thibaut-decherit

Symfony - MailerService

Dependencies:

• Mailer events (Symfony)

app/config/services.yml

parameters:
  app.website_name: '%env(WEBSITE_NAME)%'
  app.website_url: '%env(WEBSITE_URL)%'

thibaut-decherit

URL version (GET)

config/packages/security.yaml

security:
  firewalls:
    main:
      logout:
        path: logout
        csrf_parameter: token
 csrf_token_generator: security.csrf.token_manager

thibaut-decherit

Form Button

Useful to send data to the server without relying on the user clicking on a link, which would send a GET request, which should not be used for destructive operations (operations with database writing).

For reference, see https://softwareengineering.stackexchange.com/questions/188860/why-shouldnt-a-get-request-change-data-on-the-server and https://stackoverflow.com/questions/46585/when-do-you-use-post-and-when-do-you-use-get

You could use it for a like button, a confirm button, a delete button...

Button with data passed

You need to activate an account. You send a link containing an activation token to the user. You could stop there and just activate the account once a GET request is sent to this url.

thibaut-decherit

Symfony - NPM, Webpack Encore and SASS Install (for Bootstrap 4)

If new computer start with these two:

$ curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash

$ sudo apt-get install -y nodejs

Then:

See:

thibaut-decherit

Symfony - Password Strength Meter (zxcvbn-HIBP powered)

The following code will create and update on user input a password strength meter relying on data provided by the zxcvbn estimator from Dropbox and the HaveIBeenPwned API (if reachable).

Dependencies

• crypto-js (or any other JS library providing SHA-1 hashing, as it is required for HIBP API consuming)
• zxcvbn
• babel-polyfill (required to use async/await)

thibaut-decherit

jQuery - Click outside of element listener

Can be used to close an element previously opened by the user (e.g. a menu, a collapse...)

example.js:

$('#my-element').click(function () {
    if (!$(this).hasClass('open')) {
        openElement();
    } else {

thibaut-decherit

jQuery - Submit and button spamming prevention + Bootstrap spinner

Supports any <form> with disable-on-submit class AND including a <button> with type="submit". Also supports any standalone <button> with disable-on-click class.

Supports replacement of Font Awesome icons: On submit/click, if button has a Font Awesome icon it will be replaced by the Bootstrap spinner.

Note: You can use it on <input type="submit"> instead of <button> but only for spamming prevention, Bootstrap spinner will not be displayed.

assets/js/components/submit-and-button-spamming-prevention.js

thibaut-decherit

Features

• Event listener triggered on each response through onKernelResponse() method
• Adds custom headers to the response
• Support for "static" headers specified in config/response_header_setter/response_headers.yaml
  • Currently includes security / privacy related headers:
    • Cross-Origin-Opener-Policy
    • Cross-Origin-Resource-Policy
    • Referrer-Policy
• Strict-Transport-Security (remember to register the domain on https://hstspreload.org/ or preload will not work)

thibaut-decherit

Symfony - Twig to JavaScript Data Passing

See https://symfony.com/doc/current/frontend/encore/server-data.html for context.

Requirements

Twig filter to merge arrays with array_merge_recursive() instead of array_merge(). Required to prevent Twig merge filter from overwritting twig_to_js_global_data string keys if extra_data has identical keys (e.g. both have a translations key).

Basic setup

Add this to your _base.html.twig, probably just before {% block javascripts %}

thibaut-decherit

Symfony - Head and Page Title Generation

app/config/config.yml:

parameters:
  website_name: Website name here
twig:
  globals:
    website_name: '%website_name%'