npm - @lobehub/lobehub - Versions diffs - 2.0.0-next.220 → 2.0.0-next.221 - Mend

@lobehub/lobehub 2.0.0-next.220 → 2.0.0-next.221

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/.i18nrc.js +4 -2
package/CHANGELOG.md +33 -0
package/apps/desktop/src/main/core/browser/Browser.ts +48 -20
package/apps/desktop/src/main/core/browser/__tests__/Browser.test.ts +1 -0
package/changelog/v1.json +12 -0
package/docs/glossary.md +11 -0
package/locales/zh-CN/topic.json +5 -5
package/package.json +1 -1
package/src/server/routers/lambda/notebook.ts +4 -2
package/src/services/notebook.ts +2 -0
package/src/store/tool/slices/builtin/executors/lobe-web-browsing.ts +2 -0
package/glossary.json +0 -8

package/.i18nrc.js CHANGED Viewed

@@ -1,4 +1,6 @@
 const { defineConfig } = require('@lobehub/i18n-cli');
+const fs = require('fs');
+const path = require('path');
 module.exports = defineConfig({
   entry: 'locales/en-US',
@@ -31,8 +33,8 @@ module.exports = defineConfig({
   },
   markdown: {
     reference:
-      '你需要保持 mdx 的组件格式，输出文本不需要在最外层包裹任何代码块语法。以下是一些词汇的固定翻译：\n' +
-      JSON.stringify(require('./glossary.json'), null, 2),
+      '你需要保持 mdx 的组件格式，输出文本不需要在最外层包裹任何代码块语法。\n' +
+      fs.readFileSync(path.join(__dirname, 'docs/glossary.md'), 'utf-8'),
     entry: ['./README.zh-CN.md', './contributing/**/*.zh-CN.md', './docs/**/*.zh-CN.mdx'],
     entryLocale: 'zh-CN',
     outputLocales: ['en-US'],

package/CHANGELOG.md CHANGED Viewed

@@ -2,6 +2,39 @@
 # Changelog
+## [Version 2.0.0-next.221](https://github.com/lobehub/lobe-chat/compare/v2.0.0-next.220...v2.0.0-next.221)
+<sup>Released on **2026-01-05**</sup>
+#### ♻ Code Refactoring
+- **misc**: Convert glossary from JSON to Markdown table format.
+#### 🐛 Bug Fixes
+- **misc**: Resolve desktop upload CORS issue.
+<br/>
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+#### Code refactoring
+- **misc**: Convert glossary from JSON to Markdown table format, closes [#11237](https://github.com/lobehub/lobe-chat/issues/11237) ([46a58a8](https://github.com/lobehub/lobe-chat/commit/46a58a8))
+#### What's fixed
+- **misc**: Resolve desktop upload CORS issue, closes [#11255](https://github.com/lobehub/lobe-chat/issues/11255) ([49ec5ed](https://github.com/lobehub/lobe-chat/commit/49ec5ed))
+</details>
+<div align="right">
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+</div>
 ## [Version 2.0.0-next.220](https://github.com/lobehub/lobe-chat/compare/v2.0.0-next.219...v2.0.0-next.220)
 <sup>Released on **2026-01-05**</sup>

package/apps/desktop/src/main/core/browser/Browser.ts CHANGED Viewed

@@ -374,14 +374,10 @@ export default class Browser {
       | undefined;
     logger.info(`Creating new BrowserWindow instance: ${this.identifier}`);
     logger.debug(`[${this.identifier}] Options for new window: ${JSON.stringify(this.options)}`);
-    logger.debug(
-      `[${this.identifier}] Saved window state: ${JSON.stringify(savedState)}`,
-    );
+    logger.debug(`[${this.identifier}] Saved window state: ${JSON.stringify(savedState)}`);
     const resolvedState = this.resolveWindowState(savedState, { height, width });
-    logger.debug(
-      `[${this.identifier}] Resolved window state: ${JSON.stringify(resolvedState)}`,
-    );
+    logger.debug(`[${this.identifier}] Resolved window state: ${JSON.stringify(resolvedState)}`);
     const browserWindow = new BrowserWindow({
       ...res,
@@ -569,33 +565,65 @@ export default class Browser {
   }
   /**
-   * Setup CORS bypass for local file server (127.0.0.1:*)
-   * This is needed for Electron to access files from the local static file server
+   * Setup CORS bypass for ALL requests
+   * In production, the renderer uses app://next protocol which triggers CORS for all external requests
+   * This completely bypasses CORS by:
+   * 1. Removing Origin header from requests (prevents OPTIONS preflight)
+   * 2. Adding proper CORS response headers using the stored origin value
    */
   private setupCORSBypass(browserWindow: BrowserWindow): void {
-    logger.debug(`[${this.identifier}] Setting up CORS bypass for local file server`);
+    logger.debug(`[${this.identifier}] Setting up CORS bypass for all requests`);
     const session = browserWindow.webContents.session;
-    // Intercept response headers to add CORS headers
+    // Store origin values for each request ID
+    const originMap = new Map<number, string>();
+    // Remove Origin header and store it for later use
+    session.webRequest.onBeforeSendHeaders((details, callback) => {
+      const requestHeaders = { ...details.requestHeaders };
+      // Store and remove Origin header to prevent CORS preflight
+      if (requestHeaders['Origin']) {
+        originMap.set(details.id, requestHeaders['Origin']);
+        delete requestHeaders['Origin'];
+        logger.debug(
+          `[${this.identifier}] Removed Origin header for: ${details.url} (stored: ${requestHeaders['Origin']})`,
+        );
+      }
+      callback({ requestHeaders });
+    });
+    // Add CORS headers to ALL responses using stored origin
     session.webRequest.onHeadersReceived((details, callback) => {
-      const url = details.url;
+      const responseHeaders = details.responseHeaders || {};
+      // Get the original origin from our map, fallback to default
+      const origin = originMap.get(details.id) || '*';
-      // Only modify headers for local file server requests (127.0.0.1)
-      if (url.includes('127.0.0.1') || url.includes('lobe-desktop-file')) {
-        const responseHeaders = details.responseHeaders || {};
+      // Cannot use '*' when Access-Control-Allow-Credentials is true
+      responseHeaders['Access-Control-Allow-Origin'] = [origin];
+      responseHeaders['Access-Control-Allow-Methods'] = ['GET, POST, PUT, DELETE, OPTIONS, PATCH'];
+      responseHeaders['Access-Control-Allow-Headers'] = ['*'];
+      responseHeaders['Access-Control-Allow-Credentials'] = ['true'];
-        // Add CORS headers
-        responseHeaders['Access-Control-Allow-Origin'] = ['*'];
-        responseHeaders['Access-Control-Allow-Methods'] = ['GET, POST, PUT, DELETE, OPTIONS'];
-        responseHeaders['Access-Control-Allow-Headers'] = ['*'];
+      // Clean up the stored origin after response
+      originMap.delete(details.id);
+      // For OPTIONS requests, add preflight cache and override status
+      if (details.method === 'OPTIONS') {
+        responseHeaders['Access-Control-Max-Age'] = ['86400']; // 24 hours
+        logger.debug(`[${this.identifier}] Adding CORS headers to OPTIONS response`);
         callback({
           responseHeaders,
+          statusLine: 'HTTP/1.1 200 OK',
         });
-      } else {
-        callback({ responseHeaders: details.responseHeaders });
+        return;
       }
+      callback({ responseHeaders });
     });
     logger.debug(`[${this.identifier}] CORS bypass setup completed`);

package/apps/desktop/src/main/core/browser/__tests__/Browser.test.ts CHANGED Viewed

@@ -36,6 +36,7 @@ const { mockBrowserWindow, mockNativeTheme, mockIpcMain, mockScreen, MockBrowser
         send: vi.fn(),
         session: {
           webRequest: {
+            onBeforeSendHeaders: vi.fn(),
             onHeadersReceived: vi.fn(),
           },
         },

package/changelog/v1.json CHANGED Viewed

@@ -1,4 +1,16 @@
 [
+  {
+    "children": {
+      "improvements": [
+        "Convert glossary from JSON to Markdown table format."
+      ],
+      "fixes": [
+        "Resolve desktop upload CORS issue."
+      ]
+    },
+    "date": "2026-01-05",
+    "version": "2.0.0-next.221"
+  },
   {
     "children": {
       "fixes": [

package/docs/glossary.md ADDED Viewed

@@ -0,0 +1,11 @@
+# Glossary
+以下是一些词汇的固定翻译：
+| develop key | zh-CN(中文) | en-US(English) |
+|-------------| ----------- | -------------- |
+| agent       | 助理        | Agent          |
+| agentGroup  | 群组        | Group          |
+| page        | 文稿        | Page           |
+| topic       | 话题        | Topic          |
+| thread      | 子话题      | Thread         |

package/locales/zh-CN/topic.json CHANGED Viewed

@@ -1,11 +1,11 @@
 {
   "actions.addNewTopic": "开启新话题",
   "actions.autoRename": "智能重命名",
-  "actions.confirmRemoveAll": "您即将删除所有主题，此操作无法撤销。",
-  "actions.confirmRemoveTopic": "您即将删除此主题，此操作无法撤销。",
-  "actions.confirmRemoveUnstarred": "您即将删除未加星标的主题，此操作无法撤销。",
+  "actions.confirmRemoveAll": "您即将删除所有话题，此操作无法撤销。",
+  "actions.confirmRemoveTopic": "您即将删除此话题，此操作无法撤销。",
+  "actions.confirmRemoveUnstarred": "您即将删除未加星标的话题，此操作无法撤销。",
   "actions.duplicate": "复制",
-  "actions.export": "导出主题",
+  "actions.export": "导出话题",
   "actions.import": "导入对话",
   "actions.openInNewWindow": "打开独立窗口",
   "actions.removeAll": "删除全部话题",
@@ -24,7 +24,7 @@
   "groupTitle.byTime.week": "本周",
   "groupTitle.byTime.yesterday": "昨天",
   "guide.desc": "点击发送左侧按钮可将当前会话保存为历史话题，并开启新一轮会话",
-  "guide.title": "主题列表",
+  "guide.title": "话题列表",
   "importError": "导入遇到了问题",
   "importInvalidFormat": "文件格式不正确。请确认这是有效的 JSON 文件",
   "importLoading": "正在导入对话…",

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@lobehub/lobehub",
-  "version": "2.0.0-next.220",
+  "version": "2.0.0-next.221",
   "description": "LobeHub - an open-source,comprehensive AI Agent framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application.",
   "keywords": [
     "framework",

package/src/server/routers/lambda/notebook.ts CHANGED Viewed

@@ -24,6 +24,8 @@ export const notebookRouter = router({
         content: z.string(),
         description: z.string(),
         metadata: z.record(z.string(), z.any()).optional(),
+        source: z.string().optional().default('notebook'),
+        sourceType: z.enum(['file', 'web', 'api', 'topic']).optional().default('api'),
         title: z.string(),
         topicId: z.string(),
         type: z
@@ -39,8 +41,8 @@ export const notebookRouter = router({
         description: input.description,
         fileType: input.type,
         metadata: input.metadata,
-        source: 'notebook',
-        sourceType: 'api',
+        source: input.source,
+        sourceType: input.sourceType,
         title: input.title,
         totalCharCount: input.content.length,
         totalLineCount: input.content.split('\n').length,

package/src/services/notebook.ts CHANGED Viewed

@@ -8,6 +8,8 @@ interface CreateDocumentParams {
   content: string;
   description: string;
   metadata?: Record<string, any>;
+  source?: string;
+  sourceType?: 'file' | 'web' | 'api' | 'topic';
   title: string;
   topicId: string;
   type?: ExtendedDocumentType;

package/src/store/tool/slices/builtin/executors/lobe-web-browsing.ts CHANGED Viewed

@@ -130,6 +130,8 @@ class WebBrowsingExecutor extends BaseExecutor<typeof WebBrowsingApiName> {
                 const document = await notebookService.createDocument({
                   content: pageData.content,
                   description: pageData.description || `Crawled from ${pageData.url}`,
+                  source: pageData.url,
+                  sourceType: 'web',
                   title: pageData.title || pageData.url,
                   topicId: ctx.topicId!,
                   type: 'article',

package/glossary.json DELETED Viewed

@@ -1,8 +0,0 @@
-{
-  "助理": {
-    "en-US": "Agent"
-  },
-  "文稿": {
-    "en-US": "Page"
-  }
-}