merge, no commit, ff (DevExpress#32322), put import last, rename files with override, deferred fallback / wg esm vs default

Author: mpreyskurantov

apps/demos/Demos/DataGrid/BatchUpdateRequest/Angular/app/app.component.ts

@@ -4,6 +4,7 @@ import { HttpClient, provideHttpClient, withFetch } from '@angular/common/http';
 import { lastValueFrom } from 'rxjs';
 import * as AspNetData from 'devextreme-aspnet-data-nojquery';
 import { DxDataGridComponent, DxDataGridModule, DxDataGridTypes } from 'devextreme-angular/ui/data-grid';
+import 'anti-forgery';
 
 if (!/localhost/.test(document.location.host)) {
   enableProdMode();

apps/demos/Demos/DataGrid/BatchUpdateRequest/React/index.tsx

@@ -2,6 +2,8 @@ import React from 'react';
 import ReactDOM from 'react-dom';
 
 import App from './App.tsx';
+// eslint-disable-next-line import/no-unresolved
+import 'anti-forgery';
 
 ReactDOM.render(
   <App />,

apps/demos/Demos/DataGrid/BatchUpdateRequest/ReactJs/index.js

@@ -1,5 +1,7 @@
 import React from 'react';
 import ReactDOM from 'react-dom';
 import App from './App.js';
+// eslint-disable-next-line import/no-unresolved
+import 'anti-forgery';
 
 ReactDOM.render(<App />, document.getElementById('app'));

apps/demos/Demos/DataGrid/BatchUpdateRequest/Vue/index.ts

@@ -1,4 +1,5 @@
 import { createApp } from 'vue';
 import App from './App.vue';
+import 'anti-forgery';
 
 createApp(App).mount('#app');

apps/demos/Demos/DataGrid/BatchUpdateRequest/jQuery/index.html

@@ -10,6 +10,7 @@
     <link rel="stylesheet" type="text/css" href="styles.css" />
     <script src="../../../../node_modules/devextreme-dist/js/dx.all.js"></script>
     <script src="../../../../node_modules/devextreme-aspnet-data/js/dx.aspnet.data.js"></script>
+    <script src="/shared/anti-forgery/jquery-override.js"></script>
     <script src="index.js"></script>
   </head>
   <body class="dx-viewport">

apps/demos/configs/Angular/config.js

@@ -155,8 +155,10 @@ window.config = {
     'npm:': '../../../../node_modules/',
     'bundles:': '../../../../bundles/',
     'externals:': '../../../../bundles/externals/',
+    'anti-forgery:': '../../../../shared/anti-forgery/',
   },
   map: {
+    'anti-forgery': 'anti-forgery:fetch-override.js',
     'ts': 'npm:plugin-typescript/lib/plugin.js',
     'typescript': 'npm:typescript/lib/typescript.js',
     'jszip': 'npm:jszip/dist/jszip.min.js',

apps/demos/configs/React/config.js

@@ -46,9 +46,11 @@ window.config = {
     'npm:': '../../../../node_modules/',
     'bundles:': '../../../../bundles/',
     'externals:': '../../../../bundles/externals/',
+    'anti-forgery:': '../../../../shared/anti-forgery/',
   },
   defaultExtension: 'js',
   map: {
+    'anti-forgery': 'anti-forgery:fetch-override.js',
     'ts': 'npm:plugin-typescript/lib/plugin.js',
     'typescript': 'npm:typescript/lib/typescript.js',
     'jszip': 'npm:jszip/dist/jszip.min.js',

apps/demos/configs/ReactJs/config.js

@@ -46,9 +46,11 @@ window.config = {
     'npm:': '../../../../node_modules/',
     'bundles:': '../../../../bundles/',
     'externals:': '../../../../bundles/externals/',
+    'anti-forgery:': '../../../../shared/anti-forgery/',
   },
   defaultExtension: 'js',
   map: {
+    'anti-forgery': 'anti-forgery:fetch-override.js',
     'ts': 'npm:plugin-typescript/lib/plugin.js',
     'typescript': 'npm:typescript/lib/typescript.js',
     'jszip': 'npm:jszip/dist/jszip.min.js',

apps/demos/configs/Vue/config.js

@@ -44,8 +44,10 @@ window.config = {
     'npm:': '../../../../node_modules/',
     'bundles:': '../../../../bundles/',
     'externals:': '../../../../bundles/externals/',
+    'anti-forgery:': '../../../../shared/anti-forgery/',
   },
   map: {
+    'anti-forgery': 'anti-forgery:fetch-override.js',
     'vue': 'npm:vue/dist/vue.esm-browser.js',
     '@vue/shared': 'npm:@vue/shared/dist/shared.cjs.prod.js',
     'vue-loader': 'npm:dx-systemjs-vue-browser/index.js',

apps/demos/shared/anti-forgery/fetch-override.js

@@ -0,0 +1,100 @@
+import ajax from 'devextreme/core/utils/ajax';
+import { Deferred } from 'devextreme/core/utils/deferred';
+
+const sendRequestOrig = ajax.sendRequest;
+const fetchOrig = fetch;
+let antiForgeryGettingPromise = null;
+
+async function fetchAntiForgeryToken() {
+  try {
+    const response = await fetchOrig('https://js.devexpress.com/Demos/NetCore/api/Common/GetAntiForgeryToken', {
+      method: 'GET',
+      credentials: 'include',
+      cache: 'no-cache',
+    });
+
+    if (!response.ok) {
+      const errorMessage = await response.text();
+      throw new Error(`Failed to retrieve anti-forgery token: ${errorMessage || response.statusText}`);
+    }
+
+    return await response.json();
+  } catch (error) {
+    const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+    throw new Error(errorMessage);
+  }
+}
+
+async function getAntiForgeryTokenValue() {
+  const tokenMeta = document.querySelector('meta[name="csrf-token"]');
+
+  if (tokenMeta) {
+    const headerName = tokenMeta.dataset.headerName || 'RequestVerificationToken';
+    const token = tokenMeta.getAttribute('content') || '';
+
+    return Promise.resolve({ headerName, token });
+  }
+
+  if (!antiForgeryGettingPromise) {
+    antiForgeryGettingPromise = fetchAntiForgeryToken();
+  }
+
+  const tokenData = await antiForgeryGettingPromise;
+  const meta = document.createElement('meta');
+
+  meta.name = 'csrf-token';
+  meta.content = tokenData.token;
+  meta.dataset.headerName = tokenData.headerName;
+  document.head.appendChild(meta);
+  antiForgeryGettingPromise = null;
+
+  return tokenData;
+}
+
+ajax.sendRequest = (options) => {
+  const deferred = typeof Deferred !== 'undefined' ? new Deferred() : (() => {
+    let resolve;
+    let reject;
+    // eslint-disable-next-line spellcheck/spell-checker
+    const promise = new Promise((res, rej) => { resolve = res; reject = rej; });
+    return { promise: () => promise, resolve, reject };
+  })();
+
+  getAntiForgeryTokenValue().then(({ headerName, token }) => {
+    options.headers = {
+      [headerName]: token,
+      ...(options.headers || {}),
+    };
+
+    options.xhrFields = {
+      withCredentials: true,
+    };
+
+    sendRequestOrig(options).then(
+      (result) => {
+        deferred.resolve(result);
+        if (result.success) {
+          deferred.resolve(result);
+        } else {
+          deferred.reject(result);
+        }
+      },
+      (e) => deferred.reject(e),
+    );
+  });
+
+  return deferred.promise();
+};
+
+window.fetch = async (url, options = {}) => {
+  const { headerName, token } = await getAntiForgeryTokenValue();
+
+  options.headers = {
+    [headerName]: token,
+    ...(options.headers || {}),
+  };
+
+  options.credentials = 'include';
+
+  return fetchOrig(url, options);
+};