Add modal for External Redirects (#1740)

* Add Modal for External Redirects

* Add Translations

* Apply fixes from StyleCI

* Add system to always trust a domain

* Show modal only if a has data-external-redirect

* Move isExternalFile check in an Attribute

* Apply fixes from StyleCI

---------

Co-authored-by: StyleCI Bot <bot@styleci.io>
Co-authored-by: Nabeel S <nabeelio@users.noreply.github.com>

app/Models/File.php

@@ -114,4 +114,11 @@ public function url(): Attribute
             }
         );
     }
+
+    public function isExternalFile(): Attribute
+    {
+        return Attribute::make(
+            get: fn ($value, array $attrs): bool => is_null($attrs['disk']) && !str_contains($this->url, config('app.url')),
+        );
+    }
 }

public/mix-manifest.json

@@ -1,7 +1,7 @@
 {
-    "/assets/frontend/js/app.js": "/assets/frontend/js/app.js?id=b31da7aeb1ffcce1b912cb391dc8dfa6",
-    "/assets/installer/js/app.js": "/assets/installer/js/app.js?id=424fbd881ec1e514401ba1d0d7265351",
-    "/assets/admin/js/app.js": "/assets/admin/js/app.js?id=d75180a717e61b3b79db8688fc44df0a",
+    "/assets/frontend/js/app.js": "/assets/frontend/js/app.js?id=e1bc799477f5de762f1c59ba54444b8f",
+    "/assets/installer/js/app.js": "/assets/installer/js/app.js?id=1a1e308c3aed9d14150c40a6f75390e0",
+    "/assets/admin/js/app.js": "/assets/admin/js/app.js?id=c7cb39719207af72f3b56fe7b70e0ae4",
     "/assets/admin/css/vendor.min.css": "/assets/admin/css/vendor.min.css?id=faf0d79a49fe19dc37f0e7dbeadc95a3",
     "/assets/frontend/css/now-ui-kit.css": "/assets/frontend/css/now-ui-kit.css?id=87da09c98178bcb36a3b6a1510d21274",
     "/assets/fonts/glyphicons-halflings-regular.woff2": "/assets/fonts/glyphicons-halflings-regular.woff2?id=349344e92fb16221dd5621c254fdc45e",
@@ -537,7 +537,7 @@
     "/assets/vendor/ckeditor4/adapters/jquery.js": "/assets/vendor/ckeditor4/adapters/jquery.js?id=6218a293e19774d2ef43a4c6d1e6c008",
     "/assets/vendor/ckeditor4/assets/ckeditor4.png": "/assets/vendor/ckeditor4/assets/ckeditor4.png?id=498f66c5b82528c915058607e81e85b6",
     "/assets/vendor/ckeditor4/bower.json": "/assets/vendor/ckeditor4/bower.json?id=a6d6f831706863d6df7ae6190edba0fc",
-    "/assets/vendor/ckeditor4/build-config.js": "/assets/vendor/ckeditor4/build-config.js?id=11af89f45a562dc42275e45b2368250c",
+    "/assets/vendor/ckeditor4/build-config.js": "/assets/vendor/ckeditor4/build-config.js?id=525d90d449b2e6246a6fe916e0df7bc2",
     "/assets/vendor/ckeditor4/ckeditor.js": "/assets/vendor/ckeditor4/ckeditor.js?id=aa81f7b2b2ddb8c4e0dd2730d63cabdc",
     "/assets/vendor/ckeditor4/composer.json": "/assets/vendor/ckeditor4/composer.json?id=7d18ab5f522c8ecf38925ad7069d0b8a",
     "/assets/vendor/ckeditor4/config.js": "/assets/vendor/ckeditor4/config.js?id=dbc65722e8c3bae5b43b7616b7608db8",

resources/js/frontend/app.js

@@ -7,6 +7,7 @@
 
 // Import the bids functionality
 import { addBid, removeBid } from './bids';
+import handleExternalRedirects from './external_redirect';
 
 require('./../bootstrap');
 
@@ -17,3 +18,6 @@ window.phpvms.bids = {
 
 // Import the mapping function
 window.phpvms.map = require('../maps/index');
+
+// External redirects handler
+handleExternalRedirects();

resources/js/frontend/external_redirect.js

@@ -0,0 +1,48 @@
+export default () => {
+  document.addEventListener('DOMContentLoaded', () => {
+    const links = document.querySelectorAll('a[data-external-redirect]');
+
+    links.forEach((link) => {
+      const href = link.getAttribute('href');
+
+      // Check if the link is external
+      link.addEventListener('click', (e) => {
+        let externalHost;
+        if (link.getAttribute('data-external-redirect') !== 'true') {
+          externalHost = new URL(link.getAttribute('data-external-redirect')).hostname;
+        } else {
+          externalHost = new URL(href).hostname;
+        }
+
+        // We check if the user has already trusted the domain
+        const trustedDomains = window.localStorage.getItem('trustedDomains') ? JSON.parse(window.localStorage.getItem('trustedDomains')) : [];
+        if (trustedDomains.includes(externalHost)) {
+          return;
+        }
+
+        // We prevent the link from opening
+        e.preventDefault();
+
+        $('#externalRedirectHost').html(externalHost);
+        $('#externalRedirectUrl').attr('href', href);
+        $('#externalRedirectModal').modal('show');
+      });
+    });
+
+    document.querySelector('#externalRedirectUrl')
+      .addEventListener('click', () => {
+        if (document.querySelector('#redirectAlwaysTrustThisDomain').checked) {
+          const host = new URL(document.querySelector('#externalRedirectUrl').getAttribute('href')).hostname;
+          const trustedDomains = window.localStorage.getItem('trustedDomains') ? JSON.parse(window.localStorage.getItem('trustedDomains')) : [];
+
+          if (!trustedDomains.includes(host)) {
+            trustedDomains.push(host);
+            window.localStorage.setItem('trustedDomains', JSON.stringify(trustedDomains));
+          }
+        }
+
+        $('#externalRedirectModal')
+          .modal('hide');
+      });
+  });
+};

resources/lang/de/common.php

@@ -59,4 +59,9 @@
         'sat'   => 'Samstag',
         'sun'   => 'Sonntag',
     ],
+    'external_redirection' => 'Externe Weiterleitung',
+    'abouttoleave'         => 'Sie sind dabei, diese Website zu verlassen und werden weitergeleitet zu',
+    'wanttocontinue'       => 'Möchten Sie fortfahren?',
+    'continue'             => 'Weiter',
+    'alwaystrustdomain'    => 'Immer diesem Domain vertrauen',
 ];

resources/lang/en/common.php

@@ -59,4 +59,9 @@
         'sat'   => 'Saturday',
         'sun'   => 'Sunday',
     ],
+    'external_redirection' => 'External Redirection',
+    'abouttoleave'         => 'You are about to leave this website and be redirected to ',
+    'wanttocontinue'       => 'Do you want to continue?',
+    'continue'             => 'Continue',
+    'alwaystrustdomain'    => 'Always trust this domain',
 ];

resources/lang/es-es/common.php

@@ -59,4 +59,9 @@
         'sat'   => 'sábado',
         'sun'   => 'domingo',
     ],
+    'external_redirection' => 'Redirección Externa',
+    'abouttoleave'         => 'Estás a punto de abandonar este sitio web y ser redirigido a',
+    'wanttocontinue'       => '¿Quieres continuar?',
+    'continue'             => 'Continuar',
+    'alwaystrustdomain'    => 'Confiar siempre en este dominio',
 ];

resources/lang/fr/common.php

@@ -59,4 +59,9 @@
         'sat'   => 'Samedi',
         'sun'   => 'Dimanche',
     ],
+    'external_redirection' => 'Redirection Externe',
+    'abouttoleave'         => 'Vous êtes sur le point de quitter ce site web et d\'être redirigé vers',
+    'wanttocontinue'       => 'Voulez-vous continuer ?',
+    'continue'             => 'Continuer',
+    'alwaystrustdomain'    => 'Toujours faire confiance à ce domaine',
 ];

resources/lang/it/common.php

@@ -59,4 +59,9 @@
         'sat'   => 'Sabato',
         'sun'   => 'Domenica',
     ],
+    'external_redirection' => 'Ridirezionamento Esterno',
+    'abouttoleave'         => 'Stai per lasciare questo sito e sarai reindirizzato a',
+    'wanttocontinue'       => 'Vuoi continuare?',
+    'continue'             => 'Continua',
+    'alwaystrustdomain'    => 'Affidati sempre a questo dominio',
 ];

resources/lang/pt-br/common.php

@@ -57,4 +57,9 @@
         'sat'   => 'Sábado',
         'sun'   => 'Domingo',
     ],
+    'external_redirection' => 'Redirecionamento Externo',
+    'abouttoleave'         => 'Você está prestes a sair deste site e será redirecionado para',
+    'wanttocontinue'       => 'Deseja continuar?',
+    'continue'             => 'Continuar',
+    'alwaystrustdomain'    => 'Sempre confiar neste domínio',
 ];

resources/views/layouts/default/app.blade.php

@@ -69,6 +69,9 @@
   </footer>
 </div>
 
+{{-- External Redirects Modal --}}
+@include('external_redirect_modal')
+
 <script defer src="https://use.fontawesome.com/releases/v5.0.6/js/all.js"></script>
 
 {{-- Start of the required tags block. Don't remove these or things will break!! --}}

resources/views/layouts/default/downloads/table.blade.php

@@ -1,7 +1,7 @@
 <ul class="list-group">
   @foreach($files as $file)
     <li class="list-group-item">
-      <a href="{{route('frontend.downloads.download', [$file->id])}}" target="_blank">
+      <a href="{{route('frontend.downloads.download', [$file->id])}}" target="_blank" @if($file->isExternalFile) data-external-redirect="{{ $file->url }}" @endif>
         {{ $file->name }}
       </a>
 

resources/views/layouts/default/external_redirect_modal.blade.php

@@ -0,0 +1,25 @@
+<div class="modal fade" id="externalRedirectModal" tabindex="-1" aria-labelledby="exampleModalLabel" aria-hidden="true">
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h5 class="modal-title">@lang('common.external_redirection')</h5>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="modal-body">
+        @lang('common.abouttoleave') <span class="text-primary" id="externalRedirectHost"></span>. @lang('common.wanttocontinue')
+        <div class="input-group form-group-no-border mt-2">
+          <input id="redirectAlwaysTrustThisDomain" type="checkbox" value="1">
+          <label for="redirectAlwaysTrustThisDomain" class="control-label mb-0 ml-2">
+            @lang('common.alwaystrustdomain')
+          </label>
+        </div>
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-secondary" data-dismiss="modal">@lang('common.close')</button>
+        <a href="#" target="_blank" class="btn btn-primary" id="externalRedirectUrl">@lang('common.continue')</a>
+      </div>
+    </div>
+  </div>
+</div>