From a87dc19eb3a874afadbdfa792732ec478789bcd8 Mon Sep 17 00:00:00 2001
From: Angus McLeod <angus@mcleod.org.au>
Date: Mon, 11 Apr 2022 12:21:38 +0200
Subject: [PATCH] Add qunit CSP extension

---
 .../extensions/content_security_policy_extension.rb  | 12 ++++++++++++
 plugin.rb                                            |  3 ++-
 2 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 lib/custom_wizard/extensions/content_security_policy_extension.rb

diff --git a/lib/custom_wizard/extensions/content_security_policy_extension.rb b/lib/custom_wizard/extensions/content_security_policy_extension.rb
new file mode 100644
index 00000000..fa7a166c
--- /dev/null
+++ b/lib/custom_wizard/extensions/content_security_policy_extension.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module CustomWizardContentSecurityPolicyExtension
+  def path_specific_extension(path_info)
+    super.tap do |obj|
+      for_wizard_qunit_route = !Rails.env.production? && ["/w/qunit"].include?(path_info)
+      puts "PATH INFO: #{path_info}"
+      puts "FOR WIZARD QUNIT ROUTE: #{for_wizard_qunit_route}"
+      obj[:script_src] = :unsafe_eval if for_wizard_qunit_route
+    end
+  end
+end
diff --git a/plugin.rb b/plugin.rb
index 3ebde0d0..a0ec79e5 100644
--- a/plugin.rb
+++ b/plugin.rb
@@ -17,7 +17,6 @@ if Rails.env.production?
     wizard-custom-guest.js
     wizard-custom-start.js
     wizard-custom.js
-    wizard-qunit.js
     wizard-plugin.js.erb
     wizard-raw-templates.js.erb
   }
@@ -145,6 +144,7 @@ after_initialize do
     ../lib/custom_wizard/extensions/custom_field/serializer.rb
     ../lib/custom_wizard/extensions/custom_field/extension.rb
     ../lib/custom_wizard/extensions/discourse_tagging.rb
+    ../lib/custom_wizard/extensions/content_security_policy_extension.rb
   ].each do |path|
     load File.expand_path(path, __FILE__)
   end
@@ -250,6 +250,7 @@ after_initialize do
   ::InvitesController.prepend InvitesControllerCustomWizard
   ::UsersController.prepend CustomWizardUsersController
   ::Guardian.prepend CustomWizardGuardian
+  ::ContentSecurityPolicy::Extension.singleton_class.prepend CustomWizardContentSecurityPolicyExtension
 
   full_path = "#{Rails.root}/plugins/discourse-custom-wizard/assets/stylesheets/wizard/wizard_custom.scss"
   if Stylesheet::Importer.respond_to?(:plugin_assets)