diff --git a/CHANGELOG-DEV.md b/CHANGELOG-DEV.md index fa4fb7d..0cbd677 100644 --- a/CHANGELOG-DEV.md +++ b/CHANGELOG-DEV.md @@ -1,3 +1,17 @@ +# [1.11.0-dev.4](https://github.com/codebridger/subturtle-extension-apps/compare/v1.11.0-dev.3...v1.11.0-dev.4) (2026-05-06) + + +### Bug Fixes + +* [#86](https://github.com/codebridger/subturtle-extension-apps/issues/86)exgqfpu skip token writes to host LS on dashboard origins ([838451e](https://github.com/codebridger/subturtle-extension-apps/commit/838451e9ad10d3a3755691b4ca586a0d3815a008)), closes [#86exgqfpu](https://github.com/codebridger/subturtle-extension-apps/issues/86exgqfpu) + +# [1.11.0-dev.3](https://github.com/codebridger/subturtle-extension-apps/compare/v1.11.0-dev.2...v1.11.0-dev.3) (2026-05-04) + + +### Bug Fixes + +* persist anonymous tokens and stop logout-cascade on anon sessions ([825db93](https://github.com/codebridger/subturtle-extension-apps/commit/825db93ddf441d9c1791ae45016d85e98360e856)) + # [1.11.0-dev.2](https://github.com/codebridger/subturtle-extension-apps/compare/v1.11.0-dev.1...v1.11.0-dev.2) (2026-05-03) diff --git a/package.json b/package.json index 7b1736c..a5c0a4d 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "subturtle-extension", - "version": "1.11.0", + "version": "1.11.0-dev.4", "private": true, "scripts": { "dev": "webpack --watch", @@ -60,4 +60,4 @@ "vue": "3.5.17", "vue-router": "4.5.1" } -} +} \ No newline at end of file diff --git a/src/plugins/modular-rest.ts b/src/plugins/modular-rest.ts index 299acf7..acdb4e0 100644 --- a/src/plugins/modular-rest.ts +++ b/src/plugins/modular-rest.ts @@ -1,3 +1,43 @@ +// IMPORTANT: must precede any import that may touch localStorage at module load. +// Content scripts run in an "isolated world" that shares localStorage with the +// host page. The dashboard at *.subturtle.app and localhost:3000 (dev) uses +// `token` as its own localStorage key for the user's session — when the +// extension's modular-rest client (or our explicit cache write below) writes +// the extension's anonymous token there, it clobbers the dashboard user's +// session and bounces them to /auth/login on the next reload or new tab. +// +// Block 'token' writes/removes from the content-script side on those origins. +// The extension already persists tokens to chrome.storage.sync via the +// background script, so losing the per-page localStorage cache only costs +// one extra /user/loginAnonymous call per content-script mount on dashboard +// origins — it does NOT break extension auth. +function isDashboardOrigin(): boolean { + if (typeof window === "undefined") return false; + const host = window.location.hostname; + const port = window.location.port; + return ( + (host === "localhost" && port === "3000") || + host === "subturtle.app" || + host === "www.subturtle.app" || + host === "dashboard.subturtle.app" || + host === "www.dashboard.subturtle.app" + ); +} + +if (typeof Storage !== "undefined" && isDashboardOrigin()) { + const origSet = Storage.prototype.setItem; + const origRm = Storage.prototype.removeItem; + Storage.prototype.setItem = function (k: string, v: string) { + // Only suppress writes to localStorage on the dashboard, never sessionStorage. + if (this === window.localStorage && k === "token") return; + return origSet.call(this, k, v); + }; + Storage.prototype.removeItem = function (k: string) { + if (this === window.localStorage && k === "token") return; + return origRm.call(this, k); + }; +} + import { GlobalOptions, authentication } from "@modular-rest/client"; import { sendMessage, sendMessageToTabs } from "../common/helper/massage"; diff --git a/static/manifest.json b/static/manifest.json index 5753ba9..5edfa0d 100644 --- a/static/manifest.json +++ b/static/manifest.json @@ -1,7 +1,7 @@ { "name": "Subturtle", "description": "Turn video subtitles into English lessons. Learn new vocabulary in context as you watch on YouTube and Netflix.", - "version": "1.11.0", + "version": "1.11.0.4", "manifest_version": 3, "icons": { "128": "/assets/logo-128.png", @@ -79,5 +79,6 @@ "" ] } - ] -} + ], + "version_name": "1.11.0-dev.4" +} \ No newline at end of file