Merge dev to main: Security improvements and comprehensive test infrastructure #39

Merged
jimmy merged 195 commits from dev into main 2026-04-08 01:42:27 +08:00
2 changed files with 7 additions and 13 deletions
Showing only changes of commit d50d6a1b71 - Show all commits
+6 -8
View File
@@ -121,14 +121,12 @@
// Proxy auth not available, fall through to regular auth
}
// Regular token auth check
if (!getToken()) {
const refreshed = await tryRefreshSession();
if (!refreshed) {
loading = false;
authorized = false;
return;
}
// Regular token auth check — always try refresh to get fresh cookies
const refreshed = await tryRefreshSession();
if (!refreshed && !getToken()) {
loading = false;
authorized = false;
return;
}
try {
@@ -266,18 +266,14 @@
}
async function connect(forceRefresh = false) {
// Always refresh token before first connection to ensure fresh cookies
let d = tabData.get(tabId);
const isFirstConnect = !d?.hasConnectedOnce;
if (forceRefresh || isFirstConnect) {
if (forceRefresh) {
const refreshed = await tryRefreshSession();
if (!refreshed) {
handleAuthExpired();
return null;
}
// Mark that we've connected once with fresh token
if (d) d.hasConnectedOnce = true;
}
const ws = new WebSocket(