From a031d72ca9c31a90cd36da19e10175ba0dec1e15 Mon Sep 17 00:00:00 2001
From: Raphael Michel <mail@raphaelmichel.de>
Date: Tue, 22 Jan 2019 18:06:56 +0100
Subject: [PATCH] Widget: Follow redirects

---
 src/pretix/presale/utils.py                   |  4 +-
 .../static/pretixpresale/js/widget/widget.js  | 45 ++++++++++++++-----
 2 files changed, 36 insertions(+), 13 deletions(-)

diff --git a/src/pretix/presale/utils.py b/src/pretix/presale/utils.py
index 930e13b095..66f9ea0aab 100644
--- a/src/pretix/presale/utils.py
+++ b/src/pretix/presale/utils.py
@@ -60,7 +60,9 @@ def _detect_event(request, require_live=True, require_plugin=None):
                 if request.port and request.port not in (80, 443):
                     domain = '%s:%d' % (domain, request.port)
                 path = request.get_full_path().split("/", 2)[-1]
-                return redirect(urljoin('%s://%s' % (request.scheme, domain), path))
+                r = redirect(urljoin('%s://%s' % (request.scheme, domain), path))
+                r['Access-Control-Allow-Origin'] = '*'
+                return r
 
         if hasattr(request, 'event'):
             # Restrict locales to the ones available for this event
diff --git a/src/pretix/static/pretixpresale/js/widget/widget.js b/src/pretix/static/pretixpresale/js/widget/widget.js
index 15d00873e8..1b553e349c 100644
--- a/src/pretix/static/pretixpresale/js/widget/widget.js
+++ b/src/pretix/static/pretixpresale/js/widget/widget.js
@@ -68,9 +68,9 @@ var api = {
         xhr.onload = function (e) {
             if (xhr.readyState === 4) {
                 if (xhr.status === 200) {
-                    callback(JSON.parse(xhr.responseText));
+                    callback(JSON.parse(xhr.responseText), xhr);
                 } else {
-                    console.error(xhr.statusText);
+                    err_callback(xhr, e);
                 }
             }
         };
@@ -103,12 +103,11 @@ var api = {
                 if (xhr.status === 200) {
                     callback(JSON.parse(xhr.responseText));
                 } else {
-                    console.error(xhr.statusText);
+                    err_callback(xhr, e);
                 }
             }
         };
         xhr.onerror = function (e) {
-            console.error(xhr.statusText);
             err_callback(xhr, e);
         };
         xhr.send(params);
@@ -393,7 +392,9 @@ Vue.component('category', {
 var shared_methods = {
     buy: function (event) {
         if (this.$root.useIframe) {
-            event.preventDefault();
+            if (event) {
+                event.preventDefault();
+            }
         } else {
             return;
         }
@@ -408,6 +409,13 @@ var shared_methods = {
         }
     },
     buy_error_callback: function (xhr, data) {
+        if (xhr.status === 405) {
+            // Likely a redirect!
+            this.$root.event_url = xhr.responseURL.substr(0, xhr.responseURL.indexOf("/cart/add") - 18);
+            this.$root.overlay.frame_loading = false;
+            this.buy();
+            return;
+        }
         this.$root.overlay.error_message = strings['cart_error'];
         this.$root.overlay.frame_loading = false;
     },
@@ -422,8 +430,10 @@ var shared_methods = {
     buy_callback: function (data) {
         if (data.redirect) {
             var iframe = this.$root.overlay.$children[0].$refs['frame-container'].children[0];
-            this.$root.cart_id = data.cart_id;
-            setCookie(this.$root.cookieName, data.cart_id, 30);
+            if (data.cart_id) {
+                this.$root.cart_id = data.cart_id;
+                setCookie(this.$root.cookieName, data.cart_id, 30);
+            }
             if (data.redirect.substr(0, 1) === '/') {
                 data.redirect = this.$root.event_url.replace(/^([^\/]+:\/\/[^\/]+)\/.*$/, "$1") + data.redirect;
             }
@@ -676,7 +686,16 @@ var shared_root_methods = {
             url += "&cart_id=" + cart_id;
         }
         var root = this.$root;
-        api._getJSON(url, function (data) {
+        api._getJSON(url, function (data, xhr) {
+            if (xhr.responseURL !== url) {
+                var new_url = xhr.responseURL.substr(0, xhr.responseURL.indexOf("/widget/product_list?") + 1);
+                if (root.subevent) {
+                    new_url = new_url.substr(0, new_url.lastIndexOf("/", new_url.length - 1) + 1);
+                }
+                root.event_url = new_url;
+                root.reload();
+                return;
+            }
             root.categories = data.items_by_category;
             root.currency = data.currency;
             root.display_net_prices = data.display_net_prices;
@@ -708,8 +727,9 @@ var shared_root_computed = {
     },
     voucherFormTarget: function () {
         var form_target = this.event_url + 'w/' + widget_id + '/redeem?iframe=1&locale=' + lang;
-        if (getCookie(this.cookieName)) {
-            form_target += "&take_cart_id=" + getCookie(this.cookieName);
+        var cookie = getCookie(this.cookieName);
+        if (cookie) {
+            form_target += "&take_cart_id=" + cookie;
         }
         if (this.subevent) {
             form_target += "&subevent=" + this.subevent;
@@ -722,8 +742,9 @@ var shared_root_computed = {
             checkout_url += "checkout/start";
         }
         var form_target = this.event_url + 'w/' + widget_id + '/cart/add?iframe=1&next=' + encodeURIComponent(checkout_url);
-        if (getCookie(this.cookieName)) {
-            form_target += "&take_cart_id=" + getCookie(this.cookieName);
+        var cookie = getCookie(this.cookieName);
+        if (cookie) {
+            form_target += "&take_cart_id=" + cookie;
         }
         return form_target
     },