mirror of
https://github.com/openstf/stf
synced 2025-10-05 10:39:25 +02:00
54 lines
1.7 KiB
JavaScript
54 lines
1.7 KiB
JavaScript
module.exports = function enableAutofillDirective($rootElement, $cookies) {
|
|
return {
|
|
restrict: 'A',
|
|
compile: function compile(tElement, tAttrs) {
|
|
|
|
// Creates hidden iFrame for auto-fill forms if there isn't one already
|
|
if ($rootElement.find('iframe').attr('name') !== '_autofill') {
|
|
$rootElement.append(angular.element(
|
|
'<iframe src="about:blank" name="_autofill" style="display:none">'
|
|
))
|
|
}
|
|
|
|
// Add attribute method POST to the current form
|
|
if (!tAttrs.method) {
|
|
tElement.attr('method', 'post')
|
|
} else {
|
|
if (!tAttrs.method.match(/post/i)) {
|
|
throw new Error('Auto-fill only works with form POST method')
|
|
}
|
|
}
|
|
|
|
// Add attribute target to the current form
|
|
if (!tAttrs.target) {
|
|
tElement.attr('target', '_autofill')
|
|
}
|
|
|
|
// Add action attribute if not present
|
|
if (!tAttrs.action) {
|
|
|
|
// Use a dummy url because 'about:blank' trick doesn't work with HTTPS
|
|
// Also 'javascript: void(0)' doesn't work neither
|
|
var dummyUrl = '/app/api/v1/dummy'
|
|
|
|
// Adds the CSRF token to the url from cookies if present
|
|
var xsrfToken = $cookies['XSRF-TOKEN']
|
|
if (xsrfToken) {
|
|
// Note: At least for Express CSURF, it only works with url-set tokens
|
|
// it doesn't happen to work with hidden form input elements
|
|
dummyUrl += '?_csrf=' + xsrfToken
|
|
}
|
|
|
|
tElement.attr('action', dummyUrl)
|
|
}
|
|
|
|
return {
|
|
pre: function(scope, element, attrs) {
|
|
// Angular needs this so the form action doesn't get removed
|
|
// Also, trying to set a url at this time doesn't work neither
|
|
attrs.action = ''
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|