HEX
Server: nginx
System: Linux pool195-106-36.bur.atomicsites.net 6.12.57+deb12-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.12.57-1~bpo12+1 (2025-11-17) x86_64
User: (0)
PHP: 8.3.32
Disabled: pcntl_fork
Upload Files
File: //wordpress/plugins/woocommerce-fraud-protection/0.1.5/assets/js/add-payment-method.js
/**
 * Add payment method fraud protection integration.
 *
 * Intercepts form submit (capture phase) via
 * wcFraudProtection.acquireSessionId(), injects the session ID as a
 * hidden field, then re-submits. Uses dispatchEvent to fire gateway
 * handlers, falling back to form.submit() for native POST when no
 * handler prevents default (simple gateways like Check Payments).
 * Capture phase + stopImmediatePropagation ensures this fires first and
 * prevents gateway handlers (e.g. Stripe tokenization) from starting
 * concurrent async work that would cause a double-POST.
 *
 * No reset needed — every outcome is a full page navigation.
 *
 * Depends on blackbox-init.js (wcFraudProtection) and jQuery.
 */
/* global jQuery */
( function ( $ ) {
	'use strict';

	const form = document.getElementById( 'add_payment_method' );
	if ( ! form ) {
		return;
	}

	// Capture phase: fires before all bubble-phase (jQuery) handlers.
	form.addEventListener(
		'submit',
		function ( e ) {
			const fraudProtection = window.wcFraudProtection;

			if ( ! fraudProtection || ! fraudProtection.acquireSessionId ) {
				return;
			}

			const sessionIdField = fraudProtection.config.sessionIdField;

			// Session ID already injected — let through (handles both
			// our re-submit and gateway re-triggers after tokenization).
			if ( document.getElementById( sessionIdField ) ) {
				return;
			}

			e.preventDefault();
			e.stopImmediatePropagation();

			fraudProtection.acquireSessionId().then( function ( sessionId ) {
				$( '<input>', {
					type: 'hidden',
					name: sessionIdField,
					id: sessionIdField,
					value: sessionId,
				} ).appendTo( form );

				// Re-fire submit so gateway handlers (Stripe, etc.) can
				// intercept. If no handler prevents, fall back to native POST.
				const submitEvent = new Event( 'submit', {
					bubbles: true,
					cancelable: true,
				} );
				if ( form.dispatchEvent( submitEvent ) ) {
					form.submit();
				}
			} );
		},
		true
	);
} )( jQuery );