jQuery, set this to false (not required to load again).\n */\n loadJQuery?: boolean;\n}\n\nlet pending: Promise<void> | null = null;\nlet initialized = false;\n\nfunction loadScript(src: string): Promise<void> {\n const existing = document.querySelector<HTMLScriptElement>(`script[src=\"${src}\"]`);\n if (existing) return Promise.resolve();\n\n return new Promise<void>((resolve, reject) => {\n const script = document.createElement('script');\n script.src = src;\n script.async = true;\n script.onload = () => resolve();\n script.onerror = () => reject(new Error(`Failed to load script: ${src}`));\n document.head.appendChild(script);\n });\n}\n\nfunction isJQueryAlreadyAvailable(): boolean {\n const g = getSiaraShieldGlobals();\n if (typeof g.jQuery === 'function' || typeof g.$ === 'function') {\n return true;\n }\n\n const existingJqueryScript = document.querySelector<HTMLScriptElement>('script[src*=\"jquery\"]');\n return Boolean(existingJqueryScript);\n}\n\nasync function waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\n const startedAt = Date.now();\n while (Date.now() - startedAt < timeoutMs) {\n if (getSiaraShieldGlobals().CheckCaptcha) {\n return;\n }\n await new Promise((resolve) => setTimeout(resolve, 100));\n }\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout.');\n}\n\n/**\n * Drop-in initializer for SiaraShield.\n * - Loads required scripts (optionally jQuery)\n * - Calls global `initCaptcha(publicKey)`\n *\n * Requirements in your HTML/template:\n * - You must render: `<div class=\"SiaraShield\"></div>`\n */\nexport async function initSiaraShield(options: InitSiaraShieldOptions): Promise<void> {\n if (initialized) return;\n if (pending) return pending;\n\n if (!options?.publicKey) {\n throw new Error('initSiaraShield: publicKey is required.');\n }\n\n pending = (async () => {\n if ((options.loadJQuery ?? true) && !isJQueryAlreadyAvailable()) {\n await loadScript(JQUERY_FALLBACK_SRC);\n }\n\n await loadScript('https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js');\n\n const g = getSiaraShieldGlobals();\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error('SiaraShield: InitCaptcha() is not available after loading scripts.');\n }\n\n initCaptchaFn(options.publicKey);\n await waitForCheckCaptchaApi();\n initialized = true;\n })();\n\n try {\n await pending;\n } finally {\n // keep `pending` cached for subsequent callers\n }\n}\n\n/**\n * Calls global `CheckCaptcha()` and returns its boolean result.\n * If successful, returns `{ ok: true, token?: string }`.\n */\nexport function checkSiaraShieldCaptcha(): { ok: boolean; token?: string } {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did initSiaraShield() run?');\n }\n\n const ok = g.CheckCaptcha();\n const token = typeof g.CyberSiaraToken === 'string' ? g.CyberSiaraToken : undefined;\n return ok ? { ok: true, token } : { ok: false };\n}\n\n/**\n * Async-friendly captcha check to handle delayed token population.\n */\nexport async function checkSiaraShieldCaptchaAsync(options?: {\n timeoutMs?: number;\n pollIntervalMs?: number;\n}): Promise<{ ok: boolean; token?: string }> {\n const timeoutMs = options?.timeoutMs ?? 1200;\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\n const firstCheck = checkSiaraShieldCaptcha(); // one API call only\n if (!firstCheck.ok) return firstCheck;\n if (firstCheck.token) return firstCheck;\n\n const startedAt = Date.now();\n // Token can be assigned slightly after successful verification.\n while (Date.now() - startedAt < timeoutMs) {\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\n const token = getSiaraShieldGlobals().CyberSiaraToken;\n if (typeof token === 'string' && token.length > 0) {\n return { ok: true, token };\n }\n }\n\n return { ok: true };\n}\n\n","/*\n * Public API Surface of siarashield-workspace\n */\n\nexport * from './lib/siarashield-workspace';\nexport * from './lib/siara-shield.component';\nexport * from './lib/siara-shield-loader.service';\nexport * from './lib/siara-shield.globals';\nexport * from './lib/siara-shield';\n","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './public-api';\n"],"names":["JQUERY_FALLBACK_SRC","CAPTCHA_READY_TIMEOUT_MS","i1.SiaraShieldLoaderService"],"mappings":";;;;SAYgB,qBAAqB,GAAA;AACnC,IAAA,OAAQ,UAAwE;AAClF;AAEM,SAAU,gBAAgB,CAAC,CAAqB,EAAA;AACpD,IAAA,OAAO,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,WAAW;AACvC;;MCRa,wBAAwB,CAAA;AAIY,IAAA,QAAA;AAHvC,IAAA,WAAW,GAAG,IAAI,GAAG,EAAwB;AAC7C,IAAA,YAAY,GAAG,IAAI,GAAG,EAAyB;AAEvD,IAAA,WAAA,CAA+C,QAAkB,EAAA;QAAlB,IAAA,CAAA,QAAQ,GAAR,QAAQ;IAAa;IAEpE,UAAU,CAAC,GAAW,EAAE,OAA2B,EAAA;AACjD,QAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,GAAG,CAAA,EAAA,CAAI,CAAC;AACvF,QAAA,IAAI,QAAQ;AAAE,YAAA,OAAO,OAAO,CAAC,OAAO,EAAE;QAEtC,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC;QACxC,IAAI,MAAM,KAAK,QAAQ;AAAE,YAAA,OAAO,OAAO,CAAC,OAAO,EAAE;AACjD,QAAA,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC;AAC1C,YAAA,IAAI,OAAO;AAAE,gBAAA,OAAO,OAAO;QAC7B;QAEA,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC;QAEpC,MAAM,OAAO,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,KAAI;YACpD,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC;AACpD,YAAA,MAAM,CAAC,GAAG,GAAG,GAAG;AAChB,YAAA,MAAM,CAAC,KAAK,GAAG,IAAI;AACnB,YAAA,IAAI,OAAO,EAAE,KAAK,EAAE;AAClB,gBAAA,MAAM,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK;YAC9B;AACA,YAAA,MAAM,CAAC,MAAM,GAAG,MAAK;gBACnB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC;AACnC,gBAAA,OAAO,EAAE;AACX,YAAA,CAAC;AACD,YAAA,MAAM,CAAC,OAAO,GAAG,MAAK;gBACpB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;gBAClC,MAAM,CAAC,IAAI,KAAK,CAAC,0BAA0B,GAAG,CAAA,CAAE,CAAC,CAAC;AACpD,YAAA,CAAC;YACD,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;AACxC,QAAA,CAAC,CAAC;QAEF,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;AACnC,QAAA,OAAO,OAAO;IAChB;AAvCW,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,kBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,kBAIf,QAAQ,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;AAJjB,IAAA,OAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,cADX,MAAM,EAAA,CAAA;;2FACnB,wBAAwB,EAAA,UAAA,EAAA,CAAA;kBADpC,UAAU;mBAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;0BAKnB,MAAM;2BAAC,QAAQ;;;ACV9B,MAAMA,qBAAmB,GAAG,kEAAkE;AAC9F,MAAMC,0BAAwB,GAAG,IAAI;MAiBxB,oBAAoB,CAAA;AAaZ,IAAA,IAAA;AACA,IAAA,MAAA;AAbQ,IAAA,SAAS;IAC3B,UAAU,GAAG,IAAI;AACjB,IAAA,QAAQ;AAEjB;;AAEG;AACO,IAAA,KAAK,GAAG,IAAI,YAAY,EAAU;IAEpC,WAAW,GAAG,KAAK;IAE3B,WAAA,CACmB,IAA6B,EAC7B,MAAgC,EAAA;QADhC,IAAA,CAAA,IAAI,GAAJ,IAAI;QACJ,IAAA,CAAA,MAAM,GAAN,MAAM;IACtB;AAEH,IAAA,MAAM,eAAe,GAAA;QACnB,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;IACtG;IAEA,MAAM,IAAI,CAAC,OAA+B,EAAA;QACxC,IAAI,IAAI,CAAC,WAAW;YAAE;;AAGtB,QAAA,KAAK,IAAI,CAAC,IAAI,CAAC,aAAa;AAE5B,QAAA,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE;AACtB,YAAA,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC;QACjE;QACA,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC;AAEvD,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE;AACpE,YAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACD,qBAAmB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QACxE;AAEA,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,sEAAsE,EAAE;AACnG,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC;QACvF;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;AAChC,QAAA,MAAM,IAAI,CAAC,sBAAsB,EAAE;AACnC,QAAA,IAAI,CAAC,WAAW,GAAG,IAAI;IACzB;AAEA;;AAEG;IACK,wBAAwB,GAAA;AAC9B,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,YAAA,OAAO,IAAI;QACb;AAEA,QAAA,MAAM,oBAAoB,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,aAAa,CAC9E,uBAAuB,CACxB;AACD,QAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;IACtC;AAEA;;;AAGG;AACK,IAAA,eAAe,CAAC,aAAsB,EAAA;AAC5C,QAAA,IAAI,aAAa;AAAE,YAAA,OAAO,aAAa;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa;QACjD,MAAM,eAAe,GAAG,GAAG,CAAC,aAAa,CAAoB,eAAe,CAAC;QAC7E,IAAI,eAAe,EAAE,KAAK;YAAE,OAAO,eAAe,CAAC,KAAK;QAExD,MAAM,SAAS,GAAG,GAAG,CAAC,aAAa,CAAkB,wBAAwB,CAAC;AAC9E,QAAA,OAAO,SAAS,EAAE,OAAO,IAAI,SAAS;IACxC;AAEQ,IAAA,MAAM,sBAAsB,CAAC,SAAS,GAAGC,0BAAwB,EAAA;AACvE,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;QAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;gBACxC;YACF;AACA,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC1D;AACA,QAAA,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC;IAClF;AAEA;;;AAGG;IACH,YAAY,GAAA;AACV,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,YAAA,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC;QAClF;AAEA,QAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;QAC3B,IAAI,EAAE,IAAI,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,EAAE;YAC/C,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC;QACpC;AACA,QAAA,OAAO,EAAE;IACX;AAEA;;;AAGG;IACH,MAAM,iBAAiB,CAAC,OAAyD,EAAA;AAC/E,QAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,QAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;AAE5B,QAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,YAAA,OAAO,IAAI;QACb;QAEA,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,YAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,gBAAA,OAAO,IAAI;YACb;QACF;AAEA,QAAA,OAAO,KAAK;IACd;uGAjIW,oBAAoB,EAAA,IAAA,EAAA,CAAA,EAAA,KAAA,EAAA,EAAA,CAAA,UAAA,EAAA,EAAA,EAAA,KAAA,EAAAC,wBAAA,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA;AAApB,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,oBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,IAAA,EAAA,oBAAoB,yLAHrB,CAAA,+BAAA,CAAiC,EAAA,QAAA,EAAA,IAAA,EAAA,aAAA,EAAA,EAAA,CAAA,iBAAA,CAAA,IAAA,EAAA,CAAA;;2FAGhC,oBAAoB,EAAA,UAAA,EAAA,CAAA;kBANhC,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,QAAQ,EAAE,cAAc;AACxB,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,CAAA,+BAAA,CAAiC;oBAC3C,aAAa,EAAE,iBAAiB,CAAC,IAAI;AACtC,iBAAA;;sBAEE,KAAK;uBAAC,EAAE,QAAQ,EAAE,IAAI,EAAE;;sBACxB;;sBACA;;sBAKA;;;AC5BH,MAAM,mBAAmB,GAAG,kEAAkE;AAC9F,MAAM,wBAAwB,GAAG,IAAI;AAYrC,IAAI,OAAO,GAAyB,IAAI;AACxC,IAAI,WAAW,GAAG,KAAK;AAEvB,SAAS,UAAU,CAAC,GAAW,EAAA;IAC7B,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,GAAG,CAAA,EAAA,CAAI,CAAC;AAClF,IAAA,IAAI,QAAQ;AAAE,QAAA,OAAO,OAAO,CAAC,OAAO,EAAE;IAEtC,OAAO,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,KAAI;QAC3C,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC;AAC/C,QAAA,MAAM,CAAC,GAAG,GAAG,GAAG;AAChB,QAAA,MAAM,CAAC,KAAK,GAAG,IAAI;QACnB,MAAM,CAAC,MAAM,GAAG,MAAM,OAAO,EAAE;AAC/B,QAAA,MAAM,CAAC,OAAO,GAAG,MAAM,MAAM,CAAC,IAAI,KAAK,CAAC,CAAA,uBAAA,EAA0B,GAAG,CAAA,CAAE,CAAC,CAAC;AACzE,QAAA,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;AACnC,IAAA,CAAC,CAAC;AACJ;AAEA,SAAS,wBAAwB,GAAA;AAC/B,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,QAAA,OAAO,IAAI;IACb;IAEA,MAAM,oBAAoB,GAAG,QAAQ,CAAC,aAAa,CAAoB,uBAAuB,CAAC;AAC/F,IAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;AACtC;AAEA,eAAe,sBAAsB,CAAC,SAAS,GAAG,wBAAwB,EAAA;AACxE,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;IAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;YACxC;QACF;AACA,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAC1D;AACA,IAAA,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC;AAClF;AAEA;;;;;;;AAOG;AACI,eAAe,eAAe,CAAC,OAA+B,EAAA;AACnE,IAAA,IAAI,WAAW;QAAE;AACjB,IAAA,IAAI,OAAO;AAAE,QAAA,OAAO,OAAO;AAE3B,IAAA,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE;AACvB,QAAA,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC;IAC5D;AAEA,IAAA,OAAO,GAAG,CAAC,YAAW;AACpB,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,wBAAwB,EAAE,EAAE;AAC/D,YAAA,MAAM,UAAU,CAAC,mBAAmB,CAAC;QACvC;AAEA,QAAA,MAAM,UAAU,CAAC,sEAAsE,CAAC;AAExF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC;QACvF;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;QAChC,MAAM,sBAAsB,EAAE;QAC9B,WAAW,GAAG,IAAI;IACpB,CAAC,GAAG;AAEJ,IAAA,IAAI;AACF,QAAA,MAAM,OAAO;IACf;YAAU;;IAEV;AACF;AAEA;;;AAGG;SACa,uBAAuB,GAAA;AACrC,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,QAAA,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC;IAC7F;AAEA,IAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;AAC3B,IAAA,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,GAAG,CAAC,CAAC,eAAe,GAAG,SAAS;AACnF,IAAA,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE;AACjD;AAEA;;AAEG;AACI,eAAe,4BAA4B,CAAC,OAGlD,EAAA;AACC,IAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,IAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,IAAA,MAAM,UAAU,GAAG,uBAAuB,EAAE,CAAC;IAC7C,IAAI,CAAC,UAAU,CAAC,EAAE;AAAE,QAAA,OAAO,UAAU;IACrC,IAAI,UAAU,CAAC,KAAK;AAAE,QAAA,OAAO,UAAU;AAEvC,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;;IAE5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,QAAA,MAAM,KAAK,GAAG,qBAAqB,EAAE,CAAC,eAAe;QACrD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;AACjD,YAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;QAC5B;IACF;AAEA,IAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE;AACrB;;ACrIA;;AAEG;;ACFH;;AAEG;;;;"}
1
+ {"version":3,"file":"siarashield_workspace.mjs","sources":["../../../projects/siarashield-workspace/src/lib/siara-shield.globals.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-loader.service.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.component.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-csp.ts","../../../projects/siarashield-workspace/src/public-api.ts","../../../projects/siarashield-workspace/src/siarashield_workspace.ts"],"sourcesContent":["export type InitCaptchaFn = (publicKey: string) => void;\nexport type CheckCaptchaFn = () => boolean;\n\nexport interface SiaraShieldGlobals {\n initCaptcha?: InitCaptchaFn;\n InitCaptcha?: InitCaptchaFn;\n CheckCaptcha?: CheckCaptchaFn;\n AppendValidationJS?: () => void;\n CyberSiaraToken?: string;\n jQuery?: unknown;\n $?: unknown;\n}\n\nexport function getSiaraShieldGlobals(): SiaraShieldGlobals {\n return (globalThis as unknown as { [k: string]: unknown }) as SiaraShieldGlobals;\n}\n\nexport function getInitCaptchaFn(g: SiaraShieldGlobals): InitCaptchaFn | undefined {\n return g.initCaptcha ?? g.InitCaptcha;\n}\n","import { DOCUMENT } from '@angular/common';\nimport { Inject, Injectable } from '@angular/core';\n\ntype ScriptStatus = 'idle' | 'loading' | 'loaded' | 'error';\n\nexport interface ScriptLoadOptions {\n nonce?: string;\n}\n\n@Injectable({ providedIn: 'root' })\nexport class SiaraShieldLoaderService {\n private statusBySrc = new Map<string, ScriptStatus>();\n private pendingBySrc = new Map<string, Promise<void>>();\n\n constructor(@Inject(DOCUMENT) private readonly document: Document) {}\n\n loadScript(src: string, options?: ScriptLoadOptions): Promise<void> {\n const existing = this.document.querySelector<HTMLScriptElement>(`script[src=\"${src}\"]`);\n if (existing) return Promise.resolve();\n\n const status = this.statusBySrc.get(src);\n if (status === 'loaded') return Promise.resolve();\n if (status === 'loading') {\n const pending = this.pendingBySrc.get(src);\n if (pending) return pending;\n }\n\n this.statusBySrc.set(src, 'loading');\n\n const pending = new Promise<void>((resolve, reject) => {\n const script = this.document.createElement('script');\n script.src = src;\n script.async = true;\n if (options?.nonce) {\n script.nonce = options.nonce;\n }\n script.onload = () => {\n this.statusBySrc.set(src, 'loaded');\n resolve();\n };\n script.onerror = () => {\n this.statusBySrc.set(src, 'error');\n reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));\n };\n this.document.head.appendChild(script);\n });\n\n this.pendingBySrc.set(src, pending);\n return pending;\n }\n}\n","import { AfterViewInit, Component, ElementRef, EventEmitter, Input, Output, ViewEncapsulation } from '@angular/core';\r\nimport { SiaraShieldLoaderService } from './siara-shield-loader.service';\r\nimport { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\r\n\r\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_SCRIPT_SRC = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';\nconst VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\r\nexport interface SiaraShieldInitOptions {\r\n /** SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. */\r\n publicKey: string;\r\n /** Loads jQuery before SiaraShield script. Default is true for easier integration. Set to false only if your page already includes jQuery. */\n loadJQuery?: boolean;\n /** CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. */\n cspNonce?: string;\n}\r\n\r\n@Component({\r\n selector: 'siara-shield',\r\n standalone: true,\r\n template: `<div class=\"SiaraShield\"></div>`,\r\n encapsulation: ViewEncapsulation.None,\r\n})\r\nexport class SiaraShieldComponent implements AfterViewInit {\n @Input({ required: true }) publicKey!: string;\r\n @Input() loadJQuery = true;\n @Input() cspNonce?: string;\n\r\n /**\r\n * Emits the current `CyberSiaraToken` right after a successful `checkCaptcha()`.\r\n */\r\n @Output() token = new EventEmitter<string>();\r\n\r\n private initialized = false;\r\n\r\n constructor(\n private readonly host: ElementRef<HTMLElement>,\n private readonly loader: SiaraShieldLoaderService,\n ) {}\n\r\n async ngAfterViewInit(): Promise<void> {\r\n await this.init({ publicKey: this.publicKey, loadJQuery: this.loadJQuery, cspNonce: this.cspNonce });\r\n }\r\n\r\n async init(options: SiaraShieldInitOptions): Promise<void> {\r\n if (this.initialized) return;\r\n\r\n // Ensure the host element is in DOM before scripts run.\r\n void this.host.nativeElement;\r\n\r\n if (!options.publicKey) {\r\n throw new Error('SiaraShieldComponent: publicKey is required.');\r\n }\r\n const cspNonce = this.resolveCspNonce(options.cspNonce);\r\n\r\n if ((options.loadJQuery ?? true) && !this.isJQueryAlreadyAvailable()) {\n await this.loader.loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });\n }\n\n await this.loader.loadScript(CAPTCHA_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n await this.loader.loadScript(VALIDATION_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n\n const g = getSiaraShieldGlobals();\n this.preventDuplicateValidationBootstrap(g);\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error(\n 'SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.',\n );\n }\n\r\n initCaptchaFn(options.publicKey);\r\n await this.waitForCheckCaptchaApi();\r\n this.initialized = true;\r\n }\r\n\r\n /**\r\n * Detect preloaded jQuery from global object or an existing script tag.\r\n */\r\n private isJQueryAlreadyAvailable(): boolean {\r\n const g = getSiaraShieldGlobals();\r\n if (typeof g.jQuery === 'function' || typeof g.$ === 'function') {\r\n return true;\r\n }\r\n\r\n const existingJqueryScript = this.host.nativeElement.ownerDocument.querySelector<HTMLScriptElement>(\r\n 'script[src*=\"jquery\"]',\r\n );\r\n return Boolean(existingJqueryScript);\r\n }\r\n\r\n /**\r\n * Uses explicit nonce first. If not provided, tries to reuse nonce\r\n * from the first script tag or from `<meta name=\"csp-nonce\">`.\r\n */\r\n private resolveCspNonce(explicitNonce?: string): string | undefined {\n if (explicitNonce) return explicitNonce;\r\n const doc = this.host.nativeElement.ownerDocument;\r\n const scriptWithNonce = doc.querySelector<HTMLScriptElement>('script[nonce]');\r\n if (scriptWithNonce?.nonce) return scriptWithNonce.nonce;\r\n\r\n const nonceMeta = doc.querySelector<HTMLMetaElement>('meta[name=\"csp-nonce\"]');\r\n return nonceMeta?.content || undefined;\n }\n\n private preventDuplicateValidationBootstrap(g: ReturnType<typeof getSiaraShieldGlobals>): void {\n const originalAppendValidation = g.AppendValidationJS;\n if (typeof originalAppendValidation !== 'function') {\n return;\n }\n\n g.AppendValidationJS = () => {\n const existing = this.host.nativeElement.ownerDocument.querySelector<HTMLScriptElement>(\n `script[src=\"${VALIDATION_SCRIPT_SRC}\"]`,\n );\n if (existing) {\n return;\n }\n\n originalAppendValidation();\n };\n }\n\r\n private async waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\r\n const startedAt = Date.now();\r\n while (Date.now() - startedAt < timeoutMs) {\r\n if (getSiaraShieldGlobals().CheckCaptcha) {\r\n return;\r\n }\r\n await new Promise((resolve) => setTimeout(resolve, 100));\r\n }\r\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');\n }\n\r\n /**\r\n * Calls the global `CheckCaptcha()` from SiaraShield script.\r\n * Returns true when captcha is valid; emits token if available.\r\n */\r\n checkCaptcha(): boolean {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did init() run, and is CSP allowing the captcha scripts?');\n }\n\r\n const ok = g.CheckCaptcha();\r\n if (ok && typeof g.CyberSiaraToken === 'string') {\r\n this.token.emit(g.CyberSiaraToken);\r\n }\r\n return ok;\r\n }\r\n\r\n /**\r\n * Async-friendly captcha validation to avoid first-click timing issues.\r\n * Retries briefly until token/check API settles.\r\n */\r\n async checkCaptchaAsync(options?: { timeoutMs?: number; pollIntervalMs?: number }): Promise<boolean> {\r\n const timeoutMs = options?.timeoutMs ?? 2000;\r\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\r\n const startedAt = Date.now();\r\n\r\n if (this.checkCaptcha()) {\r\n return true;\r\n }\r\n\r\n while (Date.now() - startedAt < timeoutMs) {\r\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\r\n if (this.checkCaptcha()) {\r\n return true;\r\n }\r\n }\r\n\r\n return false;\r\n }\r\n}\r\n\r\n","import { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\r\n\r\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_SCRIPT_SRC = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';\nconst VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\r\nexport interface InitSiaraShieldOptions {\n /** SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. */\n publicKey: string;\n /**\n * Loads jQuery before SiaraShield script.\n * Default is true for easier integration.\n * Set to false only if your site/app already loads jQuery.\n */\n loadJQuery?: boolean;\n /** CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. */\n cspNonce?: string;\n}\n\r\nlet pending: Promise<void> | null = null;\r\nlet initialized = false;\r\n\r\nfunction loadScript(src: string, options?: { nonce?: string }): Promise<void> {\n const existing = document.querySelector<HTMLScriptElement>(`script[src=\"${src}\"]`);\n if (existing) return Promise.resolve();\n\n return new Promise<void>((resolve, reject) => {\n const script = document.createElement('script');\n script.src = src;\n script.async = true;\n if (options?.nonce) {\n script.nonce = options.nonce;\n }\n script.onload = () => resolve();\n script.onerror = () =>\n reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));\n document.head.appendChild(script);\n });\n}\n\r\nfunction isJQueryAlreadyAvailable(): boolean {\n const g = getSiaraShieldGlobals();\n if (typeof g.jQuery === 'function' || typeof g.$ === 'function') {\n return true;\n }\n\r\n const existingJqueryScript = document.querySelector<HTMLScriptElement>('script[src*=\"jquery\"]');\n return Boolean(existingJqueryScript);\n}\n\nfunction resolveCspNonce(explicitNonce?: string): string | undefined {\n if (explicitNonce) return explicitNonce;\n\n const scriptWithNonce = document.querySelector<HTMLScriptElement>('script[nonce]');\n if (scriptWithNonce?.nonce) return scriptWithNonce.nonce;\n\n const nonceMeta = document.querySelector<HTMLMetaElement>('meta[name=\"csp-nonce\"]');\n return nonceMeta?.content || undefined;\n}\n\nfunction preventDuplicateValidationBootstrap(g: ReturnType<typeof getSiaraShieldGlobals>): void {\n const originalAppendValidation = g.AppendValidationJS;\n if (typeof originalAppendValidation !== 'function') {\n return;\n }\n\n g.AppendValidationJS = () => {\n const existing = document.querySelector<HTMLScriptElement>(`script[src=\"${VALIDATION_SCRIPT_SRC}\"]`);\n if (existing) {\n return;\n }\n\n originalAppendValidation();\n };\n}\n\r\nasync function waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\n const startedAt = Date.now();\n while (Date.now() - startedAt < timeoutMs) {\n if (getSiaraShieldGlobals().CheckCaptcha) {\n return;\n }\r\n await new Promise((resolve) => setTimeout(resolve, 100));\r\n }\r\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');\n}\n\r\n/**\r\n * Drop-in initializer for SiaraShield.\r\n * - Loads required scripts (optionally jQuery)\r\n * - Calls global `initCaptcha(publicKey)`\r\n *\r\n * Requirements in your HTML/template:\r\n * - You must render: `<div class=\"SiaraShield\"></div>`\r\n */\r\nexport async function initSiaraShield(options: InitSiaraShieldOptions): Promise<void> {\r\n if (initialized) return;\r\n if (pending) return pending;\r\n\r\n if (!options?.publicKey) {\r\n throw new Error('initSiaraShield: publicKey is required.');\r\n }\r\n\r\n pending = (async () => {\n const cspNonce = resolveCspNonce(options.cspNonce);\n\n if ((options.loadJQuery ?? true) && !isJQueryAlreadyAvailable()) {\n await loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });\n }\n\n await loadScript(CAPTCHA_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n await loadScript(VALIDATION_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n\n const g = getSiaraShieldGlobals();\n preventDuplicateValidationBootstrap(g);\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error(\n 'SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.',\n );\n }\n\r\n initCaptchaFn(options.publicKey);\r\n await waitForCheckCaptchaApi();\r\n initialized = true;\r\n })();\r\n\r\n try {\r\n await pending;\r\n } finally {\r\n // keep `pending` cached for subsequent callers\r\n }\r\n}\r\n\r\n/**\r\n * Calls global `CheckCaptcha()` and returns its boolean result.\r\n * If successful, returns `{ ok: true, token?: string }`.\r\n */\r\nexport function checkSiaraShieldCaptcha(): { ok: boolean; token?: string } {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did initSiaraShield() run, and is CSP allowing the captcha scripts?');\n }\n\r\n const ok = g.CheckCaptcha();\r\n const token = typeof g.CyberSiaraToken === 'string' ? g.CyberSiaraToken : undefined;\r\n return ok ? { ok: true, token } : { ok: false };\r\n}\r\n\r\n/**\r\n * Async-friendly captcha check to handle delayed token population.\r\n */\r\nexport async function checkSiaraShieldCaptchaAsync(options?: {\r\n timeoutMs?: number;\r\n pollIntervalMs?: number;\r\n}): Promise<{ ok: boolean; token?: string }> {\r\n const timeoutMs = options?.timeoutMs ?? 1200;\r\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\r\n const firstCheck = checkSiaraShieldCaptcha(); // one API call only\r\n if (!firstCheck.ok) return firstCheck;\r\n if (firstCheck.token) return firstCheck;\r\n\r\n const startedAt = Date.now();\r\n // Token can be assigned slightly after successful verification.\r\n while (Date.now() - startedAt < timeoutMs) {\r\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\r\n const token = getSiaraShieldGlobals().CyberSiaraToken;\r\n if (typeof token === 'string' && token.length > 0) {\r\n return { ok: true, token };\r\n }\r\n }\r\n\r\n return { ok: true };\r\n}\r\n\r\n","export interface SiaraShieldCspOptions {\n /** Server-generated nonce value without the `'nonce-'` prefix. */\n nonce?: string;\n /** Optional if the customer still loads jQuery from Google's CDN. */\n includeGoogleApis?: boolean;\n /** Keep `style-src 'unsafe-inline'` for current vendor markup/styles. */\n includeUnsafeInlineStyle?: boolean;\n}\n\nexport type SiaraShieldCspDirectives = Record<string, string[]>;\n\nconst SELF = \"'self'\";\nconst DATA = 'data:';\nconst UNSAFE_INLINE = \"'unsafe-inline'\";\n\nconst SCRIPT_HOSTS = ['https://embedcdn.mycybersiara.com', 'https://embed.mycybersiara.com'] as const;\nconst OPTIONAL_SCRIPT_HOSTS = ['https://ajax.googleapis.com'] as const;\nconst CONNECT_HOSTS = ['https://embed.mycybersiara.com'] as const;\nconst IMG_HOSTS = ['https://embed.mycybersiara.com'] as const;\n\nfunction unique(values: Array<string | undefined>): string[] {\n return [...new Set(values.filter((value): value is string => Boolean(value && value.trim())))];\n}\n\nfunction nonceSource(nonce?: string): string | undefined {\n return nonce ? `'nonce-${nonce}'` : undefined;\n}\n\nfunction serializeDirective(name: string, values: string[]): string {\n return values.length > 0 ? `${name} ${values.join(' ')}` : name;\n}\n\nfunction parsePolicy(policy: string): Map<string, string[]> {\n const directives = new Map<string, string[]>();\n\n for (const rawDirective of policy.split(';')) {\n const directive = rawDirective.trim();\n if (!directive) {\n continue;\n }\n\n const parts = directive.split(/\\s+/).filter(Boolean);\n const [name, ...values] = parts;\n if (!name) {\n continue;\n }\n\n directives.set(name, values);\n }\n\n return directives;\n}\n\nexport function getSiaraShieldCspDirectives(options?: SiaraShieldCspOptions): SiaraShieldCspDirectives {\n const includeGoogleApis = options?.includeGoogleApis ?? false;\n const includeUnsafeInlineStyle = options?.includeUnsafeInlineStyle ?? true;\n const nonce = nonceSource(options?.nonce);\n const scriptHosts = includeGoogleApis ? [...SCRIPT_HOSTS, ...OPTIONAL_SCRIPT_HOSTS] : [...SCRIPT_HOSTS];\n\n return {\n 'script-src': unique([SELF, nonce, ...scriptHosts]),\n 'script-src-elem': unique([SELF, nonce, ...scriptHosts]),\n 'connect-src': unique([SELF, ...CONNECT_HOSTS]),\n 'img-src': unique([SELF, DATA, ...IMG_HOSTS]),\n 'style-src': unique([SELF, includeUnsafeInlineStyle ? UNSAFE_INLINE : undefined]),\n };\n}\n\nexport function getSiaraShieldCspPolicy(options?: SiaraShieldCspOptions): string {\n return Object.entries(getSiaraShieldCspDirectives(options))\n .map(([name, values]) => serializeDirective(name, values))\n .join('; ');\n}\n\nexport function mergeSiaraShieldCspPolicy(existingPolicy: string, options?: SiaraShieldCspOptions): string {\n const directives = parsePolicy(existingPolicy);\n const recommended = getSiaraShieldCspDirectives(options);\n\n for (const [name, values] of Object.entries(recommended)) {\n directives.set(name, unique([...(directives.get(name) ?? []), ...values]));\n }\n\n return [...directives.entries()]\n .map(([name, values]) => serializeDirective(name, values))\n .join('; ');\n}\n","/*\n * Public API Surface of siarashield-workspace\n */\n\nexport * from './lib/siarashield-workspace';\nexport * from './lib/siara-shield.component';\nexport * from './lib/siara-shield-loader.service';\nexport * from './lib/siara-shield.globals';\nexport * from './lib/siara-shield';\nexport * from './lib/siara-shield-csp';\n","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './public-api';\n"],"names":["JQUERY_FALLBACK_SRC","CAPTCHA_SCRIPT_SRC","VALIDATION_SCRIPT_SRC","CAPTCHA_READY_TIMEOUT_MS","i1.SiaraShieldLoaderService"],"mappings":";;;;SAagB,qBAAqB,GAAA;AACnC,IAAA,OAAQ,UAAwE;AAClF;AAEM,SAAU,gBAAgB,CAAC,CAAqB,EAAA;AACpD,IAAA,OAAO,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,WAAW;AACvC;;MCTa,wBAAwB,CAAA;AAIY,IAAA,QAAA;AAHvC,IAAA,WAAW,GAAG,IAAI,GAAG,EAAwB;AAC7C,IAAA,YAAY,GAAG,IAAI,GAAG,EAAyB;AAEvD,IAAA,WAAA,CAA+C,QAAkB,EAAA;QAAlB,IAAA,CAAA,QAAQ,GAAR,QAAQ;IAAa;IAEpE,UAAU,CAAC,GAAW,EAAE,OAA2B,EAAA;AACjD,QAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,GAAG,CAAA,EAAA,CAAI,CAAC;AACvF,QAAA,IAAI,QAAQ;AAAE,YAAA,OAAO,OAAO,CAAC,OAAO,EAAE;QAEtC,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC;QACxC,IAAI,MAAM,KAAK,QAAQ;AAAE,YAAA,OAAO,OAAO,CAAC,OAAO,EAAE;AACjD,QAAA,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC;AAC1C,YAAA,IAAI,OAAO;AAAE,gBAAA,OAAO,OAAO;QAC7B;QAEA,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC;QAEpC,MAAM,OAAO,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,KAAI;YACpD,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC;AACpD,YAAA,MAAM,CAAC,GAAG,GAAG,GAAG;AAChB,YAAA,MAAM,CAAC,KAAK,GAAG,IAAI;AACnB,YAAA,IAAI,OAAO,EAAE,KAAK,EAAE;AAClB,gBAAA,MAAM,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK;YAC9B;AACA,YAAA,MAAM,CAAC,MAAM,GAAG,MAAK;gBACnB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC;AACnC,gBAAA,OAAO,EAAE;AACX,YAAA,CAAC;AACD,YAAA,MAAM,CAAC,OAAO,GAAG,MAAK;gBACpB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;gBAClC,MAAM,CAAC,IAAI,KAAK,CAAC,0BAA0B,GAAG,CAAA,8CAAA,CAAgD,CAAC,CAAC;AAClG,YAAA,CAAC;YACD,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;AACxC,QAAA,CAAC,CAAC;QAEF,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;AACnC,QAAA,OAAO,OAAO;IAChB;AAvCW,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,kBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,kBAIf,QAAQ,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;AAJjB,IAAA,OAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,cADX,MAAM,EAAA,CAAA;;2FACnB,wBAAwB,EAAA,UAAA,EAAA,CAAA;kBADpC,UAAU;mBAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;0BAKnB,MAAM;2BAAC,QAAQ;;;ACV9B,MAAMA,qBAAmB,GAAG,kEAAkE;AAC9F,MAAMC,oBAAkB,GAAG,sEAAsE;AACjG,MAAMC,uBAAqB,GAAG,yEAAyE;AACvG,MAAMC,0BAAwB,GAAG,IAAI;MAiBxB,oBAAoB,CAAA;AAaZ,IAAA,IAAA;AACA,IAAA,MAAA;AAbQ,IAAA,SAAS;IAC3B,UAAU,GAAG,IAAI;AACjB,IAAA,QAAQ;AAEjB;;AAEG;AACO,IAAA,KAAK,GAAG,IAAI,YAAY,EAAU;IAEpC,WAAW,GAAG,KAAK;IAE3B,WAAA,CACmB,IAA6B,EAC7B,MAAgC,EAAA;QADhC,IAAA,CAAA,IAAI,GAAJ,IAAI;QACJ,IAAA,CAAA,MAAM,GAAN,MAAM;IACtB;AAEH,IAAA,MAAM,eAAe,GAAA;QACnB,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;IACtG;IAEA,MAAM,IAAI,CAAC,OAA+B,EAAA;QACxC,IAAI,IAAI,CAAC,WAAW;YAAE;;AAGtB,QAAA,KAAK,IAAI,CAAC,IAAI,CAAC,aAAa;AAE5B,QAAA,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE;AACtB,YAAA,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC;QACjE;QACA,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC;AAEvD,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE;AACpE,YAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACH,qBAAmB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QACxE;AAEA,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACC,oBAAkB,EAAE;AAC/C,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AACF,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACC,uBAAqB,EAAE;AAClD,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,CAAC,mCAAmC,CAAC,CAAC,CAAC;AAC3C,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CACb,kIAAkI,CACnI;QACH;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;AAChC,QAAA,MAAM,IAAI,CAAC,sBAAsB,EAAE;AACnC,QAAA,IAAI,CAAC,WAAW,GAAG,IAAI;IACzB;AAEA;;AAEG;IACK,wBAAwB,GAAA;AAC9B,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,YAAA,OAAO,IAAI;QACb;AAEA,QAAA,MAAM,oBAAoB,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,aAAa,CAC9E,uBAAuB,CACxB;AACD,QAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;IACtC;AAEA;;;AAGG;AACK,IAAA,eAAe,CAAC,aAAsB,EAAA;AAC5C,QAAA,IAAI,aAAa;AAAE,YAAA,OAAO,aAAa;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa;QACjD,MAAM,eAAe,GAAG,GAAG,CAAC,aAAa,CAAoB,eAAe,CAAC;QAC7E,IAAI,eAAe,EAAE,KAAK;YAAE,OAAO,eAAe,CAAC,KAAK;QAExD,MAAM,SAAS,GAAG,GAAG,CAAC,aAAa,CAAkB,wBAAwB,CAAC;AAC9E,QAAA,OAAO,SAAS,EAAE,OAAO,IAAI,SAAS;IACxC;AAEQ,IAAA,mCAAmC,CAAC,CAA2C,EAAA;AACrF,QAAA,MAAM,wBAAwB,GAAG,CAAC,CAAC,kBAAkB;AACrD,QAAA,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE;YAClD;QACF;AAEA,QAAA,CAAC,CAAC,kBAAkB,GAAG,MAAK;AAC1B,YAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,aAAa,CAClE,CAAA,YAAA,EAAeA,uBAAqB,CAAA,EAAA,CAAI,CACzC;YACD,IAAI,QAAQ,EAAE;gBACZ;YACF;AAEA,YAAA,wBAAwB,EAAE;AAC5B,QAAA,CAAC;IACH;AAEQ,IAAA,MAAM,sBAAsB,CAAC,SAAS,GAAGC,0BAAwB,EAAA;AACvE,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;QAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;gBACxC;YACF;AACA,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC1D;AACA,QAAA,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC;IACvI;AAEA;;;AAGG;IACH,YAAY,GAAA;AACV,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,YAAA,MAAM,IAAI,KAAK,CAAC,wGAAwG,CAAC;QAC3H;AAEA,QAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;QAC3B,IAAI,EAAE,IAAI,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,EAAE;YAC/C,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC;QACpC;AACA,QAAA,OAAO,EAAE;IACX;AAEA;;;AAGG;IACH,MAAM,iBAAiB,CAAC,OAAyD,EAAA;AAC/E,QAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,QAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;AAE5B,QAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,YAAA,OAAO,IAAI;QACb;QAEA,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,YAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,gBAAA,OAAO,IAAI;YACb;QACF;AAEA,QAAA,OAAO,KAAK;IACd;uGAzJW,oBAAoB,EAAA,IAAA,EAAA,CAAA,EAAA,KAAA,EAAA,EAAA,CAAA,UAAA,EAAA,EAAA,EAAA,KAAA,EAAAC,wBAAA,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA;AAApB,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,oBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,IAAA,EAAA,oBAAoB,yLAHrB,CAAA,+BAAA,CAAiC,EAAA,QAAA,EAAA,IAAA,EAAA,aAAA,EAAA,EAAA,CAAA,iBAAA,CAAA,IAAA,EAAA,CAAA;;2FAGhC,oBAAoB,EAAA,UAAA,EAAA,CAAA;kBANhC,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,QAAQ,EAAE,cAAc;AACxB,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,CAAA,+BAAA,CAAiC;oBAC3C,aAAa,EAAE,iBAAiB,CAAC,IAAI;AACtC,iBAAA;;sBAEE,KAAK;uBAAC,EAAE,QAAQ,EAAE,IAAI,EAAE;;sBACxB;;sBACA;;sBAKA;;;AC9BH,MAAM,mBAAmB,GAAG,kEAAkE;AAC9F,MAAM,kBAAkB,GAAG,sEAAsE;AACjG,MAAM,qBAAqB,GAAG,yEAAyE;AACvG,MAAM,wBAAwB,GAAG,IAAI;AAerC,IAAI,OAAO,GAAyB,IAAI;AACxC,IAAI,WAAW,GAAG,KAAK;AAEvB,SAAS,UAAU,CAAC,GAAW,EAAE,OAA4B,EAAA;IAC3D,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,GAAG,CAAA,EAAA,CAAI,CAAC;AAClF,IAAA,IAAI,QAAQ;AAAE,QAAA,OAAO,OAAO,CAAC,OAAO,EAAE;IAEtC,OAAO,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,KAAI;QAC3C,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC;AAC/C,QAAA,MAAM,CAAC,GAAG,GAAG,GAAG;AAChB,QAAA,MAAM,CAAC,KAAK,GAAG,IAAI;AACnB,QAAA,IAAI,OAAO,EAAE,KAAK,EAAE;AAClB,YAAA,MAAM,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK;QAC9B;QACA,MAAM,CAAC,MAAM,GAAG,MAAM,OAAO,EAAE;AAC/B,QAAA,MAAM,CAAC,OAAO,GAAG,MACf,MAAM,CAAC,IAAI,KAAK,CAAC,CAAA,uBAAA,EAA0B,GAAG,CAAA,8CAAA,CAAgD,CAAC,CAAC;AAClG,QAAA,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;AACnC,IAAA,CAAC,CAAC;AACJ;AAEA,SAAS,wBAAwB,GAAA;AAC/B,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,QAAA,OAAO,IAAI;IACb;IAEA,MAAM,oBAAoB,GAAG,QAAQ,CAAC,aAAa,CAAoB,uBAAuB,CAAC;AAC/F,IAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;AACtC;AAEA,SAAS,eAAe,CAAC,aAAsB,EAAA;AAC7C,IAAA,IAAI,aAAa;AAAE,QAAA,OAAO,aAAa;IAEvC,MAAM,eAAe,GAAG,QAAQ,CAAC,aAAa,CAAoB,eAAe,CAAC;IAClF,IAAI,eAAe,EAAE,KAAK;QAAE,OAAO,eAAe,CAAC,KAAK;IAExD,MAAM,SAAS,GAAG,QAAQ,CAAC,aAAa,CAAkB,wBAAwB,CAAC;AACnF,IAAA,OAAO,SAAS,EAAE,OAAO,IAAI,SAAS;AACxC;AAEA,SAAS,mCAAmC,CAAC,CAA2C,EAAA;AACtF,IAAA,MAAM,wBAAwB,GAAG,CAAC,CAAC,kBAAkB;AACrD,IAAA,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE;QAClD;IACF;AAEA,IAAA,CAAC,CAAC,kBAAkB,GAAG,MAAK;QAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,qBAAqB,CAAA,EAAA,CAAI,CAAC;QACpG,IAAI,QAAQ,EAAE;YACZ;QACF;AAEA,QAAA,wBAAwB,EAAE;AAC5B,IAAA,CAAC;AACH;AAEA,eAAe,sBAAsB,CAAC,SAAS,GAAG,wBAAwB,EAAA;AACxE,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;IAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;YACxC;QACF;AACA,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAC1D;AACA,IAAA,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC;AACvI;AAEA;;;;;;;AAOG;AACI,eAAe,eAAe,CAAC,OAA+B,EAAA;AACnE,IAAA,IAAI,WAAW;QAAE;AACjB,IAAA,IAAI,OAAO;AAAE,QAAA,OAAO,OAAO;AAE3B,IAAA,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE;AACvB,QAAA,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC;IAC5D;AAEA,IAAA,OAAO,GAAG,CAAC,YAAW;QACpB,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC;AAElD,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,wBAAwB,EAAE,EAAE;YAC/D,MAAM,UAAU,CAAC,mBAAmB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QAC5D;QAEA,MAAM,UAAU,CAAC,kBAAkB,EAAE;AACnC,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;QACF,MAAM,UAAU,CAAC,qBAAqB,EAAE;AACtC,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;QACjC,mCAAmC,CAAC,CAAC,CAAC;AACtC,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CACb,kIAAkI,CACnI;QACH;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;QAChC,MAAM,sBAAsB,EAAE;QAC9B,WAAW,GAAG,IAAI;IACpB,CAAC,GAAG;AAEJ,IAAA,IAAI;AACF,QAAA,MAAM,OAAO;IACf;YAAU;;IAEV;AACF;AAEA;;;AAGG;SACa,uBAAuB,GAAA;AACrC,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,QAAA,MAAM,IAAI,KAAK,CAAC,mHAAmH,CAAC;IACtI;AAEA,IAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;AAC3B,IAAA,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,GAAG,CAAC,CAAC,eAAe,GAAG,SAAS;AACnF,IAAA,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE;AACjD;AAEA;;AAEG;AACI,eAAe,4BAA4B,CAAC,OAGlD,EAAA;AACC,IAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,IAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,IAAA,MAAM,UAAU,GAAG,uBAAuB,EAAE,CAAC;IAC7C,IAAI,CAAC,UAAU,CAAC,EAAE;AAAE,QAAA,OAAO,UAAU;IACrC,IAAI,UAAU,CAAC,KAAK;AAAE,QAAA,OAAO,UAAU;AAEvC,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;;IAE5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,QAAA,MAAM,KAAK,GAAG,qBAAqB,EAAE,CAAC,eAAe;QACrD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;AACjD,YAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;QAC5B;IACF;AAEA,IAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE;AACrB;;ACvKA,MAAM,IAAI,GAAG,QAAQ;AACrB,MAAM,IAAI,GAAG,OAAO;AACpB,MAAM,aAAa,GAAG,iBAAiB;AAEvC,MAAM,YAAY,GAAG,CAAC,mCAAmC,EAAE,gCAAgC,CAAU;AACrG,MAAM,qBAAqB,GAAG,CAAC,6BAA6B,CAAU;AACtE,MAAM,aAAa,GAAG,CAAC,gCAAgC,CAAU;AACjE,MAAM,SAAS,GAAG,CAAC,gCAAgC,CAAU;AAE7D,SAAS,MAAM,CAAC,MAAiC,EAAA;IAC/C,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,KAAsB,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAChG;AAEA,SAAS,WAAW,CAAC,KAAc,EAAA;IACjC,OAAO,KAAK,GAAG,CAAA,OAAA,EAAU,KAAK,CAAA,CAAA,CAAG,GAAG,SAAS;AAC/C;AAEA,SAAS,kBAAkB,CAAC,IAAY,EAAE,MAAgB,EAAA;IACxD,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,GAAG,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI;AACjE;AAEA,SAAS,WAAW,CAAC,MAAc,EAAA;AACjC,IAAA,MAAM,UAAU,GAAG,IAAI,GAAG,EAAoB;IAE9C,KAAK,MAAM,YAAY,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;AAC5C,QAAA,MAAM,SAAS,GAAG,YAAY,CAAC,IAAI,EAAE;QACrC,IAAI,CAAC,SAAS,EAAE;YACd;QACF;AAEA,QAAA,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC;QACpD,MAAM,CAAC,IAAI,EAAE,GAAG,MAAM,CAAC,GAAG,KAAK;QAC/B,IAAI,CAAC,IAAI,EAAE;YACT;QACF;AAEA,QAAA,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC;IAC9B;AAEA,IAAA,OAAO,UAAU;AACnB;AAEM,SAAU,2BAA2B,CAAC,OAA+B,EAAA;AACzE,IAAA,MAAM,iBAAiB,GAAG,OAAO,EAAE,iBAAiB,IAAI,KAAK;AAC7D,IAAA,MAAM,wBAAwB,GAAG,OAAO,EAAE,wBAAwB,IAAI,IAAI;IAC1E,MAAM,KAAK,GAAG,WAAW,CAAC,OAAO,EAAE,KAAK,CAAC;IACzC,MAAM,WAAW,GAAG,iBAAiB,GAAG,CAAC,GAAG,YAAY,EAAE,GAAG,qBAAqB,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;IAEvG,OAAO;QACL,YAAY,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,CAAC,CAAC;QACnD,iBAAiB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,CAAC,CAAC;QACxD,aAAa,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,aAAa,CAAC,CAAC;QAC/C,SAAS,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,SAAS,CAAC,CAAC;AAC7C,QAAA,WAAW,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,wBAAwB,GAAG,aAAa,GAAG,SAAS,CAAC,CAAC;KAClF;AACH;AAEM,SAAU,uBAAuB,CAAC,OAA+B,EAAA;IACrE,OAAO,MAAM,CAAC,OAAO,CAAC,2BAA2B,CAAC,OAAO,CAAC;AACvD,SAAA,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC;SACxD,IAAI,CAAC,IAAI,CAAC;AACf;AAEM,SAAU,yBAAyB,CAAC,cAAsB,EAAE,OAA+B,EAAA;AAC/F,IAAA,MAAM,UAAU,GAAG,WAAW,CAAC,cAAc,CAAC;AAC9C,IAAA,MAAM,WAAW,GAAG,2BAA2B,CAAC,OAAO,CAAC;AAExD,IAAA,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE;QACxD,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC;IAC5E;AAEA,IAAA,OAAO,CAAC,GAAG,UAAU,CAAC,OAAO,EAAE;AAC5B,SAAA,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC;SACxD,IAAI,CAAC,IAAI,CAAC;AACf;;ACrFA;;AAEG;;ACFH;;AAEG;;;;"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "siarashield_workspace",
3
- "version": "0.0.19",
3
+ "version": "0.0.21",
4
4
  "description": "Angular wrapper for CyberSiara SiaraShield captcha embed.",
5
5
  "keywords": [
6
6
  "cybersiara",
package/types/siarashield_workspace.d.ts CHANGED
@@ -17,9 +17,9 @@ declare class SiaraShieldLoaderService {
17
17
  interface SiaraShieldInitOptions {
18
18
  /** SiaraShield public key. Use "TEST-CYBERSIARA" for staging/development. */
19
19
  publicKey: string;
20
- /** Loads jQuery before SiaraShield script. Keep true if your page doesn't already include jQuery. */
20
+ /** Loads jQuery before SiaraShield script. Default is true for easier integration. Set to false only if your page already includes jQuery. */
21
21
  loadJQuery?: boolean;
22
- /** CSP nonce for strict policies (`script-src 'nonce-...'`). */
22
+ /** CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. */
23
23
  cspNonce?: string;
24
24
  }
25
25
  declare class SiaraShieldComponent implements AfterViewInit {
@@ -45,6 +45,7 @@ declare class SiaraShieldComponent implements AfterViewInit {
45
45
  * from the first script tag or from `<meta name="csp-nonce">`.
46
46
  */
47
47
  private resolveCspNonce;
48
+ private preventDuplicateValidationBootstrap;
48
49
  private waitForCheckCaptchaApi;
49
50
  /**
50
51
  * Calls the global `CheckCaptcha()` from SiaraShield script.
@@ -69,6 +70,7 @@ interface SiaraShieldGlobals {
69
70
  initCaptcha?: InitCaptchaFn;
70
71
  InitCaptcha?: InitCaptchaFn;
71
72
  CheckCaptcha?: CheckCaptchaFn;
73
+ AppendValidationJS?: () => void;
72
74
  CyberSiaraToken?: string;
73
75
  jQuery?: unknown;
74
76
  $?: unknown;
@@ -81,9 +83,12 @@ interface InitSiaraShieldOptions {
81
83
  publicKey: string;
82
84
  /**
83
85
  * Loads jQuery before SiaraShield script.
84
- * If your site/app already loads jQuery, set this to false (not required to load again).
86
+ * Default is true for easier integration.
87
+ * Set to false only if your site/app already loads jQuery.
85
88
  */
86
89
  loadJQuery?: boolean;
90
+ /** CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. */
91
+ cspNonce?: string;
87
92
  }
88
93
  /**
89
94
  * Drop-in initializer for SiaraShield.
@@ -113,5 +118,18 @@ declare function checkSiaraShieldCaptchaAsync(options?: {
113
118
  token?: string;
114
119
  }>;
115
120
 
116
- export { SiaraShieldComponent, SiaraShieldLoaderService, checkSiaraShieldCaptcha, checkSiaraShieldCaptchaAsync, getInitCaptchaFn, getSiaraShieldGlobals, initSiaraShield };
117
- export type { CheckCaptchaFn, InitCaptchaFn, InitSiaraShieldOptions, ScriptLoadOptions, SiaraShieldGlobals, SiaraShieldInitOptions };
121
+ interface SiaraShieldCspOptions {
122
+ /** Server-generated nonce value without the `'nonce-'` prefix. */
123
+ nonce?: string;
124
+ /** Optional if the customer still loads jQuery from Google's CDN. */
125
+ includeGoogleApis?: boolean;
126
+ /** Keep `style-src 'unsafe-inline'` for current vendor markup/styles. */
127
+ includeUnsafeInlineStyle?: boolean;
128
+ }
129
+ type SiaraShieldCspDirectives = Record<string, string[]>;
130
+ declare function getSiaraShieldCspDirectives(options?: SiaraShieldCspOptions): SiaraShieldCspDirectives;
131
+ declare function getSiaraShieldCspPolicy(options?: SiaraShieldCspOptions): string;
132
+ declare function mergeSiaraShieldCspPolicy(existingPolicy: string, options?: SiaraShieldCspOptions): string;
133
+
134
+ export { SiaraShieldComponent, SiaraShieldLoaderService, checkSiaraShieldCaptcha, checkSiaraShieldCaptchaAsync, getInitCaptchaFn, getSiaraShieldCspDirectives, getSiaraShieldCspPolicy, getSiaraShieldGlobals, initSiaraShield, mergeSiaraShieldCspPolicy };
135
+ export type { CheckCaptchaFn, InitCaptchaFn, InitSiaraShieldOptions, ScriptLoadOptions, SiaraShieldCspDirectives, SiaraShieldCspOptions, SiaraShieldGlobals, SiaraShieldInitOptions };