* Revert "revert: replace axios with fetch"
This reverts commit 418287f1e8.
* fix: always include credentials
Since www.freecodecamp.org and api.freecodecamp.org are different
origins we have to tell fetch to 'include' the credentials.
* fix: display legacy certs like the current ones
* fix: link projects in legacy certs to project pages
* fix: update tests to changed legacy cert display
* fix: update tests for removed legacy certs forms
* fix: display legacy certs like the current ones
* fix: submit projects for cert on projects pages
* fix: remove legacy certs form submitting handling
* fix: move claiming cert setup before both tests
* fix: remove legacy cert update props and actions
* fix: remove legacy cert updates from api
* fix: correct merge conflict
* feat(client?): remove whitespace for calculated values
* feat(client): remove whitespace from styledeclaration
* do not automatically strip
Co-authored-by: Oliver Eyton-Williams <ojeytonwilliams@gmail.com>
* fix: include all properties of CSSStyleDeclaration
* fix test for getPropVal
Co-authored-by: Oliver Eyton-Williams <ojeytonwilliams@gmail.com>
* fix(curriculum): use mediaText in CSSHelp
prevent selection of style elements with class or media attributes
this should avoid picking up some browser extensions
* fix: restrict removeJSComments to test-evaluator
To prevent @babel from being included everywhere, this only calls
removeJSComments inside the test-evaluator
* test: add removeJSComments test
* Removes comments in js challanges by default
* fix local-scope-and-functions test regex
* fix all languages
* revert language changes
* removed unnecessary removeJSComments from challenges
* fix challanges in other languages
* removed removeJSComments from all challanges
* fix catastrophic backtracking when removing HTML comments
The regexp `/<!--(.|\s)*?-->/g` can experience catastrophic backtracking while matching a string like `<!-- -- >` (notice how it does not end with `-->`).
[You can see the catastrophic backtracking in action here](https://regex101.com/r/2jvwFi/1/debugger).
This is because both `.` and `\s` matches the space character, and there are therefore a large number of possible ways for `(.|\s)*` to match a long sequence of spaces.
The regexp evaluator is greedy, and the problem therefore only exists when the string does not match the regexp.
The fix is simply to remove the ambiguity such that there is only one possible way for the regexp to match a sequence of white-space.
* Update client/src/utils/curriculum-helpers.js
Co-authored-by: Oliver Eyton-Williams <ojeytonwilliams@gmail.com>
Co-authored-by: Oliver Eyton-Williams <ojeytonwilliams@gmail.com>
* fix: fetch csrf cookie and set headers lazily
* fix: check cookie each call to keep it up to date
Previously the cookie was checked once and never updated until the
client was reloaded. Stale or absent cookies would generate incorrect
tokens or no tokens, respectively, causing CSRF errors.
