@haex-space/vault-sdk 3.0.0 → 3.1.0

package/dist/{client-dpJHb3FP.d.ts → client-B_B6rLIw.d.ts}

@@ -1207,6 +1207,13 @@ declare class HaexVaultSdk {
     private readonly externalRequestHandlers;
     private readonly reactiveSubscribers;
     private messageHandler;
+    /**
+     * MessagePort obtained from the main window during iframe-mode handshake.
+     * `null` until `initIframe()` completes successfully. Every outbound
+     * request in iframe mode flows through this port; `sendPostMessage` rejects
+     * if called before the handshake finishes.
+     */
+    private hostPort;
     private readyPromise;
     private resolveReady;
     private setupPromise;

package/dist/{client-BXtzUBWv.d.mts → client-C0DPNG62.d.mts}

@@ -1207,6 +1207,13 @@ declare class HaexVaultSdk {
     private readonly externalRequestHandlers;
     private readonly reactiveSubscribers;
     private messageHandler;
+    /**
+     * MessagePort obtained from the main window during iframe-mode handshake.
+     * `null` until `initIframe()` completes successfully. Every outbound
+     * request in iframe mode flows through this port; `sendPostMessage` rejects
+     * if called before the handshake finishes.
+     */
+    private hostPort;
     private readyPromise;
     private resolveReady;
     private setupPromise;

package/dist/index.d.mts

@@ -1,5 +1,5 @@
-import { H as HaexVaultSdk } from './client-BXtzUBWv.mjs';
-export { A as AuthorizedClient, B as BlockedClient, D as DatabaseAPI, a as DecryptedSpace, b as Device, c as DeviceInfo, d as DeviceType, e as DirEntry, E as ExternalAuthDecision, f as ExternalConnection, g as ExternalConnectionErrorCode, h as ExternalConnectionState, i as ExternalRequest, j as ExternalRequestEvent, k as ExternalRequestHandler, l as ExternalRequestPayload, m as ExternalResponse, F as FileStat, n as FilesystemAPI, K as KnownPath, o as KnownPaths, L as LOCALSEND_EVENTS, p as LocalSendAPI, q as LocalSendEvent, r as LocalSendFileInfo, s as LocalSendSettings, P as PendingAuthorization, t as PendingTransfer, u as PermissionsAPI, v as RemoteAddBackendRequest, w as RemoteS3Config, x as RemoteS3PublicConfig, R as RemoteStorageAPI, y as RemoteStorageBackendInfo, z as RemoteStorageObjectInfo, U as RemoteUpdateBackendRequest, C as RequestedExtension, G as SelectFileOptions, I as SelectFolderOptions, J as ServerInfo, M as ServerStatus, N as SessionAuthorization, O as SharedSpace, Q as ShellAPI, T as ShellCreateOptions, V as ShellCreateResponse, W as ShellExitEvent, X as ShellOutputEvent, Y as SpaceAccessTokenInfo, Z as SpaceAssignment, _ as SpaceInvite, $ as SpaceKeyGrantInfo, a0 as SpaceMemberInfo, a1 as SpacesAPI, a2 as SyncBackendInfo, a3 as TransferDirection, a4 as TransferProgress, a5 as TransferState, a6 as WebAPI, a7 as canExternalClientSendRequests, a8 as isExternalClientConnected } from './client-BXtzUBWv.mjs';
+import { H as HaexVaultSdk } from './client-C0DPNG62.mjs';
+export { A as AuthorizedClient, B as BlockedClient, D as DatabaseAPI, a as DecryptedSpace, b as Device, c as DeviceInfo, d as DeviceType, e as DirEntry, E as ExternalAuthDecision, f as ExternalConnection, g as ExternalConnectionErrorCode, h as ExternalConnectionState, i as ExternalRequest, j as ExternalRequestEvent, k as ExternalRequestHandler, l as ExternalRequestPayload, m as ExternalResponse, F as FileStat, n as FilesystemAPI, K as KnownPath, o as KnownPaths, L as LOCALSEND_EVENTS, p as LocalSendAPI, q as LocalSendEvent, r as LocalSendFileInfo, s as LocalSendSettings, P as PendingAuthorization, t as PendingTransfer, u as PermissionsAPI, v as RemoteAddBackendRequest, w as RemoteS3Config, x as RemoteS3PublicConfig, R as RemoteStorageAPI, y as RemoteStorageBackendInfo, z as RemoteStorageObjectInfo, U as RemoteUpdateBackendRequest, C as RequestedExtension, G as SelectFileOptions, I as SelectFolderOptions, J as ServerInfo, M as ServerStatus, N as SessionAuthorization, O as SharedSpace, Q as ShellAPI, T as ShellCreateOptions, V as ShellCreateResponse, W as ShellExitEvent, X as ShellOutputEvent, Y as SpaceAccessTokenInfo, Z as SpaceAssignment, _ as SpaceInvite, $ as SpaceKeyGrantInfo, a0 as SpaceMemberInfo, a1 as SpacesAPI, a2 as SyncBackendInfo, a3 as TransferDirection, a4 as TransferProgress, a5 as TransferState, a6 as WebAPI, a7 as canExternalClientSendRequests, a8 as isExternalClientConnected } from './client-C0DPNG62.mjs';
 import { E as ExtensionManifest, h as SignedClaimPresentation, H as HaexHubConfig } from './types-DmCSegdY.mjs';
 export { A as ApplicationContext, C as ClaimRequirement, i as ContextChangedEvent, j as DEFAULT_TIMEOUT, k as DatabaseColumnInfo, l as DatabaseExecuteParams, m as DatabasePermission, g as DatabasePermissionRequest, n as DatabaseQueryParams, D as DatabaseQueryResult, o as DatabaseTableInfo, c as EXTERNAL_EVENTS, p as ErrorCode, f as EventCallback, a as ExtensionInfo, q as ExtensionRuntimeMode, r as ExternalEvent, F as FileChangeEvent, s as FileChangePayload, t as FileChangeType, u as FilteredSyncTablesResult, v as HAEXTENSION_EVENTS, b as HaexHubEvent, w as HaexHubRequest, x as HaexHubResponse, y as HaexVaultSdkError, z as HaextensionEvent, I as IdentityClaim, B as ManifestI18nEntry, G as PermissionDeniedError, J as PermissionErrorBase, K as PermissionErrorCode, L as PermissionPromptError, P as PermissionResponse, N as PermissionStatus, O as SHELL_EVENTS, Q as SearchQuery, R as SearchRequestEvent, S as SearchResult, T as ShellEvent, U as SyncTablesUpdatedEvent, V as TABLE_SEPARATOR, W as WebRequestOptions, e as WebResponse, X as getTableName, Y as isPermissionDeniedError, Z as isPermissionError, _ as isPermissionPromptError } from './types-DmCSegdY.mjs';
 export { H as HaextensionConfig } from './config-D_HXjsEV.mjs';
@@ -228,6 +228,23 @@ declare const HAEXSPACE_MESSAGE_TYPES: {
     readonly DEBUG: "haexspace:debug";
     /** Console forwarding from extension iframe */
     readonly CONSOLE_FORWARD: "console.forward";
+    /**
+     * Sent from main window to iframe on the shared window listener, carrying
+     * one `MessagePort` in `event.ports[0]`. Once received, the SDK switches
+     * to port-based messaging and never reads the window listener again.
+     *
+     * Payload: `{ type: PORT_INIT }` — no data. The port itself is the payload.
+     */
+    readonly PORT_INIT: "haexspace:port:init";
+    /**
+     * Sent from SDK to main window *over the MessagePort* after the port is
+     * installed. Main uses this to mark the iframe as ready and flush any
+     * events buffered during the handshake window. Only valid on the port —
+     * a READY sent over window.postMessage is ignored.
+     *
+     * Payload: `{ type: PORT_READY }` — no data.
+     */
+    readonly PORT_READY: "haexspace:port:ready";
 };
 type HaexspaceMessageType = (typeof HAEXSPACE_MESSAGE_TYPES)[keyof typeof HAEXSPACE_MESSAGE_TYPES];
 

package/dist/index.d.ts

@@ -1,5 +1,5 @@
-import { H as HaexVaultSdk } from './client-dpJHb3FP.js';
-export { A as AuthorizedClient, B as BlockedClient, D as DatabaseAPI, a as DecryptedSpace, b as Device, c as DeviceInfo, d as DeviceType, e as DirEntry, E as ExternalAuthDecision, f as ExternalConnection, g as ExternalConnectionErrorCode, h as ExternalConnectionState, i as ExternalRequest, j as ExternalRequestEvent, k as ExternalRequestHandler, l as ExternalRequestPayload, m as ExternalResponse, F as FileStat, n as FilesystemAPI, K as KnownPath, o as KnownPaths, L as LOCALSEND_EVENTS, p as LocalSendAPI, q as LocalSendEvent, r as LocalSendFileInfo, s as LocalSendSettings, P as PendingAuthorization, t as PendingTransfer, u as PermissionsAPI, v as RemoteAddBackendRequest, w as RemoteS3Config, x as RemoteS3PublicConfig, R as RemoteStorageAPI, y as RemoteStorageBackendInfo, z as RemoteStorageObjectInfo, U as RemoteUpdateBackendRequest, C as RequestedExtension, G as SelectFileOptions, I as SelectFolderOptions, J as ServerInfo, M as ServerStatus, N as SessionAuthorization, O as SharedSpace, Q as ShellAPI, T as ShellCreateOptions, V as ShellCreateResponse, W as ShellExitEvent, X as ShellOutputEvent, Y as SpaceAccessTokenInfo, Z as SpaceAssignment, _ as SpaceInvite, $ as SpaceKeyGrantInfo, a0 as SpaceMemberInfo, a1 as SpacesAPI, a2 as SyncBackendInfo, a3 as TransferDirection, a4 as TransferProgress, a5 as TransferState, a6 as WebAPI, a7 as canExternalClientSendRequests, a8 as isExternalClientConnected } from './client-dpJHb3FP.js';
+import { H as HaexVaultSdk } from './client-B_B6rLIw.js';
+export { A as AuthorizedClient, B as BlockedClient, D as DatabaseAPI, a as DecryptedSpace, b as Device, c as DeviceInfo, d as DeviceType, e as DirEntry, E as ExternalAuthDecision, f as ExternalConnection, g as ExternalConnectionErrorCode, h as ExternalConnectionState, i as ExternalRequest, j as ExternalRequestEvent, k as ExternalRequestHandler, l as ExternalRequestPayload, m as ExternalResponse, F as FileStat, n as FilesystemAPI, K as KnownPath, o as KnownPaths, L as LOCALSEND_EVENTS, p as LocalSendAPI, q as LocalSendEvent, r as LocalSendFileInfo, s as LocalSendSettings, P as PendingAuthorization, t as PendingTransfer, u as PermissionsAPI, v as RemoteAddBackendRequest, w as RemoteS3Config, x as RemoteS3PublicConfig, R as RemoteStorageAPI, y as RemoteStorageBackendInfo, z as RemoteStorageObjectInfo, U as RemoteUpdateBackendRequest, C as RequestedExtension, G as SelectFileOptions, I as SelectFolderOptions, J as ServerInfo, M as ServerStatus, N as SessionAuthorization, O as SharedSpace, Q as ShellAPI, T as ShellCreateOptions, V as ShellCreateResponse, W as ShellExitEvent, X as ShellOutputEvent, Y as SpaceAccessTokenInfo, Z as SpaceAssignment, _ as SpaceInvite, $ as SpaceKeyGrantInfo, a0 as SpaceMemberInfo, a1 as SpacesAPI, a2 as SyncBackendInfo, a3 as TransferDirection, a4 as TransferProgress, a5 as TransferState, a6 as WebAPI, a7 as canExternalClientSendRequests, a8 as isExternalClientConnected } from './client-B_B6rLIw.js';
 import { E as ExtensionManifest, h as SignedClaimPresentation, H as HaexHubConfig } from './types-DmCSegdY.js';
 export { A as ApplicationContext, C as ClaimRequirement, i as ContextChangedEvent, j as DEFAULT_TIMEOUT, k as DatabaseColumnInfo, l as DatabaseExecuteParams, m as DatabasePermission, g as DatabasePermissionRequest, n as DatabaseQueryParams, D as DatabaseQueryResult, o as DatabaseTableInfo, c as EXTERNAL_EVENTS, p as ErrorCode, f as EventCallback, a as ExtensionInfo, q as ExtensionRuntimeMode, r as ExternalEvent, F as FileChangeEvent, s as FileChangePayload, t as FileChangeType, u as FilteredSyncTablesResult, v as HAEXTENSION_EVENTS, b as HaexHubEvent, w as HaexHubRequest, x as HaexHubResponse, y as HaexVaultSdkError, z as HaextensionEvent, I as IdentityClaim, B as ManifestI18nEntry, G as PermissionDeniedError, J as PermissionErrorBase, K as PermissionErrorCode, L as PermissionPromptError, P as PermissionResponse, N as PermissionStatus, O as SHELL_EVENTS, Q as SearchQuery, R as SearchRequestEvent, S as SearchResult, T as ShellEvent, U as SyncTablesUpdatedEvent, V as TABLE_SEPARATOR, W as WebRequestOptions, e as WebResponse, X as getTableName, Y as isPermissionDeniedError, Z as isPermissionError, _ as isPermissionPromptError } from './types-DmCSegdY.js';
 export { H as HaextensionConfig } from './config-D_HXjsEV.js';
@@ -228,6 +228,23 @@ declare const HAEXSPACE_MESSAGE_TYPES: {
     readonly DEBUG: "haexspace:debug";
     /** Console forwarding from extension iframe */
     readonly CONSOLE_FORWARD: "console.forward";
+    /**
+     * Sent from main window to iframe on the shared window listener, carrying
+     * one `MessagePort` in `event.ports[0]`. Once received, the SDK switches
+     * to port-based messaging and never reads the window listener again.
+     *
+     * Payload: `{ type: PORT_INIT }` — no data. The port itself is the payload.
+     */
+    readonly PORT_INIT: "haexspace:port:init";
+    /**
+     * Sent from SDK to main window *over the MessagePort* after the port is
+     * installed. Main uses this to mark the iframe as ready and flush any
+     * events buffered during the handshake window. Only valid on the port —
+     * a READY sent over window.postMessage is ignored.
+     *
+     * Payload: `{ type: PORT_READY }` — no data.
+     */
+    readonly PORT_READY: "haexspace:port:ready";
 };
 type HaexspaceMessageType = (typeof HAEXSPACE_MESSAGE_TYPES)[keyof typeof HAEXSPACE_MESSAGE_TYPES];
 

package/dist/index.js

@@ -541,7 +541,24 @@ var HAEXSPACE_MESSAGE_TYPES = {
   /** Debug message for development/troubleshooting */
   DEBUG: "haexspace:debug",
   /** Console forwarding from extension iframe */
-  CONSOLE_FORWARD: "console.forward"
+  CONSOLE_FORWARD: "console.forward",
+  /**
+   * Sent from main window to iframe on the shared window listener, carrying
+   * one `MessagePort` in `event.ports[0]`. Once received, the SDK switches
+   * to port-based messaging and never reads the window listener again.
+   *
+   * Payload: `{ type: PORT_INIT }` — no data. The port itself is the payload.
+   */
+  PORT_INIT: "haexspace:port:init",
+  /**
+   * Sent from SDK to main window *over the MessagePort* after the port is
+   * installed. Main uses this to mark the iframe as ready and flush any
+   * events buffered during the handshake window. Only valid on the port —
+   * a READY sent over window.postMessage is ignored.
+   *
+   * Payload: `{ type: PORT_READY }` — no data.
+   */
+  PORT_READY: "haexspace:port:ready"
 };
 
 // src/polyfills/debug.ts
@@ -2074,6 +2091,7 @@ function parseTableName(fullTableName) {
 }
 
 // src/client/init.ts
+var PORT_HANDSHAKE_TIMEOUT_MS = 1e4;
 function isInIframe() {
   return window.self !== window.top;
 }
@@ -2330,11 +2348,14 @@ async function initIframeMode(ctx, log, messageHandler, request) {
   if (!isInIframe()) {
     throw new HaexVaultSdkError("NOT_IN_IFRAME" /* NOT_IN_IFRAME */, "errors.not_in_iframe");
   }
+  const port = await waitForHostPortAsync(log);
   ctx.handlers.messageHandler = messageHandler;
-  window.addEventListener("message", messageHandler);
+  port.addEventListener("message", messageHandler);
+  port.start();
+  port.postMessage({ type: HAEXSPACE_MESSAGE_TYPES.PORT_READY });
   ctx.state.isNativeWindow = false;
   ctx.state.initialized = true;
-  log("HaexVault SDK initialized in iframe mode");
+  log("HaexVault SDK initialized in iframe mode (MessagePort transport)");
   if (ctx.config.manifest) {
     ctx.state.extensionInfo = {
       publicKey: ctx.config.manifest.publicKey,
@@ -2348,7 +2369,42 @@ async function initIframeMode(ctx, log, messageHandler, request) {
   const context = await request(EXTENSION_COMMANDS.getContext);
   ctx.state.context = context;
   log("Application context received:", context);
-  return { context };
+  return { context, port };
+}
+function waitForHostPortAsync(log) {
+  return new Promise((resolve, reject) => {
+    let settled = false;
+    const cleanup = () => {
+      window.removeEventListener("message", handler);
+    };
+    const timeoutId = setTimeout(() => {
+      if (settled) return;
+      settled = true;
+      cleanup();
+      reject(
+        new HaexVaultSdkError(
+          "TIMEOUT" /* TIMEOUT */,
+          "errors.port_handshake_timeout",
+          { timeout: PORT_HANDSHAKE_TIMEOUT_MS }
+        )
+      );
+    }, PORT_HANDSHAKE_TIMEOUT_MS);
+    const handler = (event) => {
+      const type = event.data?.type;
+      if (type !== HAEXSPACE_MESSAGE_TYPES.PORT_INIT) return;
+      const port = event.ports[0];
+      if (!port) {
+        log("PORT_INIT received but event.ports is empty \u2014 ignoring");
+        return;
+      }
+      if (settled) return;
+      settled = true;
+      clearTimeout(timeoutId);
+      cleanup();
+      resolve(port);
+    };
+    window.addEventListener("message", handler);
+  });
 }
 function sendDebugInfo(config) {
   if (!config.debug) return;
@@ -2372,7 +2428,15 @@ postMessage error: ${e}`);
 function generateRequestId(counter) {
   return `req_${counter}`;
 }
-function sendPostMessage(method, params, requestId, config, extensionInfo, pendingRequests) {
+function sendPostMessage(method, params, requestId, config, extensionInfo, pendingRequests, port) {
+  if (!port) {
+    return Promise.reject(
+      new HaexVaultSdkError(
+        "EXTENSION_NOT_INITIALIZED" /* EXTENSION_NOT_INITIALIZED */,
+        "errors.port_not_connected"
+      )
+    );
+  }
   const request = {
     method,
     params,
@@ -2388,17 +2452,16 @@ function sendPostMessage(method, params, requestId, config, extensionInfo, pendi
       );
     }, config.timeout);
     pendingRequests.set(requestId, { resolve, reject, timeout });
-    const targetOrigin = "*";
     if (config.debug) {
       console.log("[SDK Debug] ========== Sending Request ==========");
       console.log("[SDK Debug] Request ID:", requestId);
       console.log("[SDK Debug] Method:", request.method);
       console.log("[SDK Debug] Params:", request.params);
-      console.log("[SDK Debug] Target origin:", targetOrigin);
+      console.log("[SDK Debug] Transport: MessagePort");
       console.log("[SDK Debug] Extension info:", extensionInfo);
       console.log("[SDK Debug] ========================================");
     }
-    window.parent.postMessage({ id: requestId, ...request }, targetOrigin);
+    port.postMessage({ id: requestId, ...request });
   });
 }
 async function sendInvoke(method, params, config, _log) {
@@ -2417,11 +2480,6 @@ function createMessageHandler(config, pendingRequests, extensionInfo, onEvent) {
   return (event) => {
     if (config.debug) {
       console.log("[SDK Debug] ========== Message Received ==========");
-      console.log("[SDK Debug] Event origin:", event.origin);
-      console.log(
-        "[SDK Debug] Event source:",
-        event.source === window.parent ? "parent window" : "unknown"
-      );
       console.log("[SDK Debug] Event data:", event.data);
       console.log("[SDK Debug] Extension info loaded:", !!extensionInfo());
       console.log(
@@ -2429,12 +2487,6 @@ function createMessageHandler(config, pendingRequests, extensionInfo, onEvent) {
         pendingRequests.size
       );
     }
-    if (event.source !== window.parent) {
-      if (config.debug) {
-        console.error("[SDK Debug] \u274C REJECTED: Message not from parent window!");
-      }
-      return;
-    }
     const data = event.data;
     if ("id" in data && pendingRequests.has(data.id)) {
       if (config.debug) {
@@ -2656,6 +2708,13 @@ var HaexVaultSdk = class {
     this.reactiveSubscribers = /* @__PURE__ */ new Set();
     // Handlers
     this.messageHandler = null;
+    /**
+     * MessagePort obtained from the main window during iframe-mode handshake.
+     * `null` until `initIframe()` completes successfully. Every outbound
+     * request in iframe mode flows through this port; `sendPostMessage` rejects
+     * if called before the handshake finishes.
+     */
+    this.hostPort = null;
     this.setupPromise = null;
     this.setupHook = null;
     // Public APIs
@@ -2829,7 +2888,15 @@ var HaexVaultSdk = class {
       return sendInvoke(method, paramsWithCredentials, this.config, this.log.bind(this));
     }
     const requestId = generateRequestId(++this.requestCounter);
-    return sendPostMessage(method, resolvedParams, requestId, this.config, this._extensionInfo, this.pendingRequests);
+    return sendPostMessage(
+      method,
+      resolvedParams,
+      requestId,
+      this.config,
+      this._extensionInfo,
+      this.pendingRequests,
+      this.hostPort
+    );
   }
   // ==========================================================================
   // Private: Initialization
@@ -2896,7 +2963,7 @@ var HaexVaultSdk = class {
       () => this._extensionInfo,
       this.handleEvent.bind(this)
     );
-    const { context } = await initIframeMode(
+    const { context, port } = await initIframeMode(
       {
         config: this.config,
         state: {
@@ -2928,6 +2995,7 @@ var HaexVaultSdk = class {
       this.messageHandler,
       this.request.bind(this)
     );
+    this.hostPort = port;
     if (this.config.manifest) {
       this._extensionInfo = {
         publicKey: this.config.manifest.publicKey,