From 2d130d805e1c2fb848204260f46b7b6ac27e0b49 Mon Sep 17 00:00:00 2001 From: Milan Jelicanin Date: Wed, 9 Jan 2019 11:24:50 +0100 Subject: [PATCH] Content Security Policy (CSP) compatible --- README.md | 1 - _config/config.yml | 8 +++ .../dist/javascript/jquery.cookie.policy.js | 5 +- .../javascript/jquery.cookie.policy.min.js | 2 +- src/CookiePolicy.php | 19 +++--- src/CookiePolicyController.php | 60 +++++++++++++++++++ templates/CookiePolicyJSSnippet.ss | 5 -- 7 files changed, 84 insertions(+), 16 deletions(-) mode change 100755 => 100644 _config/config.yml mode change 100755 => 100644 client/dist/javascript/jquery.cookie.policy.js mode change 100755 => 100644 client/dist/javascript/jquery.cookie.policy.min.js mode change 100755 => 100644 src/CookiePolicy.php create mode 100644 src/CookiePolicyController.php delete mode 100755 templates/CookiePolicyJSSnippet.ss diff --git a/README.md b/README.md index d8fd5a0..6a49095 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,6 @@ Simple & configurable SilverStripe plugin to notify users about cookie policies. ## Maintainer Contacts * Milan Jelicanin [at] Fractas.com -* Petar Simic [at] Fractas.com ## Requirements diff --git a/_config/config.yml b/_config/config.yml old mode 100755 new mode 100644 index c1aad5f..a694cc0 --- a/_config/config.yml +++ b/_config/config.yml @@ -7,3 +7,11 @@ PageController: SilverStripe\SiteConfig\SiteConfig: extensions: - Fractas\CookiePolicy\CookiePolicySiteConfig +--- +After: + - '#rootroutes' + - '#coreroutes' +--- +SilverStripe\Control\Director: + rules: + fetchcookiepolicy: Fractas\CookiePolicy\CookiePolicyController diff --git a/client/dist/javascript/jquery.cookie.policy.js b/client/dist/javascript/jquery.cookie.policy.js old mode 100755 new mode 100644 index 7e8ffc8..6ee2dcb --- a/client/dist/javascript/jquery.cookie.policy.js +++ b/client/dist/javascript/jquery.cookie.policy.js @@ -126,10 +126,13 @@ }); // detect cookie $(this).ready(function() { - var cookie = $.cookie('cookie_policy'); // => "true"; + var cookie = $.cookie('cookie_policy'); if (!cookie) { $('#cookie_container').show(); } }); } + $.getJSON($('base')[0].href + 'fetchcookiepolicy', function(data) { + $('body').cookieNotify({btnText: data.CookiePolicyButtonTitle, text: data.CookiePolicyDescription, position: data.CookiePolicyPosition}); + }); }(jQuery)); diff --git a/client/dist/javascript/jquery.cookie.policy.min.js b/client/dist/javascript/jquery.cookie.policy.min.js old mode 100755 new mode 100644 index 68aefb4..ebd490f --- a/client/dist/javascript/jquery.cookie.policy.min.js +++ b/client/dist/javascript/jquery.cookie.policy.min.js @@ -14,4 +14,4 @@ * Copyright 2013 Klaus Hartl * Released under the MIT license */ -!function(e){"function"==typeof define&&define.amd?define(["jquery"],e):e(jQuery)}(function(e){function o(e){return t.raw?e:decodeURIComponent(e.replace(n," "))}function i(e){0===e.indexOf('"')&&(e=e.slice(1,-1).replace(/\\"/g,'"').replace(/\\\\/g,"\\")),e=o(e);try{return t.json?JSON.parse(e):e}catch(i){}}var n=/\+/g,t=e.cookie=function(n,r,a){if(void 0!==r){if(a=e.extend({},t.defaults,a),"number"==typeof a.expires){var c=a.expires,d=a.expires=new Date;d.setDate(d.getDate()+c)}return r=t.json?JSON.stringify(r):String(r),document.cookie=[t.raw?n:encodeURIComponent(n),"=",t.raw?r:encodeURIComponent(r),a.expires?"; expires="+a.expires.toUTCString():"",a.path?"; path="+a.path:"",a.domain?"; domain="+a.domain:"",a.secure?"; secure":""].join("")}for(var p=document.cookie.split("; "),s=n?void 0:{},u=0,l=p.length;l>u;u++){var f=p[u].split("="),g=o(f.shift()),k=f.join("=");if(n&&n===g){s=i(k);break}n||(s[g]=i(k))}return s};t.defaults={},e.removeCookie=function(o,i){return void 0!==e.cookie(o)?(e.cookie(o,"",e.extend({},i,{expires:-1})),!0):!1}}),function(e){e.fn.cookieNotify=function(o){var o=e.extend({text:"We use cookies on this website, by continuing to be here we will take it you agree to us using them.",btnText:"I Agree",bgColor:"#CCC",textColor:"#000",btnColor:"#000",btnTextColor:"#FFF",position:"top",leftPadding:"0",rightPadding:"0",hideAnimation:"fadeOut"},o);e("head").append(""),e('").appendTo(this),e(document.body).on("click","#setCookie",function(i){i.preventDefault(),e.cookie("cookie_policy","true",{expires:365,path:"/"}),"fadeOut"==o.hideAnimation?e("#cookie_container").fadeOut():"slideUp"==o.hideAnimation&&e("#cookie_container").slideUp()}),e(this).ready(function(){var o=e.cookie("cookie_policy");o||e("#cookie_container").show()})}}(jQuery); \ No newline at end of file +!function(o){"function"==typeof define&&define.amd?define(["jquery"],o):o(jQuery)}(function(o){var e=/\+/g;function i(o){return n.raw?o:decodeURIComponent(o.replace(e," "))}function t(o){0===o.indexOf('"')&&(o=o.slice(1,-1).replace(/\\"/g,'"').replace(/\\\\/g,"\\")),o=i(o);try{return n.json?JSON.parse(o):o}catch(o){}}var n=o.cookie=function(e,r,c){if(void 0!==r){if("number"==typeof(c=o.extend({},n.defaults,c)).expires){var a=c.expires,d=c.expires=new Date;d.setDate(d.getDate()+a)}return r=n.json?JSON.stringify(r):String(r),document.cookie=[n.raw?e:encodeURIComponent(e),"=",n.raw?r:encodeURIComponent(r),c.expires?"; expires="+c.expires.toUTCString():"",c.path?"; path="+c.path:"",c.domain?"; domain="+c.domain:"",c.secure?"; secure":""].join("")}for(var p=document.cookie.split("; "),s=e?void 0:{},l=0,u=p.length;l#cookie_container { display: none; position: fixed; "+e.position+": 0; left: "+e.leftPadding+"; \tright: "+e.rightPadding+"; z-index: 999; padding: 10px; background-color:"+e.bgColor+"; color:"+e.textColor+"; } .cookie_inner { width: 90%; margin: 0 auto; } .cookie_inner p { margin: 0; padding-top: 4px; } #setCookie { float: right; padding: 5px 10px; text-decoration: none; background-color: "+e.btnColor+"; color: "+e.btnTextColor+"; } #setCookie:hover { background-color: #AAAAAA !important; color: #000000 !important; }"),o('").appendTo(this),o(document.body).on("click","#setCookie",function(i){i.preventDefault(),o.cookie("cookie_policy","true",{expires:365,path:"/"}),"fadeOut"==e.hideAnimation?o("#cookie_container").fadeOut():"slideUp"==e.hideAnimation&&o("#cookie_container").slideUp()}),o(this).ready(function(){o.cookie("cookie_policy")||o("#cookie_container").show()})},o.getJSON(o("base")[0].href+"fetchcookiepolicy",function(e){o("body").cookieNotify({btnText:e.CookiePolicyButtonTitle,text:e.CookiePolicyDescription,position:e.CookiePolicyPosition})})}(jQuery); diff --git a/src/CookiePolicy.php b/src/CookiePolicy.php old mode 100755 new mode 100644 index cf6683d..70a1364 --- a/src/CookiePolicy.php +++ b/src/CookiePolicy.php @@ -13,6 +13,8 @@ class CookiePolicy extends Extension private static $include_cookie_policy_notification = true; private static $current_site_config = null; private static $load_jquery = false; + private static $load_jquery_defer = false; + private static $load_script_defer = true; public function onBeforeInit() { @@ -24,17 +26,18 @@ public function onBeforeInit() public function onAfterInit() { if (self::cookie_policy_notification_enabled()) { - $cookiepolicyjssnippet = ArrayData::create([ - 'CookiePolicyButtonTitle' => self::$current_site_config->CookiePolicyButtonTitle, - 'CookiePolicyDescription' => self::$current_site_config->obj('CookiePolicyDescription'), - 'CookiePolicyPosition' => self::$current_site_config->CookiePolicyPosition, - ]); - if (Config::inst()->get(static::class, 'load_jquery')) { Requirements::javascript('silverstripe/admin:thirdparty/jquery/jquery.js'); } - Requirements::javascript('fractas/cookiepolicy:client/dist/javascript/jquery.cookie.policy.min.js'); - Requirements::customScript($cookiepolicyjssnippet->renderWith('CookiePolicyJSSnippet')); + if (Config::inst()->get(static::class, 'load_jquery_defer')) { + Requirements::javascript('silverstripe/admin:thirdparty/jquery/jquery.js', ['defer' => true]); + } + + if (Config::inst()->get(static::class, 'load_script_defer')) { + Requirements::javascript('fractas/cookiepolicy:client/dist/javascript/jquery.cookie.policy.min.js', ['defer' => true]); + } else { + Requirements::javascript('fractas/cookiepolicy:client/dist/javascript/jquery.cookie.policy.min.js'); + } } } diff --git a/src/CookiePolicyController.php b/src/CookiePolicyController.php new file mode 100644 index 0000000..b56558d --- /dev/null +++ b/src/CookiePolicyController.php @@ -0,0 +1,60 @@ + 'index', + ]; + + public function index(HTTPRequest $request) + { + $this->getResponse()->setBody(json_encode([ + 'CookiePolicyButtonTitle' => $this->owner->getCookiePolicyButtonTitle(), + 'CookiePolicyDescription' => $this->owner->getCookiePolicyDescription(), + 'CookiePolicyPosition' => $this->owner->getCookiePolicyPosition(), + ])); + + $this->getResponse()->addHeader("Content-type", "application/json"); + + return $this->getResponse(); + } + + public function doInit() + { + $siteConfig = SiteConfig::current_site_config(); + self::set_current_site_config($siteConfig); + } + + public function getCookiePolicyButtonTitle() + { + return self::$current_site_config->CookiePolicyButtonTitle; + } + + public function getCookiePolicyDescription() + { + return self::$current_site_config->obj('CookiePolicyDescription')->RAW(); + } + + public function getCookiePolicyPosition() + { + return self::$current_site_config->CookiePolicyPosition; + } + + public static function set_current_site_config($input) + { + self::$current_site_config = $input; + } +} diff --git a/templates/CookiePolicyJSSnippet.ss b/templates/CookiePolicyJSSnippet.ss deleted file mode 100755 index f8a2989..0000000 --- a/templates/CookiePolicyJSSnippet.ss +++ /dev/null @@ -1,5 +0,0 @@ -(function ($) { - $(document).ready(function() { - $('body').cookieNotify({btnText: '$CookiePolicyButtonTitle', text: '$CookiePolicyDescription.RAW', position: '$CookiePolicyPosition'}); - }); -}(jQuery));