search

iMi-digital / magento2-friendly-captcha

Magento 2 Module to add the Friendly Captcha service to certain forms.
Other
16 stars 13 forks source link

Issue with Heredoc Syntax in .phtml Files When HTML Minification is Enabled #46

Closed underser closed 4 days ago

underser commented 1 month ago

Description

Overview

The use of Heredoc syntax in the Magento 2 Friendly Captcha extension's .phtml files (introduced in version 3.x) is causing syntax errors when Magento's HTML minification setting is enabled. This issue affects environments where the Magento configuration under Stores -> Configuration -> Advanced -> Developer -> Template Settings -> Minify Html is set to Yes. When this setting is enabled, Magento minifies .phtml files, which leads to improperly processed Heredoc syntax causing ParseError: syntax error, unexpected token <<.

Affected Files

Expected Behavior

The .phtml template files should render without syntax errors, regardless of whether HTML minification is enabled or disabled in Magento's backend.

Actual Behavior

When HTML minification is enabled in production mode, the rendered .phtml files with Heredoc syntax cause a PHP parse error due to the compression of the file into a single line or other alterations that disrupt the proper end marking of the Heredoc block.

Steps to Reproduce

  1. Configure and Enable extension at Stores -> Configuration -> Security -> Friendly Captcha
  2. Set Magento to production mode.
  3. Enable HTML minification at Stores -> Configuration -> Advanced -> Developer -> Template Settings -> Minify Html or execute ./bin/magento config:set dev/template/minify_html 1 command.
  4. Clear cache.
  5. Navigate to a page where the Friendly Captcha is supposed to load. For example to Login page.
  6. Observe the system.log and page crash due to a syntax error.

Error from system.log

[2024-09-04T08:32:28.642497+00:00] main.CRITICAL: ParseError: syntax error, unexpected token "<<" in /Users/user/Sites/main/project/src/var/view_preprocessed/pub/static/vendor/imi/magento2-friendly-captcha/view/frontend/templates/imi_friendly_captcha.phtml:1

Minified content of var/view_preprocessed/pub/static/vendor/imi/magento2-friendly-captcha/view/frontend/templates/imi_friendly_captcha.phtml

<?php /** * Copyright © iMi digital GmbH, based on work by MageSpecialist * See LICENSE for license details. */ use Magento\Framework\View\Helper\SecureHtmlRenderer; /** @var $block IMI\FriendlyCaptcha\Block\Frontend\FriendlyCaptcha */ /** @var $escaper \Magento\Framework\Escaper */ /** @var $secureRenderer SecureHtmlRenderer */ $endpoint = $block->getPuzzleEndpoint(); $widgetId = $block->getWidgetId(); ?> <div id="<?= $widgetId ?>" class="frc-captcha" data-sitekey="<?= $block->getSiteKey() ?>" <?php if ($endpoint !== ''): ?>data-puzzle-endpoint="<?= $escaper->escapeUrl($endpoint) ?>"<?php endif; ?> data-lang="<?= $block->getLang() ?>" data-callback="captchaSolved_<?= $widgetId ?>" ></div><?php $scriptString = <<<SCRIPT 'use strict'; document.addEventListener('DOMContentLoaded', function () { function setButtonDisabled(disabled) { const button = Array.from(document.getElementById('{$widgetId}').closest('form').elements).find(el => el.type === 'submit'); if (!button) { return; } button.disabled = disabled; } setButtonDisabled(true); window.captchaSolved_{$widgetId} = function () { setButtonDisabled(false); } }); SCRIPT ?> <?= /** noEscape */ $secureRenderer->renderTag('script', [], $scriptString, false) ?>
amenk commented 1 month ago

Thanks @underser for the elaborate and clear report. That is interesting, I did not know that this causes issues.

Can you make a pull request with a fix?

amenk commented 4 days ago

Thanks a lot!