npm - siarashield_workspace - Versions diffs - 0.0.22 → 0.0.24 - Mend

siarashield_workspace 0.0.22 → 0.0.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md +68 -50
package/fesm2022/siarashield_workspace.mjs +169 -81
package/fesm2022/siarashield_workspace.mjs.map +1 -1
package/package.json +1 -1
package/types/siarashield_workspace.d.ts +4 -8

package/README.md CHANGED Viewed

@@ -23,21 +23,23 @@ Get your public/private keys from <a href="https://mycybersiara.com" target="_bl
 ## 3) Put keys in correct place
 - **Frontend (Angular):** public key only
-- **Backend (.env):** private key only (never expose in frontend)
+- **Backend (.env):** private key only
-Frontend should read public key from `environment` or your environment file.
+Angular `environment` example:
-Example `environment` values:
+```ts
+export const environment = {
+  siaraShieldPublicKey: 'YOUR-PUBLIC-KEY',
+};
+```
-```environment
-{
-siaraShieldPublicKey:"YOUR-PUBLIC-KEY",
-siaraShieldPrivateKey:"YOUR-PRIVATE-KEY"
-}
+Backend `.env` example:
+```dotenv
+SIARASHIELD_PRIVATE_KEY=YOUR-PRIVATE-KEY
 ```
-If your frontend project already uses `environment`, that is fine. Map it to the same public key value used in Angular config.
+Do not place the private key in Angular environment files, templates, or browser code.
 ## 4) Add captcha container in template
@@ -45,7 +47,7 @@ If your frontend project already uses `environment`, that is fine. Map it to the
 <div class="SiaraShield"></div>
 ```
-In your submit button, make sure to add this class:CaptchaSubmit
+Add the `CaptchaSubmit` class to your submit button:
 ```html
 <button class="CaptchaSubmit"></button>
@@ -53,7 +55,7 @@ In your submit button, make sure to add this class:CaptchaSubmit
 ## 5) Add TypeScript integration (copy-paste)
-This captcha is not only for login form. You can integrate it in any form component like Login, Contact Us, Signup, Forgot Password, Lead Form, etc.
+You can integrate SiaraShield into any form component, including Login, Contact Us, Signup, Forgot Password, and Lead Form screens.
 ```ts
 import { OnInit } from '@angular/core';
@@ -68,8 +70,7 @@ export class FormComponent implements OnInit {
   initializeCaptcha() {
     initSiaraShield({
       publicKey: environment.siaraShieldPublicKey,
-      // Optional for strict CSP pages when your server provides a nonce.
-      // cspNonce: 'server-generated-nonce',
+      cspNonce: (window as any).__cspNonce || undefined,
     });
   }
@@ -77,67 +78,84 @@ export class FormComponent implements OnInit {
     const result = checkSiaraShieldCaptcha();
     if (!result.ok) {
       console.log('Captcha not completed yet');
-      return; // IMPORTANT
+      return;
     }
-    if (result.ok) {
-      console.log(result.token);
-      // API call here (Login/Contact/Signup/etc.)
-      alert('Form submitted successfully');
-    }
+    console.log(result.token);
+    // API call here
+    alert('Form submitted successfully');
   }
 }
 ```
-Important: keep your submit API logic inside `if (result.ok)`.
+Keep your submit API logic inside the successful captcha branch.
-## jQuery loading behavior
+If your frontend reads the nonce from the DOM instead of `window`, you can reuse the nonce from an existing script tag:
-- Default `loadJQuery` is `true`
-- For most customers, nothing extra is needed
-- If your app already has jQuery and you do not want package fallback loading, set `loadJQuery: false`
-- When needed, package loads:
-  - `https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js`
-- Package also loads:
-  - `https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js`
-  - `https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js`
+```ts
+const nonce = document.querySelector('script[nonce]')?.getAttribute('nonce') || undefined;
+```
-## CSP note
+The nonce must be generated on the server for each request. The plugin NEVER generates a nonce in the browser.
-To make CSP setup easier for customers, the plugin now exports helpers:
+## CSP Compliance (Important)
-```ts
-import { getSiaraShieldCspPolicy, mergeSiaraShieldCspPolicy } from 'siarashield_workspace';
+Inline scripts are blocked by CSP unless you allow them with a nonce or a hash. This package does not execute inline JavaScript and does not use `eval()`, `new Function()`, `setTimeout(string)`, `setInterval(string)`, or any other string-based execution path. All scripts are loaded as external resources. Any dynamically created `<script>` elements are assigned the provided CSP nonce when `cspNonce` is passed.
-const policy = getSiaraShieldCspPolicy();
+For strict CSP deployments:
-const mergedPolicy = mergeSiaraShieldCspPolicy("default-src 'self'");
-```
+- Generate the nonce on the server for each request.
+- Use the SAME nonce in the `Content-Security-Policy` header.
+- Use the SAME nonce on the `<script>` tag that loads your Angular app or any direct SiaraShield resource.
+- Use the SAME nonce in `initSiaraShield({ cspNonce: ... })`.
+- The plugin NEVER generates a nonce in the browser.
+- If a valid CSP nonce is required but not provided, browsers will block script execution and the captcha will fail to load.
-Recommended CSP baseline:
+Safe CSP example:
 ```http
-script-src 'self' https://embedcdn.mycybersiara.com https://embed.mycybersiara.com;
-script-src-elem 'self' https://embedcdn.mycybersiara.com https://embed.mycybersiara.com;
-connect-src 'self' https://embed.mycybersiara.com;
-img-src 'self' data: https://embed.mycybersiara.com;
-style-src 'self' 'unsafe-inline';
+default-src 'self';
+script-src 'self' 'nonce-<dynamic>' https://embed.mycybersiara.com https://embedcdn.mycybersiara.com;
+script-src-elem 'self' 'nonce-<dynamic>' https://embed.mycybersiara.com https://embedcdn.mycybersiara.com;
+connect-src 'self' https://embed.mycybersiara.com https://embedcdn.mycybersiara.com;
+style-src 'self' https://embed.mycybersiara.com https://mycybersiara.com https://fonts.googleapis.com https://cdnjs.cloudflare.com;
+font-src 'self' https://fonts.gstatic.com https://mycybersiara.com https://cdnjs.cloudflare.com data:;
+img-src 'self' data: https://embed.mycybersiara.com https://embedcdn.mycybersiara.com https://mycybersiara.com;
+```
+Example using the same server-generated nonce in a script tag:
+```html
+<script nonce="YOUR_NONCE" src="https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js"></script>
 ```
-If the customer still loads jQuery from another CDN like Google, they should also allow that CDN in `script-src`.
+If your Angular app initializes SiaraShield from the main application bundle, that bundle's `<script>` tag must use the same nonce value that appears in the CSP header.
-You can use `getSiaraShieldCspPolicy(...)` to generate the plugin baseline from the plugin side instead of hardcoding it in customer projects.
+`getSiaraShieldCspPolicy()` and `mergeSiaraShieldCspPolicy()` only generate a baseline CSP string. These helpers do not inject a nonce and do not apply headers. The server must inject the nonce and must apply the final `Content-Security-Policy` header. The generated policy must always be reviewed before production use.
-This package now preloads `SiaraShield_Validation.js` to reduce CSP issues from the vendor bootstrap chain.
+The package still works in environments without CSP or with relaxed policies. If your site uses a strict nonce-based CSP, passing the server-generated nonce is required.
-The plugin can help generate the CSP string, but the final CSP header/meta must still be applied by the customer project.
+## jQuery loading behavior
+- Default `loadJQuery` is `true`.
+- If jQuery is not already available, the package loads:
+  - `https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js`
+- The package also loads:
+  - `https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js`
+  - `https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js`
+- jQuery and the captcha bootstrap process may create script elements dynamically.
+- When `cspNonce` is provided, all dynamically created script elements created by this package are assigned that nonce.
+- This is required for compatibility with strict nonce-based CSP policies.
+- If a valid CSP nonce is required but not passed, browsers will block those script loads and the captcha will fail to initialize.
+- If your app already loads jQuery, set `loadJQuery: false`.
+- If your app loads jQuery from another CDN, allow that host in `script-src` and `script-src-elem`.
 ## Quick troubleshooting
-- Captcha not visible -> confirm `<div class="SiaraShield"></div>` is present
-- `CheckCaptcha` not available -> ensure `initSiaraShield(...)` ran successfully
-- CSP warning or script load failure -> allow the `script-src`, `connect-src`, and `img-src` hosts above
-- Token empty -> check browser console and network calls after clicking submit
+- Captcha not visible -> confirm `<div class="SiaraShield"></div>` is present.
+- `CheckCaptcha` not available -> ensure `initSiaraShield(...)` ran and CSP allows the required hosts.
+- CSP error in console -> confirm the same server-generated nonce is present in the CSP header, the bootstrapping `<script>` tag, and `initSiaraShield(...)`.
+- Token empty -> check browser console and network calls after clicking submit.
 ## Build and pack (library maintainers)

package/fesm2022/siarashield_workspace.mjs CHANGED Viewed

@@ -9,45 +9,154 @@ function getInitCaptchaFn(g) {
     return g.initCaptcha ?? g.InitCaptcha;
 }
+const SCRIPT_STATUS_BY_DOCUMENT = new WeakMap();
+const SCRIPT_PENDING_BY_DOCUMENT = new WeakMap();
+const DYNAMIC_SCRIPT_NONCE_STATE_KEY = '__siaraShieldDynamicScriptNonceState__';
+function getStatusBySrc(documentRef) {
+    let statusBySrc = SCRIPT_STATUS_BY_DOCUMENT.get(documentRef);
+    if (!statusBySrc) {
+        statusBySrc = new Map();
+        SCRIPT_STATUS_BY_DOCUMENT.set(documentRef, statusBySrc);
+    }
+    return statusBySrc;
+}
+function getPendingBySrc(documentRef) {
+    let pendingBySrc = SCRIPT_PENDING_BY_DOCUMENT.get(documentRef);
+    if (!pendingBySrc) {
+        pendingBySrc = new Map();
+        SCRIPT_PENDING_BY_DOCUMENT.set(documentRef, pendingBySrc);
+    }
+    return pendingBySrc;
+}
+function getDynamicScriptNoncePatchState() {
+    const globalState = globalThis;
+    if (!globalState[DYNAMIC_SCRIPT_NONCE_STATE_KEY]) {
+        globalState[DYNAMIC_SCRIPT_NONCE_STATE_KEY] = {
+            nonceByDocument: new WeakMap(),
+            patched: false,
+        };
+    }
+    return globalState[DYNAMIC_SCRIPT_NONCE_STATE_KEY];
+}
+function normalizeNonce(nonce) {
+    const trimmed = nonce?.trim();
+    return trimmed ? trimmed : undefined;
+}
+function isScriptElement(node) {
+    return node instanceof Element && node.tagName.toLowerCase() === 'script';
+}
+function applyScriptNonce(script, nonce) {
+    const resolvedNonce = normalizeNonce(nonce);
+    if (!resolvedNonce) {
+        return;
+    }
+    script.setAttribute('nonce', resolvedNonce);
+    script.nonce = resolvedNonce;
+}
+function applyTrackedNonce(node) {
+    if (!isScriptElement(node)) {
+        return;
+    }
+    const documentRef = node.ownerDocument;
+    if (!documentRef) {
+        return;
+    }
+    const nonce = getDynamicScriptNoncePatchState().nonceByDocument.get(documentRef);
+    applyScriptNonce(node, nonce);
+}
+function patchDynamicScriptInsertion() {
+    const patchState = getDynamicScriptNoncePatchState();
+    if (patchState.patched) {
+        return;
+    }
+    const originalAppendChild = Node.prototype.appendChild;
+    const originalInsertBefore = Node.prototype.insertBefore;
+    const originalReplaceChild = Node.prototype.replaceChild;
+    Node.prototype.appendChild = function (node) {
+        applyTrackedNonce(node);
+        return originalAppendChild.call(this, node);
+    };
+    Node.prototype.insertBefore = function (node, child) {
+        applyTrackedNonce(node);
+        return originalInsertBefore.call(this, node, child);
+    };
+    Node.prototype.replaceChild = function (node, child) {
+        applyTrackedNonce(node);
+        return originalReplaceChild.call(this, node, child);
+    };
+    patchState.patched = true;
+}
+function resolveCspNonce(documentRef, explicitNonce) {
+    const resolvedExplicitNonce = normalizeNonce(explicitNonce);
+    if (resolvedExplicitNonce) {
+        return resolvedExplicitNonce;
+    }
+    const scriptWithNonce = documentRef.querySelector('script[nonce]');
+    const nonceFromScript = normalizeNonce(scriptWithNonce?.getAttribute('nonce') ?? scriptWithNonce?.nonce);
+    if (nonceFromScript) {
+        return nonceFromScript;
+    }
+    const nonceMeta = documentRef.querySelector('meta[name="csp-nonce"]');
+    return normalizeNonce(nonceMeta?.content);
+}
+function prepareScriptNonce(documentRef, explicitNonce) {
+    const resolvedNonce = resolveCspNonce(documentRef, explicitNonce);
+    const patchState = getDynamicScriptNoncePatchState();
+    patchDynamicScriptInsertion();
+    if (resolvedNonce) {
+        patchState.nonceByDocument.set(documentRef, resolvedNonce);
+    }
+    else {
+        patchState.nonceByDocument.delete(documentRef);
+    }
+    return resolvedNonce;
+}
+function loadScript(documentRef, src, options) {
+    const nonce = prepareScriptNonce(documentRef, options?.nonce);
+    const statusBySrc = getStatusBySrc(documentRef);
+    const pendingBySrc = getPendingBySrc(documentRef);
+    const existing = documentRef.querySelector(`script[src="${src}"]`);
+    if (existing) {
+        applyScriptNonce(existing, nonce);
+        const status = statusBySrc.get(src);
+        if (status === 'loaded') {
+            return Promise.resolve();
+        }
+        const pending = pendingBySrc.get(src);
+        if (pending) {
+            return pending;
+        }
+        return Promise.resolve();
+    }
+    statusBySrc.set(src, 'loading');
+    const pending = new Promise((resolve, reject) => {
+        const script = documentRef.createElement('script');
+        script.src = src;
+        script.async = true;
+        applyScriptNonce(script, nonce);
+        script.onload = () => {
+            statusBySrc.set(src, 'loaded');
+            pendingBySrc.delete(src);
+            resolve();
+        };
+        script.onerror = () => {
+            statusBySrc.set(src, 'error');
+            pendingBySrc.delete(src);
+            reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));
+        };
+        documentRef.head.appendChild(script);
+    });
+    pendingBySrc.set(src, pending);
+    return pending;
+}
 class SiaraShieldLoaderService {
     document;
-    statusBySrc = new Map();
-    pendingBySrc = new Map();
     constructor(document) {
         this.document = document;
     }
     loadScript(src, options) {
-        const existing = this.document.querySelector(`script[src="${src}"]`);
-        if (existing)
-            return Promise.resolve();
-        const status = this.statusBySrc.get(src);
-        if (status === 'loaded')
-            return Promise.resolve();
-        if (status === 'loading') {
-            const pending = this.pendingBySrc.get(src);
-            if (pending)
-                return pending;
-        }
-        this.statusBySrc.set(src, 'loading');
-        const pending = new Promise((resolve, reject) => {
-            const script = this.document.createElement('script');
-            script.src = src;
-            script.async = true;
-            if (options?.nonce) {
-                script.nonce = options.nonce;
-            }
-            script.onload = () => {
-                this.statusBySrc.set(src, 'loaded');
-                resolve();
-            };
-            script.onerror = () => {
-                this.statusBySrc.set(src, 'error');
-                reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));
-            };
-            this.document.head.appendChild(script);
-        });
-        this.pendingBySrc.set(src, pending);
-        return pending;
+        return loadScript(this.document, src, options);
     }
     static ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "21.2.5", ngImport: i0, type: SiaraShieldLoaderService, deps: [{ token: DOCUMENT }], target: i0.ɵɵFactoryTarget.Injectable });
     static ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "21.2.5", ngImport: i0, type: SiaraShieldLoaderService, providedIn: 'root' });
@@ -90,7 +199,7 @@ class SiaraShieldComponent {
         if (!options.publicKey) {
             throw new Error('SiaraShieldComponent: publicKey is required.');
         }
-        const cspNonce = this.resolveCspNonce(options.cspNonce);
+        const cspNonce = prepareScriptNonce(this.host.nativeElement.ownerDocument, options.cspNonce);
         if ((options.loadJQuery ?? true) && !this.isJQueryAlreadyAvailable()) {
             await this.loader.loadScript(JQUERY_FALLBACK_SRC$1, { nonce: cspNonce });
         }
@@ -121,20 +230,6 @@ class SiaraShieldComponent {
         const existingJqueryScript = this.host.nativeElement.ownerDocument.querySelector('script[src*="jquery"]');
         return Boolean(existingJqueryScript);
     }
-    /**
-     * Uses explicit nonce first. If not provided, tries to reuse nonce
-     * from the first script tag or from `<meta name="csp-nonce">`.
-     */
-    resolveCspNonce(explicitNonce) {
-        if (explicitNonce)
-            return explicitNonce;
-        const doc = this.host.nativeElement.ownerDocument;
-        const scriptWithNonce = doc.querySelector('script[nonce]');
-        if (scriptWithNonce?.nonce)
-            return scriptWithNonce.nonce;
-        const nonceMeta = doc.querySelector('meta[name="csp-nonce"]');
-        return nonceMeta?.content || undefined;
-    }
     preventDuplicateValidationBootstrap(g) {
         const originalAppendValidation = g.AppendValidationJS;
         if (typeof originalAppendValidation !== 'function') {
@@ -220,22 +315,6 @@ const VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/Sia
 const CAPTCHA_READY_TIMEOUT_MS = 8000;
 let pending = null;
 let initialized = false;
-function loadScript(src, options) {
-    const existing = document.querySelector(`script[src="${src}"]`);
-    if (existing)
-        return Promise.resolve();
-    return new Promise((resolve, reject) => {
-        const script = document.createElement('script');
-        script.src = src;
-        script.async = true;
-        if (options?.nonce) {
-            script.nonce = options.nonce;
-        }
-        script.onload = () => resolve();
-        script.onerror = () => reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));
-        document.head.appendChild(script);
-    });
-}
 function isJQueryAlreadyAvailable() {
     const g = getSiaraShieldGlobals();
     if (typeof g.jQuery === 'function' || typeof g.$ === 'function') {
@@ -244,15 +323,6 @@ function isJQueryAlreadyAvailable() {
     const existingJqueryScript = document.querySelector('script[src*="jquery"]');
     return Boolean(existingJqueryScript);
 }
-function resolveCspNonce(explicitNonce) {
-    if (explicitNonce)
-        return explicitNonce;
-    const scriptWithNonce = document.querySelector('script[nonce]');
-    if (scriptWithNonce?.nonce)
-        return scriptWithNonce.nonce;
-    const nonceMeta = document.querySelector('meta[name="csp-nonce"]');
-    return nonceMeta?.content || undefined;
-}
 function preventDuplicateValidationBootstrap(g) {
     const originalAppendValidation = g.AppendValidationJS;
     if (typeof originalAppendValidation !== 'function') {
@@ -293,14 +363,14 @@ async function initSiaraShield(options) {
         throw new Error('initSiaraShield: publicKey is required.');
     }
     pending = (async () => {
-        const cspNonce = resolveCspNonce(options.cspNonce);
+        const cspNonce = prepareScriptNonce(document, options.cspNonce);
         if ((options.loadJQuery ?? true) && !isJQueryAlreadyAvailable()) {
-            await loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });
+            await loadScript(document, JQUERY_FALLBACK_SRC, { nonce: cspNonce });
         }
-        await loadScript(CAPTCHA_SCRIPT_SRC, {
+        await loadScript(document, CAPTCHA_SCRIPT_SRC, {
             nonce: cspNonce,
         });
-        await loadScript(VALIDATION_SCRIPT_SRC, {
+        await loadScript(document, VALIDATION_SCRIPT_SRC, {
             nonce: cspNonce,
         });
         const g = getSiaraShieldGlobals();
@@ -361,8 +431,23 @@ const DATA = 'data:';
 const UNSAFE_INLINE = "'unsafe-inline'";
 const SCRIPT_HOSTS = ['https://embedcdn.mycybersiara.com', 'https://embed.mycybersiara.com'];
 const OPTIONAL_SCRIPT_HOSTS = ['https://ajax.googleapis.com'];
-const CONNECT_HOSTS = ['https://embed.mycybersiara.com'];
-const IMG_HOSTS = ['https://embed.mycybersiara.com'];
+const CONNECT_HOSTS = ['https://embed.mycybersiara.com', 'https://embedcdn.mycybersiara.com'];
+const STYLE_HOSTS = [
+    'https://embed.mycybersiara.com',
+    'https://mycybersiara.com',
+    'https://fonts.googleapis.com',
+    'https://cdnjs.cloudflare.com',
+];
+const FONT_HOSTS = [
+    'https://fonts.gstatic.com',
+    'https://mycybersiara.com',
+    'https://cdnjs.cloudflare.com',
+];
+const IMG_HOSTS = [
+    'https://embed.mycybersiara.com',
+    'https://embedcdn.mycybersiara.com',
+    'https://mycybersiara.com',
+];
 function unique(values) {
     return [...new Set(values.filter((value) => Boolean(value && value.trim())))];
 }
@@ -390,15 +475,18 @@ function parsePolicy(policy) {
 }
 function getSiaraShieldCspDirectives(options) {
     const includeGoogleApis = options?.includeGoogleApis ?? false;
+    const includeUnsafeInlineScript = options?.includeUnsafeInlineScript ?? true;
     const includeUnsafeInlineStyle = options?.includeUnsafeInlineStyle ?? true;
     const nonce = nonceSource(options?.nonce);
     const scriptHosts = includeGoogleApis ? [...SCRIPT_HOSTS, ...OPTIONAL_SCRIPT_HOSTS] : [...SCRIPT_HOSTS];
     return {
-        'script-src': unique([SELF, nonce, ...scriptHosts]),
+        'default-src': unique([SELF]),
+        'script-src': unique([SELF, nonce, ...scriptHosts, includeUnsafeInlineScript ? UNSAFE_INLINE : undefined]),
         'script-src-elem': unique([SELF, nonce, ...scriptHosts]),
         'connect-src': unique([SELF, ...CONNECT_HOSTS]),
         'img-src': unique([SELF, DATA, ...IMG_HOSTS]),
-        'style-src': unique([SELF, includeUnsafeInlineStyle ? UNSAFE_INLINE : undefined]),
+        'style-src': unique([SELF, includeUnsafeInlineStyle ? UNSAFE_INLINE : undefined, ...STYLE_HOSTS]),
+        'font-src': unique([SELF, ...FONT_HOSTS, DATA]),
     };
 }
 function getSiaraShieldCspPolicy(options) {

package/fesm2022/siarashield_workspace.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"siarashield_workspace.mjs","sources":["../../../projects/siarashield-workspace/src/lib/siara-shield.globals.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-loader.service.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.component.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-csp.ts","../../../projects/siarashield-workspace/src/public-api.ts","../../../projects/siarashield-workspace/src/siarashield_workspace.ts"],"sourcesContent":["export type InitCaptchaFn = (publicKey: string) => void;\nexport type CheckCaptchaFn = () => boolean;\n\nexport interface SiaraShieldGlobals {\n initCaptcha?: InitCaptchaFn;\n InitCaptcha?: InitCaptchaFn;\n CheckCaptcha?: CheckCaptchaFn;\n AppendValidationJS?: () => void;\n CyberSiaraToken?: string;\n jQuery?: unknown;\n $?: unknown;\n}\n\nexport function getSiaraShieldGlobals(): SiaraShieldGlobals {\n return (globalThis as unknown as { [k: string]: unknown }) as SiaraShieldGlobals;\n}\n\nexport function getInitCaptchaFn(g: SiaraShieldGlobals): InitCaptchaFn \| undefined {\n return g.initCaptcha ?? g.InitCaptcha;\n}\n","import { DOCUMENT } from '@angular/common';\nimport { Inject, Injectable } from '@angular/core';\n\ntype ScriptStatus = 'idle' \| 'loading' \| 'loaded' \| 'error';\n\nexport interface ScriptLoadOptions {\n nonce?: string;\n}\n\n@Injectable({ providedIn: 'root' })\nexport class SiaraShieldLoaderService {\n private statusBySrc = new Map<string, ScriptStatus>();\n private pendingBySrc = new Map<string, Promise<void>>();\n\n constructor(@Inject(DOCUMENT) private readonly document: Document) {}\n\n loadScript(src: string, options?: ScriptLoadOptions): Promise<void> {\n const existing = this.document.querySelector<HTMLScriptElement>(`script[src=\"${src}\"]`);\n if (existing) return Promise.resolve();\n\n const status = this.statusBySrc.get(src);\n if (status === 'loaded') return Promise.resolve();\n if (status === 'loading') {\n const pending = this.pendingBySrc.get(src);\n if (pending) return pending;\n }\n\n this.statusBySrc.set(src, 'loading');\n\n const pending = new Promise<void>((resolve, reject) => {\n const script = this.document.createElement('script');\n script.src = src;\n script.async = true;\n if (options?.nonce) {\n script.nonce = options.nonce;\n }\n script.onload = () => {\n this.statusBySrc.set(src, 'loaded');\n resolve();\n };\n script.onerror = () => {\n this.statusBySrc.set(src, 'error');\n reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));\n };\n this.document.head.appendChild(script);\n });\n\n this.pendingBySrc.set(src, pending);\n return pending;\n }\n}\n","import { AfterViewInit, Component, ElementRef, EventEmitter, Input, Output, ViewEncapsulation } from '@angular/core';\r\nimport { SiaraShieldLoaderService } from './siara-shield-loader.service';\r\nimport { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\r\n\r\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_SCRIPT_SRC = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';\nconst VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\r\nexport interface SiaraShieldInitOptions {\r\n /** SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. /\r\n publicKey: string;\r\n /* Loads jQuery before SiaraShield script. Default is true for easier integration. Set to false only if your page already includes jQuery. /\n loadJQuery?: boolean;\n /* CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. /\n cspNonce?: string;\n}\r\n\r\n@Component({\r\n selector: 'siara-shield',\r\n standalone: true,\r\n template: `<div class=\"SiaraShield\"></div>`,\r\n encapsulation: ViewEncapsulation.None,\r\n})\r\nexport class SiaraShieldComponent implements AfterViewInit {\n @Input({ required: true }) publicKey!: string;\r\n @Input() loadJQuery = true;\n @Input() cspNonce?: string;\n\r\n /\r\n Emits the current `CyberSiaraToken` right after a successful `checkCaptcha()`.\r\n /\r\n @Output() token = new EventEmitter<string>();\r\n\r\n private initialized = false;\r\n\r\n constructor(\n private readonly host: ElementRef<HTMLElement>,\n private readonly loader: SiaraShieldLoaderService,\n ) {}\n\r\n async ngAfterViewInit(): Promise<void> {\r\n await this.init({ publicKey: this.publicKey, loadJQuery: this.loadJQuery, cspNonce: this.cspNonce });\r\n }\r\n\r\n async init(options: SiaraShieldInitOptions): Promise<void> {\r\n if (this.initialized) return;\r\n\r\n // Ensure the host element is in DOM before scripts run.\r\n void this.host.nativeElement;\r\n\r\n if (!options.publicKey) {\r\n throw new Error('SiaraShieldComponent: publicKey is required.');\r\n }\r\n const cspNonce = this.resolveCspNonce(options.cspNonce);\r\n\r\n if ((options.loadJQuery ?? true) && !this.isJQueryAlreadyAvailable()) {\n await this.loader.loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });\n }\n\n await this.loader.loadScript(CAPTCHA_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n await this.loader.loadScript(VALIDATION_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n\n const g = getSiaraShieldGlobals();\n this.preventDuplicateValidationBootstrap(g);\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error(\n 'SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.',\n );\n }\n\r\n initCaptchaFn(options.publicKey);\r\n await this.waitForCheckCaptchaApi();\r\n this.initialized = true;\r\n }\r\n\r\n /\r\n Detect preloaded jQuery from global object or an existing script tag.\r\n /\r\n private isJQueryAlreadyAvailable(): boolean {\r\n const g = getSiaraShieldGlobals();\r\n if (typeof g.jQuery === 'function' \|\| typeof g.$ === 'function') {\r\n return true;\r\n }\r\n\r\n const existingJqueryScript = this.host.nativeElement.ownerDocument.querySelector<HTMLScriptElement>(\r\n 'script[src=\"jquery\"]',\r\n );\r\n return Boolean(existingJqueryScript);\r\n }\r\n\r\n /*\r\n Uses explicit nonce first. If not provided, tries to reuse nonce\r\n * from the first script tag or from `<meta name=\"csp-nonce\">`.\r\n /\r\n private resolveCspNonce(explicitNonce?: string): string \| undefined {\n if (explicitNonce) return explicitNonce;\r\n const doc = this.host.nativeElement.ownerDocument;\r\n const scriptWithNonce = doc.querySelector<HTMLScriptElement>('script[nonce]');\r\n if (scriptWithNonce?.nonce) return scriptWithNonce.nonce;\r\n\r\n const nonceMeta = doc.querySelector<HTMLMetaElement>('meta[name=\"csp-nonce\"]');\r\n return nonceMeta?.content \|\| undefined;\n }\n\n private preventDuplicateValidationBootstrap(g: ReturnType<typeof getSiaraShieldGlobals>): void {\n const originalAppendValidation = g.AppendValidationJS;\n if (typeof originalAppendValidation !== 'function') {\n return;\n }\n\n g.AppendValidationJS = () => {\n const existing = this.host.nativeElement.ownerDocument.querySelector<HTMLScriptElement>(\n `script[src=\"${VALIDATION_SCRIPT_SRC}\"]`,\n );\n if (existing) {\n return;\n }\n\n originalAppendValidation();\n };\n }\n\r\n private async waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\r\n const startedAt = Date.now();\r\n while (Date.now() - startedAt < timeoutMs) {\r\n if (getSiaraShieldGlobals().CheckCaptcha) {\r\n return;\r\n }\r\n await new Promise((resolve) => setTimeout(resolve, 100));\r\n }\r\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');\n }\n\r\n /\r\n Calls the global `CheckCaptcha()` from SiaraShield script.\r\n * Returns true when captcha is valid; emits token if available.\r\n /\r\n checkCaptcha(): boolean {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did init() run, and is CSP allowing the captcha scripts?');\n }\n\r\n const ok = g.CheckCaptcha();\r\n if (ok && typeof g.CyberSiaraToken === 'string') {\r\n this.token.emit(g.CyberSiaraToken);\r\n }\r\n return ok;\r\n }\r\n\r\n /\r\n Async-friendly captcha validation to avoid first-click timing issues.\r\n * Retries briefly until token/check API settles.\r\n /\r\n async checkCaptchaAsync(options?: { timeoutMs?: number; pollIntervalMs?: number }): Promise<boolean> {\r\n const timeoutMs = options?.timeoutMs ?? 2000;\r\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\r\n const startedAt = Date.now();\r\n\r\n if (this.checkCaptcha()) {\r\n return true;\r\n }\r\n\r\n while (Date.now() - startedAt < timeoutMs) {\r\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\r\n if (this.checkCaptcha()) {\r\n return true;\r\n }\r\n }\r\n\r\n return false;\r\n }\r\n}\r\n\r\n","import { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\r\n\r\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_SCRIPT_SRC = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';\nconst VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\r\nexport interface InitSiaraShieldOptions {\n /* SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. /\n publicKey: string;\n /\n Loads jQuery before SiaraShield script.\n * Default is true for easier integration.\n * Set to false only if your site/app already loads jQuery.\n /\n loadJQuery?: boolean;\n /* CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. /\n cspNonce?: string;\n}\n\r\nlet pending: Promise<void> \| null = null;\r\nlet initialized = false;\r\n\r\nfunction loadScript(src: string, options?: { nonce?: string }): Promise<void> {\n const existing = document.querySelector<HTMLScriptElement>(`script[src=\"${src}\"]`);\n if (existing) return Promise.resolve();\n\n return new Promise<void>((resolve, reject) => {\n const script = document.createElement('script');\n script.src = src;\n script.async = true;\n if (options?.nonce) {\n script.nonce = options.nonce;\n }\n script.onload = () => resolve();\n script.onerror = () =>\n reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));\n document.head.appendChild(script);\n });\n}\n\r\nfunction isJQueryAlreadyAvailable(): boolean {\n const g = getSiaraShieldGlobals();\n if (typeof g.jQuery === 'function' \|\| typeof g.$ === 'function') {\n return true;\n }\n\r\n const existingJqueryScript = document.querySelector<HTMLScriptElement>('script[src=\"jquery\"]');\n return Boolean(existingJqueryScript);\n}\n\nfunction resolveCspNonce(explicitNonce?: string): string \| undefined {\n if (explicitNonce) return explicitNonce;\n\n const scriptWithNonce = document.querySelector<HTMLScriptElement>('script[nonce]');\n if (scriptWithNonce?.nonce) return scriptWithNonce.nonce;\n\n const nonceMeta = document.querySelector<HTMLMetaElement>('meta[name=\"csp-nonce\"]');\n return nonceMeta?.content \|\| undefined;\n}\n\nfunction preventDuplicateValidationBootstrap(g: ReturnType<typeof getSiaraShieldGlobals>): void {\n const originalAppendValidation = g.AppendValidationJS;\n if (typeof originalAppendValidation !== 'function') {\n return;\n }\n\n g.AppendValidationJS = () => {\n const existing = document.querySelector<HTMLScriptElement>(`script[src=\"${VALIDATION_SCRIPT_SRC}\"]`);\n if (existing) {\n return;\n }\n\n originalAppendValidation();\n };\n}\n\r\nasync function waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\n const startedAt = Date.now();\n while (Date.now() - startedAt < timeoutMs) {\n if (getSiaraShieldGlobals().CheckCaptcha) {\n return;\n }\r\n await new Promise((resolve) => setTimeout(resolve, 100));\r\n }\r\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');\n}\n\r\n/*\r\n Drop-in initializer for SiaraShield.\r\n * - Loads required scripts (optionally jQuery)\r\n * - Calls global `initCaptcha(publicKey)`\r\n \r\n Requirements in your HTML/template:\r\n * - You must render: `<div class=\"SiaraShield\"></div>`\r\n /\r\nexport async function initSiaraShield(options: InitSiaraShieldOptions): Promise<void> {\r\n if (initialized) return;\r\n if (pending) return pending;\r\n\r\n if (!options?.publicKey) {\r\n throw new Error('initSiaraShield: publicKey is required.');\r\n }\r\n\r\n pending = (async () => {\n const cspNonce = resolveCspNonce(options.cspNonce);\n\n if ((options.loadJQuery ?? true) && !isJQueryAlreadyAvailable()) {\n await loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });\n }\n\n await loadScript(CAPTCHA_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n await loadScript(VALIDATION_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n\n const g = getSiaraShieldGlobals();\n preventDuplicateValidationBootstrap(g);\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error(\n 'SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.',\n );\n }\n\r\n initCaptchaFn(options.publicKey);\r\n await waitForCheckCaptchaApi();\r\n initialized = true;\r\n })();\r\n\r\n try {\r\n await pending;\r\n } finally {\r\n // keep `pending` cached for subsequent callers\r\n }\r\n}\r\n\r\n/\r\n Calls global `CheckCaptcha()` and returns its boolean result.\r\n * If successful, returns `{ ok: true, token?: string }`.\r\n /\r\nexport function checkSiaraShieldCaptcha(): { ok: boolean; token?: string } {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did initSiaraShield() run, and is CSP allowing the captcha scripts?');\n }\n\r\n const ok = g.CheckCaptcha();\r\n const token = typeof g.CyberSiaraToken === 'string' ? g.CyberSiaraToken : undefined;\r\n return ok ? { ok: true, token } : { ok: false };\r\n}\r\n\r\n/\r\n Async-friendly captcha check to handle delayed token population.\r\n /\r\nexport async function checkSiaraShieldCaptchaAsync(options?: {\r\n timeoutMs?: number;\r\n pollIntervalMs?: number;\r\n}): Promise<{ ok: boolean; token?: string }> {\r\n const timeoutMs = options?.timeoutMs ?? 1200;\r\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\r\n const firstCheck = checkSiaraShieldCaptcha(); // one API call only\r\n if (!firstCheck.ok) return firstCheck;\r\n if (firstCheck.token) return firstCheck;\r\n\r\n const startedAt = Date.now();\r\n // Token can be assigned slightly after successful verification.\r\n while (Date.now() - startedAt < timeoutMs) {\r\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\r\n const token = getSiaraShieldGlobals().CyberSiaraToken;\r\n if (typeof token === 'string' && token.length > 0) {\r\n return { ok: true, token };\r\n }\r\n }\r\n\r\n return { ok: true };\r\n}\r\n\r\n","export interface SiaraShieldCspOptions {\n /* Server-generated nonce value without the `'nonce-'` prefix. /\n nonce?: string;\n /* Optional if the customer still loads jQuery from Google's CDN. /\n includeGoogleApis?: boolean;\n /* Keep `style-src 'unsafe-inline'` for current vendor markup/styles. /\n includeUnsafeInlineStyle?: boolean;\n}\n\nexport type SiaraShieldCspDirectives = Record<string, string[]>;\n\nconst SELF = \"'self'\";\nconst DATA = 'data:';\nconst UNSAFE_INLINE = \"'unsafe-inline'\";\n\nconst SCRIPT_HOSTS = ['https://embedcdn.mycybersiara.com', 'https://embed.mycybersiara.com'] as const;\nconst OPTIONAL_SCRIPT_HOSTS = ['https://ajax.googleapis.com'] as const;\nconst CONNECT_HOSTS = ['https://embed.mycybersiara.com'] as const;\nconst IMG_HOSTS = ['https://embed.mycybersiara.com'] as const;\n\nfunction unique(values: Array<string \| undefined>): string[] {\n return [...new Set(values.filter((value): value is string => Boolean(value && value.trim())))];\n}\n\nfunction nonceSource(nonce?: string): string \| undefined {\n return nonce ? `'nonce-${nonce}'` : undefined;\n}\n\nfunction serializeDirective(name: string, values: string[]): string {\n return values.length > 0 ? `${name} ${values.join(' ')}` : name;\n}\n\nfunction parsePolicy(policy: string): Map<string, string[]> {\n const directives = new Map<string, string[]>();\n\n for (const rawDirective of policy.split(';')) {\n const directive = rawDirective.trim();\n if (!directive) {\n continue;\n }\n\n const parts = directive.split(/\\s+/).filter(Boolean);\n const [name, ...values] = parts;\n if (!name) {\n continue;\n }\n\n directives.set(name, values);\n }\n\n return directives;\n}\n\nexport function getSiaraShieldCspDirectives(options?: SiaraShieldCspOptions): SiaraShieldCspDirectives {\n const includeGoogleApis = options?.includeGoogleApis ?? false;\n const includeUnsafeInlineStyle = options?.includeUnsafeInlineStyle ?? true;\n const nonce = nonceSource(options?.nonce);\n const scriptHosts = includeGoogleApis ? [...SCRIPT_HOSTS, ...OPTIONAL_SCRIPT_HOSTS] : [...SCRIPT_HOSTS];\n\n return {\n 'script-src': unique([SELF, nonce, ...scriptHosts]),\n 'script-src-elem': unique([SELF, nonce, ...scriptHosts]),\n 'connect-src': unique([SELF, ...CONNECT_HOSTS]),\n 'img-src': unique([SELF, DATA, ...IMG_HOSTS]),\n 'style-src': unique([SELF, includeUnsafeInlineStyle ? UNSAFE_INLINE : undefined]),\n };\n}\n\nexport function getSiaraShieldCspPolicy(options?: SiaraShieldCspOptions): string {\n return Object.entries(getSiaraShieldCspDirectives(options))\n .map(([name, values]) => serializeDirective(name, values))\n .join('; ');\n}\n\nexport function mergeSiaraShieldCspPolicy(existingPolicy: string, options?: SiaraShieldCspOptions): string {\n const directives = parsePolicy(existingPolicy);\n const recommended = getSiaraShieldCspDirectives(options);\n\n for (const [name, values] of Object.entries(recommended)) {\n directives.set(name, unique([...(directives.get(name) ?? []), ...values]));\n }\n\n return [...directives.entries()]\n .map(([name, values]) => serializeDirective(name, values))\n .join('; ');\n}\n","/\n * Public API Surface of siarashield-workspace\n /\n\nexport from './lib/siarashield-workspace';\nexport * from './lib/siara-shield.component';\nexport * from './lib/siara-shield-loader.service';\nexport * from './lib/siara-shield.globals';\nexport * from './lib/siara-shield';\nexport * from './lib/siara-shield-csp';\n","/*\n Generated bundle index. Do not edit.\n /\n\nexport from './public-api';\n"],"names":["JQUERY_FALLBACK_SRC","CAPTCHA_SCRIPT_SRC","VALIDATION_SCRIPT_SRC","CAPTCHA_READY_TIMEOUT_MS","i1.SiaraShieldLoaderService"],"mappings":";;;;SAagB,qBAAqB,GAAA;AACnC,IAAA,OAAQ,UAAwE;AAClF;AAEM,SAAU,gBAAgB,CAAC,CAAqB,EAAA;AACpD,IAAA,OAAO,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,WAAW;AACvC;;MCTa,wBAAwB,CAAA;AAIY,IAAA,QAAA;AAHvC,IAAA,WAAW,GAAG,IAAI,GAAG,EAAwB;AAC7C,IAAA,YAAY,GAAG,IAAI,GAAG,EAAyB;AAEvD,IAAA,WAAA,CAA+C,QAAkB,EAAA;QAAlB,IAAA,CAAA,QAAQ,GAAR,QAAQ;IAAa;IAEpE,UAAU,CAAC,GAAW,EAAE,OAA2B,EAAA;AACjD,QAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,GAAG,CAAA,EAAA,CAAI,CAAC;AACvF,QAAA,IAAI,QAAQ;AAAE,YAAA,OAAO,OAAO,CAAC,OAAO,EAAE;QAEtC,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC;QACxC,IAAI,MAAM,KAAK,QAAQ;AAAE,YAAA,OAAO,OAAO,CAAC,OAAO,EAAE;AACjD,QAAA,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC;AAC1C,YAAA,IAAI,OAAO;AAAE,gBAAA,OAAO,OAAO;QAC7B;QAEA,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC;QAEpC,MAAM,OAAO,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,KAAI;YACpD,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC;AACpD,YAAA,MAAM,CAAC,GAAG,GAAG,GAAG;AAChB,YAAA,MAAM,CAAC,KAAK,GAAG,IAAI;AACnB,YAAA,IAAI,OAAO,EAAE,KAAK,EAAE;AAClB,gBAAA,MAAM,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK;YAC9B;AACA,YAAA,MAAM,CAAC,MAAM,GAAG,MAAK;gBACnB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC;AACnC,gBAAA,OAAO,EAAE;AACX,YAAA,CAAC;AACD,YAAA,MAAM,CAAC,OAAO,GAAG,MAAK;gBACpB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;gBAClC,MAAM,CAAC,IAAI,KAAK,CAAC,0BAA0B,GAAG,CAAA,8CAAA,CAAgD,CAAC,CAAC;AAClG,YAAA,CAAC;YACD,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;AACxC,QAAA,CAAC,CAAC;QAEF,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;AACnC,QAAA,OAAO,OAAO;IAChB;AAvCW,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,kBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,kBAIf,QAAQ,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;AAJjB,IAAA,OAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,cADX,MAAM,EAAA,CAAA;;2FACnB,wBAAwB,EAAA,UAAA,EAAA,CAAA;kBADpC,UAAU;mBAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;0BAKnB,MAAM;2BAAC,QAAQ;;;ACV9B,MAAMA,qBAAmB,GAAG,kEAAkE;AAC9F,MAAMC,oBAAkB,GAAG,sEAAsE;AACjG,MAAMC,uBAAqB,GAAG,yEAAyE;AACvG,MAAMC,0BAAwB,GAAG,IAAI;MAiBxB,oBAAoB,CAAA;AAaZ,IAAA,IAAA;AACA,IAAA,MAAA;AAbQ,IAAA,SAAS;IAC3B,UAAU,GAAG,IAAI;AACjB,IAAA,QAAQ;AAEjB;;AAEG;AACO,IAAA,KAAK,GAAG,IAAI,YAAY,EAAU;IAEpC,WAAW,GAAG,KAAK;IAE3B,WAAA,CACmB,IAA6B,EAC7B,MAAgC,EAAA;QADhC,IAAA,CAAA,IAAI,GAAJ,IAAI;QACJ,IAAA,CAAA,MAAM,GAAN,MAAM;IACtB;AAEH,IAAA,MAAM,eAAe,GAAA;QACnB,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;IACtG;IAEA,MAAM,IAAI,CAAC,OAA+B,EAAA;QACxC,IAAI,IAAI,CAAC,WAAW;YAAE;;AAGtB,QAAA,KAAK,IAAI,CAAC,IAAI,CAAC,aAAa;AAE5B,QAAA,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE;AACtB,YAAA,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC;QACjE;QACA,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC;AAEvD,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE;AACpE,YAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACH,qBAAmB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QACxE;AAEA,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACC,oBAAkB,EAAE;AAC/C,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AACF,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACC,uBAAqB,EAAE;AAClD,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,CAAC,mCAAmC,CAAC,CAAC,CAAC;AAC3C,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CACb,kIAAkI,CACnI;QACH;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;AAChC,QAAA,MAAM,IAAI,CAAC,sBAAsB,EAAE;AACnC,QAAA,IAAI,CAAC,WAAW,GAAG,IAAI;IACzB;AAEA;;AAEG;IACK,wBAAwB,GAAA;AAC9B,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,YAAA,OAAO,IAAI;QACb;AAEA,QAAA,MAAM,oBAAoB,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,aAAa,CAC9E,uBAAuB,CACxB;AACD,QAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;IACtC;AAEA;;;AAGG;AACK,IAAA,eAAe,CAAC,aAAsB,EAAA;AAC5C,QAAA,IAAI,aAAa;AAAE,YAAA,OAAO,aAAa;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa;QACjD,MAAM,eAAe,GAAG,GAAG,CAAC,aAAa,CAAoB,eAAe,CAAC;QAC7E,IAAI,eAAe,EAAE,KAAK;YAAE,OAAO,eAAe,CAAC,KAAK;QAExD,MAAM,SAAS,GAAG,GAAG,CAAC,aAAa,CAAkB,wBAAwB,CAAC;AAC9E,QAAA,OAAO,SAAS,EAAE,OAAO,IAAI,SAAS;IACxC;AAEQ,IAAA,mCAAmC,CAAC,CAA2C,EAAA;AACrF,QAAA,MAAM,wBAAwB,GAAG,CAAC,CAAC,kBAAkB;AACrD,QAAA,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE;YAClD;QACF;AAEA,QAAA,CAAC,CAAC,kBAAkB,GAAG,MAAK;AAC1B,YAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,aAAa,CAClE,CAAA,YAAA,EAAeA,uBAAqB,CAAA,EAAA,CAAI,CACzC;YACD,IAAI,QAAQ,EAAE;gBACZ;YACF;AAEA,YAAA,wBAAwB,EAAE;AAC5B,QAAA,CAAC;IACH;AAEQ,IAAA,MAAM,sBAAsB,CAAC,SAAS,GAAGC,0BAAwB,EAAA;AACvE,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;QAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;gBACxC;YACF;AACA,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC1D;AACA,QAAA,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC;IACvI;AAEA;;;AAGG;IACH,YAAY,GAAA;AACV,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,YAAA,MAAM,IAAI,KAAK,CAAC,wGAAwG,CAAC;QAC3H;AAEA,QAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;QAC3B,IAAI,EAAE,IAAI,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,EAAE;YAC/C,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC;QACpC;AACA,QAAA,OAAO,EAAE;IACX;AAEA;;;AAGG;IACH,MAAM,iBAAiB,CAAC,OAAyD,EAAA;AAC/E,QAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,QAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;AAE5B,QAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,YAAA,OAAO,IAAI;QACb;QAEA,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,YAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,gBAAA,OAAO,IAAI;YACb;QACF;AAEA,QAAA,OAAO,KAAK;IACd;uGAzJW,oBAAoB,EAAA,IAAA,EAAA,CAAA,EAAA,KAAA,EAAA,EAAA,CAAA,UAAA,EAAA,EAAA,EAAA,KAAA,EAAAC,wBAAA,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA;AAApB,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,oBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,IAAA,EAAA,oBAAoB,yLAHrB,CAAA,+BAAA,CAAiC,EAAA,QAAA,EAAA,IAAA,EAAA,aAAA,EAAA,EAAA,CAAA,iBAAA,CAAA,IAAA,EAAA,CAAA;;2FAGhC,oBAAoB,EAAA,UAAA,EAAA,CAAA;kBANhC,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,QAAQ,EAAE,cAAc;AACxB,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,CAAA,+BAAA,CAAiC;oBAC3C,aAAa,EAAE,iBAAiB,CAAC,IAAI;AACtC,iBAAA;;sBAEE,KAAK;uBAAC,EAAE,QAAQ,EAAE,IAAI,EAAE;;sBACxB;;sBACA;;sBAKA;;;AC9BH,MAAM,mBAAmB,GAAG,kEAAkE;AAC9F,MAAM,kBAAkB,GAAG,sEAAsE;AACjG,MAAM,qBAAqB,GAAG,yEAAyE;AACvG,MAAM,wBAAwB,GAAG,IAAI;AAerC,IAAI,OAAO,GAAyB,IAAI;AACxC,IAAI,WAAW,GAAG,KAAK;AAEvB,SAAS,UAAU,CAAC,GAAW,EAAE,OAA4B,EAAA;IAC3D,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,GAAG,CAAA,EAAA,CAAI,CAAC;AAClF,IAAA,IAAI,QAAQ;AAAE,QAAA,OAAO,OAAO,CAAC,OAAO,EAAE;IAEtC,OAAO,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,KAAI;QAC3C,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC;AAC/C,QAAA,MAAM,CAAC,GAAG,GAAG,GAAG;AAChB,QAAA,MAAM,CAAC,KAAK,GAAG,IAAI;AACnB,QAAA,IAAI,OAAO,EAAE,KAAK,EAAE;AAClB,YAAA,MAAM,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK;QAC9B;QACA,MAAM,CAAC,MAAM,GAAG,MAAM,OAAO,EAAE;AAC/B,QAAA,MAAM,CAAC,OAAO,GAAG,MACf,MAAM,CAAC,IAAI,KAAK,CAAC,CAAA,uBAAA,EAA0B,GAAG,CAAA,8CAAA,CAAgD,CAAC,CAAC;AAClG,QAAA,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;AACnC,IAAA,CAAC,CAAC;AACJ;AAEA,SAAS,wBAAwB,GAAA;AAC/B,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,QAAA,OAAO,IAAI;IACb;IAEA,MAAM,oBAAoB,GAAG,QAAQ,CAAC,aAAa,CAAoB,uBAAuB,CAAC;AAC/F,IAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;AACtC;AAEA,SAAS,eAAe,CAAC,aAAsB,EAAA;AAC7C,IAAA,IAAI,aAAa;AAAE,QAAA,OAAO,aAAa;IAEvC,MAAM,eAAe,GAAG,QAAQ,CAAC,aAAa,CAAoB,eAAe,CAAC;IAClF,IAAI,eAAe,EAAE,KAAK;QAAE,OAAO,eAAe,CAAC,KAAK;IAExD,MAAM,SAAS,GAAG,QAAQ,CAAC,aAAa,CAAkB,wBAAwB,CAAC;AACnF,IAAA,OAAO,SAAS,EAAE,OAAO,IAAI,SAAS;AACxC;AAEA,SAAS,mCAAmC,CAAC,CAA2C,EAAA;AACtF,IAAA,MAAM,wBAAwB,GAAG,CAAC,CAAC,kBAAkB;AACrD,IAAA,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE;QAClD;IACF;AAEA,IAAA,CAAC,CAAC,kBAAkB,GAAG,MAAK;QAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,qBAAqB,CAAA,EAAA,CAAI,CAAC;QACpG,IAAI,QAAQ,EAAE;YACZ;QACF;AAEA,QAAA,wBAAwB,EAAE;AAC5B,IAAA,CAAC;AACH;AAEA,eAAe,sBAAsB,CAAC,SAAS,GAAG,wBAAwB,EAAA;AACxE,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;IAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;YACxC;QACF;AACA,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAC1D;AACA,IAAA,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC;AACvI;AAEA;;;;;;;AAOG;AACI,eAAe,eAAe,CAAC,OAA+B,EAAA;AACnE,IAAA,IAAI,WAAW;QAAE;AACjB,IAAA,IAAI,OAAO;AAAE,QAAA,OAAO,OAAO;AAE3B,IAAA,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE;AACvB,QAAA,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC;IAC5D;AAEA,IAAA,OAAO,GAAG,CAAC,YAAW;QACpB,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC;AAElD,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,wBAAwB,EAAE,EAAE;YAC/D,MAAM,UAAU,CAAC,mBAAmB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QAC5D;QAEA,MAAM,UAAU,CAAC,kBAAkB,EAAE;AACnC,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;QACF,MAAM,UAAU,CAAC,qBAAqB,EAAE;AACtC,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;QACjC,mCAAmC,CAAC,CAAC,CAAC;AACtC,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CACb,kIAAkI,CACnI;QACH;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;QAChC,MAAM,sBAAsB,EAAE;QAC9B,WAAW,GAAG,IAAI;IACpB,CAAC,GAAG;AAEJ,IAAA,IAAI;AACF,QAAA,MAAM,OAAO;IACf;YAAU;;IAEV;AACF;AAEA;;;AAGG;SACa,uBAAuB,GAAA;AACrC,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,QAAA,MAAM,IAAI,KAAK,CAAC,mHAAmH,CAAC;IACtI;AAEA,IAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;AAC3B,IAAA,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,GAAG,CAAC,CAAC,eAAe,GAAG,SAAS;AACnF,IAAA,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE;AACjD;AAEA;;AAEG;AACI,eAAe,4BAA4B,CAAC,OAGlD,EAAA;AACC,IAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,IAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,IAAA,MAAM,UAAU,GAAG,uBAAuB,EAAE,CAAC;IAC7C,IAAI,CAAC,UAAU,CAAC,EAAE;AAAE,QAAA,OAAO,UAAU;IACrC,IAAI,UAAU,CAAC,KAAK;AAAE,QAAA,OAAO,UAAU;AAEvC,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;;IAE5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,QAAA,MAAM,KAAK,GAAG,qBAAqB,EAAE,CAAC,eAAe;QACrD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;AACjD,YAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;QAC5B;IACF;AAEA,IAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE;AACrB;;ACvKA,MAAM,IAAI,GAAG,QAAQ;AACrB,MAAM,IAAI,GAAG,OAAO;AACpB,MAAM,aAAa,GAAG,iBAAiB;AAEvC,MAAM,YAAY,GAAG,CAAC,mCAAmC,EAAE,gCAAgC,CAAU;AACrG,MAAM,qBAAqB,GAAG,CAAC,6BAA6B,CAAU;AACtE,MAAM,aAAa,GAAG,CAAC,gCAAgC,CAAU;AACjE,MAAM,SAAS,GAAG,CAAC,gCAAgC,CAAU;AAE7D,SAAS,MAAM,CAAC,MAAiC,EAAA;IAC/C,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,KAAsB,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAChG;AAEA,SAAS,WAAW,CAAC,KAAc,EAAA;IACjC,OAAO,KAAK,GAAG,CAAA,OAAA,EAAU,KAAK,CAAA,CAAA,CAAG,GAAG,SAAS;AAC/C;AAEA,SAAS,kBAAkB,CAAC,IAAY,EAAE,MAAgB,EAAA;IACxD,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,GAAG,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI;AACjE;AAEA,SAAS,WAAW,CAAC,MAAc,EAAA;AACjC,IAAA,MAAM,UAAU,GAAG,IAAI,GAAG,EAAoB;IAE9C,KAAK,MAAM,YAAY,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;AAC5C,QAAA,MAAM,SAAS,GAAG,YAAY,CAAC,IAAI,EAAE;QACrC,IAAI,CAAC,SAAS,EAAE;YACd;QACF;AAEA,QAAA,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC;QACpD,MAAM,CAAC,IAAI,EAAE,GAAG,MAAM,CAAC,GAAG,KAAK;QAC/B,IAAI,CAAC,IAAI,EAAE;YACT;QACF;AAEA,QAAA,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC;IAC9B;AAEA,IAAA,OAAO,UAAU;AACnB;AAEM,SAAU,2BAA2B,CAAC,OAA+B,EAAA;AACzE,IAAA,MAAM,iBAAiB,GAAG,OAAO,EAAE,iBAAiB,IAAI,KAAK;AAC7D,IAAA,MAAM,wBAAwB,GAAG,OAAO,EAAE,wBAAwB,IAAI,IAAI;IAC1E,MAAM,KAAK,GAAG,WAAW,CAAC,OAAO,EAAE,KAAK,CAAC;IACzC,MAAM,WAAW,GAAG,iBAAiB,GAAG,CAAC,GAAG,YAAY,EAAE,GAAG,qBAAqB,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;IAEvG,OAAO;QACL,YAAY,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,CAAC,CAAC;QACnD,iBAAiB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,CAAC,CAAC;QACxD,aAAa,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,aAAa,CAAC,CAAC;QAC/C,SAAS,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,SAAS,CAAC,CAAC;AAC7C,QAAA,WAAW,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,wBAAwB,GAAG,aAAa,GAAG,SAAS,CAAC,CAAC;KAClF;AACH;AAEM,SAAU,uBAAuB,CAAC,OAA+B,EAAA;IACrE,OAAO,MAAM,CAAC,OAAO,CAAC,2BAA2B,CAAC,OAAO,CAAC;AACvD,SAAA,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC;SACxD,IAAI,CAAC,IAAI,CAAC;AACf;AAEM,SAAU,yBAAyB,CAAC,cAAsB,EAAE,OAA+B,EAAA;AAC/F,IAAA,MAAM,UAAU,GAAG,WAAW,CAAC,cAAc,CAAC;AAC9C,IAAA,MAAM,WAAW,GAAG,2BAA2B,CAAC,OAAO,CAAC;AAExD,IAAA,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE;QACxD,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC;IAC5E;AAEA,IAAA,OAAO,CAAC,GAAG,UAAU,CAAC,OAAO,EAAE;AAC5B,SAAA,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC;SACxD,IAAI,CAAC,IAAI,CAAC;AACf;;ACrFA;;AAEG;;ACFH;;AAEG;;;;"}
1	+ {"version":3,"file":"siarashield_workspace.mjs","sources":["../../../projects/siarashield-workspace/src/lib/siara-shield.globals.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-script-utils.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-loader.service.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.component.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-csp.ts","../../../projects/siarashield-workspace/src/public-api.ts","../../../projects/siarashield-workspace/src/siarashield_workspace.ts"],"sourcesContent":["export type InitCaptchaFn = (publicKey: string) => void;\nexport type CheckCaptchaFn = () => boolean;\n\nexport interface SiaraShieldGlobals {\n initCaptcha?: InitCaptchaFn;\n InitCaptcha?: InitCaptchaFn;\n CheckCaptcha?: CheckCaptchaFn;\n AppendValidationJS?: () => void;\n CyberSiaraToken?: string;\n jQuery?: unknown;\n $?: unknown;\n}\n\nexport function getSiaraShieldGlobals(): SiaraShieldGlobals {\n return (globalThis as unknown as { [k: string]: unknown }) as SiaraShieldGlobals;\n}\n\nexport function getInitCaptchaFn(g: SiaraShieldGlobals): InitCaptchaFn \| undefined {\n return g.initCaptcha ?? g.InitCaptcha;\n}\n","type ScriptStatus = 'loading' \| 'loaded' \| 'error';\n\nexport interface ScriptLoadOptions {\n nonce?: string;\n}\n\ninterface DynamicScriptNoncePatchState {\n nonceByDocument: WeakMap<Document, string>;\n patched: boolean;\n}\n\nconst SCRIPT_STATUS_BY_DOCUMENT = new WeakMap<Document, Map<string, ScriptStatus>>();\nconst SCRIPT_PENDING_BY_DOCUMENT = new WeakMap<Document, Map<string, Promise<void>>>();\nconst DYNAMIC_SCRIPT_NONCE_STATE_KEY = '__siaraShieldDynamicScriptNonceState__';\n\nfunction getStatusBySrc(documentRef: Document): Map<string, ScriptStatus> {\n let statusBySrc = SCRIPT_STATUS_BY_DOCUMENT.get(documentRef);\n if (!statusBySrc) {\n statusBySrc = new Map<string, ScriptStatus>();\n SCRIPT_STATUS_BY_DOCUMENT.set(documentRef, statusBySrc);\n }\n\n return statusBySrc;\n}\n\nfunction getPendingBySrc(documentRef: Document): Map<string, Promise<void>> {\n let pendingBySrc = SCRIPT_PENDING_BY_DOCUMENT.get(documentRef);\n if (!pendingBySrc) {\n pendingBySrc = new Map<string, Promise<void>>();\n SCRIPT_PENDING_BY_DOCUMENT.set(documentRef, pendingBySrc);\n }\n\n return pendingBySrc;\n}\n\nfunction getDynamicScriptNoncePatchState(): DynamicScriptNoncePatchState {\n const globalState = globalThis as typeof globalThis & {\n [DYNAMIC_SCRIPT_NONCE_STATE_KEY]?: DynamicScriptNoncePatchState;\n };\n\n if (!globalState[DYNAMIC_SCRIPT_NONCE_STATE_KEY]) {\n globalState[DYNAMIC_SCRIPT_NONCE_STATE_KEY] = {\n nonceByDocument: new WeakMap<Document, string>(),\n patched: false,\n };\n }\n\n return globalState[DYNAMIC_SCRIPT_NONCE_STATE_KEY];\n}\n\nfunction normalizeNonce(nonce?: string \| null): string \| undefined {\n const trimmed = nonce?.trim();\n return trimmed ? trimmed : undefined;\n}\n\nfunction isScriptElement(node: Node): node is HTMLScriptElement {\n return node instanceof Element && node.tagName.toLowerCase() === 'script';\n}\n\nexport function applyScriptNonce(script: HTMLScriptElement, nonce?: string): void {\n const resolvedNonce = normalizeNonce(nonce);\n if (!resolvedNonce) {\n return;\n }\n\n script.setAttribute('nonce', resolvedNonce);\n script.nonce = resolvedNonce;\n}\n\nfunction applyTrackedNonce(node: Node): void {\n if (!isScriptElement(node)) {\n return;\n }\n\n const documentRef = node.ownerDocument;\n if (!documentRef) {\n return;\n }\n\n const nonce = getDynamicScriptNoncePatchState().nonceByDocument.get(documentRef);\n applyScriptNonce(node, nonce);\n}\n\nfunction patchDynamicScriptInsertion(): void {\n const patchState = getDynamicScriptNoncePatchState();\n if (patchState.patched) {\n return;\n }\n\n const originalAppendChild = Node.prototype.appendChild;\n const originalInsertBefore = Node.prototype.insertBefore;\n const originalReplaceChild = Node.prototype.replaceChild;\n\n Node.prototype.appendChild = function <T extends Node>(node: T): T {\n applyTrackedNonce(node);\n return originalAppendChild.call(this, node) as T;\n };\n\n Node.prototype.insertBefore = function <T extends Node>(node: T, child: Node \| null): T {\n applyTrackedNonce(node);\n return originalInsertBefore.call(this, node, child) as T;\n };\n\n Node.prototype.replaceChild = function <T extends Node>(node: Node, child: T): T {\n applyTrackedNonce(node);\n return originalReplaceChild.call(this, node, child) as T;\n };\n\n patchState.patched = true;\n}\n\nexport function resolveCspNonce(documentRef: Document, explicitNonce?: string): string \| undefined {\n const resolvedExplicitNonce = normalizeNonce(explicitNonce);\n if (resolvedExplicitNonce) {\n return resolvedExplicitNonce;\n }\n\n const scriptWithNonce = documentRef.querySelector<HTMLScriptElement>('script[nonce]');\n const nonceFromScript = normalizeNonce(scriptWithNonce?.getAttribute('nonce') ?? scriptWithNonce?.nonce);\n if (nonceFromScript) {\n return nonceFromScript;\n }\n\n const nonceMeta = documentRef.querySelector<HTMLMetaElement>('meta[name=\"csp-nonce\"]');\n return normalizeNonce(nonceMeta?.content);\n}\n\nexport function prepareScriptNonce(documentRef: Document, explicitNonce?: string): string \| undefined {\n const resolvedNonce = resolveCspNonce(documentRef, explicitNonce);\n const patchState = getDynamicScriptNoncePatchState();\n\n patchDynamicScriptInsertion();\n\n if (resolvedNonce) {\n patchState.nonceByDocument.set(documentRef, resolvedNonce);\n } else {\n patchState.nonceByDocument.delete(documentRef);\n }\n\n return resolvedNonce;\n}\n\nexport function loadScript(documentRef: Document, src: string, options?: ScriptLoadOptions): Promise<void> {\n const nonce = prepareScriptNonce(documentRef, options?.nonce);\n const statusBySrc = getStatusBySrc(documentRef);\n const pendingBySrc = getPendingBySrc(documentRef);\n const existing = documentRef.querySelector<HTMLScriptElement>(`script[src=\"${src}\"]`);\n\n if (existing) {\n applyScriptNonce(existing, nonce);\n const status = statusBySrc.get(src);\n if (status === 'loaded') {\n return Promise.resolve();\n }\n\n const pending = pendingBySrc.get(src);\n if (pending) {\n return pending;\n }\n\n return Promise.resolve();\n }\n\n statusBySrc.set(src, 'loading');\n\n const pending = new Promise<void>((resolve, reject) => {\n const script = documentRef.createElement('script');\n script.src = src;\n script.async = true;\n applyScriptNonce(script, nonce);\n script.onload = () => {\n statusBySrc.set(src, 'loaded');\n pendingBySrc.delete(src);\n resolve();\n };\n script.onerror = () => {\n statusBySrc.set(src, 'error');\n pendingBySrc.delete(src);\n reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));\n };\n documentRef.head.appendChild(script);\n });\n\n pendingBySrc.set(src, pending);\n return pending;\n}\n","import { DOCUMENT } from '@angular/common';\nimport { Inject, Injectable } from '@angular/core';\n\nimport { loadScript, type ScriptLoadOptions } from './siara-shield-script-utils';\n\n@Injectable({ providedIn: 'root' })\nexport class SiaraShieldLoaderService {\n constructor(@Inject(DOCUMENT) private readonly document: Document) {}\n\n loadScript(src: string, options?: ScriptLoadOptions): Promise<void> {\n return loadScript(this.document, src, options);\n }\n}\n","import { AfterViewInit, Component, ElementRef, EventEmitter, Input, Output, ViewEncapsulation } from '@angular/core';\nimport { SiaraShieldLoaderService } from './siara-shield-loader.service';\nimport { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\nimport { prepareScriptNonce } from './siara-shield-script-utils';\n\r\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_SCRIPT_SRC = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';\nconst VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\r\nexport interface SiaraShieldInitOptions {\r\n /** SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. /\r\n publicKey: string;\r\n /* Loads jQuery before SiaraShield script. Default is true for easier integration. Set to false only if your page already includes jQuery. /\n loadJQuery?: boolean;\n /* CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. /\n cspNonce?: string;\n}\r\n\r\n@Component({\r\n selector: 'siara-shield',\r\n standalone: true,\r\n template: `<div class=\"SiaraShield\"></div>`,\r\n encapsulation: ViewEncapsulation.None,\r\n})\r\nexport class SiaraShieldComponent implements AfterViewInit {\n @Input({ required: true }) publicKey!: string;\r\n @Input() loadJQuery = true;\n @Input() cspNonce?: string;\n\r\n /\r\n Emits the current `CyberSiaraToken` right after a successful `checkCaptcha()`.\r\n /\r\n @Output() token = new EventEmitter<string>();\r\n\r\n private initialized = false;\r\n\r\n constructor(\n private readonly host: ElementRef<HTMLElement>,\n private readonly loader: SiaraShieldLoaderService,\n ) {}\n\r\n async ngAfterViewInit(): Promise<void> {\r\n await this.init({ publicKey: this.publicKey, loadJQuery: this.loadJQuery, cspNonce: this.cspNonce });\r\n }\r\n\r\n async init(options: SiaraShieldInitOptions): Promise<void> {\r\n if (this.initialized) return;\r\n\r\n // Ensure the host element is in DOM before scripts run.\r\n void this.host.nativeElement;\r\n\r\n if (!options.publicKey) {\n throw new Error('SiaraShieldComponent: publicKey is required.');\n }\n const cspNonce = prepareScriptNonce(this.host.nativeElement.ownerDocument, options.cspNonce);\n\n if ((options.loadJQuery ?? true) && !this.isJQueryAlreadyAvailable()) {\n await this.loader.loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });\n }\n\n await this.loader.loadScript(CAPTCHA_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n await this.loader.loadScript(VALIDATION_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n\n const g = getSiaraShieldGlobals();\n this.preventDuplicateValidationBootstrap(g);\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error(\n 'SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.',\n );\n }\n\r\n initCaptchaFn(options.publicKey);\r\n await this.waitForCheckCaptchaApi();\r\n this.initialized = true;\r\n }\r\n\r\n /\r\n Detect preloaded jQuery from global object or an existing script tag.\r\n /\r\n private isJQueryAlreadyAvailable(): boolean {\r\n const g = getSiaraShieldGlobals();\r\n if (typeof g.jQuery === 'function' \|\| typeof g.$ === 'function') {\r\n return true;\r\n }\r\n\r\n const existingJqueryScript = this.host.nativeElement.ownerDocument.querySelector<HTMLScriptElement>(\r\n 'script[src=\"jquery\"]',\r\n );\r\n return Boolean(existingJqueryScript);\r\n }\r\n\r\n private preventDuplicateValidationBootstrap(g: ReturnType<typeof getSiaraShieldGlobals>): void {\n const originalAppendValidation = g.AppendValidationJS;\n if (typeof originalAppendValidation !== 'function') {\n return;\n }\n\n g.AppendValidationJS = () => {\n const existing = this.host.nativeElement.ownerDocument.querySelector<HTMLScriptElement>(\n `script[src=\"${VALIDATION_SCRIPT_SRC}\"]`,\n );\n if (existing) {\n return;\n }\n\n originalAppendValidation();\n };\n }\n\r\n private async waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\r\n const startedAt = Date.now();\r\n while (Date.now() - startedAt < timeoutMs) {\r\n if (getSiaraShieldGlobals().CheckCaptcha) {\r\n return;\r\n }\r\n await new Promise((resolve) => setTimeout(resolve, 100));\r\n }\r\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');\n }\n\r\n /*\r\n Calls the global `CheckCaptcha()` from SiaraShield script.\r\n * Returns true when captcha is valid; emits token if available.\r\n /\r\n checkCaptcha(): boolean {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did init() run, and is CSP allowing the captcha scripts?');\n }\n\r\n const ok = g.CheckCaptcha();\r\n if (ok && typeof g.CyberSiaraToken === 'string') {\r\n this.token.emit(g.CyberSiaraToken);\r\n }\r\n return ok;\r\n }\r\n\r\n /\r\n Async-friendly captcha validation to avoid first-click timing issues.\r\n * Retries briefly until token/check API settles.\r\n /\r\n async checkCaptchaAsync(options?: { timeoutMs?: number; pollIntervalMs?: number }): Promise<boolean> {\r\n const timeoutMs = options?.timeoutMs ?? 2000;\r\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\r\n const startedAt = Date.now();\r\n\r\n if (this.checkCaptcha()) {\r\n return true;\r\n }\r\n\r\n while (Date.now() - startedAt < timeoutMs) {\r\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\r\n if (this.checkCaptcha()) {\r\n return true;\r\n }\r\n }\r\n\r\n return false;\r\n }\r\n}\r\n\r\n","import { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\nimport { loadScript, prepareScriptNonce } from './siara-shield-script-utils';\n\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_SCRIPT_SRC = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';\nconst VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\r\nexport interface InitSiaraShieldOptions {\n /* SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. /\n publicKey: string;\n /\n Loads jQuery before SiaraShield script.\n * Default is true for easier integration.\n * Set to false only if your site/app already loads jQuery.\n /\n loadJQuery?: boolean;\n /* CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. /\n cspNonce?: string;\n}\n\r\nlet pending: Promise<void> \| null = null;\nlet initialized = false;\n\nfunction isJQueryAlreadyAvailable(): boolean {\n const g = getSiaraShieldGlobals();\n if (typeof g.jQuery === 'function' \|\| typeof g.$ === 'function') {\n return true;\n }\n\n const existingJqueryScript = document.querySelector<HTMLScriptElement>('script[src=\"jquery\"]');\n return Boolean(existingJqueryScript);\n}\n\nfunction preventDuplicateValidationBootstrap(g: ReturnType<typeof getSiaraShieldGlobals>): void {\n const originalAppendValidation = g.AppendValidationJS;\n if (typeof originalAppendValidation !== 'function') {\n return;\n }\n\n g.AppendValidationJS = () => {\n const existing = document.querySelector<HTMLScriptElement>(`script[src=\"${VALIDATION_SCRIPT_SRC}\"]`);\n if (existing) {\n return;\n }\n\n originalAppendValidation();\n };\n}\n\r\nasync function waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\n const startedAt = Date.now();\n while (Date.now() - startedAt < timeoutMs) {\n if (getSiaraShieldGlobals().CheckCaptcha) {\n return;\n }\r\n await new Promise((resolve) => setTimeout(resolve, 100));\r\n }\r\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');\n}\n\r\n/*\r\n Drop-in initializer for SiaraShield.\r\n * - Loads required scripts (optionally jQuery)\r\n * - Calls global `initCaptcha(publicKey)`\r\n \r\n Requirements in your HTML/template:\r\n * - You must render: `<div class=\"SiaraShield\"></div>`\r\n /\r\nexport async function initSiaraShield(options: InitSiaraShieldOptions): Promise<void> {\r\n if (initialized) return;\r\n if (pending) return pending;\r\n\r\n if (!options?.publicKey) {\r\n throw new Error('initSiaraShield: publicKey is required.');\r\n }\n\n pending = (async () => {\n const cspNonce = prepareScriptNonce(document, options.cspNonce);\n\n if ((options.loadJQuery ?? true) && !isJQueryAlreadyAvailable()) {\n await loadScript(document, JQUERY_FALLBACK_SRC, { nonce: cspNonce });\n }\n\n await loadScript(document, CAPTCHA_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n await loadScript(document, VALIDATION_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n\n const g = getSiaraShieldGlobals();\n preventDuplicateValidationBootstrap(g);\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error(\n 'SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.',\n );\n }\n\r\n initCaptchaFn(options.publicKey);\r\n await waitForCheckCaptchaApi();\r\n initialized = true;\r\n })();\r\n\r\n try {\r\n await pending;\r\n } finally {\r\n // keep `pending` cached for subsequent callers\r\n }\r\n}\r\n\r\n/\r\n Calls global `CheckCaptcha()` and returns its boolean result.\r\n * If successful, returns `{ ok: true, token?: string }`.\r\n /\r\nexport function checkSiaraShieldCaptcha(): { ok: boolean; token?: string } {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did initSiaraShield() run, and is CSP allowing the captcha scripts?');\n }\n\r\n const ok = g.CheckCaptcha();\r\n const token = typeof g.CyberSiaraToken === 'string' ? g.CyberSiaraToken : undefined;\r\n return ok ? { ok: true, token } : { ok: false };\r\n}\r\n\r\n/\r\n Async-friendly captcha check to handle delayed token population.\r\n /\r\nexport async function checkSiaraShieldCaptchaAsync(options?: {\r\n timeoutMs?: number;\r\n pollIntervalMs?: number;\r\n}): Promise<{ ok: boolean; token?: string }> {\r\n const timeoutMs = options?.timeoutMs ?? 1200;\r\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\r\n const firstCheck = checkSiaraShieldCaptcha(); // one API call only\r\n if (!firstCheck.ok) return firstCheck;\r\n if (firstCheck.token) return firstCheck;\r\n\r\n const startedAt = Date.now();\r\n // Token can be assigned slightly after successful verification.\r\n while (Date.now() - startedAt < timeoutMs) {\r\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\r\n const token = getSiaraShieldGlobals().CyberSiaraToken;\r\n if (typeof token === 'string' && token.length > 0) {\r\n return { ok: true, token };\r\n }\r\n }\r\n\r\n return { ok: true };\r\n}\r\n\r\n","export interface SiaraShieldCspOptions {\n /* Server-generated nonce value without the `'nonce-'` prefix. /\n nonce?: string;\n /* Optional if the customer still loads jQuery from Google's CDN. /\n includeGoogleApis?: boolean;\n /* Keep `'unsafe-inline'` in `script-src` for strict vendor compatibility. /\n includeUnsafeInlineScript?: boolean;\n /* Keep `style-src 'unsafe-inline'` for current vendor markup/styles. /\n includeUnsafeInlineStyle?: boolean;\n}\n\nexport type SiaraShieldCspDirectives = Record<string, string[]>;\n\nconst SELF = \"'self'\";\nconst DATA = 'data:';\nconst UNSAFE_INLINE = \"'unsafe-inline'\";\n\nconst SCRIPT_HOSTS = ['https://embedcdn.mycybersiara.com', 'https://embed.mycybersiara.com'] as const;\nconst OPTIONAL_SCRIPT_HOSTS = ['https://ajax.googleapis.com'] as const;\nconst CONNECT_HOSTS = ['https://embed.mycybersiara.com', 'https://embedcdn.mycybersiara.com'] as const;\nconst STYLE_HOSTS = [\n 'https://embed.mycybersiara.com',\n 'https://mycybersiara.com',\n 'https://fonts.googleapis.com',\n 'https://cdnjs.cloudflare.com',\n] as const;\nconst FONT_HOSTS = [\n 'https://fonts.gstatic.com',\n 'https://mycybersiara.com',\n 'https://cdnjs.cloudflare.com',\n] as const;\nconst IMG_HOSTS = [\n 'https://embed.mycybersiara.com',\n 'https://embedcdn.mycybersiara.com',\n 'https://mycybersiara.com',\n] as const;\n\nfunction unique(values: Array<string \| undefined>): string[] {\n return [...new Set(values.filter((value): value is string => Boolean(value && value.trim())))];\n}\n\nfunction nonceSource(nonce?: string): string \| undefined {\n return nonce ? `'nonce-${nonce}'` : undefined;\n}\n\nfunction serializeDirective(name: string, values: string[]): string {\n return values.length > 0 ? `${name} ${values.join(' ')}` : name;\n}\n\nfunction parsePolicy(policy: string): Map<string, string[]> {\n const directives = new Map<string, string[]>();\n\n for (const rawDirective of policy.split(';')) {\n const directive = rawDirective.trim();\n if (!directive) {\n continue;\n }\n\n const parts = directive.split(/\\s+/).filter(Boolean);\n const [name, ...values] = parts;\n if (!name) {\n continue;\n }\n\n directives.set(name, values);\n }\n\n return directives;\n}\n\nexport function getSiaraShieldCspDirectives(options?: SiaraShieldCspOptions): SiaraShieldCspDirectives {\n const includeGoogleApis = options?.includeGoogleApis ?? false;\n const includeUnsafeInlineScript = options?.includeUnsafeInlineScript ?? true;\n const includeUnsafeInlineStyle = options?.includeUnsafeInlineStyle ?? true;\n const nonce = nonceSource(options?.nonce);\n const scriptHosts = includeGoogleApis ? [...SCRIPT_HOSTS, ...OPTIONAL_SCRIPT_HOSTS] : [...SCRIPT_HOSTS];\n\n return {\n 'default-src': unique([SELF]),\n 'script-src': unique([SELF, nonce, ...scriptHosts, includeUnsafeInlineScript ? UNSAFE_INLINE : undefined]),\n 'script-src-elem': unique([SELF, nonce, ...scriptHosts]),\n 'connect-src': unique([SELF, ...CONNECT_HOSTS]),\n 'img-src': unique([SELF, DATA, ...IMG_HOSTS]),\n 'style-src': unique([SELF, includeUnsafeInlineStyle ? UNSAFE_INLINE : undefined, ...STYLE_HOSTS]),\n 'font-src': unique([SELF, ...FONT_HOSTS, DATA]),\n };\n}\n\nexport function getSiaraShieldCspPolicy(options?: SiaraShieldCspOptions): string {\n return Object.entries(getSiaraShieldCspDirectives(options))\n .map(([name, values]) => serializeDirective(name, values))\n .join('; ');\n}\n\nexport function mergeSiaraShieldCspPolicy(existingPolicy: string, options?: SiaraShieldCspOptions): string {\n const directives = parsePolicy(existingPolicy);\n const recommended = getSiaraShieldCspDirectives(options);\n\n for (const [name, values] of Object.entries(recommended)) {\n directives.set(name, unique([...(directives.get(name) ?? []), ...values]));\n }\n\n return [...directives.entries()]\n .map(([name, values]) => serializeDirective(name, values))\n .join('; ');\n}\n","/\n * Public API Surface of siarashield-workspace\n /\n\nexport from './lib/siarashield-workspace';\nexport * from './lib/siara-shield.component';\nexport * from './lib/siara-shield-loader.service';\nexport * from './lib/siara-shield.globals';\nexport * from './lib/siara-shield';\nexport * from './lib/siara-shield-csp';\n","/*\n Generated bundle index. Do not edit.\n /\n\nexport from './public-api';\n"],"names":["JQUERY_FALLBACK_SRC","CAPTCHA_SCRIPT_SRC","VALIDATION_SCRIPT_SRC","CAPTCHA_READY_TIMEOUT_MS","i1.SiaraShieldLoaderService"],"mappings":";;;;SAagB,qBAAqB,GAAA;AACnC,IAAA,OAAQ,UAAwE;AAClF;AAEM,SAAU,gBAAgB,CAAC,CAAqB,EAAA;AACpD,IAAA,OAAO,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,WAAW;AACvC;;ACRA,MAAM,yBAAyB,GAAG,IAAI,OAAO,EAAuC;AACpF,MAAM,0BAA0B,GAAG,IAAI,OAAO,EAAwC;AACtF,MAAM,8BAA8B,GAAG,wCAAwC;AAE/E,SAAS,cAAc,CAAC,WAAqB,EAAA;IAC3C,IAAI,WAAW,GAAG,yBAAyB,CAAC,GAAG,CAAC,WAAW,CAAC;IAC5D,IAAI,CAAC,WAAW,EAAE;AAChB,QAAA,WAAW,GAAG,IAAI,GAAG,EAAwB;AAC7C,QAAA,yBAAyB,CAAC,GAAG,CAAC,WAAW,EAAE,WAAW,CAAC;IACzD;AAEA,IAAA,OAAO,WAAW;AACpB;AAEA,SAAS,eAAe,CAAC,WAAqB,EAAA;IAC5C,IAAI,YAAY,GAAG,0BAA0B,CAAC,GAAG,CAAC,WAAW,CAAC;IAC9D,IAAI,CAAC,YAAY,EAAE;AACjB,QAAA,YAAY,GAAG,IAAI,GAAG,EAAyB;AAC/C,QAAA,0BAA0B,CAAC,GAAG,CAAC,WAAW,EAAE,YAAY,CAAC;IAC3D;AAEA,IAAA,OAAO,YAAY;AACrB;AAEA,SAAS,+BAA+B,GAAA;IACtC,MAAM,WAAW,GAAG,UAEnB;AAED,IAAA,IAAI,CAAC,WAAW,CAAC,8BAA8B,CAAC,EAAE;QAChD,WAAW,CAAC,8BAA8B,CAAC,GAAG;YAC5C,eAAe,EAAE,IAAI,OAAO,EAAoB;AAChD,YAAA,OAAO,EAAE,KAAK;SACf;IACH;AAEA,IAAA,OAAO,WAAW,CAAC,8BAA8B,CAAC;AACpD;AAEA,SAAS,cAAc,CAAC,KAAqB,EAAA;AAC3C,IAAA,MAAM,OAAO,GAAG,KAAK,EAAE,IAAI,EAAE;IAC7B,OAAO,OAAO,GAAG,OAAO,GAAG,SAAS;AACtC;AAEA,SAAS,eAAe,CAAC,IAAU,EAAA;AACjC,IAAA,OAAO,IAAI,YAAY,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,KAAK,QAAQ;AAC3E;AAEM,SAAU,gBAAgB,CAAC,MAAyB,EAAE,KAAc,EAAA;AACxE,IAAA,MAAM,aAAa,GAAG,cAAc,CAAC,KAAK,CAAC;IAC3C,IAAI,CAAC,aAAa,EAAE;QAClB;IACF;AAEA,IAAA,MAAM,CAAC,YAAY,CAAC,OAAO,EAAE,aAAa,CAAC;AAC3C,IAAA,MAAM,CAAC,KAAK,GAAG,aAAa;AAC9B;AAEA,SAAS,iBAAiB,CAAC,IAAU,EAAA;AACnC,IAAA,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE;QAC1B;IACF;AAEA,IAAA,MAAM,WAAW,GAAG,IAAI,CAAC,aAAa;IACtC,IAAI,CAAC,WAAW,EAAE;QAChB;IACF;IAEA,MAAM,KAAK,GAAG,+BAA+B,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC;AAChF,IAAA,gBAAgB,CAAC,IAAI,EAAE,KAAK,CAAC;AAC/B;AAEA,SAAS,2BAA2B,GAAA;AAClC,IAAA,MAAM,UAAU,GAAG,+BAA+B,EAAE;AACpD,IAAA,IAAI,UAAU,CAAC,OAAO,EAAE;QACtB;IACF;AAEA,IAAA,MAAM,mBAAmB,GAAG,IAAI,CAAC,SAAS,CAAC,WAAW;AACtD,IAAA,MAAM,oBAAoB,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY;AACxD,IAAA,MAAM,oBAAoB,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY;AAExD,IAAA,IAAI,CAAC,SAAS,CAAC,WAAW,GAAG,UAA0B,IAAO,EAAA;QAC5D,iBAAiB,CAAC,IAAI,CAAC;QACvB,OAAO,mBAAmB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAM;AAClD,IAAA,CAAC;IAED,IAAI,CAAC,SAAS,CAAC,YAAY,GAAG,UAA0B,IAAO,EAAE,KAAkB,EAAA;QACjF,iBAAiB,CAAC,IAAI,CAAC;QACvB,OAAO,oBAAoB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAM;AAC1D,IAAA,CAAC;IAED,IAAI,CAAC,SAAS,CAAC,YAAY,GAAG,UAA0B,IAAU,EAAE,KAAQ,EAAA;QAC1E,iBAAiB,CAAC,IAAI,CAAC;QACvB,OAAO,oBAAoB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAM;AAC1D,IAAA,CAAC;AAED,IAAA,UAAU,CAAC,OAAO,GAAG,IAAI;AAC3B;AAEM,SAAU,eAAe,CAAC,WAAqB,EAAE,aAAsB,EAAA;AAC3E,IAAA,MAAM,qBAAqB,GAAG,cAAc,CAAC,aAAa,CAAC;IAC3D,IAAI,qBAAqB,EAAE;AACzB,QAAA,OAAO,qBAAqB;IAC9B;IAEA,MAAM,eAAe,GAAG,WAAW,CAAC,aAAa,CAAoB,eAAe,CAAC;AACrF,IAAA,MAAM,eAAe,GAAG,cAAc,CAAC,eAAe,EAAE,YAAY,CAAC,OAAO,CAAC,IAAI,eAAe,EAAE,KAAK,CAAC;IACxG,IAAI,eAAe,EAAE;AACnB,QAAA,OAAO,eAAe;IACxB;IAEA,MAAM,SAAS,GAAG,WAAW,CAAC,aAAa,CAAkB,wBAAwB,CAAC;AACtF,IAAA,OAAO,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC;AAC3C;AAEM,SAAU,kBAAkB,CAAC,WAAqB,EAAE,aAAsB,EAAA;IAC9E,MAAM,aAAa,GAAG,eAAe,CAAC,WAAW,EAAE,aAAa,CAAC;AACjE,IAAA,MAAM,UAAU,GAAG,+BAA+B,EAAE;AAEpD,IAAA,2BAA2B,EAAE;IAE7B,IAAI,aAAa,EAAE;QACjB,UAAU,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,EAAE,aAAa,CAAC;IAC5D;SAAO;AACL,QAAA,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,WAAW,CAAC;IAChD;AAEA,IAAA,OAAO,aAAa;AACtB;SAEgB,UAAU,CAAC,WAAqB,EAAE,GAAW,EAAE,OAA2B,EAAA;IACxF,MAAM,KAAK,GAAG,kBAAkB,CAAC,WAAW,EAAE,OAAO,EAAE,KAAK,CAAC;AAC7D,IAAA,MAAM,WAAW,GAAG,cAAc,CAAC,WAAW,CAAC;AAC/C,IAAA,MAAM,YAAY,GAAG,eAAe,CAAC,WAAW,CAAC;IACjD,MAAM,QAAQ,GAAG,WAAW,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,GAAG,CAAA,EAAA,CAAI,CAAC;IAErF,IAAI,QAAQ,EAAE;AACZ,QAAA,gBAAgB,CAAC,QAAQ,EAAE,KAAK,CAAC;QACjC,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC;AACnC,QAAA,IAAI,MAAM,KAAK,QAAQ,EAAE;AACvB,YAAA,OAAO,OAAO,CAAC,OAAO,EAAE;QAC1B;QAEA,MAAM,OAAO,GAAG,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC;QACrC,IAAI,OAAO,EAAE;AACX,YAAA,OAAO,OAAO;QAChB;AAEA,QAAA,OAAO,OAAO,CAAC,OAAO,EAAE;IAC1B;AAEA,IAAA,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC;IAE/B,MAAM,OAAO,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,KAAI;QACpD,MAAM,MAAM,GAAG,WAAW,CAAC,aAAa,CAAC,QAAQ,CAAC;AAClD,QAAA,MAAM,CAAC,GAAG,GAAG,GAAG;AAChB,QAAA,MAAM,CAAC,KAAK,GAAG,IAAI;AACnB,QAAA,gBAAgB,CAAC,MAAM,EAAE,KAAK,CAAC;AAC/B,QAAA,MAAM,CAAC,MAAM,GAAG,MAAK;AACnB,YAAA,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC;AAC9B,YAAA,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC;AACxB,YAAA,OAAO,EAAE;AACX,QAAA,CAAC;AACD,QAAA,MAAM,CAAC,OAAO,GAAG,MAAK;AACpB,YAAA,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;AAC7B,YAAA,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC;YACxB,MAAM,CAAC,IAAI,KAAK,CAAC,0BAA0B,GAAG,CAAA,8CAAA,CAAgD,CAAC,CAAC;AAClG,QAAA,CAAC;AACD,QAAA,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;AACtC,IAAA,CAAC,CAAC;AAEF,IAAA,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;AAC9B,IAAA,OAAO,OAAO;AAChB;;MCnLa,wBAAwB,CAAA;AACY,IAAA,QAAA;AAA/C,IAAA,WAAA,CAA+C,QAAkB,EAAA;QAAlB,IAAA,CAAA,QAAQ,GAAR,QAAQ;IAAa;IAEpE,UAAU,CAAC,GAAW,EAAE,OAA2B,EAAA;QACjD,OAAO,UAAU,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,EAAE,OAAO,CAAC;IAChD;AALW,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,kBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,kBACf,QAAQ,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;AADjB,IAAA,OAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,cADX,MAAM,EAAA,CAAA;;2FACnB,wBAAwB,EAAA,UAAA,EAAA,CAAA;kBADpC,UAAU;mBAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;0BAEnB,MAAM;2BAAC,QAAQ;;;ACF9B,MAAMA,qBAAmB,GAAG,kEAAkE;AAC9F,MAAMC,oBAAkB,GAAG,sEAAsE;AACjG,MAAMC,uBAAqB,GAAG,yEAAyE;AACvG,MAAMC,0BAAwB,GAAG,IAAI;MAiBxB,oBAAoB,CAAA;AAaZ,IAAA,IAAA;AACA,IAAA,MAAA;AAbQ,IAAA,SAAS;IAC3B,UAAU,GAAG,IAAI;AACjB,IAAA,QAAQ;AAEjB;;AAEG;AACO,IAAA,KAAK,GAAG,IAAI,YAAY,EAAU;IAEpC,WAAW,GAAG,KAAK;IAE3B,WAAA,CACmB,IAA6B,EAC7B,MAAgC,EAAA;QADhC,IAAA,CAAA,IAAI,GAAJ,IAAI;QACJ,IAAA,CAAA,MAAM,GAAN,MAAM;IACtB;AAEH,IAAA,MAAM,eAAe,GAAA;QACnB,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;IACtG;IAEA,MAAM,IAAI,CAAC,OAA+B,EAAA;QACxC,IAAI,IAAI,CAAC,WAAW;YAAE;;AAGtB,QAAA,KAAK,IAAI,CAAC,IAAI,CAAC,aAAa;AAE5B,QAAA,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE;AACtB,YAAA,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC;QACjE;AACA,QAAA,MAAM,QAAQ,GAAG,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,EAAE,OAAO,CAAC,QAAQ,CAAC;AAE5F,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE;AACpE,YAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACH,qBAAmB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QACxE;AAEA,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACC,oBAAkB,EAAE;AAC/C,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AACF,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACC,uBAAqB,EAAE;AAClD,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,CAAC,mCAAmC,CAAC,CAAC,CAAC;AAC3C,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CACb,kIAAkI,CACnI;QACH;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;AAChC,QAAA,MAAM,IAAI,CAAC,sBAAsB,EAAE;AACnC,QAAA,IAAI,CAAC,WAAW,GAAG,IAAI;IACzB;AAEA;;AAEG;IACK,wBAAwB,GAAA;AAC9B,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,YAAA,OAAO,IAAI;QACb;AAEA,QAAA,MAAM,oBAAoB,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,aAAa,CAC9E,uBAAuB,CACxB;AACD,QAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;IACtC;AAEQ,IAAA,mCAAmC,CAAC,CAA2C,EAAA;AACrF,QAAA,MAAM,wBAAwB,GAAG,CAAC,CAAC,kBAAkB;AACrD,QAAA,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE;YAClD;QACF;AAEA,QAAA,CAAC,CAAC,kBAAkB,GAAG,MAAK;AAC1B,YAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,aAAa,CAClE,CAAA,YAAA,EAAeA,uBAAqB,CAAA,EAAA,CAAI,CACzC;YACD,IAAI,QAAQ,EAAE;gBACZ;YACF;AAEA,YAAA,wBAAwB,EAAE;AAC5B,QAAA,CAAC;IACH;AAEQ,IAAA,MAAM,sBAAsB,CAAC,SAAS,GAAGC,0BAAwB,EAAA;AACvE,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;QAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;gBACxC;YACF;AACA,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC1D;AACA,QAAA,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC;IACvI;AAEA;;;AAGG;IACH,YAAY,GAAA;AACV,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,YAAA,MAAM,IAAI,KAAK,CAAC,wGAAwG,CAAC;QAC3H;AAEA,QAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;QAC3B,IAAI,EAAE,IAAI,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,EAAE;YAC/C,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC;QACpC;AACA,QAAA,OAAO,EAAE;IACX;AAEA;;;AAGG;IACH,MAAM,iBAAiB,CAAC,OAAyD,EAAA;AAC/E,QAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,QAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;AAE5B,QAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,YAAA,OAAO,IAAI;QACb;QAEA,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,YAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,gBAAA,OAAO,IAAI;YACb;QACF;AAEA,QAAA,OAAO,KAAK;IACd;uGA3IW,oBAAoB,EAAA,IAAA,EAAA,CAAA,EAAA,KAAA,EAAA,EAAA,CAAA,UAAA,EAAA,EAAA,EAAA,KAAA,EAAAC,wBAAA,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA;AAApB,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,oBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,IAAA,EAAA,oBAAoB,yLAHrB,CAAA,+BAAA,CAAiC,EAAA,QAAA,EAAA,IAAA,EAAA,aAAA,EAAA,EAAA,CAAA,iBAAA,CAAA,IAAA,EAAA,CAAA;;2FAGhC,oBAAoB,EAAA,UAAA,EAAA,CAAA;kBANhC,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,QAAQ,EAAE,cAAc;AACxB,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,CAAA,+BAAA,CAAiC;oBAC3C,aAAa,EAAE,iBAAiB,CAAC,IAAI;AACtC,iBAAA;;sBAEE,KAAK;uBAAC,EAAE,QAAQ,EAAE,IAAI,EAAE;;sBACxB;;sBACA;;sBAKA;;;AC9BH,MAAM,mBAAmB,GAAG,kEAAkE;AAC9F,MAAM,kBAAkB,GAAG,sEAAsE;AACjG,MAAM,qBAAqB,GAAG,yEAAyE;AACvG,MAAM,wBAAwB,GAAG,IAAI;AAerC,IAAI,OAAO,GAAyB,IAAI;AACxC,IAAI,WAAW,GAAG,KAAK;AAEvB,SAAS,wBAAwB,GAAA;AAC/B,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,QAAA,OAAO,IAAI;IACb;IAEA,MAAM,oBAAoB,GAAG,QAAQ,CAAC,aAAa,CAAoB,uBAAuB,CAAC;AAC/F,IAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;AACtC;AAEA,SAAS,mCAAmC,CAAC,CAA2C,EAAA;AACtF,IAAA,MAAM,wBAAwB,GAAG,CAAC,CAAC,kBAAkB;AACrD,IAAA,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE;QAClD;IACF;AAEA,IAAA,CAAC,CAAC,kBAAkB,GAAG,MAAK;QAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,qBAAqB,CAAA,EAAA,CAAI,CAAC;QACpG,IAAI,QAAQ,EAAE;YACZ;QACF;AAEA,QAAA,wBAAwB,EAAE;AAC5B,IAAA,CAAC;AACH;AAEA,eAAe,sBAAsB,CAAC,SAAS,GAAG,wBAAwB,EAAA;AACxE,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;IAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;YACxC;QACF;AACA,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAC1D;AACA,IAAA,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC;AACvI;AAEA;;;;;;;AAOG;AACI,eAAe,eAAe,CAAC,OAA+B,EAAA;AACnE,IAAA,IAAI,WAAW;QAAE;AACjB,IAAA,IAAI,OAAO;AAAE,QAAA,OAAO,OAAO;AAE3B,IAAA,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE;AACvB,QAAA,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC;IAC5D;AAEA,IAAA,OAAO,GAAG,CAAC,YAAW;QACpB,MAAM,QAAQ,GAAG,kBAAkB,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC;AAE/D,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,wBAAwB,EAAE,EAAE;AAC/D,YAAA,MAAM,UAAU,CAAC,QAAQ,EAAE,mBAAmB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QACtE;AAEA,QAAA,MAAM,UAAU,CAAC,QAAQ,EAAE,kBAAkB,EAAE;AAC7C,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AACF,QAAA,MAAM,UAAU,CAAC,QAAQ,EAAE,qBAAqB,EAAE;AAChD,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;QACjC,mCAAmC,CAAC,CAAC,CAAC;AACtC,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CACb,kIAAkI,CACnI;QACH;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;QAChC,MAAM,sBAAsB,EAAE;QAC9B,WAAW,GAAG,IAAI;IACpB,CAAC,GAAG;AAEJ,IAAA,IAAI;AACF,QAAA,MAAM,OAAO;IACf;YAAU;;IAEV;AACF;AAEA;;;AAGG;SACa,uBAAuB,GAAA;AACrC,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,QAAA,MAAM,IAAI,KAAK,CAAC,mHAAmH,CAAC;IACtI;AAEA,IAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;AAC3B,IAAA,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,GAAG,CAAC,CAAC,eAAe,GAAG,SAAS;AACnF,IAAA,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE;AACjD;AAEA;;AAEG;AACI,eAAe,4BAA4B,CAAC,OAGlD,EAAA;AACC,IAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,IAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,IAAA,MAAM,UAAU,GAAG,uBAAuB,EAAE,CAAC;IAC7C,IAAI,CAAC,UAAU,CAAC,EAAE;AAAE,QAAA,OAAO,UAAU;IACrC,IAAI,UAAU,CAAC,KAAK;AAAE,QAAA,OAAO,UAAU;AAEvC,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;;IAE5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,QAAA,MAAM,KAAK,GAAG,qBAAqB,EAAE,CAAC,eAAe;QACrD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;AACjD,YAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;QAC5B;IACF;AAEA,IAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE;AACrB;;AC1IA,MAAM,IAAI,GAAG,QAAQ;AACrB,MAAM,IAAI,GAAG,OAAO;AACpB,MAAM,aAAa,GAAG,iBAAiB;AAEvC,MAAM,YAAY,GAAG,CAAC,mCAAmC,EAAE,gCAAgC,CAAU;AACrG,MAAM,qBAAqB,GAAG,CAAC,6BAA6B,CAAU;AACtE,MAAM,aAAa,GAAG,CAAC,gCAAgC,EAAE,mCAAmC,CAAU;AACtG,MAAM,WAAW,GAAG;IAClB,gCAAgC;IAChC,0BAA0B;IAC1B,8BAA8B;IAC9B,8BAA8B;CACtB;AACV,MAAM,UAAU,GAAG;IACjB,2BAA2B;IAC3B,0BAA0B;IAC1B,8BAA8B;CACtB;AACV,MAAM,SAAS,GAAG;IAChB,gCAAgC;IAChC,mCAAmC;IACnC,0BAA0B;CAClB;AAEV,SAAS,MAAM,CAAC,MAAiC,EAAA;IAC/C,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,KAAsB,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAChG;AAEA,SAAS,WAAW,CAAC,KAAc,EAAA;IACjC,OAAO,KAAK,GAAG,CAAA,OAAA,EAAU,KAAK,CAAA,CAAA,CAAG,GAAG,SAAS;AAC/C;AAEA,SAAS,kBAAkB,CAAC,IAAY,EAAE,MAAgB,EAAA;IACxD,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,GAAG,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI;AACjE;AAEA,SAAS,WAAW,CAAC,MAAc,EAAA;AACjC,IAAA,MAAM,UAAU,GAAG,IAAI,GAAG,EAAoB;IAE9C,KAAK,MAAM,YAAY,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;AAC5C,QAAA,MAAM,SAAS,GAAG,YAAY,CAAC,IAAI,EAAE;QACrC,IAAI,CAAC,SAAS,EAAE;YACd;QACF;AAEA,QAAA,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC;QACpD,MAAM,CAAC,IAAI,EAAE,GAAG,MAAM,CAAC,GAAG,KAAK;QAC/B,IAAI,CAAC,IAAI,EAAE;YACT;QACF;AAEA,QAAA,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC;IAC9B;AAEA,IAAA,OAAO,UAAU;AACnB;AAEM,SAAU,2BAA2B,CAAC,OAA+B,EAAA;AACzE,IAAA,MAAM,iBAAiB,GAAG,OAAO,EAAE,iBAAiB,IAAI,KAAK;AAC7D,IAAA,MAAM,yBAAyB,GAAG,OAAO,EAAE,yBAAyB,IAAI,IAAI;AAC5E,IAAA,MAAM,wBAAwB,GAAG,OAAO,EAAE,wBAAwB,IAAI,IAAI;IAC1E,MAAM,KAAK,GAAG,WAAW,CAAC,OAAO,EAAE,KAAK,CAAC;IACzC,MAAM,WAAW,GAAG,iBAAiB,GAAG,CAAC,GAAG,YAAY,EAAE,GAAG,qBAAqB,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;IAEvG,OAAO;AACL,QAAA,aAAa,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC;QAC7B,YAAY,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,EAAE,yBAAyB,GAAG,aAAa,GAAG,SAAS,CAAC,CAAC;QAC1G,iBAAiB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,CAAC,CAAC;QACxD,aAAa,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,aAAa,CAAC,CAAC;QAC/C,SAAS,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,SAAS,CAAC,CAAC;AAC7C,QAAA,WAAW,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,wBAAwB,GAAG,aAAa,GAAG,SAAS,EAAE,GAAG,WAAW,CAAC,CAAC;QACjG,UAAU,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,UAAU,EAAE,IAAI,CAAC,CAAC;KAChD;AACH;AAEM,SAAU,uBAAuB,CAAC,OAA+B,EAAA;IACrE,OAAO,MAAM,CAAC,OAAO,CAAC,2BAA2B,CAAC,OAAO,CAAC;AACvD,SAAA,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC;SACxD,IAAI,CAAC,IAAI,CAAC;AACf;AAEM,SAAU,yBAAyB,CAAC,cAAsB,EAAE,OAA+B,EAAA;AAC/F,IAAA,MAAM,UAAU,GAAG,WAAW,CAAC,cAAc,CAAC;AAC9C,IAAA,MAAM,WAAW,GAAG,2BAA2B,CAAC,OAAO,CAAC;AAExD,IAAA,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE;QACxD,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC;IAC5E;AAEA,IAAA,OAAO,CAAC,GAAG,UAAU,CAAC,OAAO,EAAE;AAC5B,SAAA,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC;SACxD,IAAI,CAAC,IAAI,CAAC;AACf;;ACzGA;;AAEG;;ACFH;;AAEG;;;;"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "siarashield_workspace",
-  "version": "0.0.22",
+  "version": "0.0.24",
   "description": "Angular wrapper for CyberSiara SiaraShield captcha embed.",
   "keywords": [
     "cybersiara",

package/types/siarashield_workspace.d.ts CHANGED Viewed

@@ -4,10 +4,9 @@ import { AfterViewInit, EventEmitter, ElementRef } from '@angular/core';
 interface ScriptLoadOptions {
     nonce?: string;
 }
 declare class SiaraShieldLoaderService {
     private readonly document;
-    private statusBySrc;
-    private pendingBySrc;
     constructor(document: Document);
     loadScript(src: string, options?: ScriptLoadOptions): Promise<void>;
     static ɵfac: i0.ɵɵFactoryDeclaration<SiaraShieldLoaderService, never>;
@@ -40,11 +39,6 @@ declare class SiaraShieldComponent implements AfterViewInit {
      * Detect preloaded jQuery from global object or an existing script tag.
      */
     private isJQueryAlreadyAvailable;
-    /**
-     * Uses explicit nonce first. If not provided, tries to reuse nonce
-     * from the first script tag or from `<meta name="csp-nonce">`.
-     */
-    private resolveCspNonce;
     private preventDuplicateValidationBootstrap;
     private waitForCheckCaptchaApi;
     /**
@@ -123,6 +117,8 @@ interface SiaraShieldCspOptions {
     nonce?: string;
     /** Optional if the customer still loads jQuery from Google's CDN. */
     includeGoogleApis?: boolean;
+    /** Keep `'unsafe-inline'` in `script-src` for strict vendor compatibility. */
+    includeUnsafeInlineScript?: boolean;
     /** Keep `style-src 'unsafe-inline'` for current vendor markup/styles. */
     includeUnsafeInlineStyle?: boolean;
 }
@@ -132,4 +128,4 @@ declare function getSiaraShieldCspPolicy(options?: SiaraShieldCspOptions): strin
 declare function mergeSiaraShieldCspPolicy(existingPolicy: string, options?: SiaraShieldCspOptions): string;
 export { SiaraShieldComponent, SiaraShieldLoaderService, checkSiaraShieldCaptcha, checkSiaraShieldCaptchaAsync, getInitCaptchaFn, getSiaraShieldCspDirectives, getSiaraShieldCspPolicy, getSiaraShieldGlobals, initSiaraShield, mergeSiaraShieldCspPolicy };
-export type { CheckCaptchaFn, InitCaptchaFn, InitSiaraShieldOptions, ScriptLoadOptions, SiaraShieldCspDirectives, SiaraShieldCspOptions, SiaraShieldGlobals, SiaraShieldInitOptions };
+export type { CheckCaptchaFn, InitCaptchaFn, InitSiaraShieldOptions, SiaraShieldCspDirectives, SiaraShieldCspOptions, SiaraShieldGlobals, SiaraShieldInitOptions };