v1 port for "Fix E_NOTICE when requesting invalid script" (#450)

* Fix E_NOTICE when requesting invalid script (#449)

It is possible to trigger an exception by requesting an invalid script path.

The following URL path leads to XSS on the exception page,
showing two nice popups:

  http://myapp/_ignition/scripts/--><svg onload=alert(1337)>

The exception is:

  ErrorException
  Undefined index: --><svg onload=alert(1337)>

  Illuminate\Foundation\Bootstrap\HandleExceptions::handleError
  vendor/facade/ignition/src/Http/Controllers/ScriptController.php:14

This happens with facade/ignition 1.18.0 (the last with laravel 6 support)
and should be fixed there.
The error probably also occurs in all later versions.

* Fix styling

Co-authored-by: freekmurze <[email protected]>

src/Http/Controllers/ScriptController.php

@@ -9,6 +9,10 @@ class ScriptController
 {
     public function __invoke(Request $request)
     {
+        if (! isset(Ignition::scripts()[$request->script])) {
+            abort(404, 'Script not found');
+        }
+
         return response(
             file_get_contents(
                 Ignition::scripts()[$request->script]