@if($form->font_family) {{-- Tenant-selected font: if Inter, served from the self-hosted local copy (no CDN). Other font names fall back to the system sans-serif stack — buyers wanting custom fonts can self-host the woff2 files under public/vendor/fonts/ and extend this template. Removed the Google Fonts CDN load for CodeCanyon compliance. --}} @if($form->font_family === 'Inter') @endif @endif @if($form->recaptcha_enabled && $form->recaptcha_site_key) {{-- Google reCAPTCHA — REQUIRED to load from www.google.com per Google's reCAPTCHA integration spec. Self-hosting is not possible: the CAPTCHA solver communicates with Google's backend to validate the user-token round-trip. Only loads when the tenant has enabled reCAPTCHA on this form. --}} @endif {{-- H23: pinned Alpine version + SHA-384 SRI hash + explicit https:. Without integrity= a CDN compromise of an external host would let an attacker inject script into every embedded form on every CodeCanyon-buyer install at once. Schema-relative `//external CDN` also defaults to http when the embedding page is plain http. If a buyer self-hosts the assets, swap this to a Vite-bundled {{ Vite::asset('resources/js/app.js') }} reference and remove the SRI requirement. --}} {{-- AlpineJS is shipped locally under public/vendor/ so this view never requests assets from a third-party CDN at runtime. The file is vendored from alpinejs@3.14.1 dist/cdn.min.js. --}} @php // CSS-context defense: // font-family: tenant TextInput → validate against allowlist. // background-color: tenant ColorPicker → ColorSafety::safeHex. // background-image url: tenant TextInput → cssSafeUrl (URL // validation + reject if any CSS-special chars present). // Blade {{ }} HTML-escapes but does NOT protect CSS context // because the browser HTML-decodes the attribute value BEFORE // the CSS parser runs. $allowedFonts = ['System', 'Inter', 'Roboto', 'Open Sans', 'Lato', 'Poppins', 'Montserrat', 'Nunito']; $safeFontFamily = in_array($form->font_family, $allowedFonts, true) ? $form->font_family : null; $safeFormBgColor = \App\Support\ColorSafety::safeHex($form->background_color, '#f3f4f6'); $safeFormBgUrl = \App\Support\UrlSafety::cssSafeUrl($form->background_image_url); @endphp {{-- Note: the inline