siarashield_workspace 0.0.21 → 0.0.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md
CHANGED
|
@@ -109,30 +109,28 @@ To make CSP setup easier for customers, the plugin now exports helpers:
|
|
|
109
109
|
```ts
|
|
110
110
|
import { getSiaraShieldCspPolicy, mergeSiaraShieldCspPolicy } from 'siarashield_workspace';
|
|
111
111
|
|
|
112
|
-
const policy = getSiaraShieldCspPolicy(
|
|
112
|
+
const policy = getSiaraShieldCspPolicy();
|
|
113
113
|
|
|
114
|
-
const mergedPolicy = mergeSiaraShieldCspPolicy("default-src 'self'"
|
|
115
|
-
nonce: 'server-generated-nonce',
|
|
116
|
-
});
|
|
114
|
+
const mergedPolicy = mergeSiaraShieldCspPolicy("default-src 'self'");
|
|
117
115
|
```
|
|
118
116
|
|
|
119
117
|
Recommended CSP baseline:
|
|
120
118
|
|
|
121
119
|
```http
|
|
122
|
-
|
|
123
|
-
script-src
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
style-src 'self' 'unsafe-inline';
|
|
120
|
+
default-src 'self';
|
|
121
|
+
script-src 'self' https://embed.mycybersiara.com https://embedcdn.mycybersiara.com 'unsafe-inline';
|
|
122
|
+
script-src-elem 'self' https://embedcdn.mycybersiara.com https://embed.mycybersiara.com;
|
|
123
|
+
connect-src 'self' https://embed.mycybersiara.com https://embedcdn.mycybersiara.com;
|
|
124
|
+
style-src 'self' 'unsafe-inline' https://embed.mycybersiara.com https://mycybersiara.com https://fonts.googleapis.com https://cdnjs.cloudflare.com;
|
|
125
|
+
font-src 'self' https://fonts.gstatic.com https://mycybersiara.com https://cdnjs.cloudflare.com data:;
|
|
126
|
+
img-src 'self' data: https://embed.mycybersiara.com https://embedcdn.mycybersiara.com https://mycybersiara.com;
|
|
127
127
|
```
|
|
128
128
|
|
|
129
129
|
If the customer still loads jQuery from another CDN like Google, they should also allow that CDN in `script-src`.
|
|
130
130
|
|
|
131
131
|
You can use `getSiaraShieldCspPolicy(...)` to generate the plugin baseline from the plugin side instead of hardcoding it in customer projects.
|
|
132
132
|
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
This package now preloads `SiaraShield_Validation.js` with the same nonce to reduce CSP issues from the vendor bootstrap chain.
|
|
133
|
+
This package now preloads `SiaraShield_Validation.js` to reduce CSP issues from the vendor bootstrap chain.
|
|
136
134
|
|
|
137
135
|
The plugin can help generate the CSP string, but the final CSP header/meta must still be applied by the customer project.
|
|
138
136
|
|
|
@@ -140,7 +138,7 @@ The plugin can help generate the CSP string, but the final CSP header/meta must
|
|
|
140
138
|
|
|
141
139
|
- Captcha not visible -> confirm `<div class="SiaraShield"></div>` is present
|
|
142
140
|
- `CheckCaptcha` not available -> ensure `initSiaraShield(...)` ran successfully
|
|
143
|
-
- CSP warning or script load failure -> allow the `script-src`, `connect-src`, and `img-src` hosts above
|
|
141
|
+
- CSP warning or script load failure -> allow the `script-src`, `connect-src`, and `img-src` hosts above
|
|
144
142
|
- Token empty -> check browser console and network calls after clicking submit
|
|
145
143
|
|
|
146
144
|
## Build and pack (library maintainers)
|
|
@@ -148,4 +146,4 @@ The plugin can help generate the CSP string, but the final CSP header/meta must
|
|
|
148
146
|
```bash
|
|
149
147
|
npm run build:lib
|
|
150
148
|
npm run pack:lib
|
|
151
|
-
```
|
|
149
|
+
```
|
|
@@ -361,8 +361,23 @@ const DATA = 'data:';
|
|
|
361
361
|
const UNSAFE_INLINE = "'unsafe-inline'";
|
|
362
362
|
const SCRIPT_HOSTS = ['https://embedcdn.mycybersiara.com', 'https://embed.mycybersiara.com'];
|
|
363
363
|
const OPTIONAL_SCRIPT_HOSTS = ['https://ajax.googleapis.com'];
|
|
364
|
-
const CONNECT_HOSTS = ['https://embed.mycybersiara.com'];
|
|
365
|
-
const
|
|
364
|
+
const CONNECT_HOSTS = ['https://embed.mycybersiara.com', 'https://embedcdn.mycybersiara.com'];
|
|
365
|
+
const STYLE_HOSTS = [
|
|
366
|
+
'https://embed.mycybersiara.com',
|
|
367
|
+
'https://mycybersiara.com',
|
|
368
|
+
'https://fonts.googleapis.com',
|
|
369
|
+
'https://cdnjs.cloudflare.com',
|
|
370
|
+
];
|
|
371
|
+
const FONT_HOSTS = [
|
|
372
|
+
'https://fonts.gstatic.com',
|
|
373
|
+
'https://mycybersiara.com',
|
|
374
|
+
'https://cdnjs.cloudflare.com',
|
|
375
|
+
];
|
|
376
|
+
const IMG_HOSTS = [
|
|
377
|
+
'https://embed.mycybersiara.com',
|
|
378
|
+
'https://embedcdn.mycybersiara.com',
|
|
379
|
+
'https://mycybersiara.com',
|
|
380
|
+
];
|
|
366
381
|
function unique(values) {
|
|
367
382
|
return [...new Set(values.filter((value) => Boolean(value && value.trim())))];
|
|
368
383
|
}
|
|
@@ -390,15 +405,18 @@ function parsePolicy(policy) {
|
|
|
390
405
|
}
|
|
391
406
|
function getSiaraShieldCspDirectives(options) {
|
|
392
407
|
const includeGoogleApis = options?.includeGoogleApis ?? false;
|
|
408
|
+
const includeUnsafeInlineScript = options?.includeUnsafeInlineScript ?? true;
|
|
393
409
|
const includeUnsafeInlineStyle = options?.includeUnsafeInlineStyle ?? true;
|
|
394
410
|
const nonce = nonceSource(options?.nonce);
|
|
395
411
|
const scriptHosts = includeGoogleApis ? [...SCRIPT_HOSTS, ...OPTIONAL_SCRIPT_HOSTS] : [...SCRIPT_HOSTS];
|
|
396
412
|
return {
|
|
397
|
-
'
|
|
413
|
+
'default-src': unique([SELF]),
|
|
414
|
+
'script-src': unique([SELF, nonce, ...scriptHosts, includeUnsafeInlineScript ? UNSAFE_INLINE : undefined]),
|
|
398
415
|
'script-src-elem': unique([SELF, nonce, ...scriptHosts]),
|
|
399
416
|
'connect-src': unique([SELF, ...CONNECT_HOSTS]),
|
|
400
417
|
'img-src': unique([SELF, DATA, ...IMG_HOSTS]),
|
|
401
|
-
'style-src': unique([SELF, includeUnsafeInlineStyle ? UNSAFE_INLINE : undefined]),
|
|
418
|
+
'style-src': unique([SELF, includeUnsafeInlineStyle ? UNSAFE_INLINE : undefined, ...STYLE_HOSTS]),
|
|
419
|
+
'font-src': unique([SELF, ...FONT_HOSTS, DATA]),
|
|
402
420
|
};
|
|
403
421
|
}
|
|
404
422
|
function getSiaraShieldCspPolicy(options) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"siarashield_workspace.mjs","sources":["../../../projects/siarashield-workspace/src/lib/siara-shield.globals.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-loader.service.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.component.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-csp.ts","../../../projects/siarashield-workspace/src/public-api.ts","../../../projects/siarashield-workspace/src/siarashield_workspace.ts"],"sourcesContent":["export type InitCaptchaFn = (publicKey: string) => void;\nexport type CheckCaptchaFn = () => boolean;\n\nexport interface SiaraShieldGlobals {\n initCaptcha?: InitCaptchaFn;\n InitCaptcha?: InitCaptchaFn;\n CheckCaptcha?: CheckCaptchaFn;\n AppendValidationJS?: () => void;\n CyberSiaraToken?: string;\n jQuery?: unknown;\n $?: unknown;\n}\n\nexport function getSiaraShieldGlobals(): SiaraShieldGlobals {\n return (globalThis as unknown as { [k: string]: unknown }) as SiaraShieldGlobals;\n}\n\nexport function getInitCaptchaFn(g: SiaraShieldGlobals): InitCaptchaFn | undefined {\n return g.initCaptcha ?? g.InitCaptcha;\n}\n","import { DOCUMENT } from '@angular/common';\nimport { Inject, Injectable } from '@angular/core';\n\ntype ScriptStatus = 'idle' | 'loading' | 'loaded' | 'error';\n\nexport interface ScriptLoadOptions {\n nonce?: string;\n}\n\n@Injectable({ providedIn: 'root' })\nexport class SiaraShieldLoaderService {\n private statusBySrc = new Map<string, ScriptStatus>();\n private pendingBySrc = new Map<string, Promise<void>>();\n\n constructor(@Inject(DOCUMENT) private readonly document: Document) {}\n\n loadScript(src: string, options?: ScriptLoadOptions): Promise<void> {\n const existing = this.document.querySelector<HTMLScriptElement>(`script[src=\"${src}\"]`);\n if (existing) return Promise.resolve();\n\n const status = this.statusBySrc.get(src);\n if (status === 'loaded') return Promise.resolve();\n if (status === 'loading') {\n const pending = this.pendingBySrc.get(src);\n if (pending) return pending;\n }\n\n this.statusBySrc.set(src, 'loading');\n\n const pending = new Promise<void>((resolve, reject) => {\n const script = this.document.createElement('script');\n script.src = src;\n script.async = true;\n if (options?.nonce) {\n script.nonce = options.nonce;\n }\n script.onload = () => {\n this.statusBySrc.set(src, 'loaded');\n resolve();\n };\n script.onerror = () => {\n this.statusBySrc.set(src, 'error');\n reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));\n };\n this.document.head.appendChild(script);\n });\n\n this.pendingBySrc.set(src, pending);\n return pending;\n }\n}\n","import { AfterViewInit, Component, ElementRef, EventEmitter, Input, Output, ViewEncapsulation } from '@angular/core';\r\nimport { SiaraShieldLoaderService } from './siara-shield-loader.service';\r\nimport { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\r\n\r\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_SCRIPT_SRC = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';\nconst VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\r\nexport interface SiaraShieldInitOptions {\r\n /** SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. */\r\n publicKey: string;\r\n /** Loads jQuery before SiaraShield script. Default is true for easier integration. Set to false only if your page already includes jQuery. */\n loadJQuery?: boolean;\n /** CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. */\n cspNonce?: string;\n}\r\n\r\n@Component({\r\n selector: 'siara-shield',\r\n standalone: true,\r\n template: `<div class=\"SiaraShield\"></div>`,\r\n encapsulation: ViewEncapsulation.None,\r\n})\r\nexport class SiaraShieldComponent implements AfterViewInit {\n @Input({ required: true }) publicKey!: string;\r\n @Input() loadJQuery = true;\n @Input() cspNonce?: string;\n\r\n /**\r\n * Emits the current `CyberSiaraToken` right after a successful `checkCaptcha()`.\r\n */\r\n @Output() token = new EventEmitter<string>();\r\n\r\n private initialized = false;\r\n\r\n constructor(\n private readonly host: ElementRef<HTMLElement>,\n private readonly loader: SiaraShieldLoaderService,\n ) {}\n\r\n async ngAfterViewInit(): Promise<void> {\r\n await this.init({ publicKey: this.publicKey, loadJQuery: this.loadJQuery, cspNonce: this.cspNonce });\r\n }\r\n\r\n async init(options: SiaraShieldInitOptions): Promise<void> {\r\n if (this.initialized) return;\r\n\r\n // Ensure the host element is in DOM before scripts run.\r\n void this.host.nativeElement;\r\n\r\n if (!options.publicKey) {\r\n throw new Error('SiaraShieldComponent: publicKey is required.');\r\n }\r\n const cspNonce = this.resolveCspNonce(options.cspNonce);\r\n\r\n if ((options.loadJQuery ?? true) && !this.isJQueryAlreadyAvailable()) {\n await this.loader.loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });\n }\n\n await this.loader.loadScript(CAPTCHA_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n await this.loader.loadScript(VALIDATION_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n\n const g = getSiaraShieldGlobals();\n this.preventDuplicateValidationBootstrap(g);\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error(\n 'SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.',\n );\n }\n\r\n initCaptchaFn(options.publicKey);\r\n await this.waitForCheckCaptchaApi();\r\n this.initialized = true;\r\n }\r\n\r\n /**\r\n * Detect preloaded jQuery from global object or an existing script tag.\r\n */\r\n private isJQueryAlreadyAvailable(): boolean {\r\n const g = getSiaraShieldGlobals();\r\n if (typeof g.jQuery === 'function' || typeof g.$ === 'function') {\r\n return true;\r\n }\r\n\r\n const existingJqueryScript = this.host.nativeElement.ownerDocument.querySelector<HTMLScriptElement>(\r\n 'script[src*=\"jquery\"]',\r\n );\r\n return Boolean(existingJqueryScript);\r\n }\r\n\r\n /**\r\n * Uses explicit nonce first. If not provided, tries to reuse nonce\r\n * from the first script tag or from `<meta name=\"csp-nonce\">`.\r\n */\r\n private resolveCspNonce(explicitNonce?: string): string | undefined {\n if (explicitNonce) return explicitNonce;\r\n const doc = this.host.nativeElement.ownerDocument;\r\n const scriptWithNonce = doc.querySelector<HTMLScriptElement>('script[nonce]');\r\n if (scriptWithNonce?.nonce) return scriptWithNonce.nonce;\r\n\r\n const nonceMeta = doc.querySelector<HTMLMetaElement>('meta[name=\"csp-nonce\"]');\r\n return nonceMeta?.content || undefined;\n }\n\n private preventDuplicateValidationBootstrap(g: ReturnType<typeof getSiaraShieldGlobals>): void {\n const originalAppendValidation = g.AppendValidationJS;\n if (typeof originalAppendValidation !== 'function') {\n return;\n }\n\n g.AppendValidationJS = () => {\n const existing = this.host.nativeElement.ownerDocument.querySelector<HTMLScriptElement>(\n `script[src=\"${VALIDATION_SCRIPT_SRC}\"]`,\n );\n if (existing) {\n return;\n }\n\n originalAppendValidation();\n };\n }\n\r\n private async waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\r\n const startedAt = Date.now();\r\n while (Date.now() - startedAt < timeoutMs) {\r\n if (getSiaraShieldGlobals().CheckCaptcha) {\r\n return;\r\n }\r\n await new Promise((resolve) => setTimeout(resolve, 100));\r\n }\r\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');\n }\n\r\n /**\r\n * Calls the global `CheckCaptcha()` from SiaraShield script.\r\n * Returns true when captcha is valid; emits token if available.\r\n */\r\n checkCaptcha(): boolean {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did init() run, and is CSP allowing the captcha scripts?');\n }\n\r\n const ok = g.CheckCaptcha();\r\n if (ok && typeof g.CyberSiaraToken === 'string') {\r\n this.token.emit(g.CyberSiaraToken);\r\n }\r\n return ok;\r\n }\r\n\r\n /**\r\n * Async-friendly captcha validation to avoid first-click timing issues.\r\n * Retries briefly until token/check API settles.\r\n */\r\n async checkCaptchaAsync(options?: { timeoutMs?: number; pollIntervalMs?: number }): Promise<boolean> {\r\n const timeoutMs = options?.timeoutMs ?? 2000;\r\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\r\n const startedAt = Date.now();\r\n\r\n if (this.checkCaptcha()) {\r\n return true;\r\n }\r\n\r\n while (Date.now() - startedAt < timeoutMs) {\r\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\r\n if (this.checkCaptcha()) {\r\n return true;\r\n }\r\n }\r\n\r\n return false;\r\n }\r\n}\r\n\r\n","import { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\r\n\r\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_SCRIPT_SRC = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';\nconst VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\r\nexport interface InitSiaraShieldOptions {\n /** SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. */\n publicKey: string;\n /**\n * Loads jQuery before SiaraShield script.\n * Default is true for easier integration.\n * Set to false only if your site/app already loads jQuery.\n */\n loadJQuery?: boolean;\n /** CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. */\n cspNonce?: string;\n}\n\r\nlet pending: Promise<void> | null = null;\r\nlet initialized = false;\r\n\r\nfunction loadScript(src: string, options?: { nonce?: string }): Promise<void> {\n const existing = document.querySelector<HTMLScriptElement>(`script[src=\"${src}\"]`);\n if (existing) return Promise.resolve();\n\n return new Promise<void>((resolve, reject) => {\n const script = document.createElement('script');\n script.src = src;\n script.async = true;\n if (options?.nonce) {\n script.nonce = options.nonce;\n }\n script.onload = () => resolve();\n script.onerror = () =>\n reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));\n document.head.appendChild(script);\n });\n}\n\r\nfunction isJQueryAlreadyAvailable(): boolean {\n const g = getSiaraShieldGlobals();\n if (typeof g.jQuery === 'function' || typeof g.$ === 'function') {\n return true;\n }\n\r\n const existingJqueryScript = document.querySelector<HTMLScriptElement>('script[src*=\"jquery\"]');\n return Boolean(existingJqueryScript);\n}\n\nfunction resolveCspNonce(explicitNonce?: string): string | undefined {\n if (explicitNonce) return explicitNonce;\n\n const scriptWithNonce = document.querySelector<HTMLScriptElement>('script[nonce]');\n if (scriptWithNonce?.nonce) return scriptWithNonce.nonce;\n\n const nonceMeta = document.querySelector<HTMLMetaElement>('meta[name=\"csp-nonce\"]');\n return nonceMeta?.content || undefined;\n}\n\nfunction preventDuplicateValidationBootstrap(g: ReturnType<typeof getSiaraShieldGlobals>): void {\n const originalAppendValidation = g.AppendValidationJS;\n if (typeof originalAppendValidation !== 'function') {\n return;\n }\n\n g.AppendValidationJS = () => {\n const existing = document.querySelector<HTMLScriptElement>(`script[src=\"${VALIDATION_SCRIPT_SRC}\"]`);\n if (existing) {\n return;\n }\n\n originalAppendValidation();\n };\n}\n\r\nasync function waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\n const startedAt = Date.now();\n while (Date.now() - startedAt < timeoutMs) {\n if (getSiaraShieldGlobals().CheckCaptcha) {\n return;\n }\r\n await new Promise((resolve) => setTimeout(resolve, 100));\r\n }\r\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');\n}\n\r\n/**\r\n * Drop-in initializer for SiaraShield.\r\n * - Loads required scripts (optionally jQuery)\r\n * - Calls global `initCaptcha(publicKey)`\r\n *\r\n * Requirements in your HTML/template:\r\n * - You must render: `<div class=\"SiaraShield\"></div>`\r\n */\r\nexport async function initSiaraShield(options: InitSiaraShieldOptions): Promise<void> {\r\n if (initialized) return;\r\n if (pending) return pending;\r\n\r\n if (!options?.publicKey) {\r\n throw new Error('initSiaraShield: publicKey is required.');\r\n }\r\n\r\n pending = (async () => {\n const cspNonce = resolveCspNonce(options.cspNonce);\n\n if ((options.loadJQuery ?? true) && !isJQueryAlreadyAvailable()) {\n await loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });\n }\n\n await loadScript(CAPTCHA_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n await loadScript(VALIDATION_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n\n const g = getSiaraShieldGlobals();\n preventDuplicateValidationBootstrap(g);\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error(\n 'SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.',\n );\n }\n\r\n initCaptchaFn(options.publicKey);\r\n await waitForCheckCaptchaApi();\r\n initialized = true;\r\n })();\r\n\r\n try {\r\n await pending;\r\n } finally {\r\n // keep `pending` cached for subsequent callers\r\n }\r\n}\r\n\r\n/**\r\n * Calls global `CheckCaptcha()` and returns its boolean result.\r\n * If successful, returns `{ ok: true, token?: string }`.\r\n */\r\nexport function checkSiaraShieldCaptcha(): { ok: boolean; token?: string } {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did initSiaraShield() run, and is CSP allowing the captcha scripts?');\n }\n\r\n const ok = g.CheckCaptcha();\r\n const token = typeof g.CyberSiaraToken === 'string' ? g.CyberSiaraToken : undefined;\r\n return ok ? { ok: true, token } : { ok: false };\r\n}\r\n\r\n/**\r\n * Async-friendly captcha check to handle delayed token population.\r\n */\r\nexport async function checkSiaraShieldCaptchaAsync(options?: {\r\n timeoutMs?: number;\r\n pollIntervalMs?: number;\r\n}): Promise<{ ok: boolean; token?: string }> {\r\n const timeoutMs = options?.timeoutMs ?? 1200;\r\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\r\n const firstCheck = checkSiaraShieldCaptcha(); // one API call only\r\n if (!firstCheck.ok) return firstCheck;\r\n if (firstCheck.token) return firstCheck;\r\n\r\n const startedAt = Date.now();\r\n // Token can be assigned slightly after successful verification.\r\n while (Date.now() - startedAt < timeoutMs) {\r\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\r\n const token = getSiaraShieldGlobals().CyberSiaraToken;\r\n if (typeof token === 'string' && token.length > 0) {\r\n return { ok: true, token };\r\n }\r\n }\r\n\r\n return { ok: true };\r\n}\r\n\r\n","export interface SiaraShieldCspOptions {\n /** Server-generated nonce value without the `'nonce-'` prefix. */\n nonce?: string;\n /** Optional if the customer still loads jQuery from Google's CDN. */\n includeGoogleApis?: boolean;\n /** Keep `style-src 'unsafe-inline'` for current vendor markup/styles. */\n includeUnsafeInlineStyle?: boolean;\n}\n\nexport type SiaraShieldCspDirectives = Record<string, string[]>;\n\nconst SELF = \"'self'\";\nconst DATA = 'data:';\nconst UNSAFE_INLINE = \"'unsafe-inline'\";\n\nconst SCRIPT_HOSTS = ['https://embedcdn.mycybersiara.com', 'https://embed.mycybersiara.com'] as const;\nconst OPTIONAL_SCRIPT_HOSTS = ['https://ajax.googleapis.com'] as const;\nconst CONNECT_HOSTS = ['https://embed.mycybersiara.com'] as const;\nconst IMG_HOSTS = ['https://embed.mycybersiara.com'] as const;\n\nfunction unique(values: Array<string | undefined>): string[] {\n return [...new Set(values.filter((value): value is string => Boolean(value && value.trim())))];\n}\n\nfunction nonceSource(nonce?: string): string | undefined {\n return nonce ? `'nonce-${nonce}'` : undefined;\n}\n\nfunction serializeDirective(name: string, values: string[]): string {\n return values.length > 0 ? `${name} ${values.join(' ')}` : name;\n}\n\nfunction parsePolicy(policy: string): Map<string, string[]> {\n const directives = new Map<string, string[]>();\n\n for (const rawDirective of policy.split(';')) {\n const directive = rawDirective.trim();\n if (!directive) {\n continue;\n }\n\n const parts = directive.split(/\\s+/).filter(Boolean);\n const [name, ...values] = parts;\n if (!name) {\n continue;\n }\n\n directives.set(name, values);\n }\n\n return directives;\n}\n\nexport function getSiaraShieldCspDirectives(options?: SiaraShieldCspOptions): SiaraShieldCspDirectives {\n const includeGoogleApis = options?.includeGoogleApis ?? false;\n const includeUnsafeInlineStyle = options?.includeUnsafeInlineStyle ?? true;\n const nonce = nonceSource(options?.nonce);\n const scriptHosts = includeGoogleApis ? [...SCRIPT_HOSTS, ...OPTIONAL_SCRIPT_HOSTS] : [...SCRIPT_HOSTS];\n\n return {\n 'script-src': unique([SELF, nonce, ...scriptHosts]),\n 'script-src-elem': unique([SELF, nonce, ...scriptHosts]),\n 'connect-src': unique([SELF, ...CONNECT_HOSTS]),\n 'img-src': unique([SELF, DATA, ...IMG_HOSTS]),\n 'style-src': unique([SELF, includeUnsafeInlineStyle ? UNSAFE_INLINE : undefined]),\n };\n}\n\nexport function getSiaraShieldCspPolicy(options?: SiaraShieldCspOptions): string {\n return Object.entries(getSiaraShieldCspDirectives(options))\n .map(([name, values]) => serializeDirective(name, values))\n .join('; ');\n}\n\nexport function mergeSiaraShieldCspPolicy(existingPolicy: string, options?: SiaraShieldCspOptions): string {\n const directives = parsePolicy(existingPolicy);\n const recommended = getSiaraShieldCspDirectives(options);\n\n for (const [name, values] of Object.entries(recommended)) {\n directives.set(name, unique([...(directives.get(name) ?? []), ...values]));\n }\n\n return [...directives.entries()]\n .map(([name, values]) => serializeDirective(name, values))\n .join('; ');\n}\n","/*\n * Public API Surface of siarashield-workspace\n */\n\nexport * from './lib/siarashield-workspace';\nexport * from './lib/siara-shield.component';\nexport * from './lib/siara-shield-loader.service';\nexport * from './lib/siara-shield.globals';\nexport * from './lib/siara-shield';\nexport * from './lib/siara-shield-csp';\n","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './public-api';\n"],"names":["JQUERY_FALLBACK_SRC","CAPTCHA_SCRIPT_SRC","VALIDATION_SCRIPT_SRC","CAPTCHA_READY_TIMEOUT_MS","i1.SiaraShieldLoaderService"],"mappings":";;;;SAagB,qBAAqB,GAAA;AACnC,IAAA,OAAQ,UAAwE;AAClF;AAEM,SAAU,gBAAgB,CAAC,CAAqB,EAAA;AACpD,IAAA,OAAO,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,WAAW;AACvC;;MCTa,wBAAwB,CAAA;AAIY,IAAA,QAAA;AAHvC,IAAA,WAAW,GAAG,IAAI,GAAG,EAAwB;AAC7C,IAAA,YAAY,GAAG,IAAI,GAAG,EAAyB;AAEvD,IAAA,WAAA,CAA+C,QAAkB,EAAA;QAAlB,IAAA,CAAA,QAAQ,GAAR,QAAQ;IAAa;IAEpE,UAAU,CAAC,GAAW,EAAE,OAA2B,EAAA;AACjD,QAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,GAAG,CAAA,EAAA,CAAI,CAAC;AACvF,QAAA,IAAI,QAAQ;AAAE,YAAA,OAAO,OAAO,CAAC,OAAO,EAAE;QAEtC,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC;QACxC,IAAI,MAAM,KAAK,QAAQ;AAAE,YAAA,OAAO,OAAO,CAAC,OAAO,EAAE;AACjD,QAAA,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC;AAC1C,YAAA,IAAI,OAAO;AAAE,gBAAA,OAAO,OAAO;QAC7B;QAEA,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC;QAEpC,MAAM,OAAO,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,KAAI;YACpD,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC;AACpD,YAAA,MAAM,CAAC,GAAG,GAAG,GAAG;AAChB,YAAA,MAAM,CAAC,KAAK,GAAG,IAAI;AACnB,YAAA,IAAI,OAAO,EAAE,KAAK,EAAE;AAClB,gBAAA,MAAM,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK;YAC9B;AACA,YAAA,MAAM,CAAC,MAAM,GAAG,MAAK;gBACnB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC;AACnC,gBAAA,OAAO,EAAE;AACX,YAAA,CAAC;AACD,YAAA,MAAM,CAAC,OAAO,GAAG,MAAK;gBACpB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;gBAClC,MAAM,CAAC,IAAI,KAAK,CAAC,0BAA0B,GAAG,CAAA,8CAAA,CAAgD,CAAC,CAAC;AAClG,YAAA,CAAC;YACD,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;AACxC,QAAA,CAAC,CAAC;QAEF,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;AACnC,QAAA,OAAO,OAAO;IAChB;AAvCW,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,kBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,kBAIf,QAAQ,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;AAJjB,IAAA,OAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,cADX,MAAM,EAAA,CAAA;;2FACnB,wBAAwB,EAAA,UAAA,EAAA,CAAA;kBADpC,UAAU;mBAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;0BAKnB,MAAM;2BAAC,QAAQ;;;ACV9B,MAAMA,qBAAmB,GAAG,kEAAkE;AAC9F,MAAMC,oBAAkB,GAAG,sEAAsE;AACjG,MAAMC,uBAAqB,GAAG,yEAAyE;AACvG,MAAMC,0BAAwB,GAAG,IAAI;MAiBxB,oBAAoB,CAAA;AAaZ,IAAA,IAAA;AACA,IAAA,MAAA;AAbQ,IAAA,SAAS;IAC3B,UAAU,GAAG,IAAI;AACjB,IAAA,QAAQ;AAEjB;;AAEG;AACO,IAAA,KAAK,GAAG,IAAI,YAAY,EAAU;IAEpC,WAAW,GAAG,KAAK;IAE3B,WAAA,CACmB,IAA6B,EAC7B,MAAgC,EAAA;QADhC,IAAA,CAAA,IAAI,GAAJ,IAAI;QACJ,IAAA,CAAA,MAAM,GAAN,MAAM;IACtB;AAEH,IAAA,MAAM,eAAe,GAAA;QACnB,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;IACtG;IAEA,MAAM,IAAI,CAAC,OAA+B,EAAA;QACxC,IAAI,IAAI,CAAC,WAAW;YAAE;;AAGtB,QAAA,KAAK,IAAI,CAAC,IAAI,CAAC,aAAa;AAE5B,QAAA,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE;AACtB,YAAA,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC;QACjE;QACA,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC;AAEvD,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE;AACpE,YAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACH,qBAAmB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QACxE;AAEA,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACC,oBAAkB,EAAE;AAC/C,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AACF,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACC,uBAAqB,EAAE;AAClD,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,CAAC,mCAAmC,CAAC,CAAC,CAAC;AAC3C,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CACb,kIAAkI,CACnI;QACH;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;AAChC,QAAA,MAAM,IAAI,CAAC,sBAAsB,EAAE;AACnC,QAAA,IAAI,CAAC,WAAW,GAAG,IAAI;IACzB;AAEA;;AAEG;IACK,wBAAwB,GAAA;AAC9B,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,YAAA,OAAO,IAAI;QACb;AAEA,QAAA,MAAM,oBAAoB,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,aAAa,CAC9E,uBAAuB,CACxB;AACD,QAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;IACtC;AAEA;;;AAGG;AACK,IAAA,eAAe,CAAC,aAAsB,EAAA;AAC5C,QAAA,IAAI,aAAa;AAAE,YAAA,OAAO,aAAa;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa;QACjD,MAAM,eAAe,GAAG,GAAG,CAAC,aAAa,CAAoB,eAAe,CAAC;QAC7E,IAAI,eAAe,EAAE,KAAK;YAAE,OAAO,eAAe,CAAC,KAAK;QAExD,MAAM,SAAS,GAAG,GAAG,CAAC,aAAa,CAAkB,wBAAwB,CAAC;AAC9E,QAAA,OAAO,SAAS,EAAE,OAAO,IAAI,SAAS;IACxC;AAEQ,IAAA,mCAAmC,CAAC,CAA2C,EAAA;AACrF,QAAA,MAAM,wBAAwB,GAAG,CAAC,CAAC,kBAAkB;AACrD,QAAA,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE;YAClD;QACF;AAEA,QAAA,CAAC,CAAC,kBAAkB,GAAG,MAAK;AAC1B,YAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,aAAa,CAClE,CAAA,YAAA,EAAeA,uBAAqB,CAAA,EAAA,CAAI,CACzC;YACD,IAAI,QAAQ,EAAE;gBACZ;YACF;AAEA,YAAA,wBAAwB,EAAE;AAC5B,QAAA,CAAC;IACH;AAEQ,IAAA,MAAM,sBAAsB,CAAC,SAAS,GAAGC,0BAAwB,EAAA;AACvE,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;QAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;gBACxC;YACF;AACA,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC1D;AACA,QAAA,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC;IACvI;AAEA;;;AAGG;IACH,YAAY,GAAA;AACV,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,YAAA,MAAM,IAAI,KAAK,CAAC,wGAAwG,CAAC;QAC3H;AAEA,QAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;QAC3B,IAAI,EAAE,IAAI,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,EAAE;YAC/C,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC;QACpC;AACA,QAAA,OAAO,EAAE;IACX;AAEA;;;AAGG;IACH,MAAM,iBAAiB,CAAC,OAAyD,EAAA;AAC/E,QAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,QAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;AAE5B,QAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,YAAA,OAAO,IAAI;QACb;QAEA,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,YAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,gBAAA,OAAO,IAAI;YACb;QACF;AAEA,QAAA,OAAO,KAAK;IACd;uGAzJW,oBAAoB,EAAA,IAAA,EAAA,CAAA,EAAA,KAAA,EAAA,EAAA,CAAA,UAAA,EAAA,EAAA,EAAA,KAAA,EAAAC,wBAAA,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA;AAApB,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,oBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,IAAA,EAAA,oBAAoB,yLAHrB,CAAA,+BAAA,CAAiC,EAAA,QAAA,EAAA,IAAA,EAAA,aAAA,EAAA,EAAA,CAAA,iBAAA,CAAA,IAAA,EAAA,CAAA;;2FAGhC,oBAAoB,EAAA,UAAA,EAAA,CAAA;kBANhC,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,QAAQ,EAAE,cAAc;AACxB,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,CAAA,+BAAA,CAAiC;oBAC3C,aAAa,EAAE,iBAAiB,CAAC,IAAI;AACtC,iBAAA;;sBAEE,KAAK;uBAAC,EAAE,QAAQ,EAAE,IAAI,EAAE;;sBACxB;;sBACA;;sBAKA;;;AC9BH,MAAM,mBAAmB,GAAG,kEAAkE;AAC9F,MAAM,kBAAkB,GAAG,sEAAsE;AACjG,MAAM,qBAAqB,GAAG,yEAAyE;AACvG,MAAM,wBAAwB,GAAG,IAAI;AAerC,IAAI,OAAO,GAAyB,IAAI;AACxC,IAAI,WAAW,GAAG,KAAK;AAEvB,SAAS,UAAU,CAAC,GAAW,EAAE,OAA4B,EAAA;IAC3D,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,GAAG,CAAA,EAAA,CAAI,CAAC;AAClF,IAAA,IAAI,QAAQ;AAAE,QAAA,OAAO,OAAO,CAAC,OAAO,EAAE;IAEtC,OAAO,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,KAAI;QAC3C,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC;AAC/C,QAAA,MAAM,CAAC,GAAG,GAAG,GAAG;AAChB,QAAA,MAAM,CAAC,KAAK,GAAG,IAAI;AACnB,QAAA,IAAI,OAAO,EAAE,KAAK,EAAE;AAClB,YAAA,MAAM,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK;QAC9B;QACA,MAAM,CAAC,MAAM,GAAG,MAAM,OAAO,EAAE;AAC/B,QAAA,MAAM,CAAC,OAAO,GAAG,MACf,MAAM,CAAC,IAAI,KAAK,CAAC,CAAA,uBAAA,EAA0B,GAAG,CAAA,8CAAA,CAAgD,CAAC,CAAC;AAClG,QAAA,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;AACnC,IAAA,CAAC,CAAC;AACJ;AAEA,SAAS,wBAAwB,GAAA;AAC/B,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,QAAA,OAAO,IAAI;IACb;IAEA,MAAM,oBAAoB,GAAG,QAAQ,CAAC,aAAa,CAAoB,uBAAuB,CAAC;AAC/F,IAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;AACtC;AAEA,SAAS,eAAe,CAAC,aAAsB,EAAA;AAC7C,IAAA,IAAI,aAAa;AAAE,QAAA,OAAO,aAAa;IAEvC,MAAM,eAAe,GAAG,QAAQ,CAAC,aAAa,CAAoB,eAAe,CAAC;IAClF,IAAI,eAAe,EAAE,KAAK;QAAE,OAAO,eAAe,CAAC,KAAK;IAExD,MAAM,SAAS,GAAG,QAAQ,CAAC,aAAa,CAAkB,wBAAwB,CAAC;AACnF,IAAA,OAAO,SAAS,EAAE,OAAO,IAAI,SAAS;AACxC;AAEA,SAAS,mCAAmC,CAAC,CAA2C,EAAA;AACtF,IAAA,MAAM,wBAAwB,GAAG,CAAC,CAAC,kBAAkB;AACrD,IAAA,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE;QAClD;IACF;AAEA,IAAA,CAAC,CAAC,kBAAkB,GAAG,MAAK;QAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,qBAAqB,CAAA,EAAA,CAAI,CAAC;QACpG,IAAI,QAAQ,EAAE;YACZ;QACF;AAEA,QAAA,wBAAwB,EAAE;AAC5B,IAAA,CAAC;AACH;AAEA,eAAe,sBAAsB,CAAC,SAAS,GAAG,wBAAwB,EAAA;AACxE,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;IAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;YACxC;QACF;AACA,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAC1D;AACA,IAAA,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC;AACvI;AAEA;;;;;;;AAOG;AACI,eAAe,eAAe,CAAC,OAA+B,EAAA;AACnE,IAAA,IAAI,WAAW;QAAE;AACjB,IAAA,IAAI,OAAO;AAAE,QAAA,OAAO,OAAO;AAE3B,IAAA,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE;AACvB,QAAA,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC;IAC5D;AAEA,IAAA,OAAO,GAAG,CAAC,YAAW;QACpB,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC;AAElD,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,wBAAwB,EAAE,EAAE;YAC/D,MAAM,UAAU,CAAC,mBAAmB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QAC5D;QAEA,MAAM,UAAU,CAAC,kBAAkB,EAAE;AACnC,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;QACF,MAAM,UAAU,CAAC,qBAAqB,EAAE;AACtC,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;QACjC,mCAAmC,CAAC,CAAC,CAAC;AACtC,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CACb,kIAAkI,CACnI;QACH;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;QAChC,MAAM,sBAAsB,EAAE;QAC9B,WAAW,GAAG,IAAI;IACpB,CAAC,GAAG;AAEJ,IAAA,IAAI;AACF,QAAA,MAAM,OAAO;IACf;YAAU;;IAEV;AACF;AAEA;;;AAGG;SACa,uBAAuB,GAAA;AACrC,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,QAAA,MAAM,IAAI,KAAK,CAAC,mHAAmH,CAAC;IACtI;AAEA,IAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;AAC3B,IAAA,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,GAAG,CAAC,CAAC,eAAe,GAAG,SAAS;AACnF,IAAA,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE;AACjD;AAEA;;AAEG;AACI,eAAe,4BAA4B,CAAC,OAGlD,EAAA;AACC,IAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,IAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,IAAA,MAAM,UAAU,GAAG,uBAAuB,EAAE,CAAC;IAC7C,IAAI,CAAC,UAAU,CAAC,EAAE;AAAE,QAAA,OAAO,UAAU;IACrC,IAAI,UAAU,CAAC,KAAK;AAAE,QAAA,OAAO,UAAU;AAEvC,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;;IAE5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,QAAA,MAAM,KAAK,GAAG,qBAAqB,EAAE,CAAC,eAAe;QACrD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;AACjD,YAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;QAC5B;IACF;AAEA,IAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE;AACrB;;ACvKA,MAAM,IAAI,GAAG,QAAQ;AACrB,MAAM,IAAI,GAAG,OAAO;AACpB,MAAM,aAAa,GAAG,iBAAiB;AAEvC,MAAM,YAAY,GAAG,CAAC,mCAAmC,EAAE,gCAAgC,CAAU;AACrG,MAAM,qBAAqB,GAAG,CAAC,6BAA6B,CAAU;AACtE,MAAM,aAAa,GAAG,CAAC,gCAAgC,CAAU;AACjE,MAAM,SAAS,GAAG,CAAC,gCAAgC,CAAU;AAE7D,SAAS,MAAM,CAAC,MAAiC,EAAA;IAC/C,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,KAAsB,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAChG;AAEA,SAAS,WAAW,CAAC,KAAc,EAAA;IACjC,OAAO,KAAK,GAAG,CAAA,OAAA,EAAU,KAAK,CAAA,CAAA,CAAG,GAAG,SAAS;AAC/C;AAEA,SAAS,kBAAkB,CAAC,IAAY,EAAE,MAAgB,EAAA;IACxD,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,GAAG,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI;AACjE;AAEA,SAAS,WAAW,CAAC,MAAc,EAAA;AACjC,IAAA,MAAM,UAAU,GAAG,IAAI,GAAG,EAAoB;IAE9C,KAAK,MAAM,YAAY,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;AAC5C,QAAA,MAAM,SAAS,GAAG,YAAY,CAAC,IAAI,EAAE;QACrC,IAAI,CAAC,SAAS,EAAE;YACd;QACF;AAEA,QAAA,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC;QACpD,MAAM,CAAC,IAAI,EAAE,GAAG,MAAM,CAAC,GAAG,KAAK;QAC/B,IAAI,CAAC,IAAI,EAAE;YACT;QACF;AAEA,QAAA,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC;IAC9B;AAEA,IAAA,OAAO,UAAU;AACnB;AAEM,SAAU,2BAA2B,CAAC,OAA+B,EAAA;AACzE,IAAA,MAAM,iBAAiB,GAAG,OAAO,EAAE,iBAAiB,IAAI,KAAK;AAC7D,IAAA,MAAM,wBAAwB,GAAG,OAAO,EAAE,wBAAwB,IAAI,IAAI;IAC1E,MAAM,KAAK,GAAG,WAAW,CAAC,OAAO,EAAE,KAAK,CAAC;IACzC,MAAM,WAAW,GAAG,iBAAiB,GAAG,CAAC,GAAG,YAAY,EAAE,GAAG,qBAAqB,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;IAEvG,OAAO;QACL,YAAY,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,CAAC,CAAC;QACnD,iBAAiB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,CAAC,CAAC;QACxD,aAAa,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,aAAa,CAAC,CAAC;QAC/C,SAAS,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,SAAS,CAAC,CAAC;AAC7C,QAAA,WAAW,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,wBAAwB,GAAG,aAAa,GAAG,SAAS,CAAC,CAAC;KAClF;AACH;AAEM,SAAU,uBAAuB,CAAC,OAA+B,EAAA;IACrE,OAAO,MAAM,CAAC,OAAO,CAAC,2BAA2B,CAAC,OAAO,CAAC;AACvD,SAAA,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC;SACxD,IAAI,CAAC,IAAI,CAAC;AACf;AAEM,SAAU,yBAAyB,CAAC,cAAsB,EAAE,OAA+B,EAAA;AAC/F,IAAA,MAAM,UAAU,GAAG,WAAW,CAAC,cAAc,CAAC;AAC9C,IAAA,MAAM,WAAW,GAAG,2BAA2B,CAAC,OAAO,CAAC;AAExD,IAAA,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE;QACxD,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC;IAC5E;AAEA,IAAA,OAAO,CAAC,GAAG,UAAU,CAAC,OAAO,EAAE;AAC5B,SAAA,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC;SACxD,IAAI,CAAC,IAAI,CAAC;AACf;;ACrFA;;AAEG;;ACFH;;AAEG;;;;"}
|
|
1
|
+
{"version":3,"file":"siarashield_workspace.mjs","sources":["../../../projects/siarashield-workspace/src/lib/siara-shield.globals.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-loader.service.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.component.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-csp.ts","../../../projects/siarashield-workspace/src/public-api.ts","../../../projects/siarashield-workspace/src/siarashield_workspace.ts"],"sourcesContent":["export type InitCaptchaFn = (publicKey: string) => void;\nexport type CheckCaptchaFn = () => boolean;\n\nexport interface SiaraShieldGlobals {\n initCaptcha?: InitCaptchaFn;\n InitCaptcha?: InitCaptchaFn;\n CheckCaptcha?: CheckCaptchaFn;\n AppendValidationJS?: () => void;\n CyberSiaraToken?: string;\n jQuery?: unknown;\n $?: unknown;\n}\n\nexport function getSiaraShieldGlobals(): SiaraShieldGlobals {\n return (globalThis as unknown as { [k: string]: unknown }) as SiaraShieldGlobals;\n}\n\nexport function getInitCaptchaFn(g: SiaraShieldGlobals): InitCaptchaFn | undefined {\n return g.initCaptcha ?? g.InitCaptcha;\n}\n","import { DOCUMENT } from '@angular/common';\nimport { Inject, Injectable } from '@angular/core';\n\ntype ScriptStatus = 'idle' | 'loading' | 'loaded' | 'error';\n\nexport interface ScriptLoadOptions {\n nonce?: string;\n}\n\n@Injectable({ providedIn: 'root' })\nexport class SiaraShieldLoaderService {\n private statusBySrc = new Map<string, ScriptStatus>();\n private pendingBySrc = new Map<string, Promise<void>>();\n\n constructor(@Inject(DOCUMENT) private readonly document: Document) {}\n\n loadScript(src: string, options?: ScriptLoadOptions): Promise<void> {\n const existing = this.document.querySelector<HTMLScriptElement>(`script[src=\"${src}\"]`);\n if (existing) return Promise.resolve();\n\n const status = this.statusBySrc.get(src);\n if (status === 'loaded') return Promise.resolve();\n if (status === 'loading') {\n const pending = this.pendingBySrc.get(src);\n if (pending) return pending;\n }\n\n this.statusBySrc.set(src, 'loading');\n\n const pending = new Promise<void>((resolve, reject) => {\n const script = this.document.createElement('script');\n script.src = src;\n script.async = true;\n if (options?.nonce) {\n script.nonce = options.nonce;\n }\n script.onload = () => {\n this.statusBySrc.set(src, 'loaded');\n resolve();\n };\n script.onerror = () => {\n this.statusBySrc.set(src, 'error');\n reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));\n };\n this.document.head.appendChild(script);\n });\n\n this.pendingBySrc.set(src, pending);\n return pending;\n }\n}\n","import { AfterViewInit, Component, ElementRef, EventEmitter, Input, Output, ViewEncapsulation } from '@angular/core';\r\nimport { SiaraShieldLoaderService } from './siara-shield-loader.service';\r\nimport { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\r\n\r\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_SCRIPT_SRC = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';\nconst VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\r\nexport interface SiaraShieldInitOptions {\r\n /** SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. */\r\n publicKey: string;\r\n /** Loads jQuery before SiaraShield script. Default is true for easier integration. Set to false only if your page already includes jQuery. */\n loadJQuery?: boolean;\n /** CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. */\n cspNonce?: string;\n}\r\n\r\n@Component({\r\n selector: 'siara-shield',\r\n standalone: true,\r\n template: `<div class=\"SiaraShield\"></div>`,\r\n encapsulation: ViewEncapsulation.None,\r\n})\r\nexport class SiaraShieldComponent implements AfterViewInit {\n @Input({ required: true }) publicKey!: string;\r\n @Input() loadJQuery = true;\n @Input() cspNonce?: string;\n\r\n /**\r\n * Emits the current `CyberSiaraToken` right after a successful `checkCaptcha()`.\r\n */\r\n @Output() token = new EventEmitter<string>();\r\n\r\n private initialized = false;\r\n\r\n constructor(\n private readonly host: ElementRef<HTMLElement>,\n private readonly loader: SiaraShieldLoaderService,\n ) {}\n\r\n async ngAfterViewInit(): Promise<void> {\r\n await this.init({ publicKey: this.publicKey, loadJQuery: this.loadJQuery, cspNonce: this.cspNonce });\r\n }\r\n\r\n async init(options: SiaraShieldInitOptions): Promise<void> {\r\n if (this.initialized) return;\r\n\r\n // Ensure the host element is in DOM before scripts run.\r\n void this.host.nativeElement;\r\n\r\n if (!options.publicKey) {\r\n throw new Error('SiaraShieldComponent: publicKey is required.');\r\n }\r\n const cspNonce = this.resolveCspNonce(options.cspNonce);\r\n\r\n if ((options.loadJQuery ?? true) && !this.isJQueryAlreadyAvailable()) {\n await this.loader.loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });\n }\n\n await this.loader.loadScript(CAPTCHA_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n await this.loader.loadScript(VALIDATION_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n\n const g = getSiaraShieldGlobals();\n this.preventDuplicateValidationBootstrap(g);\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error(\n 'SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.',\n );\n }\n\r\n initCaptchaFn(options.publicKey);\r\n await this.waitForCheckCaptchaApi();\r\n this.initialized = true;\r\n }\r\n\r\n /**\r\n * Detect preloaded jQuery from global object or an existing script tag.\r\n */\r\n private isJQueryAlreadyAvailable(): boolean {\r\n const g = getSiaraShieldGlobals();\r\n if (typeof g.jQuery === 'function' || typeof g.$ === 'function') {\r\n return true;\r\n }\r\n\r\n const existingJqueryScript = this.host.nativeElement.ownerDocument.querySelector<HTMLScriptElement>(\r\n 'script[src*=\"jquery\"]',\r\n );\r\n return Boolean(existingJqueryScript);\r\n }\r\n\r\n /**\r\n * Uses explicit nonce first. If not provided, tries to reuse nonce\r\n * from the first script tag or from `<meta name=\"csp-nonce\">`.\r\n */\r\n private resolveCspNonce(explicitNonce?: string): string | undefined {\n if (explicitNonce) return explicitNonce;\r\n const doc = this.host.nativeElement.ownerDocument;\r\n const scriptWithNonce = doc.querySelector<HTMLScriptElement>('script[nonce]');\r\n if (scriptWithNonce?.nonce) return scriptWithNonce.nonce;\r\n\r\n const nonceMeta = doc.querySelector<HTMLMetaElement>('meta[name=\"csp-nonce\"]');\r\n return nonceMeta?.content || undefined;\n }\n\n private preventDuplicateValidationBootstrap(g: ReturnType<typeof getSiaraShieldGlobals>): void {\n const originalAppendValidation = g.AppendValidationJS;\n if (typeof originalAppendValidation !== 'function') {\n return;\n }\n\n g.AppendValidationJS = () => {\n const existing = this.host.nativeElement.ownerDocument.querySelector<HTMLScriptElement>(\n `script[src=\"${VALIDATION_SCRIPT_SRC}\"]`,\n );\n if (existing) {\n return;\n }\n\n originalAppendValidation();\n };\n }\n\r\n private async waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\r\n const startedAt = Date.now();\r\n while (Date.now() - startedAt < timeoutMs) {\r\n if (getSiaraShieldGlobals().CheckCaptcha) {\r\n return;\r\n }\r\n await new Promise((resolve) => setTimeout(resolve, 100));\r\n }\r\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');\n }\n\r\n /**\r\n * Calls the global `CheckCaptcha()` from SiaraShield script.\r\n * Returns true when captcha is valid; emits token if available.\r\n */\r\n checkCaptcha(): boolean {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did init() run, and is CSP allowing the captcha scripts?');\n }\n\r\n const ok = g.CheckCaptcha();\r\n if (ok && typeof g.CyberSiaraToken === 'string') {\r\n this.token.emit(g.CyberSiaraToken);\r\n }\r\n return ok;\r\n }\r\n\r\n /**\r\n * Async-friendly captcha validation to avoid first-click timing issues.\r\n * Retries briefly until token/check API settles.\r\n */\r\n async checkCaptchaAsync(options?: { timeoutMs?: number; pollIntervalMs?: number }): Promise<boolean> {\r\n const timeoutMs = options?.timeoutMs ?? 2000;\r\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\r\n const startedAt = Date.now();\r\n\r\n if (this.checkCaptcha()) {\r\n return true;\r\n }\r\n\r\n while (Date.now() - startedAt < timeoutMs) {\r\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\r\n if (this.checkCaptcha()) {\r\n return true;\r\n }\r\n }\r\n\r\n return false;\r\n }\r\n}\r\n\r\n","import { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\r\n\r\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_SCRIPT_SRC = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';\nconst VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\r\nexport interface InitSiaraShieldOptions {\n /** SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. */\n publicKey: string;\n /**\n * Loads jQuery before SiaraShield script.\n * Default is true for easier integration.\n * Set to false only if your site/app already loads jQuery.\n */\n loadJQuery?: boolean;\n /** CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. */\n cspNonce?: string;\n}\n\r\nlet pending: Promise<void> | null = null;\r\nlet initialized = false;\r\n\r\nfunction loadScript(src: string, options?: { nonce?: string }): Promise<void> {\n const existing = document.querySelector<HTMLScriptElement>(`script[src=\"${src}\"]`);\n if (existing) return Promise.resolve();\n\n return new Promise<void>((resolve, reject) => {\n const script = document.createElement('script');\n script.src = src;\n script.async = true;\n if (options?.nonce) {\n script.nonce = options.nonce;\n }\n script.onload = () => resolve();\n script.onerror = () =>\n reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));\n document.head.appendChild(script);\n });\n}\n\r\nfunction isJQueryAlreadyAvailable(): boolean {\n const g = getSiaraShieldGlobals();\n if (typeof g.jQuery === 'function' || typeof g.$ === 'function') {\n return true;\n }\n\r\n const existingJqueryScript = document.querySelector<HTMLScriptElement>('script[src*=\"jquery\"]');\n return Boolean(existingJqueryScript);\n}\n\nfunction resolveCspNonce(explicitNonce?: string): string | undefined {\n if (explicitNonce) return explicitNonce;\n\n const scriptWithNonce = document.querySelector<HTMLScriptElement>('script[nonce]');\n if (scriptWithNonce?.nonce) return scriptWithNonce.nonce;\n\n const nonceMeta = document.querySelector<HTMLMetaElement>('meta[name=\"csp-nonce\"]');\n return nonceMeta?.content || undefined;\n}\n\nfunction preventDuplicateValidationBootstrap(g: ReturnType<typeof getSiaraShieldGlobals>): void {\n const originalAppendValidation = g.AppendValidationJS;\n if (typeof originalAppendValidation !== 'function') {\n return;\n }\n\n g.AppendValidationJS = () => {\n const existing = document.querySelector<HTMLScriptElement>(`script[src=\"${VALIDATION_SCRIPT_SRC}\"]`);\n if (existing) {\n return;\n }\n\n originalAppendValidation();\n };\n}\n\r\nasync function waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\n const startedAt = Date.now();\n while (Date.now() - startedAt < timeoutMs) {\n if (getSiaraShieldGlobals().CheckCaptcha) {\n return;\n }\r\n await new Promise((resolve) => setTimeout(resolve, 100));\r\n }\r\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');\n}\n\r\n/**\r\n * Drop-in initializer for SiaraShield.\r\n * - Loads required scripts (optionally jQuery)\r\n * - Calls global `initCaptcha(publicKey)`\r\n *\r\n * Requirements in your HTML/template:\r\n * - You must render: `<div class=\"SiaraShield\"></div>`\r\n */\r\nexport async function initSiaraShield(options: InitSiaraShieldOptions): Promise<void> {\r\n if (initialized) return;\r\n if (pending) return pending;\r\n\r\n if (!options?.publicKey) {\r\n throw new Error('initSiaraShield: publicKey is required.');\r\n }\r\n\r\n pending = (async () => {\n const cspNonce = resolveCspNonce(options.cspNonce);\n\n if ((options.loadJQuery ?? true) && !isJQueryAlreadyAvailable()) {\n await loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });\n }\n\n await loadScript(CAPTCHA_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n await loadScript(VALIDATION_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n\n const g = getSiaraShieldGlobals();\n preventDuplicateValidationBootstrap(g);\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error(\n 'SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.',\n );\n }\n\r\n initCaptchaFn(options.publicKey);\r\n await waitForCheckCaptchaApi();\r\n initialized = true;\r\n })();\r\n\r\n try {\r\n await pending;\r\n } finally {\r\n // keep `pending` cached for subsequent callers\r\n }\r\n}\r\n\r\n/**\r\n * Calls global `CheckCaptcha()` and returns its boolean result.\r\n * If successful, returns `{ ok: true, token?: string }`.\r\n */\r\nexport function checkSiaraShieldCaptcha(): { ok: boolean; token?: string } {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did initSiaraShield() run, and is CSP allowing the captcha scripts?');\n }\n\r\n const ok = g.CheckCaptcha();\r\n const token = typeof g.CyberSiaraToken === 'string' ? g.CyberSiaraToken : undefined;\r\n return ok ? { ok: true, token } : { ok: false };\r\n}\r\n\r\n/**\r\n * Async-friendly captcha check to handle delayed token population.\r\n */\r\nexport async function checkSiaraShieldCaptchaAsync(options?: {\r\n timeoutMs?: number;\r\n pollIntervalMs?: number;\r\n}): Promise<{ ok: boolean; token?: string }> {\r\n const timeoutMs = options?.timeoutMs ?? 1200;\r\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\r\n const firstCheck = checkSiaraShieldCaptcha(); // one API call only\r\n if (!firstCheck.ok) return firstCheck;\r\n if (firstCheck.token) return firstCheck;\r\n\r\n const startedAt = Date.now();\r\n // Token can be assigned slightly after successful verification.\r\n while (Date.now() - startedAt < timeoutMs) {\r\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\r\n const token = getSiaraShieldGlobals().CyberSiaraToken;\r\n if (typeof token === 'string' && token.length > 0) {\r\n return { ok: true, token };\r\n }\r\n }\r\n\r\n return { ok: true };\r\n}\r\n\r\n","export interface SiaraShieldCspOptions {\n /** Server-generated nonce value without the `'nonce-'` prefix. */\n nonce?: string;\n /** Optional if the customer still loads jQuery from Google's CDN. */\n includeGoogleApis?: boolean;\n /** Keep `'unsafe-inline'` in `script-src` for strict vendor compatibility. */\n includeUnsafeInlineScript?: boolean;\n /** Keep `style-src 'unsafe-inline'` for current vendor markup/styles. */\n includeUnsafeInlineStyle?: boolean;\n}\n\nexport type SiaraShieldCspDirectives = Record<string, string[]>;\n\nconst SELF = \"'self'\";\nconst DATA = 'data:';\nconst UNSAFE_INLINE = \"'unsafe-inline'\";\n\nconst SCRIPT_HOSTS = ['https://embedcdn.mycybersiara.com', 'https://embed.mycybersiara.com'] as const;\nconst OPTIONAL_SCRIPT_HOSTS = ['https://ajax.googleapis.com'] as const;\nconst CONNECT_HOSTS = ['https://embed.mycybersiara.com', 'https://embedcdn.mycybersiara.com'] as const;\nconst STYLE_HOSTS = [\n 'https://embed.mycybersiara.com',\n 'https://mycybersiara.com',\n 'https://fonts.googleapis.com',\n 'https://cdnjs.cloudflare.com',\n] as const;\nconst FONT_HOSTS = [\n 'https://fonts.gstatic.com',\n 'https://mycybersiara.com',\n 'https://cdnjs.cloudflare.com',\n] as const;\nconst IMG_HOSTS = [\n 'https://embed.mycybersiara.com',\n 'https://embedcdn.mycybersiara.com',\n 'https://mycybersiara.com',\n] as const;\n\nfunction unique(values: Array<string | undefined>): string[] {\n return [...new Set(values.filter((value): value is string => Boolean(value && value.trim())))];\n}\n\nfunction nonceSource(nonce?: string): string | undefined {\n return nonce ? `'nonce-${nonce}'` : undefined;\n}\n\nfunction serializeDirective(name: string, values: string[]): string {\n return values.length > 0 ? `${name} ${values.join(' ')}` : name;\n}\n\nfunction parsePolicy(policy: string): Map<string, string[]> {\n const directives = new Map<string, string[]>();\n\n for (const rawDirective of policy.split(';')) {\n const directive = rawDirective.trim();\n if (!directive) {\n continue;\n }\n\n const parts = directive.split(/\\s+/).filter(Boolean);\n const [name, ...values] = parts;\n if (!name) {\n continue;\n }\n\n directives.set(name, values);\n }\n\n return directives;\n}\n\nexport function getSiaraShieldCspDirectives(options?: SiaraShieldCspOptions): SiaraShieldCspDirectives {\n const includeGoogleApis = options?.includeGoogleApis ?? false;\n const includeUnsafeInlineScript = options?.includeUnsafeInlineScript ?? true;\n const includeUnsafeInlineStyle = options?.includeUnsafeInlineStyle ?? true;\n const nonce = nonceSource(options?.nonce);\n const scriptHosts = includeGoogleApis ? [...SCRIPT_HOSTS, ...OPTIONAL_SCRIPT_HOSTS] : [...SCRIPT_HOSTS];\n\n return {\n 'default-src': unique([SELF]),\n 'script-src': unique([SELF, nonce, ...scriptHosts, includeUnsafeInlineScript ? UNSAFE_INLINE : undefined]),\n 'script-src-elem': unique([SELF, nonce, ...scriptHosts]),\n 'connect-src': unique([SELF, ...CONNECT_HOSTS]),\n 'img-src': unique([SELF, DATA, ...IMG_HOSTS]),\n 'style-src': unique([SELF, includeUnsafeInlineStyle ? UNSAFE_INLINE : undefined, ...STYLE_HOSTS]),\n 'font-src': unique([SELF, ...FONT_HOSTS, DATA]),\n };\n}\n\nexport function getSiaraShieldCspPolicy(options?: SiaraShieldCspOptions): string {\n return Object.entries(getSiaraShieldCspDirectives(options))\n .map(([name, values]) => serializeDirective(name, values))\n .join('; ');\n}\n\nexport function mergeSiaraShieldCspPolicy(existingPolicy: string, options?: SiaraShieldCspOptions): string {\n const directives = parsePolicy(existingPolicy);\n const recommended = getSiaraShieldCspDirectives(options);\n\n for (const [name, values] of Object.entries(recommended)) {\n directives.set(name, unique([...(directives.get(name) ?? []), ...values]));\n }\n\n return [...directives.entries()]\n .map(([name, values]) => serializeDirective(name, values))\n .join('; ');\n}\n","/*\n * Public API Surface of siarashield-workspace\n */\n\nexport * from './lib/siarashield-workspace';\nexport * from './lib/siara-shield.component';\nexport * from './lib/siara-shield-loader.service';\nexport * from './lib/siara-shield.globals';\nexport * from './lib/siara-shield';\nexport * from './lib/siara-shield-csp';\n","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './public-api';\n"],"names":["JQUERY_FALLBACK_SRC","CAPTCHA_SCRIPT_SRC","VALIDATION_SCRIPT_SRC","CAPTCHA_READY_TIMEOUT_MS","i1.SiaraShieldLoaderService"],"mappings":";;;;SAagB,qBAAqB,GAAA;AACnC,IAAA,OAAQ,UAAwE;AAClF;AAEM,SAAU,gBAAgB,CAAC,CAAqB,EAAA;AACpD,IAAA,OAAO,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,WAAW;AACvC;;MCTa,wBAAwB,CAAA;AAIY,IAAA,QAAA;AAHvC,IAAA,WAAW,GAAG,IAAI,GAAG,EAAwB;AAC7C,IAAA,YAAY,GAAG,IAAI,GAAG,EAAyB;AAEvD,IAAA,WAAA,CAA+C,QAAkB,EAAA;QAAlB,IAAA,CAAA,QAAQ,GAAR,QAAQ;IAAa;IAEpE,UAAU,CAAC,GAAW,EAAE,OAA2B,EAAA;AACjD,QAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,GAAG,CAAA,EAAA,CAAI,CAAC;AACvF,QAAA,IAAI,QAAQ;AAAE,YAAA,OAAO,OAAO,CAAC,OAAO,EAAE;QAEtC,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC;QACxC,IAAI,MAAM,KAAK,QAAQ;AAAE,YAAA,OAAO,OAAO,CAAC,OAAO,EAAE;AACjD,QAAA,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC;AAC1C,YAAA,IAAI,OAAO;AAAE,gBAAA,OAAO,OAAO;QAC7B;QAEA,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC;QAEpC,MAAM,OAAO,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,KAAI;YACpD,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC;AACpD,YAAA,MAAM,CAAC,GAAG,GAAG,GAAG;AAChB,YAAA,MAAM,CAAC,KAAK,GAAG,IAAI;AACnB,YAAA,IAAI,OAAO,EAAE,KAAK,EAAE;AAClB,gBAAA,MAAM,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK;YAC9B;AACA,YAAA,MAAM,CAAC,MAAM,GAAG,MAAK;gBACnB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC;AACnC,gBAAA,OAAO,EAAE;AACX,YAAA,CAAC;AACD,YAAA,MAAM,CAAC,OAAO,GAAG,MAAK;gBACpB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;gBAClC,MAAM,CAAC,IAAI,KAAK,CAAC,0BAA0B,GAAG,CAAA,8CAAA,CAAgD,CAAC,CAAC;AAClG,YAAA,CAAC;YACD,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;AACxC,QAAA,CAAC,CAAC;QAEF,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;AACnC,QAAA,OAAO,OAAO;IAChB;AAvCW,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,kBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,kBAIf,QAAQ,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;AAJjB,IAAA,OAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,cADX,MAAM,EAAA,CAAA;;2FACnB,wBAAwB,EAAA,UAAA,EAAA,CAAA;kBADpC,UAAU;mBAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;0BAKnB,MAAM;2BAAC,QAAQ;;;ACV9B,MAAMA,qBAAmB,GAAG,kEAAkE;AAC9F,MAAMC,oBAAkB,GAAG,sEAAsE;AACjG,MAAMC,uBAAqB,GAAG,yEAAyE;AACvG,MAAMC,0BAAwB,GAAG,IAAI;MAiBxB,oBAAoB,CAAA;AAaZ,IAAA,IAAA;AACA,IAAA,MAAA;AAbQ,IAAA,SAAS;IAC3B,UAAU,GAAG,IAAI;AACjB,IAAA,QAAQ;AAEjB;;AAEG;AACO,IAAA,KAAK,GAAG,IAAI,YAAY,EAAU;IAEpC,WAAW,GAAG,KAAK;IAE3B,WAAA,CACmB,IAA6B,EAC7B,MAAgC,EAAA;QADhC,IAAA,CAAA,IAAI,GAAJ,IAAI;QACJ,IAAA,CAAA,MAAM,GAAN,MAAM;IACtB;AAEH,IAAA,MAAM,eAAe,GAAA;QACnB,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;IACtG;IAEA,MAAM,IAAI,CAAC,OAA+B,EAAA;QACxC,IAAI,IAAI,CAAC,WAAW;YAAE;;AAGtB,QAAA,KAAK,IAAI,CAAC,IAAI,CAAC,aAAa;AAE5B,QAAA,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE;AACtB,YAAA,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC;QACjE;QACA,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC;AAEvD,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE;AACpE,YAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACH,qBAAmB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QACxE;AAEA,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACC,oBAAkB,EAAE;AAC/C,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AACF,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACC,uBAAqB,EAAE;AAClD,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,CAAC,mCAAmC,CAAC,CAAC,CAAC;AAC3C,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CACb,kIAAkI,CACnI;QACH;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;AAChC,QAAA,MAAM,IAAI,CAAC,sBAAsB,EAAE;AACnC,QAAA,IAAI,CAAC,WAAW,GAAG,IAAI;IACzB;AAEA;;AAEG;IACK,wBAAwB,GAAA;AAC9B,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,YAAA,OAAO,IAAI;QACb;AAEA,QAAA,MAAM,oBAAoB,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,aAAa,CAC9E,uBAAuB,CACxB;AACD,QAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;IACtC;AAEA;;;AAGG;AACK,IAAA,eAAe,CAAC,aAAsB,EAAA;AAC5C,QAAA,IAAI,aAAa;AAAE,YAAA,OAAO,aAAa;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa;QACjD,MAAM,eAAe,GAAG,GAAG,CAAC,aAAa,CAAoB,eAAe,CAAC;QAC7E,IAAI,eAAe,EAAE,KAAK;YAAE,OAAO,eAAe,CAAC,KAAK;QAExD,MAAM,SAAS,GAAG,GAAG,CAAC,aAAa,CAAkB,wBAAwB,CAAC;AAC9E,QAAA,OAAO,SAAS,EAAE,OAAO,IAAI,SAAS;IACxC;AAEQ,IAAA,mCAAmC,CAAC,CAA2C,EAAA;AACrF,QAAA,MAAM,wBAAwB,GAAG,CAAC,CAAC,kBAAkB;AACrD,QAAA,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE;YAClD;QACF;AAEA,QAAA,CAAC,CAAC,kBAAkB,GAAG,MAAK;AAC1B,YAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,aAAa,CAClE,CAAA,YAAA,EAAeA,uBAAqB,CAAA,EAAA,CAAI,CACzC;YACD,IAAI,QAAQ,EAAE;gBACZ;YACF;AAEA,YAAA,wBAAwB,EAAE;AAC5B,QAAA,CAAC;IACH;AAEQ,IAAA,MAAM,sBAAsB,CAAC,SAAS,GAAGC,0BAAwB,EAAA;AACvE,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;QAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;gBACxC;YACF;AACA,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC1D;AACA,QAAA,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC;IACvI;AAEA;;;AAGG;IACH,YAAY,GAAA;AACV,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,YAAA,MAAM,IAAI,KAAK,CAAC,wGAAwG,CAAC;QAC3H;AAEA,QAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;QAC3B,IAAI,EAAE,IAAI,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,EAAE;YAC/C,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC;QACpC;AACA,QAAA,OAAO,EAAE;IACX;AAEA;;;AAGG;IACH,MAAM,iBAAiB,CAAC,OAAyD,EAAA;AAC/E,QAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,QAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;AAE5B,QAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,YAAA,OAAO,IAAI;QACb;QAEA,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,YAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,gBAAA,OAAO,IAAI;YACb;QACF;AAEA,QAAA,OAAO,KAAK;IACd;uGAzJW,oBAAoB,EAAA,IAAA,EAAA,CAAA,EAAA,KAAA,EAAA,EAAA,CAAA,UAAA,EAAA,EAAA,EAAA,KAAA,EAAAC,wBAAA,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA;AAApB,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,oBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,IAAA,EAAA,oBAAoB,yLAHrB,CAAA,+BAAA,CAAiC,EAAA,QAAA,EAAA,IAAA,EAAA,aAAA,EAAA,EAAA,CAAA,iBAAA,CAAA,IAAA,EAAA,CAAA;;2FAGhC,oBAAoB,EAAA,UAAA,EAAA,CAAA;kBANhC,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,QAAQ,EAAE,cAAc;AACxB,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,CAAA,+BAAA,CAAiC;oBAC3C,aAAa,EAAE,iBAAiB,CAAC,IAAI;AACtC,iBAAA;;sBAEE,KAAK;uBAAC,EAAE,QAAQ,EAAE,IAAI,EAAE;;sBACxB;;sBACA;;sBAKA;;;AC9BH,MAAM,mBAAmB,GAAG,kEAAkE;AAC9F,MAAM,kBAAkB,GAAG,sEAAsE;AACjG,MAAM,qBAAqB,GAAG,yEAAyE;AACvG,MAAM,wBAAwB,GAAG,IAAI;AAerC,IAAI,OAAO,GAAyB,IAAI;AACxC,IAAI,WAAW,GAAG,KAAK;AAEvB,SAAS,UAAU,CAAC,GAAW,EAAE,OAA4B,EAAA;IAC3D,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,GAAG,CAAA,EAAA,CAAI,CAAC;AAClF,IAAA,IAAI,QAAQ;AAAE,QAAA,OAAO,OAAO,CAAC,OAAO,EAAE;IAEtC,OAAO,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,KAAI;QAC3C,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC;AAC/C,QAAA,MAAM,CAAC,GAAG,GAAG,GAAG;AAChB,QAAA,MAAM,CAAC,KAAK,GAAG,IAAI;AACnB,QAAA,IAAI,OAAO,EAAE,KAAK,EAAE;AAClB,YAAA,MAAM,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK;QAC9B;QACA,MAAM,CAAC,MAAM,GAAG,MAAM,OAAO,EAAE;AAC/B,QAAA,MAAM,CAAC,OAAO,GAAG,MACf,MAAM,CAAC,IAAI,KAAK,CAAC,CAAA,uBAAA,EAA0B,GAAG,CAAA,8CAAA,CAAgD,CAAC,CAAC;AAClG,QAAA,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;AACnC,IAAA,CAAC,CAAC;AACJ;AAEA,SAAS,wBAAwB,GAAA;AAC/B,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,QAAA,OAAO,IAAI;IACb;IAEA,MAAM,oBAAoB,GAAG,QAAQ,CAAC,aAAa,CAAoB,uBAAuB,CAAC;AAC/F,IAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;AACtC;AAEA,SAAS,eAAe,CAAC,aAAsB,EAAA;AAC7C,IAAA,IAAI,aAAa;AAAE,QAAA,OAAO,aAAa;IAEvC,MAAM,eAAe,GAAG,QAAQ,CAAC,aAAa,CAAoB,eAAe,CAAC;IAClF,IAAI,eAAe,EAAE,KAAK;QAAE,OAAO,eAAe,CAAC,KAAK;IAExD,MAAM,SAAS,GAAG,QAAQ,CAAC,aAAa,CAAkB,wBAAwB,CAAC;AACnF,IAAA,OAAO,SAAS,EAAE,OAAO,IAAI,SAAS;AACxC;AAEA,SAAS,mCAAmC,CAAC,CAA2C,EAAA;AACtF,IAAA,MAAM,wBAAwB,GAAG,CAAC,CAAC,kBAAkB;AACrD,IAAA,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE;QAClD;IACF;AAEA,IAAA,CAAC,CAAC,kBAAkB,GAAG,MAAK;QAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,qBAAqB,CAAA,EAAA,CAAI,CAAC;QACpG,IAAI,QAAQ,EAAE;YACZ;QACF;AAEA,QAAA,wBAAwB,EAAE;AAC5B,IAAA,CAAC;AACH;AAEA,eAAe,sBAAsB,CAAC,SAAS,GAAG,wBAAwB,EAAA;AACxE,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;IAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;YACxC;QACF;AACA,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAC1D;AACA,IAAA,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC;AACvI;AAEA;;;;;;;AAOG;AACI,eAAe,eAAe,CAAC,OAA+B,EAAA;AACnE,IAAA,IAAI,WAAW;QAAE;AACjB,IAAA,IAAI,OAAO;AAAE,QAAA,OAAO,OAAO;AAE3B,IAAA,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE;AACvB,QAAA,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC;IAC5D;AAEA,IAAA,OAAO,GAAG,CAAC,YAAW;QACpB,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC;AAElD,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,wBAAwB,EAAE,EAAE;YAC/D,MAAM,UAAU,CAAC,mBAAmB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QAC5D;QAEA,MAAM,UAAU,CAAC,kBAAkB,EAAE;AACnC,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;QACF,MAAM,UAAU,CAAC,qBAAqB,EAAE;AACtC,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;QACjC,mCAAmC,CAAC,CAAC,CAAC;AACtC,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CACb,kIAAkI,CACnI;QACH;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;QAChC,MAAM,sBAAsB,EAAE;QAC9B,WAAW,GAAG,IAAI;IACpB,CAAC,GAAG;AAEJ,IAAA,IAAI;AACF,QAAA,MAAM,OAAO;IACf;YAAU;;IAEV;AACF;AAEA;;;AAGG;SACa,uBAAuB,GAAA;AACrC,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,QAAA,MAAM,IAAI,KAAK,CAAC,mHAAmH,CAAC;IACtI;AAEA,IAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;AAC3B,IAAA,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,GAAG,CAAC,CAAC,eAAe,GAAG,SAAS;AACnF,IAAA,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE;AACjD;AAEA;;AAEG;AACI,eAAe,4BAA4B,CAAC,OAGlD,EAAA;AACC,IAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,IAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,IAAA,MAAM,UAAU,GAAG,uBAAuB,EAAE,CAAC;IAC7C,IAAI,CAAC,UAAU,CAAC,EAAE;AAAE,QAAA,OAAO,UAAU;IACrC,IAAI,UAAU,CAAC,KAAK;AAAE,QAAA,OAAO,UAAU;AAEvC,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;;IAE5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,QAAA,MAAM,KAAK,GAAG,qBAAqB,EAAE,CAAC,eAAe;QACrD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;AACjD,YAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;QAC5B;IACF;AAEA,IAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE;AACrB;;ACrKA,MAAM,IAAI,GAAG,QAAQ;AACrB,MAAM,IAAI,GAAG,OAAO;AACpB,MAAM,aAAa,GAAG,iBAAiB;AAEvC,MAAM,YAAY,GAAG,CAAC,mCAAmC,EAAE,gCAAgC,CAAU;AACrG,MAAM,qBAAqB,GAAG,CAAC,6BAA6B,CAAU;AACtE,MAAM,aAAa,GAAG,CAAC,gCAAgC,EAAE,mCAAmC,CAAU;AACtG,MAAM,WAAW,GAAG;IAClB,gCAAgC;IAChC,0BAA0B;IAC1B,8BAA8B;IAC9B,8BAA8B;CACtB;AACV,MAAM,UAAU,GAAG;IACjB,2BAA2B;IAC3B,0BAA0B;IAC1B,8BAA8B;CACtB;AACV,MAAM,SAAS,GAAG;IAChB,gCAAgC;IAChC,mCAAmC;IACnC,0BAA0B;CAClB;AAEV,SAAS,MAAM,CAAC,MAAiC,EAAA;IAC/C,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,KAAsB,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAChG;AAEA,SAAS,WAAW,CAAC,KAAc,EAAA;IACjC,OAAO,KAAK,GAAG,CAAA,OAAA,EAAU,KAAK,CAAA,CAAA,CAAG,GAAG,SAAS;AAC/C;AAEA,SAAS,kBAAkB,CAAC,IAAY,EAAE,MAAgB,EAAA;IACxD,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,GAAG,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI;AACjE;AAEA,SAAS,WAAW,CAAC,MAAc,EAAA;AACjC,IAAA,MAAM,UAAU,GAAG,IAAI,GAAG,EAAoB;IAE9C,KAAK,MAAM,YAAY,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;AAC5C,QAAA,MAAM,SAAS,GAAG,YAAY,CAAC,IAAI,EAAE;QACrC,IAAI,CAAC,SAAS,EAAE;YACd;QACF;AAEA,QAAA,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC;QACpD,MAAM,CAAC,IAAI,EAAE,GAAG,MAAM,CAAC,GAAG,KAAK;QAC/B,IAAI,CAAC,IAAI,EAAE;YACT;QACF;AAEA,QAAA,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC;IAC9B;AAEA,IAAA,OAAO,UAAU;AACnB;AAEM,SAAU,2BAA2B,CAAC,OAA+B,EAAA;AACzE,IAAA,MAAM,iBAAiB,GAAG,OAAO,EAAE,iBAAiB,IAAI,KAAK;AAC7D,IAAA,MAAM,yBAAyB,GAAG,OAAO,EAAE,yBAAyB,IAAI,IAAI;AAC5E,IAAA,MAAM,wBAAwB,GAAG,OAAO,EAAE,wBAAwB,IAAI,IAAI;IAC1E,MAAM,KAAK,GAAG,WAAW,CAAC,OAAO,EAAE,KAAK,CAAC;IACzC,MAAM,WAAW,GAAG,iBAAiB,GAAG,CAAC,GAAG,YAAY,EAAE,GAAG,qBAAqB,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;IAEvG,OAAO;AACL,QAAA,aAAa,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC;QAC7B,YAAY,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,EAAE,yBAAyB,GAAG,aAAa,GAAG,SAAS,CAAC,CAAC;QAC1G,iBAAiB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,CAAC,CAAC;QACxD,aAAa,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,aAAa,CAAC,CAAC;QAC/C,SAAS,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,SAAS,CAAC,CAAC;AAC7C,QAAA,WAAW,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,wBAAwB,GAAG,aAAa,GAAG,SAAS,EAAE,GAAG,WAAW,CAAC,CAAC;QACjG,UAAU,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,UAAU,EAAE,IAAI,CAAC,CAAC;KAChD;AACH;AAEM,SAAU,uBAAuB,CAAC,OAA+B,EAAA;IACrE,OAAO,MAAM,CAAC,OAAO,CAAC,2BAA2B,CAAC,OAAO,CAAC;AACvD,SAAA,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC;SACxD,IAAI,CAAC,IAAI,CAAC;AACf;AAEM,SAAU,yBAAyB,CAAC,cAAsB,EAAE,OAA+B,EAAA;AAC/F,IAAA,MAAM,UAAU,GAAG,WAAW,CAAC,cAAc,CAAC;AAC9C,IAAA,MAAM,WAAW,GAAG,2BAA2B,CAAC,OAAO,CAAC;AAExD,IAAA,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE;QACxD,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC;IAC5E;AAEA,IAAA,OAAO,CAAC,GAAG,UAAU,CAAC,OAAO,EAAE;AAC5B,SAAA,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC;SACxD,IAAI,CAAC,IAAI,CAAC;AACf;;ACzGA;;AAEG;;ACFH;;AAEG;;;;"}
|
package/package.json
CHANGED
|
@@ -123,6 +123,8 @@ interface SiaraShieldCspOptions {
|
|
|
123
123
|
nonce?: string;
|
|
124
124
|
/** Optional if the customer still loads jQuery from Google's CDN. */
|
|
125
125
|
includeGoogleApis?: boolean;
|
|
126
|
+
/** Keep `'unsafe-inline'` in `script-src` for strict vendor compatibility. */
|
|
127
|
+
includeUnsafeInlineScript?: boolean;
|
|
126
128
|
/** Keep `style-src 'unsafe-inline'` for current vendor markup/styles. */
|
|
127
129
|
includeUnsafeInlineStyle?: boolean;
|
|
128
130
|
}
|