Skip to content

Commit

Permalink
Bugfix: Render script in secure tag mollie#797
Browse files Browse the repository at this point in the history
  • Loading branch information
michielgerritsen committed Jul 23, 2024
1 parent 49565b2 commit e3c7f9c
Show file tree
Hide file tree
Showing 4 changed files with 56 additions and 26 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,12 @@
* Copyright Magmodules.eu. All rights reserved.
* See COPYING.txt for license details.
*/
?>
<script>

use Magento\Framework\View\Helper\SecureHtmlRenderer;

/** @var SecureHtmlRenderer $secureRenderer */

$scriptString = <<<SCRIPT
document.addEventListener('DOMContentLoaded', function () {
const saveSelectedMethods = () => {
// Save the selected payment methods to local storage
Expand Down Expand Up @@ -46,4 +50,6 @@
setSelectedMethods();
})
});
</script>
SCRIPT;

echo $secureRenderer->renderTag('script', [], $scriptString, false);
Original file line number Diff line number Diff line change
@@ -1,14 +1,22 @@
<?php
/*
* Copyright Magmodules.eu. All rights reserved.
* See COPYING.txt for license details.
*/

declare(strict_types=1);
?>

use Magento\Framework\View\Helper\SecureHtmlRenderer;

/** @var SecureHtmlRenderer $secureRenderer */
?>
<div class="mollie-manual-capture-warning message message-warning">
Please note: You are creating a partial shipment, but it's only possible to capture the payment once.
Please double-check you are shipping the correct items.
</div>

<script>
<?php
$scriptString = <<<SCRIPT
(() => {
let warningElement = document.querySelector('.mollie-manual-capture-warning');
let fields = Array.from(document.querySelectorAll('.qty-item'));
Expand All @@ -28,4 +36,6 @@ declare(strict_types=1);
checkFields();
})();
</script>
SCRIPT;

echo $secureRenderer->renderTag('script', [], $scriptString, false);
25 changes: 16 additions & 9 deletions view/adminhtml/templates/system/config/button/apikey.phtml
Original file line number Diff line number Diff line change
@@ -1,15 +1,19 @@
<?php
/**
* Copyright © 2018 Magmodules.eu. All rights reserved.
/*
* Copyright Magmodules.eu. All rights reserved.
* See COPYING.txt for license details.
*/

use Magento\Framework\View\Helper\SecureHtmlRenderer;
use Mollie\Payment\Block\Adminhtml\System\Config\Form\Apikey\Checker;

/**
* @see \Mollie\Payment\Block\Adminhtml\System\Config\Form\Apikey\Checker
* @var \Mollie\Payment\Block\Adminhtml\System\Config\Form\Apikey\Checker $block
* @see Checker
* @var Checker $block
* @var SecureHtmlRenderer $secureRenderer
*/
?>
<script>

$scriptString = <<<SCRIPT
require([
'jquery',
'prototype'
Expand All @@ -20,7 +24,7 @@
"test_key": jQuery("#mollie_general_api_details_apikey_test").val(),
"live_key": jQuery("#mollie_general_api_details_apikey_live").val()
};
new Ajax.Request('<?= $block->getAjaxUrl() ?>', {
new Ajax.Request('{$block->getAjaxUrl()}', {
parameters: params,
loaderArea: false,
asynchronous: true,
Expand All @@ -45,5 +49,8 @@
});
});
});
</script>
<?= $block->getButtonHtml() ?>
SCRIPT;

echo $secureRenderer->renderTag('script', [], $scriptString, false);

echo $block->getButtonHtml();
29 changes: 18 additions & 11 deletions view/adminhtml/templates/system/config/button/compatibility.phtml
Original file line number Diff line number Diff line change
@@ -1,24 +1,28 @@
<?php
/**
* Copyright © 2018 Magmodules.eu. All rights reserved.
/*
* Copyright Magmodules.eu. All rights reserved.
* See COPYING.txt for license details.
*/

use Magento\Framework\View\Helper\SecureHtmlRenderer;
use Mollie\Payment\Block\Adminhtml\System\Config\Form\Compatibility\Checker;

/**
* @see \Mollie\Payment\Block\Adminhtml\System\Config\Form\Compatibility\Checker
* @var \Mollie\Payment\Block\Adminhtml\System\Config\Form\Compatibility\Checker $block
* @see Checker
* @var Checker $block
* @var SecureHtmlRenderer $secureRenderer
*/
?>
<script>

$scriptString = <<<SCRIPT
require([
'jquery',
'mage/translate',
'prototype',
], function (jQuery, $t) {
], function (jQuery, \$t) {
var resultSpan = jQuery('#result_compatibility');
jQuery('#compatibility_button').click(function () {
var params = {};
new Ajax.Request('<?= $block->getAjaxUrl() ?>', {
new Ajax.Request('{$block->getAjaxUrl()}', {
parameters: params,
loaderArea: false,
asynchronous: true,
Expand All @@ -36,7 +40,7 @@
if (typeof json.msg != 'undefined') {
resultText = json.msg;
} else {
resultText = $t('Invalid response received. This indicates an unknown problem.');
resultText = \$t('Invalid response received. This indicates an unknown problem.');
}
}
resultSpan.find('.result').show();
Expand All @@ -46,5 +50,8 @@
});
});
</script>
<?= $block->getButtonHtml() ?>
SCRIPT;

echo $secureRenderer->renderTag('script', [], $scriptString, false);

echo $block->getButtonHtml();

0 comments on commit e3c7f9c

Please sign in to comment.