remove inline style debugbar for CSP

YapsBridging · Jan 11, 2024 · 76d7d63 · 76d7d63
1 parent 4308c0b
commit 76d7d63
Show file tree

Hide file tree

Showing 8 changed files with 509 additions and 226 deletions.
diff --git a/admin/css/debug-toolbar/toolbar.scss b/admin/css/debug-toolbar/toolbar.scss
@@ -467,6 +467,18 @@
     @import '_theme-light';
 }
 
+#ci-database.debug-bar-dblock,
+#ci-files.debug-bar-dblock,
+#ci-routes.debug-bar-dblock,
+#ci-events.debug-bar-dblock,
+#ci-history.debug-bar-dblock,
+#ci-vars.debug-bar-dblock,
+#ci-config.debug-bar-dblock,
+#ci-timeline.debug-bar-dblock
+{
+   display: block;
+}
+
 
 // LAYOUT HELPERS
 // ========================================================================== */
@@ -510,3 +522,47 @@
 .debug-bar-noverflow {
     overflow: hidden;
 }
+
+.debug-bar-dtableRow{
+    display: table-row;
+  }
+
+.debug-bar-dinlineBlock{
+    display: inline-block;
+}
+
+.debug-bar-pointer{
+    cursor: pointer;
+}
+
+.debug-bar-mleft4{
+    margin-left: 4px;
+}
+
+.level-0{
+    --level: 0;
+}
+
+.level-1{
+    --level: 1;
+}
+
+.level-2{
+    --level: 2;
+}
+
+.level-3{
+    --level: 3;
+}
+
+.level-4{
+    --level: 4;
+}
+
+.level-5{
+    --level: 5;
+}
+
+.level-6{
+    --level: 6;
+}
diff --git a/app/Views/welcome_message.php b/app/Views/welcome_message.php
diff --git a/system/Debug/Toolbar.php b/system/Debug/Toolbar.php
@@ -52,11 +52,11 @@ public function __construct(ToolbarConfig $config)
         $this->config = $config;
 
         foreach ($config->collectors as $collector) {
-            if (! class_exists($collector)) {
+            if (!class_exists($collector)) {
                 log_message(
                     'critical',
                     'Toolbar collector does not exist (' . $collector . ').'
-                    . ' Please check $collectors in the app/Config/Toolbar.php file.'
+                        . ' Please check $collectors in the app/Config/Toolbar.php file.'
                 );
 
                 continue;
@@ -190,19 +190,19 @@ protected function renderTimelineRecursive(array $rows, float $startTime, int $s
         $output = '';
 
         foreach ($rows as $row) {
-            $hasChildren = isset($row['children']) && ! empty($row['children']);
-            $isQuery     = isset($row['query']) && ! empty($row['query']);
+            $hasChildren = isset($row['children']) && !empty($row['children']);
+            $isQuery     = isset($row['query']) && !empty($row['query']);
 
             // Open controller timeline by default
             $open = $row['name'] === 'Controller';
 
             if ($hasChildren || $isQuery) {
-                $output .= '<tr class="timeline-parent' . ($open ? ' timeline-parent-open' : '') . '" id="timeline-' . $styleCount . '_parent" onclick="ciDebugBar.toggleChildRows(\'timeline-' . $styleCount . '\');">';
+                $output .= '<tr class="timeline-parent' . ($open ? ' timeline-parent-open' : '') . '" id="timeline-' . $styleCount . '_parent" data-toggle="childrows" data-child="timeline-' . $styleCount . '">';
             } else {
                 $output .= '<tr>';
             }
 
-            $output .= '<td class="' . ($isChild ? 'debug-bar-width30' : '') . '" style="--level: ' . $level . ';">' . ($hasChildren || $isQuery ? '<nav></nav>' : '') . $row['name'] . '</td>';
+            $output .= '<td class="' . ($isChild ? 'debug-bar-width30' : '') . ' level-' . $level . '" >' . ($hasChildren || $isQuery ? '<nav></nav>' : '') . $row['name'] . '</td>';
             $output .= '<td class="' . ($isChild ? 'debug-bar-width10' : '') . '">' . $row['component'] . '</td>';
             $output .= '<td class="' . ($isChild ? 'debug-bar-width10 ' : '') . 'debug-bar-alignRight">' . number_format($row['duration'] * 1000, 2) . ' ms</td>';
             $output .= "<td class='debug-bar-noverflow' colspan='{$segmentCount}'>";
@@ -220,15 +220,15 @@ protected function renderTimelineRecursive(array $rows, float $startTime, int $s
 
             // Add children if any
             if ($hasChildren || $isQuery) {
-                $output .= '<tr class="child-row" id="timeline-' . ($styleCount - 1) . '_children" style="' . ($open ? '' : 'display: none;') . '">';
+                $output .= '<tr class="child-row ' . ($open ? '' : ' debug-bar-ndisplay') . '" id="timeline-' . ($styleCount - 1) . '_children" >';
                 $output .= '<td colspan="' . ($segmentCount + 3) . '" class="child-container">';
                 $output .= '<table class="timeline">';
                 $output .= '<tbody>';
 
                 if ($isQuery) {
                     // Output query string if query
                     $output .= '<tr>';
-                    $output .= '<td class="query-container" style="--level: ' . ($level + 1) . ';">' . $row['query'] . '</td>';
+                    $output .= '<td class="query-container level-' . ($level + 1) . '" >' . $row['query'] . '</td>';
                     $output .= '</tr>';
                 } else {
                     // Recursively render children
@@ -256,7 +256,7 @@ protected function collectTimelineData($collectors): array
 
         // Collect it
         foreach ($collectors as $collector) {
-            if (! $collector['hasTimelineData']) {
+            if (!$collector['hasTimelineData']) {
                 continue;
             }
 
@@ -316,14 +316,14 @@ protected function structureTimelineData(array $elements): array
      */
     protected function collectVarData(): array
     {
-        if (! ($this->config->collectVarData ?? true)) {
+        if (!($this->config->collectVarData ?? true)) {
             return [];
         }
 
         $data = [];
 
         foreach ($this->collectors as $collector) {
-            if (! $collector->hasVarData()) {
+            if (!$collector->hasVarData()) {
                 continue;
             }
 
@@ -353,7 +353,7 @@ public function prepare(?RequestInterface $request = null, ?ResponseInterface $r
         /**
          * @var IncomingRequest|null $request
          */
-        if (CI_DEBUG && ! is_cli()) {
+        if (CI_DEBUG && !is_cli()) {
             $app = Services::codeigniter();
 
             $request ??= Services::request();
@@ -378,7 +378,7 @@ public function prepare(?RequestInterface $request = null, ?ResponseInterface $r
             // Updated to microtime() so we can get history
             $time = sprintf('%.6f', Time::now()->format('U.u'));
 
-            if (! is_dir(WRITEPATH . 'debugbar')) {
+            if (!is_dir(WRITEPATH . 'debugbar')) {
                 mkdir(WRITEPATH . 'debugbar', 0777);
             }
 
@@ -404,11 +404,11 @@ public function prepare(?RequestInterface $request = null, ?ResponseInterface $r
             $kintScript         = ($kintScript === '0') ? '' : $kintScript;
 
             $script = PHP_EOL
-                . '<script ' . csp_script_nonce() . ' id="debugbar_loader" '
+                . '<script  id="debugbar_loader" '
                 . 'data-time="' . $time . '" '
                 . 'src="' . site_url() . '?debugbar"></script>'
-                . '<script ' . csp_script_nonce() . ' id="debugbar_dynamic_script"></script>'
-                . '<style ' . csp_style_nonce() . ' id="debugbar_dynamic_style"></style>'
+                . '<script {csp-script-nonce} id="debugbar_dynamic_script"></script>'
+                . '<style {csp-style-nonce} id="debugbar_dynamic_style"></style>'
                 . $kintScript
                 . PHP_EOL;
 

diff --git a/system/Debug/Toolbar/Views/_database.tpl b/system/Debug/Toolbar/Views/_database.tpl
@@ -10,9 +10,9 @@
         <tr class="{class}" title="{hover}" data-toggle="{qid}-trace">
             <td class="narrow">{duration}</td>
             <td>{! sql !}</td>
-            <td style="text-align: right"><strong>{trace-file}</strong></td>
+            <td class="debug-bar-alignRight" ><strong>{trace-file}</strong></td>
         </tr>
-        <tr class="muted" id="{qid}-trace" style="display:none">
+        <tr class="muted debug-bar-ndisplay" id="{qid}-trace" >
             <td></td>
             <td colspan="2">
             {trace}