Skip to content

Commit 3fa3924

Browse files
authored
PD-5332 (#2801)
* PD-5332 * PD-5332
1 parent 40a39fb commit 3fa3924

2 files changed

Lines changed: 46 additions & 3 deletions

File tree

src/app/core/wordpress/wordpress.service.ts

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -64,6 +64,23 @@ export class WordpressService {
6464
)
6565
}
6666

67+
getHomePageModulesJS(): Observable<string> {
68+
const primaryUrl = `${runtimeEnvironment.WORDPRESS_S3}/wordpress-homepage-modules.js`
69+
const fallbackUrl = `${runtimeEnvironment.WORDPRESS_S3_FALLBACK}/wordpress-homepage-modules.js`
70+
return this.fetchWithFallback(primaryUrl, fallbackUrl).pipe(
71+
map((data: { html: string; url: string }) => {
72+
// Keep asset URL rewriting consistent with the classic bundle.
73+
const find = './assets/'
74+
const regex = new RegExp(find, 'g')
75+
const updated = data.html.replace(
76+
regex,
77+
`${data.url.replace(/wordpress-homepage-modules.*\.js$/, '')}assets/`
78+
)
79+
return updated
80+
})
81+
)
82+
}
83+
6784
private fetchWithFallback(
6885
primaryUrl: string,
6986
fallbackUrl: string

src/app/home/pages/home/home.component.ts

Lines changed: 29 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ export class HomeComponent implements OnInit {
2727
platform
2828
wordpressView!: SafeHtml
2929
notWordpressDisplay: boolean
30+
private wordpressAssetsLoaded = false
3031

3132
constructor(
3233
_platformInfo: PlatformInfoService,
@@ -54,9 +55,12 @@ export class HomeComponent implements OnInit {
5455
.subscribe()
5556
}
5657
private setupHompage() {
58+
// Note: scripts inserted via [innerHTML] won't execute. We must load the
59+
// required CSS/JS via real DOM nodes.
5760
return this.setupCss().pipe(
5861
switchMap(() => this.setupHtml()),
59-
switchMap(() => this.setupJs())
62+
switchMap(() => this.setupJs()),
63+
switchMap(() => this.setupModulesJs())
6064
)
6165
}
6266

@@ -73,18 +77,40 @@ export class HomeComponent implements OnInit {
7377
setupJs() {
7478
return this.wordpressService.getHomePageJS().pipe(
7579
tap((js) => {
80+
if (this.wordpressAssetsLoaded) return
7681
const script = this.document.createElement('script')
7782
script.innerHTML = js
7883
this.document.body.appendChild(script)
7984
})
8085
)
8186
}
8287

88+
setupModulesJs() {
89+
return this.wordpressService.getHomePageModulesJS().pipe(
90+
tap((js) => {
91+
if (this.wordpressAssetsLoaded) return
92+
const script = this.document.createElement('script')
93+
script.type = 'module'
94+
script.innerHTML = js
95+
this.document.body.appendChild(script)
96+
this.wordpressAssetsLoaded = true
97+
})
98+
)
99+
}
100+
83101
setupHtml() {
84102
return this.wordpressService.getHomePagePost().pipe(
85103
tap((html) => {
86-
this.wordpressView = this.sanitizer.bypassSecurityTrustHtml(html)
87-
this.wordpressView
104+
// Parse and render only body content. Any <link>/<script> tags in the
105+
// fetched HTML would not execute when injected via [innerHTML] anyway.
106+
const parser = new DOMParser()
107+
const doc = parser.parseFromString(html, 'text/html')
108+
109+
doc.querySelectorAll('script,link[rel="stylesheet"]').forEach((n) => n.remove())
110+
111+
this.wordpressView = this.sanitizer.bypassSecurityTrustHtml(
112+
doc.body?.innerHTML ?? html
113+
)
88114
})
89115
)
90116
}

0 commit comments

Comments
 (0)