Compatibility for Ajax forms

src/Controllers/HiddenCaptchaController.php

@@ -20,9 +20,12 @@ public function getToken(Request $request)
             abort(503);
         }
 
-        if (hash('sha256', $name.csrf_token().'hiddencaptcha') !== $signature) {
+        $mix = mix('captcha.min.js', '/assets/vendor/hidden-captcha');
+
+        if (hash('sha256', $name.csrf_token().$mix.'hiddencaptcha') !== $signature) {
             abort(503);
         }
+
         // Generate the token
         $token = [
             'timestamp'         => $ts,

src/public/assets/vendor/hidden-captcha/mix-manifest.json

@@ -1,3 +1,3 @@
 {
-    "/captcha.min.js": "/captcha.min.js?id=298e069444a012efdc13"
+    "/captcha.min.js": "/captcha.min.js?id=a6d0f6d9d5c794f7430d"
 }

src/resources/js/captcha.js

@@ -1,17 +1,22 @@
-document.addEventListener('DOMContentLoaded', function () {
+window.hiddenCaptcha = function () {
     let captchas = document.querySelectorAll('input[name="_captcha"');
 
-    captchas.forEach(function (captcha) {
+    for (let i = 0; i < captchas.length; i++) {
+        let captcha = captchas[i];
+        if (captcha.getAttribute('value') !== null) {
+            continue;
+        }
+
         let csrf = captcha.getAttribute('data-csrf');
         let random = captcha.nextElementSibling.getAttribute('name');
+        let src = document.getElementById('captcha-script').getAttribute('src');
 
-        sha256(random+csrf+'hiddencaptcha').then(function (hash) {
+        sha256(random + csrf + src + 'hiddencaptcha').then(function (hash) {
             var xhr = new XMLHttpRequest();
             xhr.open('POST', "/captcha-token");
             xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
             xhr.setRequestHeader("X-CSRF-TOKEN", csrf);
             xhr.setRequestHeader("X-SIGNATURE", hash);
-
             xhr.onreadystatechange = function () {
                 if (xhr.readyState === 4 && xhr.status === 200) {
                     let json = JSON.parse(xhr.responseText);
@@ -20,11 +25,26 @@ document.addEventListener('DOMContentLoaded', function () {
                 }
             };
 
-            xhr.send('name='+random);
+            xhr.send('name=' + random);
         })
+    }
+}
+
+// Fix for MS Edge
+if (typeof TextEncoder === 'undefined') {
+    var TextEncoder = function TextEncoder()
+    {}
 
-    });
-});
+    TextEncoder.prototype.encode = function (s) {
+        const e = new Uint8Array(s.length);
+
+        for (let i = 0; i < s.length; i += 1) {
+            e[i] = s.charCodeAt(i);
+        }
+
+        return e;
+    }
+}
 
 async function sha256(message)
 {
@@ -33,4 +53,6 @@ async function sha256(message)
     const hashArray = Array.from(new Uint8Array(hashBuffer));
     const hashHex = hashArray.map(b => ('00' + b.toString(16)).slice(-2)).join('');
     return hashHex;
-}
+}
+
+window.hiddenCaptcha();

src/views/captcha.blade.php

@@ -1,5 +1,13 @@
 <input type="hidden" name="_captcha" data-csrf="{{ csrf_token() }}" /><input type="hidden" name="{{ $random }}" />
 @if(!defined('LOAD_HIDDEN_CAPTCHA'))
-    <script src="{{ mix('captcha.min.js', '/assets/vendor/hidden-captcha') }}"></script>
+    <script>
+        if(document.getElementById('captcha-script') === null) {
+            var s = document.createElement('script');
+            s.id = "captcha-script";
+            s.src = "{{ mix('captcha.min.js', '/assets/vendor/hidden-captcha') }}";
+            document.head.appendChild(s);
+        }
+    </script>
     @php(define('LOAD_HIDDEN_CAPTCHA', true))
 @endif
+<script>if(typeof hiddenCaptcha !== 'undefined') { hiddenCaptcha() }</script>

tests/CaptchaTest.php

@@ -26,8 +26,10 @@ public function testHiddenCaptcha()
         $csrf = $m[1];
         $random = $m[2];
 
+        $mix = mix('captcha.min.js', '/assets/vendor/hidden-captcha');
+
         $response = $this->post('/captcha-token', ['name' => $random], [
-                'X-SIGNATURE' => hash('sha256', $random.$csrf.'hiddencaptcha'),
+                'X-SIGNATURE' => hash('sha256', $random.$csrf.$mix.'hiddencaptcha'),
         ])->content();
 
         $json = json_decode($response);

tests/TestCase.php

@@ -27,7 +27,7 @@ protected function getPackageProviders($app)
     protected function getPackageAliases($app)
     {
         return [
-            'HiddenCaptcha' => \SebastienHeyd\HiddenCaptcha\Facade::class,
+            'HiddenCaptcha' => \SebastienHeyd\HiddenCaptcha\Facades\HiddenCaptcha::class,
         ];
     }
 }