From e12b76f10281af0b8eaf94b20ebbfc0288b99e8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simon=20Andr=C3=A9?= Date: Sun, 19 Jan 2025 18:43:41 +0100 Subject: [PATCH] Dispatch event on CSRF form field value change This allow support / compatibility with LiveComponent when action are done between form first render and submit (ex: another form submit with Turbo and double header check) See https://github.com/symfony/ux/issues/2505 --- .../2.20/assets/controllers/csrf_protection_controller.js | 1 + 1 file changed, 1 insertion(+) diff --git a/symfony/stimulus-bundle/2.20/assets/controllers/csrf_protection_controller.js b/symfony/stimulus-bundle/2.20/assets/controllers/csrf_protection_controller.js index b4b8ab9f4..709100a5f 100644 --- a/symfony/stimulus-bundle/2.20/assets/controllers/csrf_protection_controller.js +++ b/symfony/stimulus-bundle/2.20/assets/controllers/csrf_protection_controller.js @@ -15,6 +15,7 @@ document.addEventListener('submit', function (event) { if (!csrfCookie && nameCheck.test(csrfToken)) { csrfField.setAttribute('data-csrf-protection-cookie-value', csrfCookie = csrfToken); csrfField.defaultValue = csrfToken = btoa(String.fromCharCode.apply(null, (window.crypto || window.msCrypto).getRandomValues(new Uint8Array(18)))); + csrfField.dispatchEvent(new Event('change', {bubbles: true})); } if (csrfCookie && tokenCheck.test(csrfToken)) {