Add qunit CSP extension

2022-04-11 12:21:38 +02:00 · 2022-04-11 12:21:38 +02:00 · a87dc19eb3
Commit a87dc19eb3
--- a/lib/custom_wizard/extensions/content_security_policy_extension.rb
+++ b/lib/custom_wizard/extensions/content_security_policy_extension.rb
@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module CustomWizardContentSecurityPolicyExtension
+  def path_specific_extension(path_info)
+    super.tap do |obj|
+      for_wizard_qunit_route = !Rails.env.production? && ["/w/qunit"].include?(path_info)
+      puts "PATH INFO: #{path_info}"
+      puts "FOR WIZARD QUNIT ROUTE: #{for_wizard_qunit_route}"
+      obj[:script_src] = :unsafe_eval if for_wizard_qunit_route
+    end
+  end
+end
--- a/plugin.rb
+++ b/plugin.rb
@ -17,7 +17,6 @@ if Rails.env.production?
    wizard-custom-guest.js
    wizard-custom-start.js
    wizard-custom.js
-    wizard-qunit.js
    wizard-plugin.js.erb
    wizard-raw-templates.js.erb
  }
@ -145,6 +144,7 @@ after_initialize do
    ../lib/custom_wizard/extensions/custom_field/serializer.rb
    ../lib/custom_wizard/extensions/custom_field/extension.rb
    ../lib/custom_wizard/extensions/discourse_tagging.rb
+    ../lib/custom_wizard/extensions/content_security_policy_extension.rb
  ].each do |path|
    load File.expand_path(path, __FILE__)
  end
@ -250,6 +250,7 @@ after_initialize do
  ::InvitesController.prepend InvitesControllerCustomWizard
  ::UsersController.prepend CustomWizardUsersController
  ::Guardian.prepend CustomWizardGuardian
+  ::ContentSecurityPolicy::Extension.singleton_class.prepend CustomWizardContentSecurityPolicyExtension

  full_path = "#{Rails.root}/plugins/discourse-custom-wizard/assets/stylesheets/wizard/wizard_custom.scss"
  if Stylesheet::Importer.respond_to?(:plugin_assets)