sneak/neoirc
1
0
Fork 0
Code Issues 3 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: sneak:feat/add-csp-headers
Branches Tags
sneak:main sneak:feature/87-tier3-utility-commands sneak:feat/chi-v5-migration sneak:feat/add-csp-headers sneak:fix/irc-numeric-replies sneak:feature/irc-ui-overhaul sneak:fix/29-split-dockerfile sneak:feature/mvp-1.0 sneak:fix/dockerfile-golangci-lint-v2-module-path sneak:fix/golangci-lint-sha-13 sneak:ci/make-check sneak:fix/main-lint-issues sneak:feature/web-client sneak:feature/database-schema sneak:fix/review-feedback sneak:fix/agents-md-workflow
..
compare: sneak:db9031448b5e6978ebdce739e89ca09547007972
Branches Tags
sneak:feature/87-tier3-utility-commands sneak:main sneak:feat/chi-v5-migration sneak:feat/add-csp-headers sneak:fix/irc-numeric-replies sneak:feature/irc-ui-overhaul sneak:fix/29-split-dockerfile sneak:feature/mvp-1.0 sneak:fix/dockerfile-golangci-lint-v2-module-path sneak:fix/golangci-lint-sha-13 sneak:ci/make-check sneak:fix/main-lint-issues sneak:feature/web-client sneak:feature/database-schema sneak:fix/review-feedback sneak:fix/agents-md-workflow

7 Commits
feat/add-c ... db9031448b

Author SHA1 Message Date
Jeffrey Paul
db9031448b Merge branch 'main' into fix/spa-reconnect-channel-tabs
All checks were successful
check / check (push) Successful in 1m3s
Details
2026-03-10 11:06:45 +01:00
clawbot
aa746177e5 fix: decouple lint stage from web-builder in Dockerfile
All checks were successful
check / check (push) Successful in 5s
Details 
Remove COPY --from=web-builder from the lint stage so it can run
independently and fail fast. Create placeholder files for the
go:embed directive instead. The build stage still uses the real
SPA assets from web-builder.

Update README to reflect that lint no longer depends on web-builder.
 2026-03-10 02:45:27 -07:00
user
91da9eb8c7 docs: update README project structure and Dockerfile description
All checks were successful
check / check (push) Successful in 4s
Details 
- Remove web/dist/ individual files from project structure (now generated
  at Docker build time, not committed)
- Add web/src/, build.sh, package.json, package-lock.json to structure
- Update Dockerfile description from two-stage to four-stage build
  (web-builder, lint, builder, final)
- Remove outdated example Dockerfile snippet
 2026-03-09 17:35:19 -07:00
user
4b2888cb90 fix: remove build artifacts from repo, build SPA in Docker
All checks were successful
check / check (push) Successful in 4s
Details 
- Remove web/dist/ from git tracking (build output)
- Add web/dist/ to .gitignore
- Add Node.js web-builder stage to Dockerfile to compile SPA at build time
- Update REPO_POLICIES.md from upstream sneak/prompts (build artifacts policy)
 2026-03-09 17:25:49 -07:00
clawbot
78d657111b Rename replay → initChannelState
All checks were successful
check / check (push) Successful in 2m20s
Details 
Rename the query parameter, function, and all related comments
from 'replay' to 'initChannelState' to better reflect the
semantics: the server initializes channel state for the
reconnecting client rather than replaying past events.
 2026-03-09 17:00:56 -07:00
user
096fb2b207 docs: document ?replay=1 query parameter for GET /state 2026-03-09 17:00:56 -07:00
user
737686006e fix: replay channel state on SPA reconnect 
When a client reconnects to an existing session (e.g. browser tab
closed and reopened), the server now enqueues synthetic JOIN messages
plus TOPIC/NAMES numerics for every channel the session belongs to.
These are delivered only to the reconnecting client, not broadcast
to other users.

Server changes:
- Add replayChannelState() to handlers that enqueues per-channel
  JOIN + join-numerics (332/353/366) to a specific client.
- HandleState accepts ?replay=1 query parameter to trigger replay.
- HandleLogin (password auth) also replays channel state for the
  new client since it creates a fresh client for an existing session.

SPA changes:
- On resume, call /state?replay=1 instead of /state so the server
  enqueues channel state into the message queue.
- processMessage now creates channel tabs when receiving a JOIN
  where msg.from matches the current nick (handles both live joins
  and replayed joins on reconnect).
- onLogin no longer re-sends JOIN commands for saved channels on
  resume — the server handles it via the replay mechanism, avoiding
  spurious JOIN broadcasts to other channel members.

Closes #60
 2026-03-09 17:00:56 -07:00
1 changed files with 0 additions and 10 deletions
Expand all files Collapse all files

10
internal/server/routes.go
View File

@@ -16,11 +16,6 @@ import (
const routeTimeout = 60 * time.Second const routeTimeout = 60 * time.Second
// cspHeader is the Content-Security-Policy applied to the embedded web SPA.
// The SPA loads external scripts and stylesheets from the same origin only;
// all API communication uses same-origin fetch (no WebSockets).
const cspHeader = "default-src 'self'; script-src 'self'; style-src 'self'"
// SetupRoutes configures the HTTP routes and middleware. // SetupRoutes configures the HTTP routes and middleware.
func (srv *Server) SetupRoutes() { func (srv *Server) SetupRoutes() {
srv.router = chi.NewRouter() srv.router = chi.NewRouter()
@@ -138,11 +133,6 @@ func (srv *Server) setupSPA() {
writer http.ResponseWriter, writer http.ResponseWriter,
request *http.Request, request *http.Request,
) { ) {
writer.Header().Set(
"Content-Security-Policy",
cspHeader,
)
readFS, ok := distFS.(fs.ReadFileFS) readFS, ok := distFS.(fs.ReadFileFS)
if !ok { if !ok {
fileServer.ServeHTTP(writer, request) fileServer.ServeHTTP(writer, request)