Reintroduce TFE duration metadata: DB columns, form fields, controllers, views, and migration

Add 'unsafe-eval' to CSP script-src directives (htmx requires Function())
2026-06-25 16:19:19 +02:00 · 2026-06-11 13:05:37 +02:00
parent 00fed5f0e3
commit d588ae004d
81 changed files with 1061 additions and 840 deletions
--- a/app/public/assets/js/app/autosave-handler.js
+++ b/app/public/assets/js/app/autosave-handler.js
@@ -5,7 +5,14 @@
 * parse errors instead of silently swallowing them (unlike the
 * old autosave.js .catch(() => {}) pattern).
 */
-function _handleAutosaveResponse(event) {
+function handleAutosaveResponse(event) {
+	// Only handle responses from autosave endpoints (draft.php).
+	// The htmx:afterRequest event bubbles, so child elements'
+	// HTMX requests (e.g. licence fragment, pill-search) also
+	// reach this handler. We filter by URL to avoid mixing them.
+	const url = event.detail.requestConfig?.path || "";
+	if (!url.includes("draft.php")) return;
+
 	const form = event.target.closest("form");
 	const status = form ? form.querySelector("[data-autosave-status]") : null;

@@ -56,11 +63,17 @@ function _handleAutosaveResponse(event) {

 // Show saving indicator while request is in flight
 document.body.addEventListener("htmx:beforeRequest", (e) => {
+	const url = e.detail.requestConfig?.path || "";
+	if (!url.includes("draft.php")) return;
+	// The autosave request comes from the hidden probe div, so find
+	// the status indicator by searching the closest form.
 	const el = e.target;
-	if (!el) return;
-	const status = el.querySelector("[data-autosave-status]");
+	const form = el?.closest?.("form");
+	const status = form?.querySelector?.("[data-autosave-status]");
 	if (status) {
 		status.textContent = "Enregistrement…";
 		status.className = "autosave-status autosave-status--saving";
 	}
 });
+
+