Updated stimulus recipe

2025-12-06 02:59:29 +00:00 · 2025-11-30 15:07:27 +01:00 · 2025-11-30 15:07:27 +01:00 · 4750a50fb9
commit 4750a50fb9
parent 52a9975769
5 changed files with 10 additions and 8 deletions
--- a/assets/controllers/csrf_protection_controller.js
+++ b/assets/controllers/csrf_protection_controller.js
@ -2,6 +2,8 @@ const nameCheck = /^[-_a-zA-Z0-9]{4,22}$/;
 const tokenCheck = /^[-_/+a-zA-Z0-9]{24,}$/;

 // Generate and double-submit a CSRF token in a form field and a cookie, as defined by Symfony's SameOriginCsrfTokenManager
+// Use `form.requestSubmit()` to ensure that the submit event is triggered. Using `form.submit()` will not trigger the event
+// and thus this event-listener will not be executed.
 document.addEventListener('submit', function (event) {
    generateCsrfToken(event.target);
 }, true);
@ -33,8 +35,8 @@ export function generateCsrfToken (formElement) {
    if (!csrfCookie && nameCheck.test(csrfToken)) {
        csrfField.setAttribute('data-csrf-protection-cookie-value', csrfCookie = csrfToken);
        csrfField.defaultValue = csrfToken = btoa(String.fromCharCode.apply(null, (window.crypto || window.msCrypto).getRandomValues(new Uint8Array(18))));
-        csrfField.dispatchEvent(new Event('change', { bubbles: true }));
    }
+    csrfField.dispatchEvent(new Event('change', { bubbles: true }));

    if (csrfCookie && tokenCheck.test(csrfToken)) {
        const cookie = csrfCookie + '_' + csrfToken + '=' + csrfCookie + '; path=/; samesite=strict';
--- a/assets/js/app.js
+++ b/assets/js/app.js
@ -28,7 +28,7 @@ import '../css/app/treeview.css';
 import '../css/app/images.css';

 // start the Stimulus application
-import '../bootstrap';
+import '../stimulus_bootstrap';

 // Need jQuery? Install it with "yarn add jquery", then uncomment to require it.
 const $ = require('jquery');
--- a/assets/stimulus_bootstrap.js
+++ b/assets/stimulus_bootstrap.js
--- a/symfony.lock
+++ b/symfony.lock
@ -655,18 +655,18 @@
        "version": "v1.1.5"
    },
    "symfony/stimulus-bundle": {
-        "version": "2.27",
+        "version": "2.31",
        "recipe": {
            "repo": "github.com/symfony/recipes",
            "branch": "main",
-            "version": "2.20",
-            "ref": "e058471c5502e549c1404ebdd510099107bb5549"
+            "version": "2.24",
+            "ref": "3357f2fa6627b93658d8e13baa416b2a94a50c5f"
        },
        "files": [
-            "assets/bootstrap.js",
            "assets/controllers.json",
            "assets/controllers/csrf_protection_controller.js",
-            "assets/controllers/hello_controller.js"
+            "assets/controllers/hello_controller.js",
+            "assets/stimulus_bootstrap.js"
        ]
    },
    "symfony/stopwatch": {
--- a/webpack.config.js
+++ b/webpack.config.js
@ -71,7 +71,7 @@ Encore
    // When enabled, Webpack "splits" your files into smaller pieces for greater optimization.
    .splitEntryChunks()

-    // enables the Symfony UX Stimulus bridge (used in assets/bootstrap.js)
+    // enables the Symfony UX Stimulus bridge (used in assets/stimulus_bootstrap.js)
    .enableStimulusBridge('./assets/controllers.json')

    // will require an extra script tag for runtime.js