npm - siarashield_workspace - Versions diffs - 0.0.23 → 0.0.25 - Mend

siarashield_workspace 0.0.23 → 0.0.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md +195 -63
package/fesm2022/siarashield_workspace.mjs +197 -79
package/fesm2022/siarashield_workspace.mjs.map +1 -1
package/package.json +1 -1
package/types/siarashield_workspace.d.ts +4 -10

package/README.md CHANGED Viewed

@@ -1,6 +1,6 @@
-# `siarashield_workspace`
+## `siarashield_workspace`
-Simple Angular integration for CyberSiara SiaraShield captcha.
+Angular integration for CyberSiara **SiaraShield** captcha.
 ## Angular compatibility
@@ -10,66 +10,135 @@ Simple Angular integration for CyberSiara SiaraShield captcha.
   - `@angular/core >=16.0.0 <22.0.0`
   - `@angular/common >=16.0.0 <22.0.0`
-## 1) Install
+## Install
 ```bash
 npm i siarashield_workspace
 ```
-## 2) Get keys
+## Quick setup (6 steps)
-Get your public/private keys from <a href="https://mycybersiara.com" target="_blank" rel="noopener noreferrer">mycybersiara.com</a>.
+Use these steps for a fast Angular setup (function API flow).
-## 3) Put keys in correct place
+1. Install package: `npm i siarashield_workspace`.
+2. Add HTML in your form template:
+   - `<div class="SiaraShield"></div>`
+   - `<button type="submit" class="CaptchaSubmit" (click)="onSubmit()">Submit</button>`
+3. Put public key in Angular environment (never expose private key in frontend).
+4. Initialize captcha in component with `initSiaraShield({ publicKey, cspNonce })`.
+5. On submit, call `checkSiaraShieldCaptcha()` first.
+6. Call your API only when captcha is successful (`result.ok === true`).
+If you prefer Angular component usage, see **Recommended: use the Angular component (easiest)** below.
+## Get your keys
+Get your public and private keys from <a href="https://mycybersiara.com" target="_blank" rel="noopener noreferrer">mycybersiara.com</a>.
+## Put keys in the right place
 - **Frontend (Angular):** public key only
-- **Backend (.env):** private key only (never expose in frontend)
+- **Backend (.env):** private key only
-Frontend should read public key from `environment` or your environment file.
+Angular `environment` example:
-Example `environment` values:
+```ts
+export const environment = {
+  siaraShieldPublicKey: 'YOUR-PUBLIC-KEY',
+};
+```
-```environment
-{
-siaraShieldPublicKey:"YOUR-PUBLIC-KEY",
-siaraShieldPrivateKey:"YOUR-PRIVATE-KEY"
-}
+Backend `.env` example:
+```dotenv
+SIARASHIELD_PRIVATE_KEY=YOUR-PRIVATE-KEY
 ```
-If your frontend project already uses `environment`, that is fine. Map it to the same public key value used in Angular config.
+Never place the private key in Angular environment files, templates, or browser code.
-## 4) Add captcha container in template
+## Recommended: use the Angular component (easiest)
+### 1) Add the component to your template
 ```html
-<div class="SiaraShield"></div>
+<siara-shield
+  [publicKey]="environment.siaraShieldPublicKey"
+  [cspNonce]="cspNonce"
+  (token)="onCaptchaToken($event)"
+></siara-shield>
+<button type="submit" class="CaptchaSubmit" (click)="onSubmit()">Submit</button>
 ```
-In your submit button, make sure to add this class:CaptchaSubmit
+### 2) Copy-paste TypeScript
-```html
-<button class="CaptchaSubmit"></button>
+```ts
+import { Component, ViewChild } from '@angular/core';
+import { environment } from '../environments/environment';
+import { SiaraShieldComponent } from 'siarashield_workspace';
+@Component({
+  selector: 'app-form',
+  standalone: true,
+  imports: [SiaraShieldComponent],
+  templateUrl: './form.component.html',
+})
+export class FormComponent {
+  protected readonly environment = environment;
+  // Recommended: set from server (see CSP section)
+  protected readonly cspNonce = (window as any).__cspNonce as string | undefined;
+  @ViewChild(SiaraShieldComponent) private readonly captcha?: SiaraShieldComponent;
+  onCaptchaToken(token: string) {
+    // Optional: use token immediately if needed
+    console.log('SiaraShield token:', token);
+  }
+  async onSubmit() {
+    const ok = await this.captcha?.checkCaptchaAsync();
+    if (!ok) {
+      console.log('Captcha not completed yet');
+      return;
+    }
+    // When ok=true, token is available in global state and from (token) output.
+    alert('Form submitted successfully');
+  }
+}
 ```
-## 5) Add TypeScript integration (copy-paste)
+Notes:
+- If you already load jQuery in your app, set `[loadJQuery]="false"` on the component.
+- Keep `class="CaptchaSubmit"` on your submit button (required by vendor flow).
+- The component renders the required captcha container (`<div class="SiaraShield"></div>`) internally at that position in the template.
+## Alternative: function API (when you cannot use the component)
+Template for function API:
-This captcha is not only for login form. You can integrate it in any form component like Login, Contact Us, Signup, Forgot Password, Lead Form, etc.
+```html
+<div class="SiaraShield"></div>
+<button type="submit" class="CaptchaSubmit" (click)="onSubmit()">Submit</button>
+```
 ```ts
-import { OnInit } from '@angular/core';
 import { environment } from '../environments/environment';
 import { initSiaraShield, checkSiaraShieldCaptcha } from 'siarashield_workspace';
-export class FormComponent implements OnInit {
+export class FormComponent {
   ngOnInit() {
-    this.initializeCaptcha();
+    // Angular does not wait for async lifecycle hooks.
+    // Use void to run async init without blocking render.
+    void this.initializeCaptcha();
   }
-  initializeCaptcha() {
-    initSiaraShield({
+  private async initializeCaptcha() {
+    await initSiaraShield({
       publicKey: environment.siaraShieldPublicKey,
-      // Optional for strict CSP pages when your server provides a nonce.
-      // cspNonce: 'server-generated-nonce',
+      cspNonce: (window as any).__cspNonce || undefined,
     });
   }
@@ -77,69 +146,132 @@ export class FormComponent implements OnInit {
     const result = checkSiaraShieldCaptcha();
     if (!result.ok) {
       console.log('Captcha not completed yet');
-      return; // IMPORTANT
+      return;
     }
-    if (result.ok) {
-      console.log(result.token);
-      // API call here (Login/Contact/Signup/etc.)
-      alert('Form submitted successfully');
-    }
+    console.log(result.token);
+    // API call here
+    alert('Form submitted successfully');
   }
 }
 ```
-Important: keep your submit API logic inside `if (result.ok)`.
+Keep submit API logic inside the successful captcha branch.
-## jQuery loading behavior
+If your frontend reads nonce from the DOM instead of `window`, reuse nonce from an existing script tag:
-- Default `loadJQuery` is `true`
-- For most customers, nothing extra is needed
-- If your app already has jQuery and you do not want package fallback loading, set `loadJQuery: false`
-- When needed, package loads:
-  - `https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js`
-- Package also loads:
-  - `https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js`
-  - `https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js`
+```ts
+const nonce = document.querySelector('script[nonce]')?.getAttribute('nonce') || undefined;
+```
-## CSP note
+The nonce must be generated on the server for each request. The package NEVER generates a nonce in the browser.
-To make CSP setup easier for customers, the plugin now exports helpers:
+## CSP Compliance (Important)
-```ts
-import { getSiaraShieldCspPolicy, mergeSiaraShieldCspPolicy } from 'siarashield_workspace';
+Inline scripts are blocked by CSP unless you allow them with a nonce or a hash. This package does not execute inline JavaScript and does not use `eval()`, `new Function()`, `setTimeout(string)`, `setInterval(string)`, or any other string-based execution path. All scripts are loaded as external resources. Any dynamically created `<script>` elements are assigned the provided CSP nonce when `cspNonce` is passed.
+For strict CSP deployments:
+- Generate the nonce on the server for each request.
+- Use the same nonce in the `Content-Security-Policy` header.
+- Use the same nonce on the `<script>` tag that loads your Angular app or any direct SiaraShield resource.
+- Use the same nonce in `initSiaraShield({ cspNonce: ... })`.
+- The package NEVER generates a nonce in the browser.
+- If a valid CSP nonce is required but not provided, browsers will block script execution and the captcha will fail to load.
+### Copy-paste quick test (static nonce for local verification only)
-const policy = getSiaraShieldCspPolicy();
+Use this only for local or staging validation. In production, replace `siarashield-example-nonce` with a server-generated nonce per request.
-const mergedPolicy = mergeSiaraShieldCspPolicy("default-src 'self'");
+```html
+<script nonce="siarashield-example-nonce">
+  window.__cspNonce = "siarashield-example-nonce";
+</script>
+<script nonce="siarashield-example-nonce" src="https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js"></script>
+<script nonce="siarashield-example-nonce" src="https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js"></script>
+<meta http-equiv="Content-Security-Policy" content="
+  default-src 'self';
+  script-src 'self' 'nonce-siarashield-example-nonce' https://embed.mycybersiara.com https://embedcdn.mycybersiara.com;
+  script-src-elem 'self' 'nonce-siarashield-example-nonce' https://embed.mycybersiara.com https://embedcdn.mycybersiara.com;
+  connect-src 'self' https://embed.mycybersiara.com https://embedcdn.mycybersiara.com;
+  style-src 'self' https://embed.mycybersiara.com https://mycybersiara.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline';
+  font-src 'self' https://fonts.gstatic.com https://mycybersiara.com https://cdnjs.cloudflare.com data:;
+  img-src 'self' data: https://embed.mycybersiara.com https://embedcdn.mycybersiara.com https://mycybersiara.com;
+">
 ```
-Recommended CSP baseline:
+### Production CSP policy (recommended)
+In production, send CSP as an HTTP response header and inject the same nonce value into script tags and `initSiaraShield({ cspNonce })`.
 ```http
 default-src 'self';
-script-src 'self' https://embed.mycybersiara.com https://embedcdn.mycybersiara.com 'unsafe-inline';
-script-src-elem 'self' https://embedcdn.mycybersiara.com https://embed.mycybersiara.com;
+script-src 'self' 'nonce-<dynamic>' https://embed.mycybersiara.com https://embedcdn.mycybersiara.com;
+script-src-elem 'self' 'nonce-<dynamic>' https://embed.mycybersiara.com https://embedcdn.mycybersiara.com;
 connect-src 'self' https://embed.mycybersiara.com https://embedcdn.mycybersiara.com;
-style-src 'self' 'unsafe-inline' https://embed.mycybersiara.com https://mycybersiara.com https://fonts.googleapis.com https://cdnjs.cloudflare.com;
+style-src 'self' https://embed.mycybersiara.com https://mycybersiara.com https://fonts.googleapis.com https://cdnjs.cloudflare.com;
 font-src 'self' https://fonts.gstatic.com https://mycybersiara.com https://cdnjs.cloudflare.com data:;
 img-src 'self' data: https://embed.mycybersiara.com https://embedcdn.mycybersiara.com https://mycybersiara.com;
 ```
-If the customer still loads jQuery from another CDN like Google, they should also allow that CDN in `script-src`.
+Example with the same server-generated nonce in script tags:
+```html
+<script nonce="SIARASHIELD_NONCE">
+  window.__cspNonce = "SIARASHIELD_NONCE";
+</script>
+<script nonce="SIARASHIELD_NONCE" src="https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js"></script>
+<script nonce="SIARASHIELD_NONCE" src="https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js"></script>
+```
+If your Angular app initializes SiaraShield from the main application bundle, that bundle `<script>` tag must use the same nonce as the CSP header.
+`getSiaraShieldCspPolicy()` and `mergeSiaraShieldCspPolicy()` only generate a baseline CSP string. These helpers do not inject a nonce and do not apply headers. The server must inject the nonce and must apply the final `Content-Security-Policy` header.
-You can use `getSiaraShieldCspPolicy(...)` to generate the plugin baseline from the plugin side instead of hardcoding it in customer projects.
+Notes:
-This package now preloads `SiaraShield_Validation.js` to reduce CSP issues from the vendor bootstrap chain.
+- CSP helpers default to a strict policy (no `script-src 'unsafe-inline'`).
+- If you choose to allow inline execution, you must explicitly opt in via helper options and accept the security trade-offs.
+- Generating a new nonce in the browser (or per function call) does not help. CSP nonce must match the value from server response headers for that page load.
-The plugin can help generate the CSP string, but the final CSP header/meta must still be applied by the customer project.
+The package still works in environments without CSP or with relaxed policies. If your site uses a strict nonce-based CSP, passing the server-generated nonce is required.
+## jQuery loading behavior
+- Default `loadJQuery` is `true`.
+- If jQuery is not already available, the package loads:
+  - `https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js`
+- The package also loads:
+  - `https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js`
+  - `https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js`
+- jQuery and the captcha bootstrap process may create script elements dynamically (including via HTML strings / DOM fragments).
+- When `cspNonce` is provided, dynamically inserted `<script>` elements are assigned that nonce (including scripts inserted indirectly through DOM manipulation).
+- This is required for compatibility with strict nonce-based CSP policies.
+- If a valid CSP nonce is required but not passed, browsers will block those script loads and the captcha will fail to initialize.
+- If your app already loads jQuery, set `loadJQuery: false`.
+- If your app loads jQuery from another CDN, allow that host in `script-src` and `script-src-elem`.
 ## Quick troubleshooting
-- Captcha not visible -> confirm `<div class="SiaraShield"></div>` is present
-- `CheckCaptcha` not available -> ensure `initSiaraShield(...)` ran successfully
-- CSP warning or script load failure -> allow the `script-src`, `connect-src`, and `img-src` hosts above
-- Token empty -> check browser console and network calls after clicking submit
+- Captcha not visible:
+  - If you use `<siara-shield ...>`, confirm the component is rendered (no `*ngIf` hiding it) and the page has finished loading scripts.
+  - If you use the function API, confirm your template contains `<div class="SiaraShield"></div>`.
+  - Confirm your submit button has `class="CaptchaSubmit"`.
+- `CheckCaptcha` not available:
+  - Ensure initialization completed (for the function API: `await initSiaraShield(...)`).
+  - Ensure CSP allows the required hosts and the correct nonce is used.
+- CSP error in console:
+  - Confirm the same **server-generated nonce** is present in CSP header, bootstrapping `<script>` tag, and initialization (`cspNonce`).
+- Token empty -> check browser console and network calls after clicking submit.
+## Final checklist (customer handover)
+- Public key is in frontend; private key stays only on backend.
+- Submit button includes `class="CaptchaSubmit"`.
+- Captcha container exists (component tag or `<div class="SiaraShield"></div>` for function API).
+- Same nonce value is used in CSP header, script tags, and `initSiaraShield({ cspNonce })`.
+- Captcha check runs before API call.
 ## Build and pack (library maintainers)

package/fesm2022/siarashield_workspace.mjs CHANGED Viewed

@@ -9,45 +9,201 @@ function getInitCaptchaFn(g) {
     return g.initCaptcha ?? g.InitCaptcha;
 }
+const SCRIPT_STATUS_BY_DOCUMENT = new WeakMap();
+const SCRIPT_PENDING_BY_DOCUMENT = new WeakMap();
+const DYNAMIC_SCRIPT_NONCE_STATE_KEY = '__siaraShieldDynamicScriptNonceState__';
+function getStatusBySrc(documentRef) {
+    let statusBySrc = SCRIPT_STATUS_BY_DOCUMENT.get(documentRef);
+    if (!statusBySrc) {
+        statusBySrc = new Map();
+        SCRIPT_STATUS_BY_DOCUMENT.set(documentRef, statusBySrc);
+    }
+    return statusBySrc;
+}
+function getPendingBySrc(documentRef) {
+    let pendingBySrc = SCRIPT_PENDING_BY_DOCUMENT.get(documentRef);
+    if (!pendingBySrc) {
+        pendingBySrc = new Map();
+        SCRIPT_PENDING_BY_DOCUMENT.set(documentRef, pendingBySrc);
+    }
+    return pendingBySrc;
+}
+function getDynamicScriptNoncePatchState() {
+    const globalState = globalThis;
+    if (!globalState[DYNAMIC_SCRIPT_NONCE_STATE_KEY]) {
+        globalState[DYNAMIC_SCRIPT_NONCE_STATE_KEY] = {
+            nonceByDocument: new WeakMap(),
+            observerByDocument: new WeakMap(),
+            patched: false,
+        };
+    }
+    return globalState[DYNAMIC_SCRIPT_NONCE_STATE_KEY];
+}
+function normalizeNonce(nonce) {
+    const trimmed = nonce?.trim();
+    return trimmed ? trimmed : undefined;
+}
+function isScriptElement(node) {
+    return node instanceof Element && node.tagName.toLowerCase() === 'script';
+}
+function applyScriptNonce(script, nonce) {
+    const resolvedNonce = normalizeNonce(nonce);
+    if (!resolvedNonce) {
+        return;
+    }
+    script.setAttribute('nonce', resolvedNonce);
+    script.nonce = resolvedNonce;
+}
+function applyTrackedNonce(node) {
+    if (!isScriptElement(node)) {
+        return;
+    }
+    const documentRef = node.ownerDocument;
+    if (!documentRef) {
+        return;
+    }
+    const nonce = getDynamicScriptNoncePatchState().nonceByDocument.get(documentRef);
+    applyScriptNonce(node, nonce);
+}
+function walkAndApplyNonce(root, nonce) {
+    if (!nonce)
+        return;
+    // Fast path: root itself is a script.
+    if (isScriptElement(root)) {
+        applyScriptNonce(root, nonce);
+        return;
+    }
+    // Common path for jQuery: append DocumentFragment containing scripts created via HTML parsing.
+    if (root instanceof Element || root instanceof DocumentFragment) {
+        const scripts = root.querySelectorAll?.('script') ?? [];
+        for (const script of scripts) {
+            applyScriptNonce(script, nonce);
+        }
+    }
+}
+function ensureNonceMutationObserver(documentRef) {
+    const patchState = getDynamicScriptNoncePatchState();
+    if (patchState.observerByDocument.get(documentRef)) {
+        return;
+    }
+    const observer = new MutationObserver((records) => {
+        const nonce = patchState.nonceByDocument.get(documentRef);
+        if (!nonce)
+            return;
+        for (const record of records) {
+            for (const node of record.addedNodes) {
+                walkAndApplyNonce(node, nonce);
+            }
+        }
+    });
+    // Observe the full document because scripts can be injected into body/head by vendor/jQuery.
+    const root = documentRef.documentElement ?? documentRef;
+    observer.observe(root, { childList: true, subtree: true });
+    patchState.observerByDocument.set(documentRef, observer);
+}
+function teardownNonceMutationObserver(documentRef) {
+    const patchState = getDynamicScriptNoncePatchState();
+    const observer = patchState.observerByDocument.get(documentRef);
+    if (!observer)
+        return;
+    observer.disconnect();
+    patchState.observerByDocument.delete(documentRef);
+}
+function patchDynamicScriptInsertion() {
+    const patchState = getDynamicScriptNoncePatchState();
+    if (patchState.patched) {
+        return;
+    }
+    const originalAppendChild = Node.prototype.appendChild;
+    const originalInsertBefore = Node.prototype.insertBefore;
+    const originalReplaceChild = Node.prototype.replaceChild;
+    Node.prototype.appendChild = function (node) {
+        applyTrackedNonce(node);
+        return originalAppendChild.call(this, node);
+    };
+    Node.prototype.insertBefore = function (node, child) {
+        applyTrackedNonce(node);
+        return originalInsertBefore.call(this, node, child);
+    };
+    Node.prototype.replaceChild = function (node, child) {
+        applyTrackedNonce(node);
+        return originalReplaceChild.call(this, node, child);
+    };
+    patchState.patched = true;
+}
+function resolveCspNonce(documentRef, explicitNonce) {
+    const resolvedExplicitNonce = normalizeNonce(explicitNonce);
+    if (resolvedExplicitNonce) {
+        return resolvedExplicitNonce;
+    }
+    const scriptWithNonce = documentRef.querySelector('script[nonce]');
+    const nonceFromScript = normalizeNonce(scriptWithNonce?.getAttribute('nonce') ?? scriptWithNonce?.nonce);
+    if (nonceFromScript) {
+        return nonceFromScript;
+    }
+    const nonceMeta = documentRef.querySelector('meta[name="csp-nonce"]');
+    return normalizeNonce(nonceMeta?.content);
+}
+function prepareScriptNonce(documentRef, explicitNonce) {
+    const resolvedNonce = resolveCspNonce(documentRef, explicitNonce);
+    const patchState = getDynamicScriptNoncePatchState();
+    patchDynamicScriptInsertion();
+    if (resolvedNonce) {
+        patchState.nonceByDocument.set(documentRef, resolvedNonce);
+        ensureNonceMutationObserver(documentRef);
+    }
+    else {
+        patchState.nonceByDocument.delete(documentRef);
+        teardownNonceMutationObserver(documentRef);
+    }
+    return resolvedNonce;
+}
+function loadScript(documentRef, src, options) {
+    const nonce = prepareScriptNonce(documentRef, options?.nonce);
+    const statusBySrc = getStatusBySrc(documentRef);
+    const pendingBySrc = getPendingBySrc(documentRef);
+    const existing = documentRef.querySelector(`script[src="${src}"]`);
+    if (existing) {
+        applyScriptNonce(existing, nonce);
+        const status = statusBySrc.get(src);
+        if (status === 'loaded') {
+            return Promise.resolve();
+        }
+        const pending = pendingBySrc.get(src);
+        if (pending) {
+            return pending;
+        }
+        return Promise.resolve();
+    }
+    statusBySrc.set(src, 'loading');
+    const pending = new Promise((resolve, reject) => {
+        const script = documentRef.createElement('script');
+        script.src = src;
+        script.async = true;
+        applyScriptNonce(script, nonce);
+        script.onload = () => {
+            statusBySrc.set(src, 'loaded');
+            pendingBySrc.delete(src);
+            resolve();
+        };
+        script.onerror = () => {
+            statusBySrc.set(src, 'error');
+            pendingBySrc.delete(src);
+            reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));
+        };
+        documentRef.head.appendChild(script);
+    });
+    pendingBySrc.set(src, pending);
+    return pending;
+}
 class SiaraShieldLoaderService {
     document;
-    statusBySrc = new Map();
-    pendingBySrc = new Map();
     constructor(document) {
         this.document = document;
     }
     loadScript(src, options) {
-        const existing = this.document.querySelector(`script[src="${src}"]`);
-        if (existing)
-            return Promise.resolve();
-        const status = this.statusBySrc.get(src);
-        if (status === 'loaded')
-            return Promise.resolve();
-        if (status === 'loading') {
-            const pending = this.pendingBySrc.get(src);
-            if (pending)
-                return pending;
-        }
-        this.statusBySrc.set(src, 'loading');
-        const pending = new Promise((resolve, reject) => {
-            const script = this.document.createElement('script');
-            script.src = src;
-            script.async = true;
-            if (options?.nonce) {
-                script.nonce = options.nonce;
-            }
-            script.onload = () => {
-                this.statusBySrc.set(src, 'loaded');
-                resolve();
-            };
-            script.onerror = () => {
-                this.statusBySrc.set(src, 'error');
-                reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));
-            };
-            this.document.head.appendChild(script);
-        });
-        this.pendingBySrc.set(src, pending);
-        return pending;
+        return loadScript(this.document, src, options);
     }
     static ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "21.2.5", ngImport: i0, type: SiaraShieldLoaderService, deps: [{ token: DOCUMENT }], target: i0.ɵɵFactoryTarget.Injectable });
     static ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "21.2.5", ngImport: i0, type: SiaraShieldLoaderService, providedIn: 'root' });
@@ -90,7 +246,7 @@ class SiaraShieldComponent {
         if (!options.publicKey) {
             throw new Error('SiaraShieldComponent: publicKey is required.');
         }
-        const cspNonce = this.resolveCspNonce(options.cspNonce);
+        const cspNonce = prepareScriptNonce(this.host.nativeElement.ownerDocument, options.cspNonce);
         if ((options.loadJQuery ?? true) && !this.isJQueryAlreadyAvailable()) {
             await this.loader.loadScript(JQUERY_FALLBACK_SRC$1, { nonce: cspNonce });
         }
@@ -121,20 +277,6 @@ class SiaraShieldComponent {
         const existingJqueryScript = this.host.nativeElement.ownerDocument.querySelector('script[src*="jquery"]');
         return Boolean(existingJqueryScript);
     }
-    /**
-     * Uses explicit nonce first. If not provided, tries to reuse nonce
-     * from the first script tag or from `<meta name="csp-nonce">`.
-     */
-    resolveCspNonce(explicitNonce) {
-        if (explicitNonce)
-            return explicitNonce;
-        const doc = this.host.nativeElement.ownerDocument;
-        const scriptWithNonce = doc.querySelector('script[nonce]');
-        if (scriptWithNonce?.nonce)
-            return scriptWithNonce.nonce;
-        const nonceMeta = doc.querySelector('meta[name="csp-nonce"]');
-        return nonceMeta?.content || undefined;
-    }
     preventDuplicateValidationBootstrap(g) {
         const originalAppendValidation = g.AppendValidationJS;
         if (typeof originalAppendValidation !== 'function') {
@@ -220,22 +362,6 @@ const VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/Sia
 const CAPTCHA_READY_TIMEOUT_MS = 8000;
 let pending = null;
 let initialized = false;
-function loadScript(src, options) {
-    const existing = document.querySelector(`script[src="${src}"]`);
-    if (existing)
-        return Promise.resolve();
-    return new Promise((resolve, reject) => {
-        const script = document.createElement('script');
-        script.src = src;
-        script.async = true;
-        if (options?.nonce) {
-            script.nonce = options.nonce;
-        }
-        script.onload = () => resolve();
-        script.onerror = () => reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));
-        document.head.appendChild(script);
-    });
-}
 function isJQueryAlreadyAvailable() {
     const g = getSiaraShieldGlobals();
     if (typeof g.jQuery === 'function' || typeof g.$ === 'function') {
@@ -244,15 +370,6 @@ function isJQueryAlreadyAvailable() {
     const existingJqueryScript = document.querySelector('script[src*="jquery"]');
     return Boolean(existingJqueryScript);
 }
-function resolveCspNonce(explicitNonce) {
-    if (explicitNonce)
-        return explicitNonce;
-    const scriptWithNonce = document.querySelector('script[nonce]');
-    if (scriptWithNonce?.nonce)
-        return scriptWithNonce.nonce;
-    const nonceMeta = document.querySelector('meta[name="csp-nonce"]');
-    return nonceMeta?.content || undefined;
-}
 function preventDuplicateValidationBootstrap(g) {
     const originalAppendValidation = g.AppendValidationJS;
     if (typeof originalAppendValidation !== 'function') {
@@ -293,14 +410,14 @@ async function initSiaraShield(options) {
         throw new Error('initSiaraShield: publicKey is required.');
     }
     pending = (async () => {
-        const cspNonce = resolveCspNonce(options.cspNonce);
+        const cspNonce = prepareScriptNonce(document, options.cspNonce);
         if ((options.loadJQuery ?? true) && !isJQueryAlreadyAvailable()) {
-            await loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });
+            await loadScript(document, JQUERY_FALLBACK_SRC, { nonce: cspNonce });
         }
-        await loadScript(CAPTCHA_SCRIPT_SRC, {
+        await loadScript(document, CAPTCHA_SCRIPT_SRC, {
             nonce: cspNonce,
         });
-        await loadScript(VALIDATION_SCRIPT_SRC, {
+        await loadScript(document, VALIDATION_SCRIPT_SRC, {
             nonce: cspNonce,
         });
         const g = getSiaraShieldGlobals();
@@ -405,8 +522,9 @@ function parsePolicy(policy) {
 }
 function getSiaraShieldCspDirectives(options) {
     const includeGoogleApis = options?.includeGoogleApis ?? false;
-    const includeUnsafeInlineScript = options?.includeUnsafeInlineScript ?? true;
-    const includeUnsafeInlineStyle = options?.includeUnsafeInlineStyle ?? true;
+    // Default to strict/safe CSP. Customers can explicitly opt-in if they accept the risk.
+    const includeUnsafeInlineScript = options?.includeUnsafeInlineScript ?? false;
+    const includeUnsafeInlineStyle = options?.includeUnsafeInlineStyle ?? false;
     const nonce = nonceSource(options?.nonce);
     const scriptHosts = includeGoogleApis ? [...SCRIPT_HOSTS, ...OPTIONAL_SCRIPT_HOSTS] : [...SCRIPT_HOSTS];
     return {

package/fesm2022/siarashield_workspace.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"siarashield_workspace.mjs","sources":["../../../projects/siarashield-workspace/src/lib/siara-shield.globals.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-loader.service.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.component.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-csp.ts","../../../projects/siarashield-workspace/src/public-api.ts","../../../projects/siarashield-workspace/src/siarashield_workspace.ts"],"sourcesContent":["export type InitCaptchaFn = (publicKey: string) => void;\nexport type CheckCaptchaFn = () => boolean;\n\nexport interface SiaraShieldGlobals {\n initCaptcha?: InitCaptchaFn;\n InitCaptcha?: InitCaptchaFn;\n CheckCaptcha?: CheckCaptchaFn;\n AppendValidationJS?: () => void;\n CyberSiaraToken?: string;\n jQuery?: unknown;\n $?: unknown;\n}\n\nexport function getSiaraShieldGlobals(): SiaraShieldGlobals {\n return (globalThis as unknown as { [k: string]: unknown }) as SiaraShieldGlobals;\n}\n\nexport function getInitCaptchaFn(g: SiaraShieldGlobals): InitCaptchaFn \| undefined {\n return g.initCaptcha ?? g.InitCaptcha;\n}\n","import { DOCUMENT } from '@angular/common';\nimport { Inject, Injectable } from '@angular/core';\n\ntype ScriptStatus = 'idle' \| 'loading' \| 'loaded' \| 'error';\n\nexport interface ScriptLoadOptions {\n nonce?: string;\n}\n\n@Injectable({ providedIn: 'root' })\nexport class SiaraShieldLoaderService {\n private statusBySrc = new Map<string, ScriptStatus>();\n private pendingBySrc = new Map<string, Promise<void>>();\n\n constructor(@Inject(DOCUMENT) private readonly document: Document) {}\n\n loadScript(src: string, options?: ScriptLoadOptions): Promise<void> {\n const existing = this.document.querySelector<HTMLScriptElement>(`script[src=\"${src}\"]`);\n if (existing) return Promise.resolve();\n\n const status = this.statusBySrc.get(src);\n if (status === 'loaded') return Promise.resolve();\n if (status === 'loading') {\n const pending = this.pendingBySrc.get(src);\n if (pending) return pending;\n }\n\n this.statusBySrc.set(src, 'loading');\n\n const pending = new Promise<void>((resolve, reject) => {\n const script = this.document.createElement('script');\n script.src = src;\n script.async = true;\n if (options?.nonce) {\n script.nonce = options.nonce;\n }\n script.onload = () => {\n this.statusBySrc.set(src, 'loaded');\n resolve();\n };\n script.onerror = () => {\n this.statusBySrc.set(src, 'error');\n reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));\n };\n this.document.head.appendChild(script);\n });\n\n this.pendingBySrc.set(src, pending);\n return pending;\n }\n}\n","import { AfterViewInit, Component, ElementRef, EventEmitter, Input, Output, ViewEncapsulation } from '@angular/core';\r\nimport { SiaraShieldLoaderService } from './siara-shield-loader.service';\r\nimport { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\r\n\r\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_SCRIPT_SRC = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';\nconst VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\r\nexport interface SiaraShieldInitOptions {\r\n /** SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. /\r\n publicKey: string;\r\n /* Loads jQuery before SiaraShield script. Default is true for easier integration. Set to false only if your page already includes jQuery. /\n loadJQuery?: boolean;\n /* CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. /\n cspNonce?: string;\n}\r\n\r\n@Component({\r\n selector: 'siara-shield',\r\n standalone: true,\r\n template: `<div class=\"SiaraShield\"></div>`,\r\n encapsulation: ViewEncapsulation.None,\r\n})\r\nexport class SiaraShieldComponent implements AfterViewInit {\n @Input({ required: true }) publicKey!: string;\r\n @Input() loadJQuery = true;\n @Input() cspNonce?: string;\n\r\n /\r\n Emits the current `CyberSiaraToken` right after a successful `checkCaptcha()`.\r\n /\r\n @Output() token = new EventEmitter<string>();\r\n\r\n private initialized = false;\r\n\r\n constructor(\n private readonly host: ElementRef<HTMLElement>,\n private readonly loader: SiaraShieldLoaderService,\n ) {}\n\r\n async ngAfterViewInit(): Promise<void> {\r\n await this.init({ publicKey: this.publicKey, loadJQuery: this.loadJQuery, cspNonce: this.cspNonce });\r\n }\r\n\r\n async init(options: SiaraShieldInitOptions): Promise<void> {\r\n if (this.initialized) return;\r\n\r\n // Ensure the host element is in DOM before scripts run.\r\n void this.host.nativeElement;\r\n\r\n if (!options.publicKey) {\r\n throw new Error('SiaraShieldComponent: publicKey is required.');\r\n }\r\n const cspNonce = this.resolveCspNonce(options.cspNonce);\r\n\r\n if ((options.loadJQuery ?? true) && !this.isJQueryAlreadyAvailable()) {\n await this.loader.loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });\n }\n\n await this.loader.loadScript(CAPTCHA_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n await this.loader.loadScript(VALIDATION_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n\n const g = getSiaraShieldGlobals();\n this.preventDuplicateValidationBootstrap(g);\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error(\n 'SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.',\n );\n }\n\r\n initCaptchaFn(options.publicKey);\r\n await this.waitForCheckCaptchaApi();\r\n this.initialized = true;\r\n }\r\n\r\n /\r\n Detect preloaded jQuery from global object or an existing script tag.\r\n /\r\n private isJQueryAlreadyAvailable(): boolean {\r\n const g = getSiaraShieldGlobals();\r\n if (typeof g.jQuery === 'function' \|\| typeof g.$ === 'function') {\r\n return true;\r\n }\r\n\r\n const existingJqueryScript = this.host.nativeElement.ownerDocument.querySelector<HTMLScriptElement>(\r\n 'script[src=\"jquery\"]',\r\n );\r\n return Boolean(existingJqueryScript);\r\n }\r\n\r\n /*\r\n Uses explicit nonce first. If not provided, tries to reuse nonce\r\n * from the first script tag or from `<meta name=\"csp-nonce\">`.\r\n /\r\n private resolveCspNonce(explicitNonce?: string): string \| undefined {\n if (explicitNonce) return explicitNonce;\r\n const doc = this.host.nativeElement.ownerDocument;\r\n const scriptWithNonce = doc.querySelector<HTMLScriptElement>('script[nonce]');\r\n if (scriptWithNonce?.nonce) return scriptWithNonce.nonce;\r\n\r\n const nonceMeta = doc.querySelector<HTMLMetaElement>('meta[name=\"csp-nonce\"]');\r\n return nonceMeta?.content \|\| undefined;\n }\n\n private preventDuplicateValidationBootstrap(g: ReturnType<typeof getSiaraShieldGlobals>): void {\n const originalAppendValidation = g.AppendValidationJS;\n if (typeof originalAppendValidation !== 'function') {\n return;\n }\n\n g.AppendValidationJS = () => {\n const existing = this.host.nativeElement.ownerDocument.querySelector<HTMLScriptElement>(\n `script[src=\"${VALIDATION_SCRIPT_SRC}\"]`,\n );\n if (existing) {\n return;\n }\n\n originalAppendValidation();\n };\n }\n\r\n private async waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\r\n const startedAt = Date.now();\r\n while (Date.now() - startedAt < timeoutMs) {\r\n if (getSiaraShieldGlobals().CheckCaptcha) {\r\n return;\r\n }\r\n await new Promise((resolve) => setTimeout(resolve, 100));\r\n }\r\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');\n }\n\r\n /\r\n Calls the global `CheckCaptcha()` from SiaraShield script.\r\n * Returns true when captcha is valid; emits token if available.\r\n /\r\n checkCaptcha(): boolean {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did init() run, and is CSP allowing the captcha scripts?');\n }\n\r\n const ok = g.CheckCaptcha();\r\n if (ok && typeof g.CyberSiaraToken === 'string') {\r\n this.token.emit(g.CyberSiaraToken);\r\n }\r\n return ok;\r\n }\r\n\r\n /\r\n Async-friendly captcha validation to avoid first-click timing issues.\r\n * Retries briefly until token/check API settles.\r\n /\r\n async checkCaptchaAsync(options?: { timeoutMs?: number; pollIntervalMs?: number }): Promise<boolean> {\r\n const timeoutMs = options?.timeoutMs ?? 2000;\r\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\r\n const startedAt = Date.now();\r\n\r\n if (this.checkCaptcha()) {\r\n return true;\r\n }\r\n\r\n while (Date.now() - startedAt < timeoutMs) {\r\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\r\n if (this.checkCaptcha()) {\r\n return true;\r\n }\r\n }\r\n\r\n return false;\r\n }\r\n}\r\n\r\n","import { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\r\n\r\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_SCRIPT_SRC = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';\nconst VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\r\nexport interface InitSiaraShieldOptions {\n /* SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. /\n publicKey: string;\n /\n Loads jQuery before SiaraShield script.\n * Default is true for easier integration.\n * Set to false only if your site/app already loads jQuery.\n /\n loadJQuery?: boolean;\n /* CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. /\n cspNonce?: string;\n}\n\r\nlet pending: Promise<void> \| null = null;\r\nlet initialized = false;\r\n\r\nfunction loadScript(src: string, options?: { nonce?: string }): Promise<void> {\n const existing = document.querySelector<HTMLScriptElement>(`script[src=\"${src}\"]`);\n if (existing) return Promise.resolve();\n\n return new Promise<void>((resolve, reject) => {\n const script = document.createElement('script');\n script.src = src;\n script.async = true;\n if (options?.nonce) {\n script.nonce = options.nonce;\n }\n script.onload = () => resolve();\n script.onerror = () =>\n reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));\n document.head.appendChild(script);\n });\n}\n\r\nfunction isJQueryAlreadyAvailable(): boolean {\n const g = getSiaraShieldGlobals();\n if (typeof g.jQuery === 'function' \|\| typeof g.$ === 'function') {\n return true;\n }\n\r\n const existingJqueryScript = document.querySelector<HTMLScriptElement>('script[src=\"jquery\"]');\n return Boolean(existingJqueryScript);\n}\n\nfunction resolveCspNonce(explicitNonce?: string): string \| undefined {\n if (explicitNonce) return explicitNonce;\n\n const scriptWithNonce = document.querySelector<HTMLScriptElement>('script[nonce]');\n if (scriptWithNonce?.nonce) return scriptWithNonce.nonce;\n\n const nonceMeta = document.querySelector<HTMLMetaElement>('meta[name=\"csp-nonce\"]');\n return nonceMeta?.content \|\| undefined;\n}\n\nfunction preventDuplicateValidationBootstrap(g: ReturnType<typeof getSiaraShieldGlobals>): void {\n const originalAppendValidation = g.AppendValidationJS;\n if (typeof originalAppendValidation !== 'function') {\n return;\n }\n\n g.AppendValidationJS = () => {\n const existing = document.querySelector<HTMLScriptElement>(`script[src=\"${VALIDATION_SCRIPT_SRC}\"]`);\n if (existing) {\n return;\n }\n\n originalAppendValidation();\n };\n}\n\r\nasync function waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\n const startedAt = Date.now();\n while (Date.now() - startedAt < timeoutMs) {\n if (getSiaraShieldGlobals().CheckCaptcha) {\n return;\n }\r\n await new Promise((resolve) => setTimeout(resolve, 100));\r\n }\r\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');\n}\n\r\n/*\r\n Drop-in initializer for SiaraShield.\r\n * - Loads required scripts (optionally jQuery)\r\n * - Calls global `initCaptcha(publicKey)`\r\n \r\n Requirements in your HTML/template:\r\n * - You must render: `<div class=\"SiaraShield\"></div>`\r\n /\r\nexport async function initSiaraShield(options: InitSiaraShieldOptions): Promise<void> {\r\n if (initialized) return;\r\n if (pending) return pending;\r\n\r\n if (!options?.publicKey) {\r\n throw new Error('initSiaraShield: publicKey is required.');\r\n }\r\n\r\n pending = (async () => {\n const cspNonce = resolveCspNonce(options.cspNonce);\n\n if ((options.loadJQuery ?? true) && !isJQueryAlreadyAvailable()) {\n await loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });\n }\n\n await loadScript(CAPTCHA_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n await loadScript(VALIDATION_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n\n const g = getSiaraShieldGlobals();\n preventDuplicateValidationBootstrap(g);\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error(\n 'SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.',\n );\n }\n\r\n initCaptchaFn(options.publicKey);\r\n await waitForCheckCaptchaApi();\r\n initialized = true;\r\n })();\r\n\r\n try {\r\n await pending;\r\n } finally {\r\n // keep `pending` cached for subsequent callers\r\n }\r\n}\r\n\r\n/\r\n Calls global `CheckCaptcha()` and returns its boolean result.\r\n * If successful, returns `{ ok: true, token?: string }`.\r\n /\r\nexport function checkSiaraShieldCaptcha(): { ok: boolean; token?: string } {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did initSiaraShield() run, and is CSP allowing the captcha scripts?');\n }\n\r\n const ok = g.CheckCaptcha();\r\n const token = typeof g.CyberSiaraToken === 'string' ? g.CyberSiaraToken : undefined;\r\n return ok ? { ok: true, token } : { ok: false };\r\n}\r\n\r\n/\r\n Async-friendly captcha check to handle delayed token population.\r\n /\r\nexport async function checkSiaraShieldCaptchaAsync(options?: {\r\n timeoutMs?: number;\r\n pollIntervalMs?: number;\r\n}): Promise<{ ok: boolean; token?: string }> {\r\n const timeoutMs = options?.timeoutMs ?? 1200;\r\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\r\n const firstCheck = checkSiaraShieldCaptcha(); // one API call only\r\n if (!firstCheck.ok) return firstCheck;\r\n if (firstCheck.token) return firstCheck;\r\n\r\n const startedAt = Date.now();\r\n // Token can be assigned slightly after successful verification.\r\n while (Date.now() - startedAt < timeoutMs) {\r\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\r\n const token = getSiaraShieldGlobals().CyberSiaraToken;\r\n if (typeof token === 'string' && token.length > 0) {\r\n return { ok: true, token };\r\n }\r\n }\r\n\r\n return { ok: true };\r\n}\r\n\r\n","export interface SiaraShieldCspOptions {\n /* Server-generated nonce value without the `'nonce-'` prefix. /\n nonce?: string;\n /* Optional if the customer still loads jQuery from Google's CDN. /\n includeGoogleApis?: boolean;\n /* Keep `'unsafe-inline'` in `script-src` for strict vendor compatibility. /\n includeUnsafeInlineScript?: boolean;\n /* Keep `style-src 'unsafe-inline'` for current vendor markup/styles. /\n includeUnsafeInlineStyle?: boolean;\n}\n\nexport type SiaraShieldCspDirectives = Record<string, string[]>;\n\nconst SELF = \"'self'\";\nconst DATA = 'data:';\nconst UNSAFE_INLINE = \"'unsafe-inline'\";\n\nconst SCRIPT_HOSTS = ['https://embedcdn.mycybersiara.com', 'https://embed.mycybersiara.com'] as const;\nconst OPTIONAL_SCRIPT_HOSTS = ['https://ajax.googleapis.com'] as const;\nconst CONNECT_HOSTS = ['https://embed.mycybersiara.com', 'https://embedcdn.mycybersiara.com'] as const;\nconst STYLE_HOSTS = [\n 'https://embed.mycybersiara.com',\n 'https://mycybersiara.com',\n 'https://fonts.googleapis.com',\n 'https://cdnjs.cloudflare.com',\n] as const;\nconst FONT_HOSTS = [\n 'https://fonts.gstatic.com',\n 'https://mycybersiara.com',\n 'https://cdnjs.cloudflare.com',\n] as const;\nconst IMG_HOSTS = [\n 'https://embed.mycybersiara.com',\n 'https://embedcdn.mycybersiara.com',\n 'https://mycybersiara.com',\n] as const;\n\nfunction unique(values: Array<string \| undefined>): string[] {\n return [...new Set(values.filter((value): value is string => Boolean(value && value.trim())))];\n}\n\nfunction nonceSource(nonce?: string): string \| undefined {\n return nonce ? `'nonce-${nonce}'` : undefined;\n}\n\nfunction serializeDirective(name: string, values: string[]): string {\n return values.length > 0 ? `${name} ${values.join(' ')}` : name;\n}\n\nfunction parsePolicy(policy: string): Map<string, string[]> {\n const directives = new Map<string, string[]>();\n\n for (const rawDirective of policy.split(';')) {\n const directive = rawDirective.trim();\n if (!directive) {\n continue;\n }\n\n const parts = directive.split(/\\s+/).filter(Boolean);\n const [name, ...values] = parts;\n if (!name) {\n continue;\n }\n\n directives.set(name, values);\n }\n\n return directives;\n}\n\nexport function getSiaraShieldCspDirectives(options?: SiaraShieldCspOptions): SiaraShieldCspDirectives {\n const includeGoogleApis = options?.includeGoogleApis ?? false;\n const includeUnsafeInlineScript = options?.includeUnsafeInlineScript ?? true;\n const includeUnsafeInlineStyle = options?.includeUnsafeInlineStyle ?? true;\n const nonce = nonceSource(options?.nonce);\n const scriptHosts = includeGoogleApis ? [...SCRIPT_HOSTS, ...OPTIONAL_SCRIPT_HOSTS] : [...SCRIPT_HOSTS];\n\n return {\n 'default-src': unique([SELF]),\n 'script-src': unique([SELF, nonce, ...scriptHosts, includeUnsafeInlineScript ? UNSAFE_INLINE : undefined]),\n 'script-src-elem': unique([SELF, nonce, ...scriptHosts]),\n 'connect-src': unique([SELF, ...CONNECT_HOSTS]),\n 'img-src': unique([SELF, DATA, ...IMG_HOSTS]),\n 'style-src': unique([SELF, includeUnsafeInlineStyle ? UNSAFE_INLINE : undefined, ...STYLE_HOSTS]),\n 'font-src': unique([SELF, ...FONT_HOSTS, DATA]),\n };\n}\n\nexport function getSiaraShieldCspPolicy(options?: SiaraShieldCspOptions): string {\n return Object.entries(getSiaraShieldCspDirectives(options))\n .map(([name, values]) => serializeDirective(name, values))\n .join('; ');\n}\n\nexport function mergeSiaraShieldCspPolicy(existingPolicy: string, options?: SiaraShieldCspOptions): string {\n const directives = parsePolicy(existingPolicy);\n const recommended = getSiaraShieldCspDirectives(options);\n\n for (const [name, values] of Object.entries(recommended)) {\n directives.set(name, unique([...(directives.get(name) ?? []), ...values]));\n }\n\n return [...directives.entries()]\n .map(([name, values]) => serializeDirective(name, values))\n .join('; ');\n}\n","/\n * Public API Surface of siarashield-workspace\n /\n\nexport from './lib/siarashield-workspace';\nexport * from './lib/siara-shield.component';\nexport * from './lib/siara-shield-loader.service';\nexport * from './lib/siara-shield.globals';\nexport * from './lib/siara-shield';\nexport * from './lib/siara-shield-csp';\n","/*\n Generated bundle index. Do not edit.\n /\n\nexport from './public-api';\n"],"names":["JQUERY_FALLBACK_SRC","CAPTCHA_SCRIPT_SRC","VALIDATION_SCRIPT_SRC","CAPTCHA_READY_TIMEOUT_MS","i1.SiaraShieldLoaderService"],"mappings":";;;;SAagB,qBAAqB,GAAA;AACnC,IAAA,OAAQ,UAAwE;AAClF;AAEM,SAAU,gBAAgB,CAAC,CAAqB,EAAA;AACpD,IAAA,OAAO,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,WAAW;AACvC;;MCTa,wBAAwB,CAAA;AAIY,IAAA,QAAA;AAHvC,IAAA,WAAW,GAAG,IAAI,GAAG,EAAwB;AAC7C,IAAA,YAAY,GAAG,IAAI,GAAG,EAAyB;AAEvD,IAAA,WAAA,CAA+C,QAAkB,EAAA;QAAlB,IAAA,CAAA,QAAQ,GAAR,QAAQ;IAAa;IAEpE,UAAU,CAAC,GAAW,EAAE,OAA2B,EAAA;AACjD,QAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,GAAG,CAAA,EAAA,CAAI,CAAC;AACvF,QAAA,IAAI,QAAQ;AAAE,YAAA,OAAO,OAAO,CAAC,OAAO,EAAE;QAEtC,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC;QACxC,IAAI,MAAM,KAAK,QAAQ;AAAE,YAAA,OAAO,OAAO,CAAC,OAAO,EAAE;AACjD,QAAA,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC;AAC1C,YAAA,IAAI,OAAO;AAAE,gBAAA,OAAO,OAAO;QAC7B;QAEA,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC;QAEpC,MAAM,OAAO,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,KAAI;YACpD,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC;AACpD,YAAA,MAAM,CAAC,GAAG,GAAG,GAAG;AAChB,YAAA,MAAM,CAAC,KAAK,GAAG,IAAI;AACnB,YAAA,IAAI,OAAO,EAAE,KAAK,EAAE;AAClB,gBAAA,MAAM,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK;YAC9B;AACA,YAAA,MAAM,CAAC,MAAM,GAAG,MAAK;gBACnB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC;AACnC,gBAAA,OAAO,EAAE;AACX,YAAA,CAAC;AACD,YAAA,MAAM,CAAC,OAAO,GAAG,MAAK;gBACpB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;gBAClC,MAAM,CAAC,IAAI,KAAK,CAAC,0BAA0B,GAAG,CAAA,8CAAA,CAAgD,CAAC,CAAC;AAClG,YAAA,CAAC;YACD,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;AACxC,QAAA,CAAC,CAAC;QAEF,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;AACnC,QAAA,OAAO,OAAO;IAChB;AAvCW,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,kBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,kBAIf,QAAQ,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;AAJjB,IAAA,OAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,cADX,MAAM,EAAA,CAAA;;2FACnB,wBAAwB,EAAA,UAAA,EAAA,CAAA;kBADpC,UAAU;mBAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;0BAKnB,MAAM;2BAAC,QAAQ;;;ACV9B,MAAMA,qBAAmB,GAAG,kEAAkE;AAC9F,MAAMC,oBAAkB,GAAG,sEAAsE;AACjG,MAAMC,uBAAqB,GAAG,yEAAyE;AACvG,MAAMC,0BAAwB,GAAG,IAAI;MAiBxB,oBAAoB,CAAA;AAaZ,IAAA,IAAA;AACA,IAAA,MAAA;AAbQ,IAAA,SAAS;IAC3B,UAAU,GAAG,IAAI;AACjB,IAAA,QAAQ;AAEjB;;AAEG;AACO,IAAA,KAAK,GAAG,IAAI,YAAY,EAAU;IAEpC,WAAW,GAAG,KAAK;IAE3B,WAAA,CACmB,IAA6B,EAC7B,MAAgC,EAAA;QADhC,IAAA,CAAA,IAAI,GAAJ,IAAI;QACJ,IAAA,CAAA,MAAM,GAAN,MAAM;IACtB;AAEH,IAAA,MAAM,eAAe,GAAA;QACnB,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;IACtG;IAEA,MAAM,IAAI,CAAC,OAA+B,EAAA;QACxC,IAAI,IAAI,CAAC,WAAW;YAAE;;AAGtB,QAAA,KAAK,IAAI,CAAC,IAAI,CAAC,aAAa;AAE5B,QAAA,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE;AACtB,YAAA,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC;QACjE;QACA,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC;AAEvD,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE;AACpE,YAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACH,qBAAmB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QACxE;AAEA,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACC,oBAAkB,EAAE;AAC/C,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AACF,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACC,uBAAqB,EAAE;AAClD,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,CAAC,mCAAmC,CAAC,CAAC,CAAC;AAC3C,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CACb,kIAAkI,CACnI;QACH;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;AAChC,QAAA,MAAM,IAAI,CAAC,sBAAsB,EAAE;AACnC,QAAA,IAAI,CAAC,WAAW,GAAG,IAAI;IACzB;AAEA;;AAEG;IACK,wBAAwB,GAAA;AAC9B,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,YAAA,OAAO,IAAI;QACb;AAEA,QAAA,MAAM,oBAAoB,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,aAAa,CAC9E,uBAAuB,CACxB;AACD,QAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;IACtC;AAEA;;;AAGG;AACK,IAAA,eAAe,CAAC,aAAsB,EAAA;AAC5C,QAAA,IAAI,aAAa;AAAE,YAAA,OAAO,aAAa;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa;QACjD,MAAM,eAAe,GAAG,GAAG,CAAC,aAAa,CAAoB,eAAe,CAAC;QAC7E,IAAI,eAAe,EAAE,KAAK;YAAE,OAAO,eAAe,CAAC,KAAK;QAExD,MAAM,SAAS,GAAG,GAAG,CAAC,aAAa,CAAkB,wBAAwB,CAAC;AAC9E,QAAA,OAAO,SAAS,EAAE,OAAO,IAAI,SAAS;IACxC;AAEQ,IAAA,mCAAmC,CAAC,CAA2C,EAAA;AACrF,QAAA,MAAM,wBAAwB,GAAG,CAAC,CAAC,kBAAkB;AACrD,QAAA,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE;YAClD;QACF;AAEA,QAAA,CAAC,CAAC,kBAAkB,GAAG,MAAK;AAC1B,YAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,aAAa,CAClE,CAAA,YAAA,EAAeA,uBAAqB,CAAA,EAAA,CAAI,CACzC;YACD,IAAI,QAAQ,EAAE;gBACZ;YACF;AAEA,YAAA,wBAAwB,EAAE;AAC5B,QAAA,CAAC;IACH;AAEQ,IAAA,MAAM,sBAAsB,CAAC,SAAS,GAAGC,0BAAwB,EAAA;AACvE,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;QAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;gBACxC;YACF;AACA,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC1D;AACA,QAAA,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC;IACvI;AAEA;;;AAGG;IACH,YAAY,GAAA;AACV,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,YAAA,MAAM,IAAI,KAAK,CAAC,wGAAwG,CAAC;QAC3H;AAEA,QAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;QAC3B,IAAI,EAAE,IAAI,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,EAAE;YAC/C,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC;QACpC;AACA,QAAA,OAAO,EAAE;IACX;AAEA;;;AAGG;IACH,MAAM,iBAAiB,CAAC,OAAyD,EAAA;AAC/E,QAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,QAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;AAE5B,QAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,YAAA,OAAO,IAAI;QACb;QAEA,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,YAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,gBAAA,OAAO,IAAI;YACb;QACF;AAEA,QAAA,OAAO,KAAK;IACd;uGAzJW,oBAAoB,EAAA,IAAA,EAAA,CAAA,EAAA,KAAA,EAAA,EAAA,CAAA,UAAA,EAAA,EAAA,EAAA,KAAA,EAAAC,wBAAA,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA;AAApB,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,oBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,IAAA,EAAA,oBAAoB,yLAHrB,CAAA,+BAAA,CAAiC,EAAA,QAAA,EAAA,IAAA,EAAA,aAAA,EAAA,EAAA,CAAA,iBAAA,CAAA,IAAA,EAAA,CAAA;;2FAGhC,oBAAoB,EAAA,UAAA,EAAA,CAAA;kBANhC,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,QAAQ,EAAE,cAAc;AACxB,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,CAAA,+BAAA,CAAiC;oBAC3C,aAAa,EAAE,iBAAiB,CAAC,IAAI;AACtC,iBAAA;;sBAEE,KAAK;uBAAC,EAAE,QAAQ,EAAE,IAAI,EAAE;;sBACxB;;sBACA;;sBAKA;;;AC9BH,MAAM,mBAAmB,GAAG,kEAAkE;AAC9F,MAAM,kBAAkB,GAAG,sEAAsE;AACjG,MAAM,qBAAqB,GAAG,yEAAyE;AACvG,MAAM,wBAAwB,GAAG,IAAI;AAerC,IAAI,OAAO,GAAyB,IAAI;AACxC,IAAI,WAAW,GAAG,KAAK;AAEvB,SAAS,UAAU,CAAC,GAAW,EAAE,OAA4B,EAAA;IAC3D,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,GAAG,CAAA,EAAA,CAAI,CAAC;AAClF,IAAA,IAAI,QAAQ;AAAE,QAAA,OAAO,OAAO,CAAC,OAAO,EAAE;IAEtC,OAAO,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,KAAI;QAC3C,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC;AAC/C,QAAA,MAAM,CAAC,GAAG,GAAG,GAAG;AAChB,QAAA,MAAM,CAAC,KAAK,GAAG,IAAI;AACnB,QAAA,IAAI,OAAO,EAAE,KAAK,EAAE;AAClB,YAAA,MAAM,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK;QAC9B;QACA,MAAM,CAAC,MAAM,GAAG,MAAM,OAAO,EAAE;AAC/B,QAAA,MAAM,CAAC,OAAO,GAAG,MACf,MAAM,CAAC,IAAI,KAAK,CAAC,CAAA,uBAAA,EAA0B,GAAG,CAAA,8CAAA,CAAgD,CAAC,CAAC;AAClG,QAAA,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;AACnC,IAAA,CAAC,CAAC;AACJ;AAEA,SAAS,wBAAwB,GAAA;AAC/B,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,QAAA,OAAO,IAAI;IACb;IAEA,MAAM,oBAAoB,GAAG,QAAQ,CAAC,aAAa,CAAoB,uBAAuB,CAAC;AAC/F,IAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;AACtC;AAEA,SAAS,eAAe,CAAC,aAAsB,EAAA;AAC7C,IAAA,IAAI,aAAa;AAAE,QAAA,OAAO,aAAa;IAEvC,MAAM,eAAe,GAAG,QAAQ,CAAC,aAAa,CAAoB,eAAe,CAAC;IAClF,IAAI,eAAe,EAAE,KAAK;QAAE,OAAO,eAAe,CAAC,KAAK;IAExD,MAAM,SAAS,GAAG,QAAQ,CAAC,aAAa,CAAkB,wBAAwB,CAAC;AACnF,IAAA,OAAO,SAAS,EAAE,OAAO,IAAI,SAAS;AACxC;AAEA,SAAS,mCAAmC,CAAC,CAA2C,EAAA;AACtF,IAAA,MAAM,wBAAwB,GAAG,CAAC,CAAC,kBAAkB;AACrD,IAAA,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE;QAClD;IACF;AAEA,IAAA,CAAC,CAAC,kBAAkB,GAAG,MAAK;QAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,qBAAqB,CAAA,EAAA,CAAI,CAAC;QACpG,IAAI,QAAQ,EAAE;YACZ;QACF;AAEA,QAAA,wBAAwB,EAAE;AAC5B,IAAA,CAAC;AACH;AAEA,eAAe,sBAAsB,CAAC,SAAS,GAAG,wBAAwB,EAAA;AACxE,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;IAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;YACxC;QACF;AACA,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAC1D;AACA,IAAA,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC;AACvI;AAEA;;;;;;;AAOG;AACI,eAAe,eAAe,CAAC,OAA+B,EAAA;AACnE,IAAA,IAAI,WAAW;QAAE;AACjB,IAAA,IAAI,OAAO;AAAE,QAAA,OAAO,OAAO;AAE3B,IAAA,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE;AACvB,QAAA,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC;IAC5D;AAEA,IAAA,OAAO,GAAG,CAAC,YAAW;QACpB,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC;AAElD,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,wBAAwB,EAAE,EAAE;YAC/D,MAAM,UAAU,CAAC,mBAAmB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QAC5D;QAEA,MAAM,UAAU,CAAC,kBAAkB,EAAE;AACnC,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;QACF,MAAM,UAAU,CAAC,qBAAqB,EAAE;AACtC,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;QACjC,mCAAmC,CAAC,CAAC,CAAC;AACtC,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CACb,kIAAkI,CACnI;QACH;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;QAChC,MAAM,sBAAsB,EAAE;QAC9B,WAAW,GAAG,IAAI;IACpB,CAAC,GAAG;AAEJ,IAAA,IAAI;AACF,QAAA,MAAM,OAAO;IACf;YAAU;;IAEV;AACF;AAEA;;;AAGG;SACa,uBAAuB,GAAA;AACrC,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,QAAA,MAAM,IAAI,KAAK,CAAC,mHAAmH,CAAC;IACtI;AAEA,IAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;AAC3B,IAAA,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,GAAG,CAAC,CAAC,eAAe,GAAG,SAAS;AACnF,IAAA,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE;AACjD;AAEA;;AAEG;AACI,eAAe,4BAA4B,CAAC,OAGlD,EAAA;AACC,IAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,IAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,IAAA,MAAM,UAAU,GAAG,uBAAuB,EAAE,CAAC;IAC7C,IAAI,CAAC,UAAU,CAAC,EAAE;AAAE,QAAA,OAAO,UAAU;IACrC,IAAI,UAAU,CAAC,KAAK;AAAE,QAAA,OAAO,UAAU;AAEvC,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;;IAE5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,QAAA,MAAM,KAAK,GAAG,qBAAqB,EAAE,CAAC,eAAe;QACrD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;AACjD,YAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;QAC5B;IACF;AAEA,IAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE;AACrB;;ACrKA,MAAM,IAAI,GAAG,QAAQ;AACrB,MAAM,IAAI,GAAG,OAAO;AACpB,MAAM,aAAa,GAAG,iBAAiB;AAEvC,MAAM,YAAY,GAAG,CAAC,mCAAmC,EAAE,gCAAgC,CAAU;AACrG,MAAM,qBAAqB,GAAG,CAAC,6BAA6B,CAAU;AACtE,MAAM,aAAa,GAAG,CAAC,gCAAgC,EAAE,mCAAmC,CAAU;AACtG,MAAM,WAAW,GAAG;IAClB,gCAAgC;IAChC,0BAA0B;IAC1B,8BAA8B;IAC9B,8BAA8B;CACtB;AACV,MAAM,UAAU,GAAG;IACjB,2BAA2B;IAC3B,0BAA0B;IAC1B,8BAA8B;CACtB;AACV,MAAM,SAAS,GAAG;IAChB,gCAAgC;IAChC,mCAAmC;IACnC,0BAA0B;CAClB;AAEV,SAAS,MAAM,CAAC,MAAiC,EAAA;IAC/C,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,KAAsB,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAChG;AAEA,SAAS,WAAW,CAAC,KAAc,EAAA;IACjC,OAAO,KAAK,GAAG,CAAA,OAAA,EAAU,KAAK,CAAA,CAAA,CAAG,GAAG,SAAS;AAC/C;AAEA,SAAS,kBAAkB,CAAC,IAAY,EAAE,MAAgB,EAAA;IACxD,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,GAAG,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI;AACjE;AAEA,SAAS,WAAW,CAAC,MAAc,EAAA;AACjC,IAAA,MAAM,UAAU,GAAG,IAAI,GAAG,EAAoB;IAE9C,KAAK,MAAM,YAAY,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;AAC5C,QAAA,MAAM,SAAS,GAAG,YAAY,CAAC,IAAI,EAAE;QACrC,IAAI,CAAC,SAAS,EAAE;YACd;QACF;AAEA,QAAA,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC;QACpD,MAAM,CAAC,IAAI,EAAE,GAAG,MAAM,CAAC,GAAG,KAAK;QAC/B,IAAI,CAAC,IAAI,EAAE;YACT;QACF;AAEA,QAAA,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC;IAC9B;AAEA,IAAA,OAAO,UAAU;AACnB;AAEM,SAAU,2BAA2B,CAAC,OAA+B,EAAA;AACzE,IAAA,MAAM,iBAAiB,GAAG,OAAO,EAAE,iBAAiB,IAAI,KAAK;AAC7D,IAAA,MAAM,yBAAyB,GAAG,OAAO,EAAE,yBAAyB,IAAI,IAAI;AAC5E,IAAA,MAAM,wBAAwB,GAAG,OAAO,EAAE,wBAAwB,IAAI,IAAI;IAC1E,MAAM,KAAK,GAAG,WAAW,CAAC,OAAO,EAAE,KAAK,CAAC;IACzC,MAAM,WAAW,GAAG,iBAAiB,GAAG,CAAC,GAAG,YAAY,EAAE,GAAG,qBAAqB,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;IAEvG,OAAO;AACL,QAAA,aAAa,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC;QAC7B,YAAY,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,EAAE,yBAAyB,GAAG,aAAa,GAAG,SAAS,CAAC,CAAC;QAC1G,iBAAiB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,CAAC,CAAC;QACxD,aAAa,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,aAAa,CAAC,CAAC;QAC/C,SAAS,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,SAAS,CAAC,CAAC;AAC7C,QAAA,WAAW,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,wBAAwB,GAAG,aAAa,GAAG,SAAS,EAAE,GAAG,WAAW,CAAC,CAAC;QACjG,UAAU,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,UAAU,EAAE,IAAI,CAAC,CAAC;KAChD;AACH;AAEM,SAAU,uBAAuB,CAAC,OAA+B,EAAA;IACrE,OAAO,MAAM,CAAC,OAAO,CAAC,2BAA2B,CAAC,OAAO,CAAC;AACvD,SAAA,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC;SACxD,IAAI,CAAC,IAAI,CAAC;AACf;AAEM,SAAU,yBAAyB,CAAC,cAAsB,EAAE,OAA+B,EAAA;AAC/F,IAAA,MAAM,UAAU,GAAG,WAAW,CAAC,cAAc,CAAC;AAC9C,IAAA,MAAM,WAAW,GAAG,2BAA2B,CAAC,OAAO,CAAC;AAExD,IAAA,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE;QACxD,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC;IAC5E;AAEA,IAAA,OAAO,CAAC,GAAG,UAAU,CAAC,OAAO,EAAE;AAC5B,SAAA,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC;SACxD,IAAI,CAAC,IAAI,CAAC;AACf;;ACzGA;;AAEG;;ACFH;;AAEG;;;;"}
1	+ {"version":3,"file":"siarashield_workspace.mjs","sources":["../../../projects/siarashield-workspace/src/lib/siara-shield.globals.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-script-utils.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-loader.service.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.component.ts","../../../projects/siarashield-workspace/src/lib/siara-shield.ts","../../../projects/siarashield-workspace/src/lib/siara-shield-csp.ts","../../../projects/siarashield-workspace/src/public-api.ts","../../../projects/siarashield-workspace/src/siarashield_workspace.ts"],"sourcesContent":["export type InitCaptchaFn = (publicKey: string) => void;\nexport type CheckCaptchaFn = () => boolean;\n\nexport interface SiaraShieldGlobals {\n initCaptcha?: InitCaptchaFn;\n InitCaptcha?: InitCaptchaFn;\n CheckCaptcha?: CheckCaptchaFn;\n AppendValidationJS?: () => void;\n CyberSiaraToken?: string;\n jQuery?: unknown;\n $?: unknown;\n}\n\nexport function getSiaraShieldGlobals(): SiaraShieldGlobals {\n return (globalThis as unknown as { [k: string]: unknown }) as SiaraShieldGlobals;\n}\n\nexport function getInitCaptchaFn(g: SiaraShieldGlobals): InitCaptchaFn \| undefined {\n return g.initCaptcha ?? g.InitCaptcha;\n}\n","type ScriptStatus = 'loading' \| 'loaded' \| 'error';\n\nexport interface ScriptLoadOptions {\n nonce?: string;\n}\n\ninterface DynamicScriptNoncePatchState {\n nonceByDocument: WeakMap<Document, string>;\n observerByDocument: WeakMap<Document, MutationObserver>;\n patched: boolean;\n}\n\nconst SCRIPT_STATUS_BY_DOCUMENT = new WeakMap<Document, Map<string, ScriptStatus>>();\nconst SCRIPT_PENDING_BY_DOCUMENT = new WeakMap<Document, Map<string, Promise<void>>>();\nconst DYNAMIC_SCRIPT_NONCE_STATE_KEY = '__siaraShieldDynamicScriptNonceState__';\n\nfunction getStatusBySrc(documentRef: Document): Map<string, ScriptStatus> {\n let statusBySrc = SCRIPT_STATUS_BY_DOCUMENT.get(documentRef);\n if (!statusBySrc) {\n statusBySrc = new Map<string, ScriptStatus>();\n SCRIPT_STATUS_BY_DOCUMENT.set(documentRef, statusBySrc);\n }\n\n return statusBySrc;\n}\n\nfunction getPendingBySrc(documentRef: Document): Map<string, Promise<void>> {\n let pendingBySrc = SCRIPT_PENDING_BY_DOCUMENT.get(documentRef);\n if (!pendingBySrc) {\n pendingBySrc = new Map<string, Promise<void>>();\n SCRIPT_PENDING_BY_DOCUMENT.set(documentRef, pendingBySrc);\n }\n\n return pendingBySrc;\n}\n\nfunction getDynamicScriptNoncePatchState(): DynamicScriptNoncePatchState {\n const globalState = globalThis as typeof globalThis & {\n [DYNAMIC_SCRIPT_NONCE_STATE_KEY]?: DynamicScriptNoncePatchState;\n };\n\n if (!globalState[DYNAMIC_SCRIPT_NONCE_STATE_KEY]) {\n globalState[DYNAMIC_SCRIPT_NONCE_STATE_KEY] = {\n nonceByDocument: new WeakMap<Document, string>(),\n observerByDocument: new WeakMap<Document, MutationObserver>(),\n patched: false,\n };\n }\n\n return globalState[DYNAMIC_SCRIPT_NONCE_STATE_KEY];\n}\n\nfunction normalizeNonce(nonce?: string \| null): string \| undefined {\n const trimmed = nonce?.trim();\n return trimmed ? trimmed : undefined;\n}\n\nfunction isScriptElement(node: Node): node is HTMLScriptElement {\n return node instanceof Element && node.tagName.toLowerCase() === 'script';\n}\n\nexport function applyScriptNonce(script: HTMLScriptElement, nonce?: string): void {\n const resolvedNonce = normalizeNonce(nonce);\n if (!resolvedNonce) {\n return;\n }\n\n script.setAttribute('nonce', resolvedNonce);\n script.nonce = resolvedNonce;\n}\n\nfunction applyTrackedNonce(node: Node): void {\n if (!isScriptElement(node)) {\n return;\n }\n\n const documentRef = node.ownerDocument;\n if (!documentRef) {\n return;\n }\n\n const nonce = getDynamicScriptNoncePatchState().nonceByDocument.get(documentRef);\n applyScriptNonce(node, nonce);\n}\n\nfunction walkAndApplyNonce(root: Node, nonce?: string): void {\n if (!nonce) return;\n\n // Fast path: root itself is a script.\n if (isScriptElement(root)) {\n applyScriptNonce(root, nonce);\n return;\n }\n\n // Common path for jQuery: append DocumentFragment containing scripts created via HTML parsing.\n if (root instanceof Element \|\| root instanceof DocumentFragment) {\n const scripts = root.querySelectorAll?.('script') ?? [];\n for (const script of scripts) {\n applyScriptNonce(script as HTMLScriptElement, nonce);\n }\n }\n}\n\nfunction ensureNonceMutationObserver(documentRef: Document): void {\n const patchState = getDynamicScriptNoncePatchState();\n if (patchState.observerByDocument.get(documentRef)) {\n return;\n }\n\n const observer = new MutationObserver((records) => {\n const nonce = patchState.nonceByDocument.get(documentRef);\n if (!nonce) return;\n\n for (const record of records) {\n for (const node of record.addedNodes) {\n walkAndApplyNonce(node, nonce);\n }\n }\n });\n\n // Observe the full document because scripts can be injected into body/head by vendor/jQuery.\n const root = documentRef.documentElement ?? documentRef;\n observer.observe(root, { childList: true, subtree: true });\n patchState.observerByDocument.set(documentRef, observer);\n}\n\nfunction teardownNonceMutationObserver(documentRef: Document): void {\n const patchState = getDynamicScriptNoncePatchState();\n const observer = patchState.observerByDocument.get(documentRef);\n if (!observer) return;\n observer.disconnect();\n patchState.observerByDocument.delete(documentRef);\n}\n\nfunction patchDynamicScriptInsertion(): void {\n const patchState = getDynamicScriptNoncePatchState();\n if (patchState.patched) {\n return;\n }\n\n const originalAppendChild = Node.prototype.appendChild;\n const originalInsertBefore = Node.prototype.insertBefore;\n const originalReplaceChild = Node.prototype.replaceChild;\n\n Node.prototype.appendChild = function <T extends Node>(node: T): T {\n applyTrackedNonce(node);\n return originalAppendChild.call(this, node) as T;\n };\n\n Node.prototype.insertBefore = function <T extends Node>(node: T, child: Node \| null): T {\n applyTrackedNonce(node);\n return originalInsertBefore.call(this, node, child) as T;\n };\n\n Node.prototype.replaceChild = function <T extends Node>(node: Node, child: T): T {\n applyTrackedNonce(node);\n return originalReplaceChild.call(this, node, child) as T;\n };\n\n patchState.patched = true;\n}\n\nexport function resolveCspNonce(documentRef: Document, explicitNonce?: string): string \| undefined {\n const resolvedExplicitNonce = normalizeNonce(explicitNonce);\n if (resolvedExplicitNonce) {\n return resolvedExplicitNonce;\n }\n\n const scriptWithNonce = documentRef.querySelector<HTMLScriptElement>('script[nonce]');\n const nonceFromScript = normalizeNonce(scriptWithNonce?.getAttribute('nonce') ?? scriptWithNonce?.nonce);\n if (nonceFromScript) {\n return nonceFromScript;\n }\n\n const nonceMeta = documentRef.querySelector<HTMLMetaElement>('meta[name=\"csp-nonce\"]');\n return normalizeNonce(nonceMeta?.content);\n}\n\nexport function prepareScriptNonce(documentRef: Document, explicitNonce?: string): string \| undefined {\n const resolvedNonce = resolveCspNonce(documentRef, explicitNonce);\n const patchState = getDynamicScriptNoncePatchState();\n\n patchDynamicScriptInsertion();\n\n if (resolvedNonce) {\n patchState.nonceByDocument.set(documentRef, resolvedNonce);\n ensureNonceMutationObserver(documentRef);\n } else {\n patchState.nonceByDocument.delete(documentRef);\n teardownNonceMutationObserver(documentRef);\n }\n\n return resolvedNonce;\n}\n\nexport function loadScript(documentRef: Document, src: string, options?: ScriptLoadOptions): Promise<void> {\n const nonce = prepareScriptNonce(documentRef, options?.nonce);\n const statusBySrc = getStatusBySrc(documentRef);\n const pendingBySrc = getPendingBySrc(documentRef);\n const existing = documentRef.querySelector<HTMLScriptElement>(`script[src=\"${src}\"]`);\n\n if (existing) {\n applyScriptNonce(existing, nonce);\n const status = statusBySrc.get(src);\n if (status === 'loaded') {\n return Promise.resolve();\n }\n\n const pending = pendingBySrc.get(src);\n if (pending) {\n return pending;\n }\n\n return Promise.resolve();\n }\n\n statusBySrc.set(src, 'loading');\n\n const pending = new Promise<void>((resolve, reject) => {\n const script = documentRef.createElement('script');\n script.src = src;\n script.async = true;\n applyScriptNonce(script, nonce);\n script.onload = () => {\n statusBySrc.set(src, 'loaded');\n pendingBySrc.delete(src);\n resolve();\n };\n script.onerror = () => {\n statusBySrc.set(src, 'error');\n pendingBySrc.delete(src);\n reject(new Error(`Failed to load script: ${src}. Check CSP allowlist and nonce configuration.`));\n };\n documentRef.head.appendChild(script);\n });\n\n pendingBySrc.set(src, pending);\n return pending;\n}\n","import { DOCUMENT } from '@angular/common';\nimport { Inject, Injectable } from '@angular/core';\n\nimport { loadScript, type ScriptLoadOptions } from './siara-shield-script-utils';\n\n@Injectable({ providedIn: 'root' })\nexport class SiaraShieldLoaderService {\n constructor(@Inject(DOCUMENT) private readonly document: Document) {}\n\n loadScript(src: string, options?: ScriptLoadOptions): Promise<void> {\n return loadScript(this.document, src, options);\n }\n}\n","import { AfterViewInit, Component, ElementRef, EventEmitter, Input, Output, ViewEncapsulation } from '@angular/core';\nimport { SiaraShieldLoaderService } from './siara-shield-loader.service';\nimport { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\nimport { prepareScriptNonce } from './siara-shield-script-utils';\n\r\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_SCRIPT_SRC = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';\nconst VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\r\nexport interface SiaraShieldInitOptions {\r\n /** SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. /\r\n publicKey: string;\r\n /* Loads jQuery before SiaraShield script. Default is true for easier integration. Set to false only if your page already includes jQuery. /\n loadJQuery?: boolean;\n /* CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. /\n cspNonce?: string;\n}\r\n\r\n@Component({\r\n selector: 'siara-shield',\r\n standalone: true,\r\n template: `<div class=\"SiaraShield\"></div>`,\r\n encapsulation: ViewEncapsulation.None,\r\n})\r\nexport class SiaraShieldComponent implements AfterViewInit {\n @Input({ required: true }) publicKey!: string;\r\n @Input() loadJQuery = true;\n @Input() cspNonce?: string;\n\r\n /\r\n Emits the current `CyberSiaraToken` right after a successful `checkCaptcha()`.\r\n /\r\n @Output() token = new EventEmitter<string>();\r\n\r\n private initialized = false;\r\n\r\n constructor(\n private readonly host: ElementRef<HTMLElement>,\n private readonly loader: SiaraShieldLoaderService,\n ) {}\n\r\n async ngAfterViewInit(): Promise<void> {\r\n await this.init({ publicKey: this.publicKey, loadJQuery: this.loadJQuery, cspNonce: this.cspNonce });\r\n }\r\n\r\n async init(options: SiaraShieldInitOptions): Promise<void> {\r\n if (this.initialized) return;\r\n\r\n // Ensure the host element is in DOM before scripts run.\r\n void this.host.nativeElement;\r\n\r\n if (!options.publicKey) {\n throw new Error('SiaraShieldComponent: publicKey is required.');\n }\n const cspNonce = prepareScriptNonce(this.host.nativeElement.ownerDocument, options.cspNonce);\n\n if ((options.loadJQuery ?? true) && !this.isJQueryAlreadyAvailable()) {\n await this.loader.loadScript(JQUERY_FALLBACK_SRC, { nonce: cspNonce });\n }\n\n await this.loader.loadScript(CAPTCHA_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n await this.loader.loadScript(VALIDATION_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n\n const g = getSiaraShieldGlobals();\n this.preventDuplicateValidationBootstrap(g);\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error(\n 'SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.',\n );\n }\n\r\n initCaptchaFn(options.publicKey);\r\n await this.waitForCheckCaptchaApi();\r\n this.initialized = true;\r\n }\r\n\r\n /\r\n Detect preloaded jQuery from global object or an existing script tag.\r\n /\r\n private isJQueryAlreadyAvailable(): boolean {\r\n const g = getSiaraShieldGlobals();\r\n if (typeof g.jQuery === 'function' \|\| typeof g.$ === 'function') {\r\n return true;\r\n }\r\n\r\n const existingJqueryScript = this.host.nativeElement.ownerDocument.querySelector<HTMLScriptElement>(\r\n 'script[src=\"jquery\"]',\r\n );\r\n return Boolean(existingJqueryScript);\r\n }\r\n\r\n private preventDuplicateValidationBootstrap(g: ReturnType<typeof getSiaraShieldGlobals>): void {\n const originalAppendValidation = g.AppendValidationJS;\n if (typeof originalAppendValidation !== 'function') {\n return;\n }\n\n g.AppendValidationJS = () => {\n const existing = this.host.nativeElement.ownerDocument.querySelector<HTMLScriptElement>(\n `script[src=\"${VALIDATION_SCRIPT_SRC}\"]`,\n );\n if (existing) {\n return;\n }\n\n originalAppendValidation();\n };\n }\n\r\n private async waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\r\n const startedAt = Date.now();\r\n while (Date.now() - startedAt < timeoutMs) {\r\n if (getSiaraShieldGlobals().CheckCaptcha) {\r\n return;\r\n }\r\n await new Promise((resolve) => setTimeout(resolve, 100));\r\n }\r\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');\n }\n\r\n /*\r\n Calls the global `CheckCaptcha()` from SiaraShield script.\r\n * Returns true when captcha is valid; emits token if available.\r\n /\r\n checkCaptcha(): boolean {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did init() run, and is CSP allowing the captcha scripts?');\n }\n\r\n const ok = g.CheckCaptcha();\r\n if (ok && typeof g.CyberSiaraToken === 'string') {\r\n this.token.emit(g.CyberSiaraToken);\r\n }\r\n return ok;\r\n }\r\n\r\n /\r\n Async-friendly captcha validation to avoid first-click timing issues.\r\n * Retries briefly until token/check API settles.\r\n /\r\n async checkCaptchaAsync(options?: { timeoutMs?: number; pollIntervalMs?: number }): Promise<boolean> {\r\n const timeoutMs = options?.timeoutMs ?? 2000;\r\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\r\n const startedAt = Date.now();\r\n\r\n if (this.checkCaptcha()) {\r\n return true;\r\n }\r\n\r\n while (Date.now() - startedAt < timeoutMs) {\r\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\r\n if (this.checkCaptcha()) {\r\n return true;\r\n }\r\n }\r\n\r\n return false;\r\n }\r\n}\r\n\r\n","import { getInitCaptchaFn, getSiaraShieldGlobals } from './siara-shield.globals';\nimport { loadScript, prepareScriptNonce } from './siara-shield-script-utils';\n\nconst JQUERY_FALLBACK_SRC = 'https://embedcdn.mycybersiara.com/capcha-temple/js/jquery.min.js';\nconst CAPTCHA_SCRIPT_SRC = 'https://embedcdn.mycybersiara.com/CaptchaFormate/CaptchaResources.js';\nconst VALIDATION_SCRIPT_SRC = 'https://embed.mycybersiara.com/CaptchaFormate/SiaraShield_Validation.js';\nconst CAPTCHA_READY_TIMEOUT_MS = 8000;\n\r\nexport interface InitSiaraShieldOptions {\n /* SiaraShield public key. Use \"TEST-CYBERSIARA\" for staging/development. /\n publicKey: string;\n /\n Loads jQuery before SiaraShield script.\n * Default is true for easier integration.\n * Set to false only if your site/app already loads jQuery.\n /\n loadJQuery?: boolean;\n /* CSP nonce for strict policies (`script-src 'nonce-...'`). Pair with `getSiaraShieldCspPolicy()`. /\n cspNonce?: string;\n}\n\r\nlet pending: Promise<void> \| null = null;\nlet initialized = false;\n\nfunction isJQueryAlreadyAvailable(): boolean {\n const g = getSiaraShieldGlobals();\n if (typeof g.jQuery === 'function' \|\| typeof g.$ === 'function') {\n return true;\n }\n\n const existingJqueryScript = document.querySelector<HTMLScriptElement>('script[src=\"jquery\"]');\n return Boolean(existingJqueryScript);\n}\n\nfunction preventDuplicateValidationBootstrap(g: ReturnType<typeof getSiaraShieldGlobals>): void {\n const originalAppendValidation = g.AppendValidationJS;\n if (typeof originalAppendValidation !== 'function') {\n return;\n }\n\n g.AppendValidationJS = () => {\n const existing = document.querySelector<HTMLScriptElement>(`script[src=\"${VALIDATION_SCRIPT_SRC}\"]`);\n if (existing) {\n return;\n }\n\n originalAppendValidation();\n };\n}\n\r\nasync function waitForCheckCaptchaApi(timeoutMs = CAPTCHA_READY_TIMEOUT_MS): Promise<void> {\n const startedAt = Date.now();\n while (Date.now() - startedAt < timeoutMs) {\n if (getSiaraShieldGlobals().CheckCaptcha) {\n return;\n }\r\n await new Promise((resolve) => setTimeout(resolve, 100));\r\n }\r\n throw new Error('SiaraShield: CheckCaptcha() was not available within timeout. This can happen when CSP blocks the captcha runtime.');\n}\n\r\n/*\r\n Drop-in initializer for SiaraShield.\r\n * - Loads required scripts (optionally jQuery)\r\n * - Calls global `initCaptcha(publicKey)`\r\n \r\n Requirements in your HTML/template:\r\n * - You must render: `<div class=\"SiaraShield\"></div>`\r\n /\r\nexport async function initSiaraShield(options: InitSiaraShieldOptions): Promise<void> {\r\n if (initialized) return;\r\n if (pending) return pending;\r\n\r\n if (!options?.publicKey) {\r\n throw new Error('initSiaraShield: publicKey is required.');\r\n }\n\n pending = (async () => {\n const cspNonce = prepareScriptNonce(document, options.cspNonce);\n\n if ((options.loadJQuery ?? true) && !isJQueryAlreadyAvailable()) {\n await loadScript(document, JQUERY_FALLBACK_SRC, { nonce: cspNonce });\n }\n\n await loadScript(document, CAPTCHA_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n await loadScript(document, VALIDATION_SCRIPT_SRC, {\n nonce: cspNonce,\n });\n\n const g = getSiaraShieldGlobals();\n preventDuplicateValidationBootstrap(g);\n const initCaptchaFn = getInitCaptchaFn(g);\n if (!initCaptchaFn) {\n throw new Error(\n 'SiaraShield: InitCaptcha() is not available after loading scripts. Check whether CSP blocked vendor scripts or inline execution.',\n );\n }\n\r\n initCaptchaFn(options.publicKey);\r\n await waitForCheckCaptchaApi();\r\n initialized = true;\r\n })();\r\n\r\n try {\r\n await pending;\r\n } finally {\r\n // keep `pending` cached for subsequent callers\r\n }\r\n}\r\n\r\n/\r\n Calls global `CheckCaptcha()` and returns its boolean result.\r\n * If successful, returns `{ ok: true, token?: string }`.\r\n /\r\nexport function checkSiaraShieldCaptcha(): { ok: boolean; token?: string } {\n const g = getSiaraShieldGlobals();\n if (!g.CheckCaptcha) {\n throw new Error('SiaraShield: CheckCaptcha() is not available. Did initSiaraShield() run, and is CSP allowing the captcha scripts?');\n }\n\r\n const ok = g.CheckCaptcha();\r\n const token = typeof g.CyberSiaraToken === 'string' ? g.CyberSiaraToken : undefined;\r\n return ok ? { ok: true, token } : { ok: false };\r\n}\r\n\r\n/\r\n Async-friendly captcha check to handle delayed token population.\r\n /\r\nexport async function checkSiaraShieldCaptchaAsync(options?: {\r\n timeoutMs?: number;\r\n pollIntervalMs?: number;\r\n}): Promise<{ ok: boolean; token?: string }> {\r\n const timeoutMs = options?.timeoutMs ?? 1200;\r\n const pollIntervalMs = options?.pollIntervalMs ?? 120;\r\n const firstCheck = checkSiaraShieldCaptcha(); // one API call only\r\n if (!firstCheck.ok) return firstCheck;\r\n if (firstCheck.token) return firstCheck;\r\n\r\n const startedAt = Date.now();\r\n // Token can be assigned slightly after successful verification.\r\n while (Date.now() - startedAt < timeoutMs) {\r\n await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));\r\n const token = getSiaraShieldGlobals().CyberSiaraToken;\r\n if (typeof token === 'string' && token.length > 0) {\r\n return { ok: true, token };\r\n }\r\n }\r\n\r\n return { ok: true };\r\n}\r\n\r\n","export interface SiaraShieldCspOptions {\n /* Server-generated nonce value without the `'nonce-'` prefix. /\n nonce?: string;\n /* Optional if the customer still loads jQuery from Google's CDN. /\n includeGoogleApis?: boolean;\n /* Include `script-src 'unsafe-inline'` (not recommended for production). /\n includeUnsafeInlineScript?: boolean;\n /* Include `style-src 'unsafe-inline'` (not recommended for production). /\n includeUnsafeInlineStyle?: boolean;\n}\n\nexport type SiaraShieldCspDirectives = Record<string, string[]>;\n\nconst SELF = \"'self'\";\nconst DATA = 'data:';\nconst UNSAFE_INLINE = \"'unsafe-inline'\";\n\nconst SCRIPT_HOSTS = ['https://embedcdn.mycybersiara.com', 'https://embed.mycybersiara.com'] as const;\nconst OPTIONAL_SCRIPT_HOSTS = ['https://ajax.googleapis.com'] as const;\nconst CONNECT_HOSTS = ['https://embed.mycybersiara.com', 'https://embedcdn.mycybersiara.com'] as const;\nconst STYLE_HOSTS = [\n 'https://embed.mycybersiara.com',\n 'https://mycybersiara.com',\n 'https://fonts.googleapis.com',\n 'https://cdnjs.cloudflare.com',\n] as const;\nconst FONT_HOSTS = [\n 'https://fonts.gstatic.com',\n 'https://mycybersiara.com',\n 'https://cdnjs.cloudflare.com',\n] as const;\nconst IMG_HOSTS = [\n 'https://embed.mycybersiara.com',\n 'https://embedcdn.mycybersiara.com',\n 'https://mycybersiara.com',\n] as const;\n\nfunction unique(values: Array<string \| undefined>): string[] {\n return [...new Set(values.filter((value): value is string => Boolean(value && value.trim())))];\n}\n\nfunction nonceSource(nonce?: string): string \| undefined {\n return nonce ? `'nonce-${nonce}'` : undefined;\n}\n\nfunction serializeDirective(name: string, values: string[]): string {\n return values.length > 0 ? `${name} ${values.join(' ')}` : name;\n}\n\nfunction parsePolicy(policy: string): Map<string, string[]> {\n const directives = new Map<string, string[]>();\n\n for (const rawDirective of policy.split(';')) {\n const directive = rawDirective.trim();\n if (!directive) {\n continue;\n }\n\n const parts = directive.split(/\\s+/).filter(Boolean);\n const [name, ...values] = parts;\n if (!name) {\n continue;\n }\n\n directives.set(name, values);\n }\n\n return directives;\n}\n\nexport function getSiaraShieldCspDirectives(options?: SiaraShieldCspOptions): SiaraShieldCspDirectives {\n const includeGoogleApis = options?.includeGoogleApis ?? false;\n // Default to strict/safe CSP. Customers can explicitly opt-in if they accept the risk.\n const includeUnsafeInlineScript = options?.includeUnsafeInlineScript ?? false;\n const includeUnsafeInlineStyle = options?.includeUnsafeInlineStyle ?? false;\n const nonce = nonceSource(options?.nonce);\n const scriptHosts = includeGoogleApis ? [...SCRIPT_HOSTS, ...OPTIONAL_SCRIPT_HOSTS] : [...SCRIPT_HOSTS];\n\n return {\n 'default-src': unique([SELF]),\n 'script-src': unique([SELF, nonce, ...scriptHosts, includeUnsafeInlineScript ? UNSAFE_INLINE : undefined]),\n 'script-src-elem': unique([SELF, nonce, ...scriptHosts]),\n 'connect-src': unique([SELF, ...CONNECT_HOSTS]),\n 'img-src': unique([SELF, DATA, ...IMG_HOSTS]),\n 'style-src': unique([SELF, includeUnsafeInlineStyle ? UNSAFE_INLINE : undefined, ...STYLE_HOSTS]),\n 'font-src': unique([SELF, ...FONT_HOSTS, DATA]),\n };\n}\n\nexport function getSiaraShieldCspPolicy(options?: SiaraShieldCspOptions): string {\n return Object.entries(getSiaraShieldCspDirectives(options))\n .map(([name, values]) => serializeDirective(name, values))\n .join('; ');\n}\n\nexport function mergeSiaraShieldCspPolicy(existingPolicy: string, options?: SiaraShieldCspOptions): string {\n const directives = parsePolicy(existingPolicy);\n const recommended = getSiaraShieldCspDirectives(options);\n\n for (const [name, values] of Object.entries(recommended)) {\n directives.set(name, unique([...(directives.get(name) ?? []), ...values]));\n }\n\n return [...directives.entries()]\n .map(([name, values]) => serializeDirective(name, values))\n .join('; ');\n}\n","/\n * Public API Surface of siarashield-workspace\n /\n\nexport from './lib/siarashield-workspace';\nexport * from './lib/siara-shield.component';\nexport * from './lib/siara-shield-loader.service';\nexport * from './lib/siara-shield.globals';\nexport * from './lib/siara-shield';\nexport * from './lib/siara-shield-csp';\n","/*\n Generated bundle index. Do not edit.\n /\n\nexport from './public-api';\n"],"names":["JQUERY_FALLBACK_SRC","CAPTCHA_SCRIPT_SRC","VALIDATION_SCRIPT_SRC","CAPTCHA_READY_TIMEOUT_MS","i1.SiaraShieldLoaderService"],"mappings":";;;;SAagB,qBAAqB,GAAA;AACnC,IAAA,OAAQ,UAAwE;AAClF;AAEM,SAAU,gBAAgB,CAAC,CAAqB,EAAA;AACpD,IAAA,OAAO,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,WAAW;AACvC;;ACPA,MAAM,yBAAyB,GAAG,IAAI,OAAO,EAAuC;AACpF,MAAM,0BAA0B,GAAG,IAAI,OAAO,EAAwC;AACtF,MAAM,8BAA8B,GAAG,wCAAwC;AAE/E,SAAS,cAAc,CAAC,WAAqB,EAAA;IAC3C,IAAI,WAAW,GAAG,yBAAyB,CAAC,GAAG,CAAC,WAAW,CAAC;IAC5D,IAAI,CAAC,WAAW,EAAE;AAChB,QAAA,WAAW,GAAG,IAAI,GAAG,EAAwB;AAC7C,QAAA,yBAAyB,CAAC,GAAG,CAAC,WAAW,EAAE,WAAW,CAAC;IACzD;AAEA,IAAA,OAAO,WAAW;AACpB;AAEA,SAAS,eAAe,CAAC,WAAqB,EAAA;IAC5C,IAAI,YAAY,GAAG,0BAA0B,CAAC,GAAG,CAAC,WAAW,CAAC;IAC9D,IAAI,CAAC,YAAY,EAAE;AACjB,QAAA,YAAY,GAAG,IAAI,GAAG,EAAyB;AAC/C,QAAA,0BAA0B,CAAC,GAAG,CAAC,WAAW,EAAE,YAAY,CAAC;IAC3D;AAEA,IAAA,OAAO,YAAY;AACrB;AAEA,SAAS,+BAA+B,GAAA;IACtC,MAAM,WAAW,GAAG,UAEnB;AAED,IAAA,IAAI,CAAC,WAAW,CAAC,8BAA8B,CAAC,EAAE;QAChD,WAAW,CAAC,8BAA8B,CAAC,GAAG;YAC5C,eAAe,EAAE,IAAI,OAAO,EAAoB;YAChD,kBAAkB,EAAE,IAAI,OAAO,EAA8B;AAC7D,YAAA,OAAO,EAAE,KAAK;SACf;IACH;AAEA,IAAA,OAAO,WAAW,CAAC,8BAA8B,CAAC;AACpD;AAEA,SAAS,cAAc,CAAC,KAAqB,EAAA;AAC3C,IAAA,MAAM,OAAO,GAAG,KAAK,EAAE,IAAI,EAAE;IAC7B,OAAO,OAAO,GAAG,OAAO,GAAG,SAAS;AACtC;AAEA,SAAS,eAAe,CAAC,IAAU,EAAA;AACjC,IAAA,OAAO,IAAI,YAAY,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,KAAK,QAAQ;AAC3E;AAEM,SAAU,gBAAgB,CAAC,MAAyB,EAAE,KAAc,EAAA;AACxE,IAAA,MAAM,aAAa,GAAG,cAAc,CAAC,KAAK,CAAC;IAC3C,IAAI,CAAC,aAAa,EAAE;QAClB;IACF;AAEA,IAAA,MAAM,CAAC,YAAY,CAAC,OAAO,EAAE,aAAa,CAAC;AAC3C,IAAA,MAAM,CAAC,KAAK,GAAG,aAAa;AAC9B;AAEA,SAAS,iBAAiB,CAAC,IAAU,EAAA;AACnC,IAAA,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE;QAC1B;IACF;AAEA,IAAA,MAAM,WAAW,GAAG,IAAI,CAAC,aAAa;IACtC,IAAI,CAAC,WAAW,EAAE;QAChB;IACF;IAEA,MAAM,KAAK,GAAG,+BAA+B,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC;AAChF,IAAA,gBAAgB,CAAC,IAAI,EAAE,KAAK,CAAC;AAC/B;AAEA,SAAS,iBAAiB,CAAC,IAAU,EAAE,KAAc,EAAA;AACnD,IAAA,IAAI,CAAC,KAAK;QAAE;;AAGZ,IAAA,IAAI,eAAe,CAAC,IAAI,CAAC,EAAE;AACzB,QAAA,gBAAgB,CAAC,IAAI,EAAE,KAAK,CAAC;QAC7B;IACF;;IAGA,IAAI,IAAI,YAAY,OAAO,IAAI,IAAI,YAAY,gBAAgB,EAAE;QAC/D,MAAM,OAAO,GAAG,IAAI,CAAC,gBAAgB,GAAG,QAAQ,CAAC,IAAI,EAAE;AACvD,QAAA,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE;AAC5B,YAAA,gBAAgB,CAAC,MAA2B,EAAE,KAAK,CAAC;QACtD;IACF;AACF;AAEA,SAAS,2BAA2B,CAAC,WAAqB,EAAA;AACxD,IAAA,MAAM,UAAU,GAAG,+BAA+B,EAAE;IACpD,IAAI,UAAU,CAAC,kBAAkB,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE;QAClD;IACF;IAEA,MAAM,QAAQ,GAAG,IAAI,gBAAgB,CAAC,CAAC,OAAO,KAAI;QAChD,MAAM,KAAK,GAAG,UAAU,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC;AACzD,QAAA,IAAI,CAAC,KAAK;YAAE;AAEZ,QAAA,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE;AAC5B,YAAA,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,UAAU,EAAE;AACpC,gBAAA,iBAAiB,CAAC,IAAI,EAAE,KAAK,CAAC;YAChC;QACF;AACF,IAAA,CAAC,CAAC;;AAGF,IAAA,MAAM,IAAI,GAAG,WAAW,CAAC,eAAe,IAAI,WAAW;AACvD,IAAA,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC1D,UAAU,CAAC,kBAAkB,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC;AAC1D;AAEA,SAAS,6BAA6B,CAAC,WAAqB,EAAA;AAC1D,IAAA,MAAM,UAAU,GAAG,+BAA+B,EAAE;IACpD,MAAM,QAAQ,GAAG,UAAU,CAAC,kBAAkB,CAAC,GAAG,CAAC,WAAW,CAAC;AAC/D,IAAA,IAAI,CAAC,QAAQ;QAAE;IACf,QAAQ,CAAC,UAAU,EAAE;AACrB,IAAA,UAAU,CAAC,kBAAkB,CAAC,MAAM,CAAC,WAAW,CAAC;AACnD;AAEA,SAAS,2BAA2B,GAAA;AAClC,IAAA,MAAM,UAAU,GAAG,+BAA+B,EAAE;AACpD,IAAA,IAAI,UAAU,CAAC,OAAO,EAAE;QACtB;IACF;AAEA,IAAA,MAAM,mBAAmB,GAAG,IAAI,CAAC,SAAS,CAAC,WAAW;AACtD,IAAA,MAAM,oBAAoB,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY;AACxD,IAAA,MAAM,oBAAoB,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY;AAExD,IAAA,IAAI,CAAC,SAAS,CAAC,WAAW,GAAG,UAA0B,IAAO,EAAA;QAC5D,iBAAiB,CAAC,IAAI,CAAC;QACvB,OAAO,mBAAmB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAM;AAClD,IAAA,CAAC;IAED,IAAI,CAAC,SAAS,CAAC,YAAY,GAAG,UAA0B,IAAO,EAAE,KAAkB,EAAA;QACjF,iBAAiB,CAAC,IAAI,CAAC;QACvB,OAAO,oBAAoB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAM;AAC1D,IAAA,CAAC;IAED,IAAI,CAAC,SAAS,CAAC,YAAY,GAAG,UAA0B,IAAU,EAAE,KAAQ,EAAA;QAC1E,iBAAiB,CAAC,IAAI,CAAC;QACvB,OAAO,oBAAoB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAM;AAC1D,IAAA,CAAC;AAED,IAAA,UAAU,CAAC,OAAO,GAAG,IAAI;AAC3B;AAEM,SAAU,eAAe,CAAC,WAAqB,EAAE,aAAsB,EAAA;AAC3E,IAAA,MAAM,qBAAqB,GAAG,cAAc,CAAC,aAAa,CAAC;IAC3D,IAAI,qBAAqB,EAAE;AACzB,QAAA,OAAO,qBAAqB;IAC9B;IAEA,MAAM,eAAe,GAAG,WAAW,CAAC,aAAa,CAAoB,eAAe,CAAC;AACrF,IAAA,MAAM,eAAe,GAAG,cAAc,CAAC,eAAe,EAAE,YAAY,CAAC,OAAO,CAAC,IAAI,eAAe,EAAE,KAAK,CAAC;IACxG,IAAI,eAAe,EAAE;AACnB,QAAA,OAAO,eAAe;IACxB;IAEA,MAAM,SAAS,GAAG,WAAW,CAAC,aAAa,CAAkB,wBAAwB,CAAC;AACtF,IAAA,OAAO,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC;AAC3C;AAEM,SAAU,kBAAkB,CAAC,WAAqB,EAAE,aAAsB,EAAA;IAC9E,MAAM,aAAa,GAAG,eAAe,CAAC,WAAW,EAAE,aAAa,CAAC;AACjE,IAAA,MAAM,UAAU,GAAG,+BAA+B,EAAE;AAEpD,IAAA,2BAA2B,EAAE;IAE7B,IAAI,aAAa,EAAE;QACjB,UAAU,CAAC,eAAe,CAAC,GAAG,CAAC,WAAW,EAAE,aAAa,CAAC;QAC1D,2BAA2B,CAAC,WAAW,CAAC;IAC1C;SAAO;AACL,QAAA,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,WAAW,CAAC;QAC9C,6BAA6B,CAAC,WAAW,CAAC;IAC5C;AAEA,IAAA,OAAO,aAAa;AACtB;SAEgB,UAAU,CAAC,WAAqB,EAAE,GAAW,EAAE,OAA2B,EAAA;IACxF,MAAM,KAAK,GAAG,kBAAkB,CAAC,WAAW,EAAE,OAAO,EAAE,KAAK,CAAC;AAC7D,IAAA,MAAM,WAAW,GAAG,cAAc,CAAC,WAAW,CAAC;AAC/C,IAAA,MAAM,YAAY,GAAG,eAAe,CAAC,WAAW,CAAC;IACjD,MAAM,QAAQ,GAAG,WAAW,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,GAAG,CAAA,EAAA,CAAI,CAAC;IAErF,IAAI,QAAQ,EAAE;AACZ,QAAA,gBAAgB,CAAC,QAAQ,EAAE,KAAK,CAAC;QACjC,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC;AACnC,QAAA,IAAI,MAAM,KAAK,QAAQ,EAAE;AACvB,YAAA,OAAO,OAAO,CAAC,OAAO,EAAE;QAC1B;QAEA,MAAM,OAAO,GAAG,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC;QACrC,IAAI,OAAO,EAAE;AACX,YAAA,OAAO,OAAO;QAChB;AAEA,QAAA,OAAO,OAAO,CAAC,OAAO,EAAE;IAC1B;AAEA,IAAA,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC;IAE/B,MAAM,OAAO,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,KAAI;QACpD,MAAM,MAAM,GAAG,WAAW,CAAC,aAAa,CAAC,QAAQ,CAAC;AAClD,QAAA,MAAM,CAAC,GAAG,GAAG,GAAG;AAChB,QAAA,MAAM,CAAC,KAAK,GAAG,IAAI;AACnB,QAAA,gBAAgB,CAAC,MAAM,EAAE,KAAK,CAAC;AAC/B,QAAA,MAAM,CAAC,MAAM,GAAG,MAAK;AACnB,YAAA,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC;AAC9B,YAAA,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC;AACxB,YAAA,OAAO,EAAE;AACX,QAAA,CAAC;AACD,QAAA,MAAM,CAAC,OAAO,GAAG,MAAK;AACpB,YAAA,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;AAC7B,YAAA,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC;YACxB,MAAM,CAAC,IAAI,KAAK,CAAC,0BAA0B,GAAG,CAAA,8CAAA,CAAgD,CAAC,CAAC;AAClG,QAAA,CAAC;AACD,QAAA,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;AACtC,IAAA,CAAC,CAAC;AAEF,IAAA,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC;AAC9B,IAAA,OAAO,OAAO;AAChB;;MCxOa,wBAAwB,CAAA;AACY,IAAA,QAAA;AAA/C,IAAA,WAAA,CAA+C,QAAkB,EAAA;QAAlB,IAAA,CAAA,QAAQ,GAAR,QAAQ;IAAa;IAEpE,UAAU,CAAC,GAAW,EAAE,OAA2B,EAAA;QACjD,OAAO,UAAU,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,EAAE,OAAO,CAAC;IAChD;AALW,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,kBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,kBACf,QAAQ,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;AADjB,IAAA,OAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,wBAAwB,cADX,MAAM,EAAA,CAAA;;2FACnB,wBAAwB,EAAA,UAAA,EAAA,CAAA;kBADpC,UAAU;mBAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;0BAEnB,MAAM;2BAAC,QAAQ;;;ACF9B,MAAMA,qBAAmB,GAAG,kEAAkE;AAC9F,MAAMC,oBAAkB,GAAG,sEAAsE;AACjG,MAAMC,uBAAqB,GAAG,yEAAyE;AACvG,MAAMC,0BAAwB,GAAG,IAAI;MAiBxB,oBAAoB,CAAA;AAaZ,IAAA,IAAA;AACA,IAAA,MAAA;AAbQ,IAAA,SAAS;IAC3B,UAAU,GAAG,IAAI;AACjB,IAAA,QAAQ;AAEjB;;AAEG;AACO,IAAA,KAAK,GAAG,IAAI,YAAY,EAAU;IAEpC,WAAW,GAAG,KAAK;IAE3B,WAAA,CACmB,IAA6B,EAC7B,MAAgC,EAAA;QADhC,IAAA,CAAA,IAAI,GAAJ,IAAI;QACJ,IAAA,CAAA,MAAM,GAAN,MAAM;IACtB;AAEH,IAAA,MAAM,eAAe,GAAA;QACnB,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;IACtG;IAEA,MAAM,IAAI,CAAC,OAA+B,EAAA;QACxC,IAAI,IAAI,CAAC,WAAW;YAAE;;AAGtB,QAAA,KAAK,IAAI,CAAC,IAAI,CAAC,aAAa;AAE5B,QAAA,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE;AACtB,YAAA,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC;QACjE;AACA,QAAA,MAAM,QAAQ,GAAG,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,EAAE,OAAO,CAAC,QAAQ,CAAC;AAE5F,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE;AACpE,YAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACH,qBAAmB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QACxE;AAEA,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACC,oBAAkB,EAAE;AAC/C,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AACF,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAACC,uBAAqB,EAAE;AAClD,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,CAAC,mCAAmC,CAAC,CAAC,CAAC;AAC3C,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CACb,kIAAkI,CACnI;QACH;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;AAChC,QAAA,MAAM,IAAI,CAAC,sBAAsB,EAAE;AACnC,QAAA,IAAI,CAAC,WAAW,GAAG,IAAI;IACzB;AAEA;;AAEG;IACK,wBAAwB,GAAA;AAC9B,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,YAAA,OAAO,IAAI;QACb;AAEA,QAAA,MAAM,oBAAoB,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,aAAa,CAC9E,uBAAuB,CACxB;AACD,QAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;IACtC;AAEQ,IAAA,mCAAmC,CAAC,CAA2C,EAAA;AACrF,QAAA,MAAM,wBAAwB,GAAG,CAAC,CAAC,kBAAkB;AACrD,QAAA,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE;YAClD;QACF;AAEA,QAAA,CAAC,CAAC,kBAAkB,GAAG,MAAK;AAC1B,YAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,aAAa,CAClE,CAAA,YAAA,EAAeA,uBAAqB,CAAA,EAAA,CAAI,CACzC;YACD,IAAI,QAAQ,EAAE;gBACZ;YACF;AAEA,YAAA,wBAAwB,EAAE;AAC5B,QAAA,CAAC;IACH;AAEQ,IAAA,MAAM,sBAAsB,CAAC,SAAS,GAAGC,0BAAwB,EAAA;AACvE,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;QAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;gBACxC;YACF;AACA,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC1D;AACA,QAAA,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC;IACvI;AAEA;;;AAGG;IACH,YAAY,GAAA;AACV,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,QAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,YAAA,MAAM,IAAI,KAAK,CAAC,wGAAwG,CAAC;QAC3H;AAEA,QAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;QAC3B,IAAI,EAAE,IAAI,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,EAAE;YAC/C,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC;QACpC;AACA,QAAA,OAAO,EAAE;IACX;AAEA;;;AAGG;IACH,MAAM,iBAAiB,CAAC,OAAyD,EAAA;AAC/E,QAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,QAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;AAE5B,QAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,YAAA,OAAO,IAAI;QACb;QAEA,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,YAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,YAAA,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE;AACvB,gBAAA,OAAO,IAAI;YACb;QACF;AAEA,QAAA,OAAO,KAAK;IACd;uGA3IW,oBAAoB,EAAA,IAAA,EAAA,CAAA,EAAA,KAAA,EAAA,EAAA,CAAA,UAAA,EAAA,EAAA,EAAA,KAAA,EAAAC,wBAAA,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA;AAApB,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,oBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,IAAA,EAAA,oBAAoB,yLAHrB,CAAA,+BAAA,CAAiC,EAAA,QAAA,EAAA,IAAA,EAAA,aAAA,EAAA,EAAA,CAAA,iBAAA,CAAA,IAAA,EAAA,CAAA;;2FAGhC,oBAAoB,EAAA,UAAA,EAAA,CAAA;kBANhC,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,QAAQ,EAAE,cAAc;AACxB,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,CAAA,+BAAA,CAAiC;oBAC3C,aAAa,EAAE,iBAAiB,CAAC,IAAI;AACtC,iBAAA;;sBAEE,KAAK;uBAAC,EAAE,QAAQ,EAAE,IAAI,EAAE;;sBACxB;;sBACA;;sBAKA;;;AC9BH,MAAM,mBAAmB,GAAG,kEAAkE;AAC9F,MAAM,kBAAkB,GAAG,sEAAsE;AACjG,MAAM,qBAAqB,GAAG,yEAAyE;AACvG,MAAM,wBAAwB,GAAG,IAAI;AAerC,IAAI,OAAO,GAAyB,IAAI;AACxC,IAAI,WAAW,GAAG,KAAK;AAEvB,SAAS,wBAAwB,GAAA;AAC/B,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,UAAU,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;AAC/D,QAAA,OAAO,IAAI;IACb;IAEA,MAAM,oBAAoB,GAAG,QAAQ,CAAC,aAAa,CAAoB,uBAAuB,CAAC;AAC/F,IAAA,OAAO,OAAO,CAAC,oBAAoB,CAAC;AACtC;AAEA,SAAS,mCAAmC,CAAC,CAA2C,EAAA;AACtF,IAAA,MAAM,wBAAwB,GAAG,CAAC,CAAC,kBAAkB;AACrD,IAAA,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE;QAClD;IACF;AAEA,IAAA,CAAC,CAAC,kBAAkB,GAAG,MAAK;QAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAoB,CAAA,YAAA,EAAe,qBAAqB,CAAA,EAAA,CAAI,CAAC;QACpG,IAAI,QAAQ,EAAE;YACZ;QACF;AAEA,QAAA,wBAAwB,EAAE;AAC5B,IAAA,CAAC;AACH;AAEA,eAAe,sBAAsB,CAAC,SAAS,GAAG,wBAAwB,EAAA;AACxE,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;IAC5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,IAAI,qBAAqB,EAAE,CAAC,YAAY,EAAE;YACxC;QACF;AACA,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAC1D;AACA,IAAA,MAAM,IAAI,KAAK,CAAC,oHAAoH,CAAC;AACvI;AAEA;;;;;;;AAOG;AACI,eAAe,eAAe,CAAC,OAA+B,EAAA;AACnE,IAAA,IAAI,WAAW;QAAE;AACjB,IAAA,IAAI,OAAO;AAAE,QAAA,OAAO,OAAO;AAE3B,IAAA,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE;AACvB,QAAA,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC;IAC5D;AAEA,IAAA,OAAO,GAAG,CAAC,YAAW;QACpB,MAAM,QAAQ,GAAG,kBAAkB,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC;AAE/D,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,IAAI,KAAK,CAAC,wBAAwB,EAAE,EAAE;AAC/D,YAAA,MAAM,UAAU,CAAC,QAAQ,EAAE,mBAAmB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QACtE;AAEA,QAAA,MAAM,UAAU,CAAC,QAAQ,EAAE,kBAAkB,EAAE;AAC7C,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AACF,QAAA,MAAM,UAAU,CAAC,QAAQ,EAAE,qBAAqB,EAAE;AAChD,YAAA,KAAK,EAAE,QAAQ;AAChB,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;QACjC,mCAAmC,CAAC,CAAC,CAAC;AACtC,QAAA,MAAM,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CACb,kIAAkI,CACnI;QACH;AAEA,QAAA,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC;QAChC,MAAM,sBAAsB,EAAE;QAC9B,WAAW,GAAG,IAAI;IACpB,CAAC,GAAG;AAEJ,IAAA,IAAI;AACF,QAAA,MAAM,OAAO;IACf;YAAU;;IAEV;AACF;AAEA;;;AAGG;SACa,uBAAuB,GAAA;AACrC,IAAA,MAAM,CAAC,GAAG,qBAAqB,EAAE;AACjC,IAAA,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE;AACnB,QAAA,MAAM,IAAI,KAAK,CAAC,mHAAmH,CAAC;IACtI;AAEA,IAAA,MAAM,EAAE,GAAG,CAAC,CAAC,YAAY,EAAE;AAC3B,IAAA,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,eAAe,KAAK,QAAQ,GAAG,CAAC,CAAC,eAAe,GAAG,SAAS;AACnF,IAAA,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE;AACjD;AAEA;;AAEG;AACI,eAAe,4BAA4B,CAAC,OAGlD,EAAA;AACC,IAAA,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,IAAI;AAC5C,IAAA,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,GAAG;AACrD,IAAA,MAAM,UAAU,GAAG,uBAAuB,EAAE,CAAC;IAC7C,IAAI,CAAC,UAAU,CAAC,EAAE;AAAE,QAAA,OAAO,UAAU;IACrC,IAAI,UAAU,CAAC,KAAK;AAAE,QAAA,OAAO,UAAU;AAEvC,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;;IAE5B,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,SAAS,EAAE;AACzC,QAAA,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;AACnE,QAAA,MAAM,KAAK,GAAG,qBAAqB,EAAE,CAAC,eAAe;QACrD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;AACjD,YAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;QAC5B;IACF;AAEA,IAAA,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE;AACrB;;AC1IA,MAAM,IAAI,GAAG,QAAQ;AACrB,MAAM,IAAI,GAAG,OAAO;AACpB,MAAM,aAAa,GAAG,iBAAiB;AAEvC,MAAM,YAAY,GAAG,CAAC,mCAAmC,EAAE,gCAAgC,CAAU;AACrG,MAAM,qBAAqB,GAAG,CAAC,6BAA6B,CAAU;AACtE,MAAM,aAAa,GAAG,CAAC,gCAAgC,EAAE,mCAAmC,CAAU;AACtG,MAAM,WAAW,GAAG;IAClB,gCAAgC;IAChC,0BAA0B;IAC1B,8BAA8B;IAC9B,8BAA8B;CACtB;AACV,MAAM,UAAU,GAAG;IACjB,2BAA2B;IAC3B,0BAA0B;IAC1B,8BAA8B;CACtB;AACV,MAAM,SAAS,GAAG;IAChB,gCAAgC;IAChC,mCAAmC;IACnC,0BAA0B;CAClB;AAEV,SAAS,MAAM,CAAC,MAAiC,EAAA;IAC/C,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,KAAsB,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAChG;AAEA,SAAS,WAAW,CAAC,KAAc,EAAA;IACjC,OAAO,KAAK,GAAG,CAAA,OAAA,EAAU,KAAK,CAAA,CAAA,CAAG,GAAG,SAAS;AAC/C;AAEA,SAAS,kBAAkB,CAAC,IAAY,EAAE,MAAgB,EAAA;IACxD,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,GAAG,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI;AACjE;AAEA,SAAS,WAAW,CAAC,MAAc,EAAA;AACjC,IAAA,MAAM,UAAU,GAAG,IAAI,GAAG,EAAoB;IAE9C,KAAK,MAAM,YAAY,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;AAC5C,QAAA,MAAM,SAAS,GAAG,YAAY,CAAC,IAAI,EAAE;QACrC,IAAI,CAAC,SAAS,EAAE;YACd;QACF;AAEA,QAAA,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC;QACpD,MAAM,CAAC,IAAI,EAAE,GAAG,MAAM,CAAC,GAAG,KAAK;QAC/B,IAAI,CAAC,IAAI,EAAE;YACT;QACF;AAEA,QAAA,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC;IAC9B;AAEA,IAAA,OAAO,UAAU;AACnB;AAEM,SAAU,2BAA2B,CAAC,OAA+B,EAAA;AACzE,IAAA,MAAM,iBAAiB,GAAG,OAAO,EAAE,iBAAiB,IAAI,KAAK;;AAE7D,IAAA,MAAM,yBAAyB,GAAG,OAAO,EAAE,yBAAyB,IAAI,KAAK;AAC7E,IAAA,MAAM,wBAAwB,GAAG,OAAO,EAAE,wBAAwB,IAAI,KAAK;IAC3E,MAAM,KAAK,GAAG,WAAW,CAAC,OAAO,EAAE,KAAK,CAAC;IACzC,MAAM,WAAW,GAAG,iBAAiB,GAAG,CAAC,GAAG,YAAY,EAAE,GAAG,qBAAqB,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;IAEvG,OAAO;AACL,QAAA,aAAa,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC;QAC7B,YAAY,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,EAAE,yBAAyB,GAAG,aAAa,GAAG,SAAS,CAAC,CAAC;QAC1G,iBAAiB,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,WAAW,CAAC,CAAC;QACxD,aAAa,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,aAAa,CAAC,CAAC;QAC/C,SAAS,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,SAAS,CAAC,CAAC;AAC7C,QAAA,WAAW,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,wBAAwB,GAAG,aAAa,GAAG,SAAS,EAAE,GAAG,WAAW,CAAC,CAAC;QACjG,UAAU,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,UAAU,EAAE,IAAI,CAAC,CAAC;KAChD;AACH;AAEM,SAAU,uBAAuB,CAAC,OAA+B,EAAA;IACrE,OAAO,MAAM,CAAC,OAAO,CAAC,2BAA2B,CAAC,OAAO,CAAC;AACvD,SAAA,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC;SACxD,IAAI,CAAC,IAAI,CAAC;AACf;AAEM,SAAU,yBAAyB,CAAC,cAAsB,EAAE,OAA+B,EAAA;AAC/F,IAAA,MAAM,UAAU,GAAG,WAAW,CAAC,cAAc,CAAC;AAC9C,IAAA,MAAM,WAAW,GAAG,2BAA2B,CAAC,OAAO,CAAC;AAExD,IAAA,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE;QACxD,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC;IAC5E;AAEA,IAAA,OAAO,CAAC,GAAG,UAAU,CAAC,OAAO,EAAE;AAC5B,SAAA,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,kBAAkB,CAAC,IAAI,EAAE,MAAM,CAAC;SACxD,IAAI,CAAC,IAAI,CAAC;AACf;;AC1GA;;AAEG;;ACFH;;AAEG;;;;"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "siarashield_workspace",
-  "version": "0.0.23",
+  "version": "0.0.25",
   "description": "Angular wrapper for CyberSiara SiaraShield captcha embed.",
   "keywords": [
     "cybersiara",

package/types/siarashield_workspace.d.ts CHANGED Viewed

@@ -4,10 +4,9 @@ import { AfterViewInit, EventEmitter, ElementRef } from '@angular/core';
 interface ScriptLoadOptions {
     nonce?: string;
 }
 declare class SiaraShieldLoaderService {
     private readonly document;
-    private statusBySrc;
-    private pendingBySrc;
     constructor(document: Document);
     loadScript(src: string, options?: ScriptLoadOptions): Promise<void>;
     static ɵfac: i0.ɵɵFactoryDeclaration<SiaraShieldLoaderService, never>;
@@ -40,11 +39,6 @@ declare class SiaraShieldComponent implements AfterViewInit {
      * Detect preloaded jQuery from global object or an existing script tag.
      */
     private isJQueryAlreadyAvailable;
-    /**
-     * Uses explicit nonce first. If not provided, tries to reuse nonce
-     * from the first script tag or from `<meta name="csp-nonce">`.
-     */
-    private resolveCspNonce;
     private preventDuplicateValidationBootstrap;
     private waitForCheckCaptchaApi;
     /**
@@ -123,9 +117,9 @@ interface SiaraShieldCspOptions {
     nonce?: string;
     /** Optional if the customer still loads jQuery from Google's CDN. */
     includeGoogleApis?: boolean;
-    /** Keep `'unsafe-inline'` in `script-src` for strict vendor compatibility. */
+    /** Include `script-src 'unsafe-inline'` (not recommended for production). */
     includeUnsafeInlineScript?: boolean;
-    /** Keep `style-src 'unsafe-inline'` for current vendor markup/styles. */
+    /** Include `style-src 'unsafe-inline'` (not recommended for production). */
     includeUnsafeInlineStyle?: boolean;
 }
 type SiaraShieldCspDirectives = Record<string, string[]>;
@@ -134,4 +128,4 @@ declare function getSiaraShieldCspPolicy(options?: SiaraShieldCspOptions): strin
 declare function mergeSiaraShieldCspPolicy(existingPolicy: string, options?: SiaraShieldCspOptions): string;
 export { SiaraShieldComponent, SiaraShieldLoaderService, checkSiaraShieldCaptcha, checkSiaraShieldCaptchaAsync, getInitCaptchaFn, getSiaraShieldCspDirectives, getSiaraShieldCspPolicy, getSiaraShieldGlobals, initSiaraShield, mergeSiaraShieldCspPolicy };
-export type { CheckCaptchaFn, InitCaptchaFn, InitSiaraShieldOptions, ScriptLoadOptions, SiaraShieldCspDirectives, SiaraShieldCspOptions, SiaraShieldGlobals, SiaraShieldInitOptions };
+export type { CheckCaptchaFn, InitCaptchaFn, InitSiaraShieldOptions, SiaraShieldCspDirectives, SiaraShieldCspOptions, SiaraShieldGlobals, SiaraShieldInitOptions };