{"version":3,"file":"1433-1d0f9d03.pkg.js","mappings":"iKAGA,MAAMA,UAAuBC,EAAAA,EAC3BC,WAAAA,CAAYC,GACVC,MAAMD,GACNE,KAAKC,eAAiB,CACpB,kBACA,YACA,oBAGFD,KAAKE,MACP,CAEAA,IAAAA,GACE,IAAK,IAAIC,EAAI,EAAGH,KAAKC,eAAeE,GAAIA,IAAK,CAC3C,MAAMC,EAAQJ,KAAKC,eAAeE,GAAGE,cAC/BC,EAAeN,KAAKO,aAAaH,GAEvC,GAAKE,IAGkBN,KAAKQ,iBAAiBF,GAExB,CACnB,IAAIG,EAAoBC,OAAOC,SAASC,OACnCZ,KAAKQ,iBAAiBC,KACzBA,EAAoB,2BAItBC,OAAOC,SAASE,KAAOH,OAAOC,SAASC,OAASF,OAAOC,SAASG,SAAW,IAAMV,EAAQ,IAAMK,EAC/F,KACF,CACF,CACF,CAEAF,YAAAA,CAAaQ,EAAKC,QAEW,IAAhBA,IACTA,EAAcL,SAASM,OAAOC,UAAU,IAG1C,MAAMC,EAASH,EAAYI,MAAM,KACjC,IAAK,IAAIjB,EAAI,EAAGA,EAAIgB,EAAOE,OAAQlB,IAAK,CACtC,MAAMmB,EAAOH,EAAOhB,GAAGiB,MAAM,KAC7B,GAAIE,EAAK,GAAGjB,eAAiBU,EAAIV,cAC/B,OAAOiB,EAAK,EAEhB,CACA,OAAO,IACT,CAEAd,gBAAAA,CAAkBe,GAChB,QAAKA,IAKU,OAFfA,GAAMC,EAAAA,EAAAA,IAAmBD,IAEjB,KAENA,EAAMb,OAAOC,SAASC,OAASW,GAEV,MAAnBA,EAAIE,QAAQ,KAEdF,GAAO,KAID,6DAA6DG,KAAKH,GAC5E,EAGF,W,wJC1EO,MAAMI,EAAcC,GAClBA,EAAOC,OAAO,GAAGC,cAAgBF,EAAOG,MAAM,GAG1CC,EAAeA,KACVC,SAASC,OAAOd,MAAM,MAC9Be,SAAQC,IACd,MAAMC,EAAI3B,OAAOC,SAAS2B,SAASlB,MAAM,KACzC,KAAOiB,EAAEhB,OAAS,GAAG,CACnB,MAAMkB,EAAaC,mBAAmBJ,EAAKhB,MAAM,KAAK,GAAGA,MAAM,KAAK,IAAM,oDAAsDiB,EAAEI,KAAK,KAAO,UACxIC,EAAI/B,SAASG,SAASM,MAAM,KAElC,IADAa,SAASC,OAASK,EAAa,IACxBG,EAAErB,OAAS,GAChBY,SAASC,OAASK,EAAaG,EAAED,KAAK,KACtCC,EAAEC,MAEJN,EAAEO,OACJ,IACA,EAGSpB,EAAsBD,IACjC,MAAMsB,EAAaC,mBAAmBvB,GACtC,OAAIsB,IAAetB,EACVsB,EAEFrB,EAAmBqB,EAAW,EAG1BE,EAAYC,GAChBA,SAAqCA,EAAInD,aAAeoD,OAEpDC,EAAgBC,IAC3B,IACEC,KAAKC,MAAMF,EACb,CAAE,MAAOG,GACP,OAAO,CACT,CACA,OAAO,CAAI,C","sources":["webpack://frontend-build-tools/./src/feature/return-url-check/return-url-check.js","webpack://frontend-build-tools/./src/foundation/Helpers/utils.js"],"sourcesContent":["import BaseFeature from 'foundation/base/base';\r\nimport { recursiveUrlDecode } from 'foundation/Helpers/utils';\r\n\r\nclass ReturnUrlCheck extends BaseFeature {\r\n  constructor(element) {\r\n    super(element);\r\n    this.validateParams = [\r\n      'loginSuccessUrl',\r\n      'returnUrl',\r\n      'logoutSuccessUrl'\r\n    ];\r\n\r\n    this.init();\r\n  }\r\n\r\n  init() {\r\n    for (let i = 0; this.validateParams[i]; i++) {\r\n      const param = this.validateParams[i].toLowerCase();\r\n      const redirectPage = this.getParameter(param);\r\n\r\n      if (!redirectPage) {\r\n        continue;\r\n      }\r\n      const validReturnUrl = this.isValidReturnUrl(redirectPage);\r\n\r\n      if (!validReturnUrl) {\r\n        let fallbackReturnUrl = window.location.origin;\r\n        if (!this.isValidReturnUrl(fallbackReturnUrl)) {\r\n          fallbackReturnUrl = 'https://tivolicasino.dk';\r\n        }\r\n\r\n        // URL has been tampered with. Reload page and sent user to fallback URL after flow\r\n        window.location.href = window.location.origin + window.location.pathname + '?' + param + '=' + fallbackReturnUrl;\r\n        break;\r\n      }\r\n    }\r\n  }\r\n\r\n  getParameter(key, queryString) {\r\n    // if queryString not defined, use current location URL\r\n    if (typeof queryString === 'undefined') {\r\n      queryString = location.search.substring(1);\r\n    }\r\n\r\n    const params = queryString.split('&');\r\n    for (let i = 0; i < params.length; i++) {\r\n      const args = params[i].split('=');\r\n      if (args[0].toLowerCase() == key.toLowerCase()) {\r\n        return args[1];\r\n      }\r\n    }\r\n    return null;\r\n  }\r\n\r\n  isValidReturnUrl (url) {\r\n    if (!url) {\r\n      return false;\r\n    }\r\n    url = recursiveUrlDecode(url);\r\n\r\n    if (url[0] === '/') {\r\n      // If first character is '/', URL is relative to the existing origin\r\n      url = window.location.origin + url;\r\n    }\r\n    if (url.substr(-1) !== '/') {\r\n      // Ensure we have tailing check, for full-filling the regexp below\r\n      url += '/';\r\n    }\r\n\r\n    // TODO: Allow a host of whitelisted domains to be checked against\r\n    return (/^https:\\/\\/([a-zA-Z0-9-]*\\.)*(tivolicasino\\.(dk|local))\\//i.test(url));\r\n  }\r\n}\r\n\r\nexport default ReturnUrlCheck;\r\n","export const capitalize = (string) => {\r\n  return string.charAt(0).toUpperCase() + string.slice(1);\r\n};\r\n\r\nexport const clearCookies = () => {\r\n  const cookies = document.cookie.split('; ');\r\n  cookies.forEach(item => {\r\n    const d = window.location.hostname.split('.');\r\n    while (d.length > 0) {\r\n      const cookieBase = encodeURIComponent(item.split(';')[0].split('=')[0]) + '=; expires=Thu, 01-Jan-1970 00:00:01 GMT; domain=' + d.join('.') + ' ;path=';\r\n      const p = location.pathname.split('/');\r\n      document.cookie = cookieBase + '/';\r\n      while (p.length > 0) {\r\n        document.cookie = cookieBase + p.join('/');\r\n        p.pop();\r\n      }\r\n      d.shift();\r\n    }\r\n  });\r\n};\r\n\r\nexport const recursiveUrlDecode = (url) => {\r\n  const decodedUrl = decodeURIComponent(url);\r\n  if (decodedUrl === url) {\r\n    return decodedUrl;\r\n  }\r\n  return recursiveUrlDecode(decodedUrl);\r\n};\r\n\r\nexport const isObject = (obj) => {\r\n  return obj !== undefined && obj !== null && obj.constructor == Object;\r\n};\r\nexport const isJsonString = (str) => {\r\n  try {\r\n    JSON.parse(str);\r\n  } catch (e) {\r\n    return false;\r\n  }\r\n  return true;\r\n};\r\n\r\n\r\n\r\n\r\n"],"names":["ReturnUrlCheck","BaseFeature","constructor","element","super","this","validateParams","init","i","param","toLowerCase","redirectPage","getParameter","isValidReturnUrl","fallbackReturnUrl","window","location","origin","href","pathname","key","queryString","search","substring","params","split","length","args","url","recursiveUrlDecode","substr","test","capitalize","string","charAt","toUpperCase","slice","clearCookies","document","cookie","forEach","item","d","hostname","cookieBase","encodeURIComponent","join","p","pop","shift","decodedUrl","decodeURIComponent","isObject","obj","Object","isJsonString","str","JSON","parse","e"],"sourceRoot":""}