mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-06-25 16:19:19 +02:00
1ff3c70ebe
- Track vendor JS files (filepond, htmx, overtype) that were moved to app/public/assets/js/vendor/ but never tracked → missing from deploys - Add script-src 'self' 'unsafe-inline' to main CSP header so public pages (jury fieldset, repertoire, partage) can use inline scripts and onclick handlers - Add storage/tmp/filepond/* to .gitignore with .gitkeep, and exclude from deploy rsync to avoid syncing local test uploads to production
990 B
990 B
FilePond Server-ID Refactor
- Step 1 — Build 4 PHP endpoints (process.php, revert.php, load.php, remove.php)
- Step 2 — Update ThesisFileHandler to accept file_ids instead of $_FILES
- Step 3 — Update file-upload-filepond.js (async server model + all fixes)
- Step 4 — Update templates (data-queue-type on all inputs, data-existing-files in edit)
- Step 5 — Update upload-progress.js (new collectFileNames, pending-uploads guard)
- Step 6 — QA / integration testing
- Step 7 — Cleanup: remove transition flags, remove INPUT_ID_TO_TYPE
CSP & Deploy Fixes (May 2026)
- Track vendor JS files in jj (they were moved to vendor/ but never
jj file tracked) - Add
script-src 'self' 'unsafe-inline'to main CSP header (public pages use inline scripts + onclick handlers) - Add
storage/tmp/filepond/*to .gitignore + rsync exclude, with .gitkeep - Deploy:
just deployto sync vendor JS files + updated CSP + .gitkeep to server