@agent-native/core 0.22.33 → 0.22.35

package/dist/server/ssr-handler.js.map

@@ -1 +1 @@
-{"version":3,"file":"ssr-handler.js","sourceRoot":"","sources":["../../src/server/ssr-handler.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AACH,OAAO,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,kBAAkB,EAAgB,MAAM,IAAI,CAAC;AACtD,OAAO,EAAE,2BAA2B,EAAE,MAAM,oBAAoB,CAAC;AACjE,OAAO,EAAE,yBAAyB,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAC/E,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,yBAAyB,EAAE,MAAM,oBAAoB,CAAC;AAC/D,OAAO,EACL,oBAAoB,EACpB,uBAAuB,GACxB,MAAM,yBAAyB,CAAC;AAEjC,MAAM,CAAC,MAAM,yBAAyB,GACpC,uEAAuE,CAAC;AAC1E,MAAM,CAAC,MAAM,+BAA+B,GAC1C,wEAAwE,CAAC;AAC3E,MAAM,8BAA8B,GAAG,IAAI,GAAG,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC;AACpE,MAAM,6BAA6B,GAAG,2BAA2B,CAAC;AAElE;;;GAGG;AACH,KAAK,UAAU,iBAAiB,CAAC,KAAc;IAC7C,IAAI,CAAC;QACH,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,MAAM,CAAC,mBAAmB,CAAC,CAAC;QAC5D,MAAM,GAAG,GAAG,MAAM,aAAa,CAAC,KAAK,CAAC,CAAC;QACvC,OAAO,GAAG,EAAE,KAAK,IAAI,SAAS,CAAC;IACjC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAAC,KAAyB;IACrD,IAAI,CAAC,KAAK,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,EAAE,CAAC;IACvC,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC7B,IAAI,CAAC,OAAO,IAAI,OAAO,KAAK,GAAG;QAAE,OAAO,EAAE,CAAC;IAC3C,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,CAAC;AAC/D,CAAC;AAED,SAAS,cAAc;IACrB,MAAM,OAAO,GACX,MAAM,CAAC,IAGR,CAAC,GAAG,CAAC;IACN,OAAO,oBAAoB,CACzB,OAAO,CAAC,GAAG,CAAC,kBAAkB;QAC5B,OAAO,CAAC,GAAG,CAAC,aAAa;QACzB,OAAO,EAAE,kBAAkB;QAC3B,OAAO,EAAE,aAAa;QACtB,OAAO,EAAE,QAAQ,CACpB,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAgB;IACxC,MAAM,QAAQ,GAAG,cAAc,EAAE,CAAC;IAClC,OAAO,aAAa,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,aAAa,CAAC,QAAgB,EAAE,QAAgB;IACvD,IAAI,CAAC,QAAQ;QAAE,OAAO,QAAQ,CAAC;IAC/B,IAAI,QAAQ,KAAK,QAAQ;QAAE,OAAO,GAAG,CAAC;IACtC,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,QAAQ,GAAG,CAAC,EAAE,CAAC;QACxC,OAAO,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC;IAChD,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,mBAAmB,CAC1B,OAAgB,EAChB,QAAgB,EAChB,QAAgB;IAEhB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,OAAO,GAAG,KAAK,CAAC;IACpB,IAAI,QAAQ,IAAI,QAAQ,KAAK,aAAa,EAAE,CAAC;QAC3C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAC5C,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,aAAa,GAAG,KAAK;iBACxB,KAAK,CAAC,GAAG,CAAC;iBACV,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;iBAC5C,IAAI,CAAC,GAAG,CAAC,CAAC;YACb,IAAI,aAAa,KAAK,KAAK,EAAE,CAAC;gBAC5B,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;gBAC7C,OAAO,GAAG,IAAI,CAAC;YACjB,CAAC;QACH,CAAC;IACH,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC9B,GAAG,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACxB,OAAO,GAAG,IAAI,CAAC;IACjB,CAAC;IACD,IAAI,CAAC,OAAO;QAAE,OAAO,OAAO,CAAC;IAC7B,MAAM,IAAI,GAAsC;QAC9C,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,MAAM,EAAE,OAAO,CAAC,MAAM;KACvB,CAAC;IACF,IAAI,OAAO,CAAC,IAAI,IAAI,CAAC,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QAC5E,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QACzB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IACD,OAAO,IAAI,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAY,EAAE,QAAgB;IACvD,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IAC7E,IAAI,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,QAAQ,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACtE,OAAO,GAAG,QAAQ,GAAG,IAAI,EAAE,CAAC;AAC9B,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAY,EAAE,QAAgB;IACvD,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAC3B,OAAO,IAAI;SACR,OAAO,CACN,iEAAiE,EACjE,CAAC,MAAM,EAAE,IAAY,EAAE,KAAa,EAAE,IAAY,EAAE,EAAE,CACpD,GAAG,IAAI,IAAI,KAAK,GAAG,iBAAiB,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,KAAK,EAAE,CACjE;SACA,OAAO,CAAC,qCAAqC,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtE,MAAM,CAAC,GAAG,KAAK,IAAI,EAAE,CAAC;QACtB,OAAO,OAAO,CAAC,GAAG,iBAAiB,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC;IAC7D,CAAC,CAAC,CAAC;AACP,CAAC;AAED,SAAS,gBAAgB,CAAC,IAAY,EAAE,MAAqB;IAC3D,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAC7C,IAAI,YAAY,KAAK,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IACrC,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,GAAG,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,oBAAoB,CAAC,KAAc;IAC1C,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC;IAClC,OAAO,OAAO,CACZ,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;QAC5B,6BAA6B,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACpD,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,CAAC;QACnD,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC;QACtC,yBAAyB,CAAC,KAAK,CAAC,CACjC,CAAC;AACJ,CAAC;AAED,SAAS,6BAA6B,CAAC,YAA2B;IAChE,IAAI,CAAC,YAAY;QAAE,OAAO,KAAK,CAAC;IAChC,OAAO,YAAY;SAChB,KAAK,CAAC,GAAG,CAAC;SACV,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC;SACvD,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;SAC/C,IAAI,CAAC,yBAAyB,CAAC,CAAC;AACrC,CAAC;AAED,SAAS,yBAAyB,CAAC,IAAY;IAC7C,IAAI,8BAA8B,CAAC,GAAG,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAC3D,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,qBAAqB,EAAE,EAAE,CAAC,CAAC;IACzD,OAAO,CACL,QAAQ,KAAK,WAAW;QACxB,QAAQ,KAAK,oBAAoB;QACjC,QAAQ,KAAK,YAAY;QACzB,QAAQ,KAAK,sBAAsB;QACnC,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC;QAClC,QAAQ,KAAK,GAAG,yBAAyB,gBAAgB;QACzD,QAAQ,KAAK,GAAG,yBAAyB,eAAe;QACxD,6BAA6B,CAAC,IAAI,CAAC,QAAQ,CAAC,CAC7C,CAAC;AACJ,CAAC;AAED,SAAS,0BAA0B,CACjC,OAAgB,EAChB,MAAc,EACd,aAAsB;IAEtB,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;QAAE,OAAO;IACzC,IAAI,MAAM,GAAG,GAAG,IAAI,MAAM,IAAI,GAAG;QAAE,OAAO;IAE1C,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC;IACrE,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,WAAW,CAAC;QAAE,OAAO;IAE/C,OAAO,CAAC,GAAG,CACT,eAAe,EACf,aAAa,CAAC,CAAC,CAAC,+BAA+B,CAAC,CAAC,CAAC,yBAAyB,CAC5E,CAAC;AACJ,CAAC;AAED,SAAS,sBAAsB,CAAC,QAAgB;IAC9C,OAAO,CACL,QAAQ,CAAC,UAAU,CAAC,eAAe,CAAC;QACpC,QAAQ,CAAC,UAAU,CAAC,iBAAiB,CAAC;QACtC,QAAQ,CAAC,UAAU,CAAC,iBAAiB,CAAC;QACtC,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC;QAC5B,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC;QAC9B,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC;QAC5B,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC;QAC5B,QAAQ,KAAK,iBAAiB;QAC9B,QAAQ,KAAK,cAAc;QAC3B,QAAQ,KAAK,mBAAmB;QAChC,QAAQ,KAAK,cAAc;QAC3B,QAAQ,KAAK,cAAc;QAC3B,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CACzD,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,sBAAsB,CACnC,QAAkB,EAClB,QAAgB,EAChB,aAAsB;IAEtB,MAAM,wBAAwB,GAAG,2BAA2B,EAAE,CAAC;IAC/D,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IAC9C,0BAA0B,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;IAEpE,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACzC,IAAI,QAAQ,EAAE,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5D,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC;IACjE,CAAC;IAED,IAAI,CAAC,QAAQ,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAC3C,OAAO,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE;YACjC,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,OAAO;SACR,CAAC,CAAC;IACL,CAAC;IAED,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;IACtD,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QACvE,OAAO,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE;YACjC,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,OAAO;SACR,CAAC,CAAC;IACL,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IACnC,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;IACjC,OAAO,IAAI,QAAQ,CACjB,gBAAgB,CACd,iBAAiB,CAAC,IAAI,EAAE,QAAQ,CAAC,EACjC,wBAAwB,CACzB,EACD;QACE,MAAM,EAAE,QAAQ,CAAC,MAAM;QACvB,UAAU,EAAE,QAAQ,CAAC,UAAU;QAC/B,OAAO;KACR,CACF,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAAC,QAA0C;IAC3E,MAAM,OAAO,GAAG,oBAAoB,CAAC,QAAe,CAAC,CAAC;IACtD,OAAO,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;QACxC,MAAM,QAAQ,GAAG,cAAc,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,gBAAgB,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC/C,IAAI,sBAAsB,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9B,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QAC7C,CAAC;QACD,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,mBAAmB,CAAC,KAAK,CAAC,GAAc,EAAE,CAAC,EAAE,QAAQ,CAAC,CAAC;YACvE,wEAAwE;YACxE,uEAAuE;YACvE,gEAAgE;YAChE,uEAAuE;YACvE,+DAA+D;YAC/D,IAAI,OAAO,GAAkD,IAAI,CAAC;YAClE,MAAM,aAAa,GAAG,oBAAoB,CAAC,KAAK,CAAC,CAAC;YAClD,IAAI,aAAa,EAAE,CAAC;gBAClB,IAAI,CAAC;oBACH,OAAO,GAAG,MAAM,UAAU,CAAC,KAAK,CAAC,CAAC;gBACpC,CAAC;gBAAC,MAAM,CAAC;oBACP,qEAAqE;gBACvE,CAAC;YACH,CAAC;YACD,MAAM,KAAK,GAAG,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,MAAM,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,MAAM,GAAG,GAAG;gBACV,SAAS,EAAE,OAAO,EAAE,KAAK,IAAI,SAAS;gBACtC,KAAK;aACN,CAAC;YACF,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBAC9B,MAAM,UAAU,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE;oBAC1C,MAAM,EAAE,KAAK;oBACb,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,MAAM,EAAE,OAAO,CAAC,MAAM;iBACvB,CAAC,CAAC;gBACH,MAAM,QAAQ,GAAG,MAAM,qBAAqB,CAAC,GAAG,EAAE,GAAG,EAAE,CACrD,OAAO,CAAC,UAAU,CAAC,CACpB,CAAC;gBACF,OAAO,MAAM,sBAAsB,CACjC,IAAI,QAAQ,CAAC,IAAI,EAAE;oBACjB,MAAM,EAAE,QAAQ,CAAC,MAAM;oBACvB,UAAU,EAAE,QAAQ,CAAC,UAAU;oBAC/B,OAAO,EAAE,QAAQ,CAAC,OAAO;iBAC1B,CAAC,EACF,QAAQ,EACR,aAAa,CACd,CAAC;YACJ,CAAC;YACD,OAAO,MAAM,sBAAsB,CACjC,MAAM,qBAAqB,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,EACxD,QAAQ,EACR,aAAa,CACd,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,mEAAmE;YACnE,uEAAuE;YACvE,sEAAsE;YACtE,oEAAoE;YACpE,OAAO,CAAC,KAAK,CAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;YAC/C,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;YACrD,MAAM,IAAI,GAAG,MAAM;gBACjB,CAAC,CAAC,uBAAuB;gBACzB,CAAC,CAAC,0BAA2B,GAAa,EAAE,OAAO,IAAI,GAAG,EAAE,CAAC;YAC/D,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE;gBACxB,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE;aAC1C,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["/**\n * Shared SSR catch-all handler for React Router framework mode.\n *\n * Templates wire this up via:\n *\n *   // server/routes/[...page].get.ts\n *   import { createH3SSRHandler } from \"@agent-native/core/server/ssr-handler\";\n *   export default createH3SSRHandler(\n *     () => import(\"virtual:react-router/server-build\"),\n *   );\n *\n * The `getBuild` callback MUST live in the template's own source so Vite's\n * @react-router/dev plugin can resolve the `virtual:` module. Pulling the\n * import into core (e.g. via a re-export) puts it in node_modules where\n * Vite's SSR externalizer leaves it untouched and Node's ESM loader rejects\n * the unknown scheme — silently 302'ing every request to \"/\".\n */\nimport { createRequestHandler } from \"react-router\";\nimport { defineEventHandler, type H3Event } from \"h3\";\nimport { getSentryClientConfigScript } from \"./sentry-config.js\";\nimport { BETTER_AUTH_COOKIE_PREFIX, COOKIE_NAME, getSession } from \"./auth.js\";\nimport { runWithRequestContext } from \"./request-context.js\";\nimport { requestHasEmbedAuthMarker } from \"./embed-session.js\";\nimport {\n  EMBED_SESSION_COOKIE,\n  EMBED_TOKEN_QUERY_PARAM,\n} from \"../shared/embed-auth.js\";\n\nexport const DEFAULT_SSR_CACHE_CONTROL =\n  \"public, max-age=5, stale-while-revalidate=604800, stale-if-error=3600\";\nexport const AUTHENTICATED_SSR_CACHE_CONTROL =\n  \"private, max-age=5, stale-while-revalidate=604800, stale-if-error=3600\";\nconst ANONYMOUS_SESSION_COOKIE_NAMES = new Set([\"an_docs_session\"]);\nconst BETTER_AUTH_SESSION_COOKIE_RE = /\\.session_(?:token|data)$/;\n\n/**\n * Read the active org for a request without forcing every template to bundle\n * the org module. Mirrors what `core-routes-plugin` does for action handlers.\n */\nasync function readOrgIdForEvent(event: H3Event): Promise<string | undefined> {\n  try {\n    const { getOrgContext } = await import(\"../org/context.js\");\n    const ctx = await getOrgContext(event);\n    return ctx?.orgId ?? undefined;\n  } catch {\n    return undefined;\n  }\n}\n\nfunction normalizeAppBasePath(value: string | undefined): string {\n  if (!value || value === \"/\") return \"\";\n  const trimmed = value.trim();\n  if (!trimmed || trimmed === \"/\") return \"\";\n  return `/${trimmed.replace(/^\\/+/, \"\").replace(/\\/+$/, \"\")}`;\n}\n\nfunction getAppBasePath(): string {\n  const metaEnv = (\n    import.meta as unknown as {\n      env?: Record<string, string | undefined>;\n    }\n  ).env;\n  return normalizeAppBasePath(\n    process.env.VITE_APP_BASE_PATH ||\n      process.env.APP_BASE_PATH ||\n      metaEnv?.VITE_APP_BASE_PATH ||\n      metaEnv?.APP_BASE_PATH ||\n      metaEnv?.BASE_URL,\n  );\n}\n\nfunction stripAppBasePath(pathname: string): string {\n  const basePath = getAppBasePath();\n  return stripBasePath(pathname, basePath);\n}\n\nfunction stripBasePath(pathname: string, basePath: string): string {\n  if (!basePath) return pathname;\n  if (pathname === basePath) return \"/\";\n  if (pathname.startsWith(`${basePath}/`)) {\n    return pathname.slice(basePath.length) || \"/\";\n  }\n  return pathname;\n}\n\nfunction requestWithPathname(\n  request: Request,\n  pathname: string,\n  basePath: string,\n): Request {\n  const url = new URL(request.url);\n  let changed = false;\n  if (basePath && pathname === \"/__manifest\") {\n    const paths = url.searchParams.get(\"paths\");\n    if (paths) {\n      const strippedPaths = paths\n        .split(\",\")\n        .map((path) => stripBasePath(path, basePath))\n        .join(\",\");\n      if (strippedPaths !== paths) {\n        url.searchParams.set(\"paths\", strippedPaths);\n        changed = true;\n      }\n    }\n  }\n  if (url.pathname !== pathname) {\n    url.pathname = pathname;\n    changed = true;\n  }\n  if (!changed) return request;\n  const init: RequestInit & { duplex?: \"half\" } = {\n    method: request.method,\n    headers: request.headers,\n    signal: request.signal,\n  };\n  if (request.body && ![\"GET\", \"HEAD\"].includes(request.method.toUpperCase())) {\n    init.body = request.body;\n    init.duplex = \"half\";\n  }\n  return new Request(url, init);\n}\n\nfunction prefixMountedPath(path: string, basePath: string): string {\n  if (!basePath || !path.startsWith(\"/\") || path.startsWith(\"//\")) return path;\n  if (path === basePath || path.startsWith(`${basePath}/`)) return path;\n  return `${basePath}${path}`;\n}\n\nfunction prefixMountedHtml(html: string, basePath: string): string {\n  if (!basePath) return html;\n  return html\n    .replace(\n      /\\b(href|src|action|formaction|poster)=([\"'])(\\/(?!\\/)[^\"']*)\\2/g,\n      (_match, attr: string, quote: string, path: string) =>\n        `${attr}=${quote}${prefixMountedPath(path, basePath)}${quote}`,\n    )\n    .replace(/url\\(([\"']?)(\\/(?!\\/)[^)'\" ]+)\\1\\)/g, (_match, quote, path) => {\n      const q = quote || \"\";\n      return `url(${q}${prefixMountedPath(path, basePath)}${q})`;\n    });\n}\n\nfunction injectHeadScript(html: string, script: string | null): string {\n  if (!script) return html;\n  const headCloseIdx = html.indexOf(\"</head>\");\n  if (headCloseIdx === -1) return html;\n  return html.slice(0, headCloseIdx) + script + html.slice(headCloseIdx);\n}\n\nfunction requestHasAuthSignal(event: H3Event): boolean {\n  const headers = event.req.headers;\n  return Boolean(\n    headers.get(\"authorization\") ||\n    requestHasAuthenticatedCookie(headers.get(\"cookie\")) ||\n    event.url.searchParams.has(EMBED_TOKEN_QUERY_PARAM) ||\n    event.url.searchParams.has(\"_session\") ||\n    requestHasEmbedAuthMarker(event),\n  );\n}\n\nfunction requestHasAuthenticatedCookie(cookieHeader: string | null): boolean {\n  if (!cookieHeader) return false;\n  return cookieHeader\n    .split(\";\")\n    .map((cookie) => cookie.trim().split(\"=\", 1)[0]?.trim())\n    .filter((name): name is string => Boolean(name))\n    .some(isAuthenticatedCookieName);\n}\n\nfunction isAuthenticatedCookieName(name: string): boolean {\n  if (ANONYMOUS_SESSION_COOKIE_NAMES.has(name)) return false;\n  const bareName = name.replace(/^__(?:Secure|Host)-/, \"\");\n  return (\n    bareName === COOKIE_NAME ||\n    bareName === EMBED_SESSION_COOKIE ||\n    bareName === \"an_session\" ||\n    bareName === \"an_session_workspace\" ||\n    bareName.startsWith(\"an_session_\") ||\n    bareName === `${BETTER_AUTH_COOKIE_PREFIX}.session_token` ||\n    bareName === `${BETTER_AUTH_COOKIE_PREFIX}.session_data` ||\n    BETTER_AUTH_SESSION_COOKIE_RE.test(bareName)\n  );\n}\n\nfunction applyDefaultSsrCacheHeader(\n  headers: Headers,\n  status: number,\n  hasAuthSignal: boolean,\n) {\n  if (headers.has(\"cache-control\")) return;\n  if (status < 200 || status >= 400) return;\n\n  const contentType = headers.get(\"content-type\")?.toLowerCase() ?? \"\";\n  if (!contentType.includes(\"text/html\")) return;\n\n  headers.set(\n    \"cache-control\",\n    hasAuthSignal ? AUTHENTICATED_SSR_CACHE_CONTROL : DEFAULT_SSR_CACHE_CONTROL,\n  );\n}\n\nfunction isFrameworkOrAssetPath(pathname: string): boolean {\n  return (\n    pathname.startsWith(\"/.well-known/\") ||\n    pathname.startsWith(\"/_agent_native/\") ||\n    pathname.startsWith(\"/_agent-native/\") ||\n    pathname.startsWith(\"/api/\") ||\n    pathname.startsWith(\"/@vite/\") ||\n    pathname.startsWith(\"/@id/\") ||\n    pathname.startsWith(\"/@fs/\") ||\n    pathname === \"/@react-refresh\" ||\n    pathname === \"/__vite_ping\" ||\n    pathname === \"/__open-in-editor\" ||\n    pathname === \"/favicon.ico\" ||\n    pathname === \"/favicon.png\" ||\n    (/\\.\\w+$/.test(pathname) && !pathname.endsWith(\".data\"))\n  );\n}\n\nasync function rewriteMountedResponse(\n  response: Response,\n  basePath: string,\n  hasAuthSignal: boolean,\n): Promise<Response> {\n  const sentryClientConfigScript = getSentryClientConfigScript();\n  const headers = new Headers(response.headers);\n  applyDefaultSsrCacheHeader(headers, response.status, hasAuthSignal);\n\n  const location = headers.get(\"location\");\n  if (location?.startsWith(\"/\") && !location.startsWith(\"//\")) {\n    headers.set(\"location\", prefixMountedPath(location, basePath));\n  }\n\n  if (!basePath && !sentryClientConfigScript) {\n    return new Response(response.body, {\n      status: response.status,\n      statusText: response.statusText,\n      headers,\n    });\n  }\n\n  const contentType = headers.get(\"content-type\") ?? \"\";\n  if (!contentType.toLowerCase().includes(\"text/html\") || !response.body) {\n    return new Response(response.body, {\n      status: response.status,\n      statusText: response.statusText,\n      headers,\n    });\n  }\n\n  const html = await response.text();\n  headers.delete(\"content-length\");\n  return new Response(\n    injectHeadScript(\n      prefixMountedHtml(html, basePath),\n      sentryClientConfigScript,\n    ),\n    {\n      status: response.status,\n      statusText: response.statusText,\n      headers,\n    },\n  );\n}\n\n/**\n * Create an h3 catch-all that hands page routes to React Router and\n * returns 404 for framework / asset paths that React Router doesn't own.\n */\nexport function createH3SSRHandler(getBuild: () => Promise<unknown> | unknown) {\n  const handler = createRequestHandler(getBuild as any);\n  return defineEventHandler(async (event) => {\n    const basePath = getAppBasePath();\n    const p = stripAppBasePath(event.url.pathname);\n    if (isFrameworkOrAssetPath(p)) {\n      return new Response(null, { status: 404 });\n    }\n    try {\n      const request = requestWithPathname(event.req as Request, p, basePath);\n      // Pin the active session onto the async request context so React Router\n      // loaders that call `getRequestUserEmail()` / `accessFilter()` see the\n      // signed-in user. Without this, SSR loaders fall through to the\n      // unauthenticated branch even when the user is logged in — which broke\n      // shared-deck \"Presentation link\" access for non-public decks.\n      let session: Awaited<ReturnType<typeof getSession>> | null = null;\n      const hasAuthSignal = requestHasAuthSignal(event);\n      if (hasAuthSignal) {\n        try {\n          session = await getSession(event);\n        } catch {\n          // Auth lookup failures must not break SSR; treat as unauthenticated.\n        }\n      }\n      const orgId = session?.email ? await readOrgIdForEvent(event) : undefined;\n      const ctx = {\n        userEmail: session?.email ?? undefined,\n        orgId,\n      };\n      if (request.method === \"HEAD\") {\n        const getRequest = new Request(request.url, {\n          method: \"GET\",\n          headers: request.headers,\n          signal: request.signal,\n        });\n        const response = await runWithRequestContext(ctx, () =>\n          handler(getRequest),\n        );\n        return await rewriteMountedResponse(\n          new Response(null, {\n            status: response.status,\n            statusText: response.statusText,\n            headers: response.headers,\n          }),\n          basePath,\n          hasAuthSignal,\n        );\n      }\n      return await rewriteMountedResponse(\n        await runWithRequestContext(ctx, () => handler(request)),\n        basePath,\n        hasAuthSignal,\n      );\n    } catch (err) {\n      // Log the full stack server-side, but never leak it to the client.\n      // Stack traces expose file paths, library versions, and code structure\n      // that aid reconnaissance attacks. In dev we surface the message text\n      // so devtools shows something useful; in prod we return a bare 500.\n      console.error(\"[ssr-handler] SSR error:\", err);\n      const isProd = process.env.NODE_ENV === \"production\";\n      const body = isProd\n        ? \"Internal Server Error\"\n        : `Internal Server Error: ${(err as Error)?.message ?? err}`;\n      return new Response(body, {\n        status: 500,\n        headers: { \"content-type\": \"text/plain\" },\n      });\n    }\n  });\n}\n"]}
+{"version":3,"file":"ssr-handler.js","sourceRoot":"","sources":["../../src/server/ssr-handler.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AACH,OAAO,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,kBAAkB,EAAgB,MAAM,IAAI,CAAC;AACtD,OAAO,EAAE,2BAA2B,EAAE,MAAM,oBAAoB,CAAC;AACjE,OAAO,EAAE,yBAAyB,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAC/E,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,yBAAyB,EAAE,MAAM,oBAAoB,CAAC;AAC/D,OAAO,EACL,oBAAoB,EACpB,uBAAuB,GACxB,MAAM,yBAAyB,CAAC;AAEjC,MAAM,CAAC,MAAM,yBAAyB,GACpC,uEAAuE,CAAC;AAC1E,MAAM,8BAA8B,GAAG,IAAI,GAAG,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC;AACpE,MAAM,6BAA6B,GAAG,2BAA2B,CAAC;AAElE;;;GAGG;AACH,KAAK,UAAU,iBAAiB,CAAC,KAAc;IAC7C,IAAI,CAAC;QACH,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,MAAM,CAAC,mBAAmB,CAAC,CAAC;QAC5D,MAAM,GAAG,GAAG,MAAM,aAAa,CAAC,KAAK,CAAC,CAAC;QACvC,OAAO,GAAG,EAAE,KAAK,IAAI,SAAS,CAAC;IACjC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAAC,KAAyB;IACrD,IAAI,CAAC,KAAK,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,EAAE,CAAC;IACvC,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC7B,IAAI,CAAC,OAAO,IAAI,OAAO,KAAK,GAAG;QAAE,OAAO,EAAE,CAAC;IAC3C,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,CAAC;AAC/D,CAAC;AAED,SAAS,cAAc;IACrB,MAAM,OAAO,GACX,MAAM,CAAC,IAGR,CAAC,GAAG,CAAC;IACN,OAAO,oBAAoB,CACzB,OAAO,CAAC,GAAG,CAAC,kBAAkB;QAC5B,OAAO,CAAC,GAAG,CAAC,aAAa;QACzB,OAAO,EAAE,kBAAkB;QAC3B,OAAO,EAAE,aAAa;QACtB,OAAO,EAAE,QAAQ,CACpB,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAgB;IACxC,MAAM,QAAQ,GAAG,cAAc,EAAE,CAAC;IAClC,OAAO,aAAa,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,aAAa,CAAC,QAAgB,EAAE,QAAgB;IACvD,IAAI,CAAC,QAAQ;QAAE,OAAO,QAAQ,CAAC;IAC/B,IAAI,QAAQ,KAAK,QAAQ;QAAE,OAAO,GAAG,CAAC;IACtC,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,QAAQ,GAAG,CAAC,EAAE,CAAC;QACxC,OAAO,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC;IAChD,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,mBAAmB,CAC1B,OAAgB,EAChB,QAAgB,EAChB,QAAgB;IAEhB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,OAAO,GAAG,KAAK,CAAC;IACpB,IAAI,QAAQ,IAAI,QAAQ,KAAK,aAAa,EAAE,CAAC;QAC3C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAC5C,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,aAAa,GAAG,KAAK;iBACxB,KAAK,CAAC,GAAG,CAAC;iBACV,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;iBAC5C,IAAI,CAAC,GAAG,CAAC,CAAC;YACb,IAAI,aAAa,KAAK,KAAK,EAAE,CAAC;gBAC5B,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;gBAC7C,OAAO,GAAG,IAAI,CAAC;YACjB,CAAC;QACH,CAAC;IACH,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC9B,GAAG,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACxB,OAAO,GAAG,IAAI,CAAC;IACjB,CAAC;IACD,IAAI,CAAC,OAAO;QAAE,OAAO,OAAO,CAAC;IAC7B,MAAM,IAAI,GAAsC;QAC9C,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,MAAM,EAAE,OAAO,CAAC,MAAM;KACvB,CAAC;IACF,IAAI,OAAO,CAAC,IAAI,IAAI,CAAC,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QAC5E,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QACzB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IACD,OAAO,IAAI,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAY,EAAE,QAAgB;IACvD,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IAC7E,IAAI,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,QAAQ,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACtE,OAAO,GAAG,QAAQ,GAAG,IAAI,EAAE,CAAC;AAC9B,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAY,EAAE,QAAgB;IACvD,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAC3B,OAAO,IAAI;SACR,OAAO,CACN,iEAAiE,EACjE,CAAC,MAAM,EAAE,IAAY,EAAE,KAAa,EAAE,IAAY,EAAE,EAAE,CACpD,GAAG,IAAI,IAAI,KAAK,GAAG,iBAAiB,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,KAAK,EAAE,CACjE;SACA,OAAO,CAAC,qCAAqC,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACtE,MAAM,CAAC,GAAG,KAAK,IAAI,EAAE,CAAC;QACtB,OAAO,OAAO,CAAC,GAAG,iBAAiB,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC;IAC7D,CAAC,CAAC,CAAC;AACP,CAAC;AAED,SAAS,gBAAgB,CAAC,IAAY,EAAE,MAAqB;IAC3D,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAC7C,IAAI,YAAY,KAAK,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IACrC,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,GAAG,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,oBAAoB,CAAC,KAAc;IAC1C,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC;IAClC,OAAO,OAAO,CACZ,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;QAC5B,6BAA6B,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACpD,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,CAAC;QACnD,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC;QACtC,yBAAyB,CAAC,KAAK,CAAC,CACjC,CAAC;AACJ,CAAC;AAED,SAAS,6BAA6B,CAAC,YAA2B;IAChE,IAAI,CAAC,YAAY;QAAE,OAAO,KAAK,CAAC;IAChC,OAAO,YAAY;SAChB,KAAK,CAAC,GAAG,CAAC;SACV,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC;SACvD,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;SAC/C,IAAI,CAAC,yBAAyB,CAAC,CAAC;AACrC,CAAC;AAED,SAAS,yBAAyB,CAAC,IAAY;IAC7C,IAAI,8BAA8B,CAAC,GAAG,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAC3D,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,qBAAqB,EAAE,EAAE,CAAC,CAAC;IACzD,OAAO,CACL,QAAQ,KAAK,WAAW;QACxB,QAAQ,KAAK,oBAAoB;QACjC,QAAQ,KAAK,YAAY;QACzB,QAAQ,KAAK,sBAAsB;QACnC,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC;QAClC,QAAQ,KAAK,GAAG,yBAAyB,gBAAgB;QACzD,QAAQ,KAAK,GAAG,yBAAyB,eAAe;QACxD,6BAA6B,CAAC,IAAI,CAAC,QAAQ,CAAC,CAC7C,CAAC;AACJ,CAAC;AAED,SAAS,0BAA0B,CAAC,OAAgB,EAAE,MAAc;IAClE,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;QAAE,OAAO;IACzC,IAAI,MAAM,GAAG,GAAG,IAAI,MAAM,IAAI,GAAG;QAAE,OAAO;IAE1C,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC;IACrE,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,WAAW,CAAC;QAAE,OAAO;IAE/C,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,yBAAyB,CAAC,CAAC;AAC1D,CAAC;AAED,SAAS,sBAAsB,CAAC,QAAgB;IAC9C,OAAO,CACL,QAAQ,CAAC,UAAU,CAAC,eAAe,CAAC;QACpC,QAAQ,CAAC,UAAU,CAAC,iBAAiB,CAAC;QACtC,QAAQ,CAAC,UAAU,CAAC,iBAAiB,CAAC;QACtC,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC;QAC5B,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC;QAC9B,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC;QAC5B,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC;QAC5B,QAAQ,KAAK,iBAAiB;QAC9B,QAAQ,KAAK,cAAc;QAC3B,QAAQ,KAAK,mBAAmB;QAChC,QAAQ,KAAK,cAAc;QAC3B,QAAQ,KAAK,cAAc;QAC3B,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CACzD,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,sBAAsB,CACnC,QAAkB,EAClB,QAAgB;IAEhB,MAAM,wBAAwB,GAAG,2BAA2B,EAAE,CAAC;IAC/D,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IAC9C,0BAA0B,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;IAErD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACzC,IAAI,QAAQ,EAAE,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5D,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC;IACjE,CAAC;IAED,IAAI,CAAC,QAAQ,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAC3C,OAAO,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE;YACjC,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,OAAO;SACR,CAAC,CAAC;IACL,CAAC;IAED,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;IACtD,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QACvE,OAAO,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE;YACjC,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,OAAO;SACR,CAAC,CAAC;IACL,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IACnC,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;IACjC,OAAO,IAAI,QAAQ,CACjB,gBAAgB,CACd,iBAAiB,CAAC,IAAI,EAAE,QAAQ,CAAC,EACjC,wBAAwB,CACzB,EACD;QACE,MAAM,EAAE,QAAQ,CAAC,MAAM;QACvB,UAAU,EAAE,QAAQ,CAAC,UAAU;QAC/B,OAAO;KACR,CACF,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAAC,QAA0C;IAC3E,MAAM,OAAO,GAAG,oBAAoB,CAAC,QAAe,CAAC,CAAC;IACtD,OAAO,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;QACxC,MAAM,QAAQ,GAAG,cAAc,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,gBAAgB,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC/C,IAAI,sBAAsB,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9B,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QAC7C,CAAC;QACD,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,mBAAmB,CAAC,KAAK,CAAC,GAAc,EAAE,CAAC,EAAE,QAAQ,CAAC,CAAC;YACvE,wEAAwE;YACxE,uEAAuE;YACvE,gEAAgE;YAChE,uEAAuE;YACvE,+DAA+D;YAC/D,IAAI,OAAO,GAAkD,IAAI,CAAC;YAClE,MAAM,aAAa,GAAG,oBAAoB,CAAC,KAAK,CAAC,CAAC;YAClD,IAAI,aAAa,EAAE,CAAC;gBAClB,IAAI,CAAC;oBACH,OAAO,GAAG,MAAM,UAAU,CAAC,KAAK,CAAC,CAAC;gBACpC,CAAC;gBAAC,MAAM,CAAC;oBACP,qEAAqE;gBACvE,CAAC;YACH,CAAC;YACD,MAAM,KAAK,GAAG,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,MAAM,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,MAAM,GAAG,GAAG;gBACV,SAAS,EAAE,OAAO,EAAE,KAAK,IAAI,SAAS;gBACtC,KAAK;aACN,CAAC;YACF,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBAC9B,MAAM,UAAU,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE;oBAC1C,MAAM,EAAE,KAAK;oBACb,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,MAAM,EAAE,OAAO,CAAC,MAAM;iBACvB,CAAC,CAAC;gBACH,MAAM,QAAQ,GAAG,MAAM,qBAAqB,CAAC,GAAG,EAAE,GAAG,EAAE,CACrD,OAAO,CAAC,UAAU,CAAC,CACpB,CAAC;gBACF,OAAO,MAAM,sBAAsB,CACjC,IAAI,QAAQ,CAAC,IAAI,EAAE;oBACjB,MAAM,EAAE,QAAQ,CAAC,MAAM;oBACvB,UAAU,EAAE,QAAQ,CAAC,UAAU;oBAC/B,OAAO,EAAE,QAAQ,CAAC,OAAO;iBAC1B,CAAC,EACF,QAAQ,CACT,CAAC;YACJ,CAAC;YACD,OAAO,MAAM,sBAAsB,CACjC,MAAM,qBAAqB,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,EACxD,QAAQ,CACT,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,mEAAmE;YACnE,uEAAuE;YACvE,sEAAsE;YACtE,oEAAoE;YACpE,OAAO,CAAC,KAAK,CAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;YAC/C,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;YACrD,MAAM,IAAI,GAAG,MAAM;gBACjB,CAAC,CAAC,uBAAuB;gBACzB,CAAC,CAAC,0BAA2B,GAAa,EAAE,OAAO,IAAI,GAAG,EAAE,CAAC;YAC/D,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE;gBACxB,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE;aAC1C,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["/**\n * Shared SSR catch-all handler for React Router framework mode.\n *\n * Templates wire this up via:\n *\n *   // server/routes/[...page].get.ts\n *   import { createH3SSRHandler } from \"@agent-native/core/server/ssr-handler\";\n *   export default createH3SSRHandler(\n *     () => import(\"virtual:react-router/server-build\"),\n *   );\n *\n * The `getBuild` callback MUST live in the template's own source so Vite's\n * @react-router/dev plugin can resolve the `virtual:` module. Pulling the\n * import into core (e.g. via a re-export) puts it in node_modules where\n * Vite's SSR externalizer leaves it untouched and Node's ESM loader rejects\n * the unknown scheme — silently 302'ing every request to \"/\".\n */\nimport { createRequestHandler } from \"react-router\";\nimport { defineEventHandler, type H3Event } from \"h3\";\nimport { getSentryClientConfigScript } from \"./sentry-config.js\";\nimport { BETTER_AUTH_COOKIE_PREFIX, COOKIE_NAME, getSession } from \"./auth.js\";\nimport { runWithRequestContext } from \"./request-context.js\";\nimport { requestHasEmbedAuthMarker } from \"./embed-session.js\";\nimport {\n  EMBED_SESSION_COOKIE,\n  EMBED_TOKEN_QUERY_PARAM,\n} from \"../shared/embed-auth.js\";\n\nexport const DEFAULT_SSR_CACHE_CONTROL =\n  \"public, max-age=5, stale-while-revalidate=604800, stale-if-error=3600\";\nconst ANONYMOUS_SESSION_COOKIE_NAMES = new Set([\"an_docs_session\"]);\nconst BETTER_AUTH_SESSION_COOKIE_RE = /\\.session_(?:token|data)$/;\n\n/**\n * Read the active org for a request without forcing every template to bundle\n * the org module. Mirrors what `core-routes-plugin` does for action handlers.\n */\nasync function readOrgIdForEvent(event: H3Event): Promise<string | undefined> {\n  try {\n    const { getOrgContext } = await import(\"../org/context.js\");\n    const ctx = await getOrgContext(event);\n    return ctx?.orgId ?? undefined;\n  } catch {\n    return undefined;\n  }\n}\n\nfunction normalizeAppBasePath(value: string | undefined): string {\n  if (!value || value === \"/\") return \"\";\n  const trimmed = value.trim();\n  if (!trimmed || trimmed === \"/\") return \"\";\n  return `/${trimmed.replace(/^\\/+/, \"\").replace(/\\/+$/, \"\")}`;\n}\n\nfunction getAppBasePath(): string {\n  const metaEnv = (\n    import.meta as unknown as {\n      env?: Record<string, string | undefined>;\n    }\n  ).env;\n  return normalizeAppBasePath(\n    process.env.VITE_APP_BASE_PATH ||\n      process.env.APP_BASE_PATH ||\n      metaEnv?.VITE_APP_BASE_PATH ||\n      metaEnv?.APP_BASE_PATH ||\n      metaEnv?.BASE_URL,\n  );\n}\n\nfunction stripAppBasePath(pathname: string): string {\n  const basePath = getAppBasePath();\n  return stripBasePath(pathname, basePath);\n}\n\nfunction stripBasePath(pathname: string, basePath: string): string {\n  if (!basePath) return pathname;\n  if (pathname === basePath) return \"/\";\n  if (pathname.startsWith(`${basePath}/`)) {\n    return pathname.slice(basePath.length) || \"/\";\n  }\n  return pathname;\n}\n\nfunction requestWithPathname(\n  request: Request,\n  pathname: string,\n  basePath: string,\n): Request {\n  const url = new URL(request.url);\n  let changed = false;\n  if (basePath && pathname === \"/__manifest\") {\n    const paths = url.searchParams.get(\"paths\");\n    if (paths) {\n      const strippedPaths = paths\n        .split(\",\")\n        .map((path) => stripBasePath(path, basePath))\n        .join(\",\");\n      if (strippedPaths !== paths) {\n        url.searchParams.set(\"paths\", strippedPaths);\n        changed = true;\n      }\n    }\n  }\n  if (url.pathname !== pathname) {\n    url.pathname = pathname;\n    changed = true;\n  }\n  if (!changed) return request;\n  const init: RequestInit & { duplex?: \"half\" } = {\n    method: request.method,\n    headers: request.headers,\n    signal: request.signal,\n  };\n  if (request.body && ![\"GET\", \"HEAD\"].includes(request.method.toUpperCase())) {\n    init.body = request.body;\n    init.duplex = \"half\";\n  }\n  return new Request(url, init);\n}\n\nfunction prefixMountedPath(path: string, basePath: string): string {\n  if (!basePath || !path.startsWith(\"/\") || path.startsWith(\"//\")) return path;\n  if (path === basePath || path.startsWith(`${basePath}/`)) return path;\n  return `${basePath}${path}`;\n}\n\nfunction prefixMountedHtml(html: string, basePath: string): string {\n  if (!basePath) return html;\n  return html\n    .replace(\n      /\\b(href|src|action|formaction|poster)=([\"'])(\\/(?!\\/)[^\"']*)\\2/g,\n      (_match, attr: string, quote: string, path: string) =>\n        `${attr}=${quote}${prefixMountedPath(path, basePath)}${quote}`,\n    )\n    .replace(/url\\(([\"']?)(\\/(?!\\/)[^)'\" ]+)\\1\\)/g, (_match, quote, path) => {\n      const q = quote || \"\";\n      return `url(${q}${prefixMountedPath(path, basePath)}${q})`;\n    });\n}\n\nfunction injectHeadScript(html: string, script: string | null): string {\n  if (!script) return html;\n  const headCloseIdx = html.indexOf(\"</head>\");\n  if (headCloseIdx === -1) return html;\n  return html.slice(0, headCloseIdx) + script + html.slice(headCloseIdx);\n}\n\nfunction requestHasAuthSignal(event: H3Event): boolean {\n  const headers = event.req.headers;\n  return Boolean(\n    headers.get(\"authorization\") ||\n    requestHasAuthenticatedCookie(headers.get(\"cookie\")) ||\n    event.url.searchParams.has(EMBED_TOKEN_QUERY_PARAM) ||\n    event.url.searchParams.has(\"_session\") ||\n    requestHasEmbedAuthMarker(event),\n  );\n}\n\nfunction requestHasAuthenticatedCookie(cookieHeader: string | null): boolean {\n  if (!cookieHeader) return false;\n  return cookieHeader\n    .split(\";\")\n    .map((cookie) => cookie.trim().split(\"=\", 1)[0]?.trim())\n    .filter((name): name is string => Boolean(name))\n    .some(isAuthenticatedCookieName);\n}\n\nfunction isAuthenticatedCookieName(name: string): boolean {\n  if (ANONYMOUS_SESSION_COOKIE_NAMES.has(name)) return false;\n  const bareName = name.replace(/^__(?:Secure|Host)-/, \"\");\n  return (\n    bareName === COOKIE_NAME ||\n    bareName === EMBED_SESSION_COOKIE ||\n    bareName === \"an_session\" ||\n    bareName === \"an_session_workspace\" ||\n    bareName.startsWith(\"an_session_\") ||\n    bareName === `${BETTER_AUTH_COOKIE_PREFIX}.session_token` ||\n    bareName === `${BETTER_AUTH_COOKIE_PREFIX}.session_data` ||\n    BETTER_AUTH_SESSION_COOKIE_RE.test(bareName)\n  );\n}\n\nfunction applyDefaultSsrCacheHeader(headers: Headers, status: number) {\n  if (headers.has(\"cache-control\")) return;\n  if (status < 200 || status >= 400) return;\n\n  const contentType = headers.get(\"content-type\")?.toLowerCase() ?? \"\";\n  if (!contentType.includes(\"text/html\")) return;\n\n  headers.set(\"cache-control\", DEFAULT_SSR_CACHE_CONTROL);\n}\n\nfunction isFrameworkOrAssetPath(pathname: string): boolean {\n  return (\n    pathname.startsWith(\"/.well-known/\") ||\n    pathname.startsWith(\"/_agent_native/\") ||\n    pathname.startsWith(\"/_agent-native/\") ||\n    pathname.startsWith(\"/api/\") ||\n    pathname.startsWith(\"/@vite/\") ||\n    pathname.startsWith(\"/@id/\") ||\n    pathname.startsWith(\"/@fs/\") ||\n    pathname === \"/@react-refresh\" ||\n    pathname === \"/__vite_ping\" ||\n    pathname === \"/__open-in-editor\" ||\n    pathname === \"/favicon.ico\" ||\n    pathname === \"/favicon.png\" ||\n    (/\\.\\w+$/.test(pathname) && !pathname.endsWith(\".data\"))\n  );\n}\n\nasync function rewriteMountedResponse(\n  response: Response,\n  basePath: string,\n): Promise<Response> {\n  const sentryClientConfigScript = getSentryClientConfigScript();\n  const headers = new Headers(response.headers);\n  applyDefaultSsrCacheHeader(headers, response.status);\n\n  const location = headers.get(\"location\");\n  if (location?.startsWith(\"/\") && !location.startsWith(\"//\")) {\n    headers.set(\"location\", prefixMountedPath(location, basePath));\n  }\n\n  if (!basePath && !sentryClientConfigScript) {\n    return new Response(response.body, {\n      status: response.status,\n      statusText: response.statusText,\n      headers,\n    });\n  }\n\n  const contentType = headers.get(\"content-type\") ?? \"\";\n  if (!contentType.toLowerCase().includes(\"text/html\") || !response.body) {\n    return new Response(response.body, {\n      status: response.status,\n      statusText: response.statusText,\n      headers,\n    });\n  }\n\n  const html = await response.text();\n  headers.delete(\"content-length\");\n  return new Response(\n    injectHeadScript(\n      prefixMountedHtml(html, basePath),\n      sentryClientConfigScript,\n    ),\n    {\n      status: response.status,\n      statusText: response.statusText,\n      headers,\n    },\n  );\n}\n\n/**\n * Create an h3 catch-all that hands page routes to React Router and\n * returns 404 for framework / asset paths that React Router doesn't own.\n */\nexport function createH3SSRHandler(getBuild: () => Promise<unknown> | unknown) {\n  const handler = createRequestHandler(getBuild as any);\n  return defineEventHandler(async (event) => {\n    const basePath = getAppBasePath();\n    const p = stripAppBasePath(event.url.pathname);\n    if (isFrameworkOrAssetPath(p)) {\n      return new Response(null, { status: 404 });\n    }\n    try {\n      const request = requestWithPathname(event.req as Request, p, basePath);\n      // Pin the active session onto the async request context so React Router\n      // loaders that call `getRequestUserEmail()` / `accessFilter()` see the\n      // signed-in user. Without this, SSR loaders fall through to the\n      // unauthenticated branch even when the user is logged in — which broke\n      // shared-deck \"Presentation link\" access for non-public decks.\n      let session: Awaited<ReturnType<typeof getSession>> | null = null;\n      const hasAuthSignal = requestHasAuthSignal(event);\n      if (hasAuthSignal) {\n        try {\n          session = await getSession(event);\n        } catch {\n          // Auth lookup failures must not break SSR; treat as unauthenticated.\n        }\n      }\n      const orgId = session?.email ? await readOrgIdForEvent(event) : undefined;\n      const ctx = {\n        userEmail: session?.email ?? undefined,\n        orgId,\n      };\n      if (request.method === \"HEAD\") {\n        const getRequest = new Request(request.url, {\n          method: \"GET\",\n          headers: request.headers,\n          signal: request.signal,\n        });\n        const response = await runWithRequestContext(ctx, () =>\n          handler(getRequest),\n        );\n        return await rewriteMountedResponse(\n          new Response(null, {\n            status: response.status,\n            statusText: response.statusText,\n            headers: response.headers,\n          }),\n          basePath,\n        );\n      }\n      return await rewriteMountedResponse(\n        await runWithRequestContext(ctx, () => handler(request)),\n        basePath,\n      );\n    } catch (err) {\n      // Log the full stack server-side, but never leak it to the client.\n      // Stack traces expose file paths, library versions, and code structure\n      // that aid reconnaissance attacks. In dev we surface the message text\n      // so devtools shows something useful; in prod we return a bare 500.\n      console.error(\"[ssr-handler] SSR error:\", err);\n      const isProd = process.env.NODE_ENV === \"production\";\n      const body = isProd\n        ? \"Internal Server Error\"\n        : `Internal Server Error: ${(err as Error)?.message ?? err}`;\n      return new Response(body, {\n        status: 500,\n        headers: { \"content-type\": \"text/plain\" },\n      });\n    }\n  });\n}\n"]}

package/docs/content/actions.md

@@ -152,7 +152,7 @@ If your app is an [A2A](/docs/a2a-protocol) peer, other agent-native apps discov
 
 ## Exposing it over MCP {#mcp}
 
-With MCP enabled, your actions show up in the framework's MCP server at `/_agent-native/mcp`. Stdio/static-token developer clients see the full connected action surface. OAuth app hosts that request `mcp:apps` get a compact catalog containing app-facing builtins (`open_app`, `list_apps`, `ask_app`, and app-only embed helpers); action-specific MCP App resources stay out of that catalog unless an action explicitly sets `mcpApp.compactCatalog: true`. `publicAgent.expose` is still the opt-in for safe read/ingest tools outside that compact app catalog. See [MCP Protocol](/docs/mcp-protocol).
+With MCP enabled, your actions show up in the framework's MCP server at `/_agent-native/mcp`. Stdio/code developer clients can see the full connected action surface. Chat-style app hosts, including OAuth MCP Apps callers and generic authenticated remote HTTP/static-token callers, get a compact catalog containing app-facing builtins (`open_app`, `list_apps`, `ask_app`, and app-only embed helpers); action-specific MCP App resources stay out of that catalog unless an action explicitly sets `mcpApp.compactCatalog: true`. `publicAgent.expose` is still the opt-in for safe read/ingest tools outside that compact app catalog. See [MCP Protocol](/docs/mcp-protocol).
 
 For UI-capable MCP hosts, actions can also attach an optional MCP Apps resource.
 Use the shared full-app embed helper when the action needs an inline experience.

package/docs/content/external-agents.md

@@ -173,13 +173,14 @@ When the client requests no explicit scope, the app grants all three so the conn
 ## What you can do once connected {#what-you-can-do}
 
 Once your agent is connected, the available MCP tool surface depends on the
-host. Developer clients and bearer/static-token clients get the app's full
-action surface plus the `ask-agent` meta-tool that runs the full agent loop
-(the same entry point [A2A](/docs/a2a-protocol) uses). OAuth chat hosts that
-request `mcp:apps`, including Claude and ChatGPT, get a compact app-facing
-catalog instead: cross-app verbs such as `list_apps`, `open_app`, and
-`ask_app`, plus the app-only embed helper. In both cases, ask the agent to do
-real work and it hands back a link straight into the running app:
+host. Code/stdio developer clients get the app's full action surface plus the
+`ask-agent` meta-tool that runs the full agent loop (the same entry point
+[A2A](/docs/a2a-protocol) uses). Chat hosts, including Claude and ChatGPT, get
+a compact app-facing catalog by default even when they authenticate through a
+generic bearer/static-token path: cross-app verbs such as `list_apps`,
+`open_app`, and `ask_app`, plus the app-only embed helper. In both cases, ask
+the agent to do real work and it hands back a link straight into the running
+app:
 
 ```
 > draft an email to John about the Q3 report
@@ -254,6 +255,20 @@ relays the same host actions over `agentNative.mcpHost.*` postMessage
 requests. Keep the result shape identical for both paths: return a focused
 `link` and concise structured content.
 
+Do not set standard `_meta.ui.domain` to an app URL. MCP Apps treats that field
+as host-specific: Claude validates `{hash}.claudemcpcontent.com`-style sandbox
+domains, while ChatGPT uses its own `openai/widgetDomain` metadata. Omit
+`ui.domain` unless you are deliberately emitting a host-specific value; the host
+will choose a default sandbox origin.
+
+Extension pages keep their sandbox in MCP chat embeds without navigating a
+second route iframe. Normal app usage renders
+`/_agent-native/extensions/:id/render` as a sandboxed child iframe. In MCP chat
+bridge mode the framework renders the same extension document as sandboxed
+`srcDoc` inside the route iframe, avoiding host `frame-ancestors` /
+`X-Frame-Options` failures while preserving `sandbox="allow-scripts
+allow-forms"`.
+
 The resource shell owns the outer host size. `embedApp({ height })` defaults
 to `560px`, clamps the shell to `320-900px`, and reserves `44px` for the small
 toolbar, so the route viewport is `height - 44px`. Keep embedded app routes
@@ -317,14 +332,16 @@ On top of the per-action tools the MCP server exposes a stable verb set, so an e
 
 `create_workspace_app` rejects any non-allow-listed template — the public template allow-list in `packages/shared-app-config/templates.ts` is authoritative and CI-guarded; an external agent cannot widen it. A same-named template action overrides a builtin (template-over-core precedence). Disable the whole set with `MCPConfig.builtinCrossAppTools: false`.
 
-For OAuth callers that request `mcp:apps`, the server intentionally advertises
-tiny `tools/list` and `resources/list` catalogs so app hosts do not ingest
+The server intentionally advertises tiny `tools/list` and `resources/list`
+catalogs by default for app hosts, including OAuth MCP Apps callers and
+generic authenticated remote HTTP/static-token callers, so hosts do not ingest
 every internal action schema or every action-specific UI resource. The model
 sees app-facing builtins (`list_apps`, `open_app`, `ask_app`, and app-only
 `create_embed_session`) and routes inline UI through
-`open_app({ embed: true })`. Stdio/static-token developer clients still get
-the full connected action surface, and `publicAgent.expose` remains the opt-in
-for safe read/ingest tools outside the compact app catalog. If an individual
+`open_app({ embed: true })`. Stdio/code developer clients can explicitly opt
+into the full connected action surface, and `publicAgent.expose` remains the
+opt-in for safe read/ingest tools outside the compact app catalog. If an
+individual
 UI action must remain visible to ChatGPT/Claude discovery, set
 `mcpApp.compactCatalog: true`, but treat that as a rare exception.
 
@@ -518,7 +535,7 @@ This is the unmanaged equivalent of what `connect` writes for you. See [MCP Prot
 
 ### Dev vs production tool surface {#dev-vs-prod}
 
-In plain local dev (`NODE_ENV=development` and `AGENT_MODE !== "production"`) the MCP `tools/list` deliberately exposes only the generic builtins plus actions with `publicAgent.requiresAuth === false` — the per-app ingest actions (`requiresAuth: true`) and mutating actions (no `publicAgent`) are filtered out (`filterPublicAgentActions`). The full per-app surface appears when the request is authenticated as a real caller: a deployed / `AGENT_MODE=production` app, or a local app reached through `connect` / `agent-native mcp install` (which provisions a token so the caller has an identity). So if `tools/list` looks sparse, you are hitting an unauthenticated dev endpoint — connect (or present a token) rather than assuming the action is missing.
+In plain local dev (`NODE_ENV=development` and `AGENT_MODE !== "production"`) the MCP `tools/list` deliberately exposes only the generic builtins plus actions with `publicAgent.requiresAuth === false` — the per-app ingest actions (`requiresAuth: true`) and mutating actions (no `publicAgent`) are filtered out (`filterPublicAgentActions`). Stdio/code clients that use the `agent-native` proxy identify themselves and get the full developer catalog after auth. Chat-style remote HTTP callers stay on the compact app-facing catalog by default, even when authenticated, so ChatGPT/Claude cannot dump a huge full action catalog into the conversation.
 
 ### Switching first-party apps between prod and dev {#dev-switch}
 

package/docs/content/mcp-protocol.md

@@ -102,6 +102,12 @@ a huge chat artifact. Host conversations also keep already-rendered iframes, so
 after changing the resource shell or `ui://` version, test a fresh tool call
 rather than re-measuring an old frame.
 
+If a user reopens an older chat after a one-time embed start ticket expires,
+the start route returns a small refresh page and posts
+`agentNative.embedSessionExpired` to the wrapper. `embedApp()` clears the stale
+start URL and asks the app-only `create_embed_session` tool for a fresh ticket
+when it still has the original app route.
+
 Default direct embeds talk to the MCP Apps host through standard `ui/*`
 JSON-RPC messages:
 
@@ -136,6 +142,17 @@ through Dispatch, which keeps the one-connector path narrow while still letting
 Claude/ChatGPT inline target app routes. Pass additional domains only for
 custom third-party frames or assets.
 
+Leave standard `_meta.ui.domain` unset by default. Its format is host-specific:
+Claude expects Claude content-domain hashes, while ChatGPT reads the separate
+`openai/widgetDomain` compatibility field. App URLs belong in CSP sources and
+open-link targets, not portable `ui.domain` metadata.
+
+Extension detail routes render their extension iframe from `srcDoc` when the
+route is already inside an MCP chat embed. That avoids a second
+`/_agent-native/extensions/:id/render` frame navigation being rejected by chat
+host ancestry checks, while keeping the same sandbox flags and postMessage
+extension bridge.
+
 Host-mediated open links keep the iframe from choosing its own browser target.
 Model context updates are opt-in and hidden from the user-facing transcript.
 `ui/message` is the portable way for an embedded app button to ask the host to
@@ -148,7 +165,7 @@ request. Embedded routes must remain functional in the default inline mode.
 
 ## Tools {#tools}
 
-Stdio/static-token developer clients see all connected app actions as MCP tools. OAuth callers that request `mcp:apps` get a compact app-host catalog: app-facing builtins (`list_apps`, `open_app`, `ask_app`, and app-only `create_embed_session`) plus rare actions marked `mcpApp.compactCatalog: true`. Their `resources/list` is compact too, normally advertising only the generic `open_app` embed resource. `publicAgent.expose` remains the opt-in for safe read/ingest tools outside that compact app catalog. This keeps ChatGPT/Claude app-host discovery small while preserving the full developer surface for local agents.
+Stdio/code developer clients can see all connected app actions as MCP tools. Chat-style app hosts, including OAuth callers that request `mcp:apps` and generic authenticated remote HTTP/static-token callers, get a compact app-host catalog: app-facing builtins (`list_apps`, `open_app`, `ask_app`, and app-only `create_embed_session`) plus rare actions marked `mcpApp.compactCatalog: true`. Their `resources/list` is compact too, normally advertising only the generic `open_app` embed resource. `publicAgent.expose` remains the opt-in for safe read/ingest tools outside that compact app catalog. This keeps ChatGPT/Claude app-host discovery small while preserving the full developer surface for local agents.
 
 The mapping is direct:
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agent-native/core",
-  "version": "0.22.33",
+  "version": "0.22.35",
   "type": "module",
   "description": "Framework for agent-native application development — where AI agents and UI share state via files",
   "license": "MIT",