Output buffering for static JS

Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com>

2 files changed, 20 insertions, 1 deletions

diff --git a/js/get_scripts.js.php b/js/get_scripts.js.php
index fdeddf4c3b..742213e0f1 100644
--- a/js/get_scripts.js.php
+++ b/js/get_scripts.js.php
@@ -17,6 +17,23 @@ header('Content-Type: text/javascript; charset=UTF-8');
 // Enable browser cache for 1 hour
 header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 3600) . ' GMT');
 
+// When a token is not presented, even though whitelisted arrays are removed
+// in PMA_removeRequestVars(). This is a workaround for that.
+$_GET['scripts'] = json_encode($_GET['scripts']);
+
+// Avoid loading the full common.inc.php because this would add many
+// non-js-compatible stuff like DOCTYPE
+define('PMA_MINIMUM_COMMON', true);
+require_once './libraries/common.inc.php';
+
+include_once './libraries/OutputBuffering.class.php';
+$buffer = PMA_OutputBuffering::getInstance();
+$buffer->start();
+register_shutdown_function(function() {
+    echo PMA_OutputBuffering::getInstance()->getContents();
+});
+
+$_GET['scripts'] = json_decode($_GET['scripts']);
 if (! empty($_GET['scripts']) && is_array($_GET['scripts'])) {
     foreach ($_GET['scripts'] as $script) {
         // Sanitise filename
diff --git a/libraries/common.inc.php b/libraries/common.inc.php
index e859199ca0..ac243980fd 100644
--- a/libraries/common.inc.php
+++ b/libraries/common.inc.php
@@ -495,7 +495,9 @@ if ($token_mismatch) {
         /* Permit redirection with token-mismatch in url.php */
         'url',
         /* Permit session expiry flag */
-        'session_expired'
+        'session_expired',
+        /* JS loading */
+        'scripts', 'call_done'
     );
     /**
      * Allow changing themes in test/theme.php