/**
* This is the default handler for the Q/responseExtras event.
* It should not be invoked during AJAX requests, and especially
* not during JSONP requests. It will output things like the nonce,
* which prevents CSRF attacks, but is only supposed to be printed
* on our webpages and not also given to anyone who does a JSONP request.
*/
function Q_before_Q_responseExtras()
{
$app = Q_Config::expect('Q', 'app');
$uri = Q_Dispatcher::uri();
$url = Q_Request::url(true);
$base_url = Q_Request::baseUrl();
$ajax = Q_Request::isAjax();
if (!$uri) {
return;
}
$info = array('url' => $url, 'uriString' => (string) $uri);
if ($uri) {
$info['uri'] = $uri->toArray();
}
if (!$ajax) {
$info = array_merge(array('app' => Q_Config::expect('Q', 'app')), $info, array('proxies' => Q_Config::get('Q', 'proxies', array()), 'baseUrl' => $base_url, 'proxyBaseUrl' => Q_Uri::url($base_url), 'proxyUrl' => Q_Uri::url($url), 'sessionName' => Q_Session::name(), 'socketUrl' => Q_Utils::socketUrl(), 'slotNames' => Q_Config::get("Q", "response", "slotNames", array('content', 'dashboard', 'title', 'notices'))));
}
foreach ($info as $k => $v) {
Q_Response::setScriptData("Q.info.{$k}", $v);
}
if (!$ajax) {
$uris = Q_Config::get('Q', 'javascript', 'uris', array());
$urls = array();
foreach ($uris as $u) {
$urls["{$u}"] = Q_Uri::url("{$u}");
}
Q_Response::setScriptData('Q.urls', $urls);
}
// Export more variables to inline js
$nonce = isset($_SESSION['Q']['nonce']) ? $_SESSION['Q']['nonce'] : null;
if ($nonce) {
Q_Response::setScriptData('Q.nonce', $nonce);
}
// Attach stylesheets and scripts
foreach (Q_Config::get('Q', 'javascript', 'responseExtras', array()) as $src => $b) {
if (!$b) {
continue;
}
Q_Response::addScript($src);
}
foreach (Q_Config::get('Q', 'stylesheets', 'responseExtras', array()) as $src => $media) {
if (!$media) {
continue;
}
if ($media === true) {
$media = 'screen, print';
}
Q_Response::addStylesheet($src, null, $media);
}
}