@mariozechner/pi-web-ui 0.5.44 → 0.5.46

package/src/components/SandboxedIframe.ts

@@ -1,6 +1,9 @@
 import { LitElement } from "lit";
 import { customElement, property } from "lit/decorators.js";
-import type { Attachment } from "../utils/attachment-utils.js";
+import { ConsoleRuntimeProvider } from "./sandbox/ConsoleRuntimeProvider.js";
+import { RuntimeMessageBridge } from "./sandbox/RuntimeMessageBridge.js";
+import { type MessageConsumer, RUNTIME_MESSAGE_ROUTER } from "./sandbox/RuntimeMessageRouter.js";
+import type { SandboxRuntimeProvider } from "./sandbox/SandboxRuntimeProvider.js";
 
 export interface SandboxFile {
 	fileName: string;
@@ -13,6 +16,7 @@ export interface SandboxResult {
 	console: Array<{ type: string; text: string }>;
 	files?: SandboxFile[];
 	error?: { message: string; stack: string };
+	returnValue?: any;
 }
 
 /**
@@ -21,6 +25,25 @@ export interface SandboxResult {
  */
 export type SandboxUrlProvider = () => string;
 
+/**
+ * Configuration for prepareHtmlDocument
+ */
+export interface PrepareHtmlOptions {
+	/** True if this is an HTML artifact (inject into existing HTML), false if REPL (wrap in HTML) */
+	isHtmlArtifact: boolean;
+	/** True if this is a standalone download (no runtime bridge, no navigation interceptor) */
+	isStandalone?: boolean;
+}
+
+/**
+ * Escape HTML special sequences in code to prevent premature tag closure
+ * @param code Code that will be injected into <script> tags
+ * @returns Escaped code safe for injection
+ */
+function escapeScriptContent(code: string): string {
+	return code.replace(/<\/script/gi, "<\\/script");
+}
+
 @customElement("sandbox-iframe")
 export class SandboxIframe extends LitElement {
 	private iframe?: HTMLIFrameElement;
@@ -42,6 +65,9 @@ export class SandboxIframe extends LitElement {
 
 	override disconnectedCallback() {
 		super.disconnectedCallback();
+		// Note: We don't unregister the sandbox here for loadContent() mode
+		// because the caller (HtmlArtifact) owns the sandbox lifecycle.
+		// For execute() mode, the sandbox is unregistered in the cleanup function.
 		this.iframe?.remove();
 	}
 
@@ -49,65 +75,157 @@ export class SandboxIframe extends LitElement {
 	 * Load HTML content into sandbox and keep it displayed (for HTML artifacts)
 	 * @param sandboxId Unique ID
 	 * @param htmlContent Full HTML content
-	 * @param attachments Attachments available
+	 * @param providers Runtime providers to inject
+	 * @param consumers Message consumers to register (optional)
 	 */
-	public loadContent(sandboxId: string, htmlContent: string, attachments: Attachment[]): void {
-		const completeHtml = this.prepareHtmlDocument(sandboxId, htmlContent, attachments);
+	public loadContent(
+		sandboxId: string,
+		htmlContent: string,
+		providers: SandboxRuntimeProvider[] = [],
+		consumers: MessageConsumer[] = [],
+	): void {
+		// Unregister previous sandbox if exists
+		try {
+			RUNTIME_MESSAGE_ROUTER.unregisterSandbox(sandboxId);
+		} catch {
+			// Sandbox might not exist, that's ok
+		}
+
+		providers = [new ConsoleRuntimeProvider(), ...providers];
+
+		RUNTIME_MESSAGE_ROUTER.registerSandbox(sandboxId, providers, consumers);
+
+		// loadContent is always used for HTML artifacts (not standalone)
+		const completeHtml = this.prepareHtmlDocument(sandboxId, htmlContent, providers, {
+			isHtmlArtifact: true,
+			isStandalone: false,
+		});
+
+		// Validate HTML before loading
+		const validationError = this.validateHtml(completeHtml);
+		if (validationError) {
+			console.error("HTML validation failed:", validationError);
+			// Show error in iframe instead of crashing
+			this.iframe?.remove();
+			this.iframe = document.createElement("iframe");
+			this.iframe.style.cssText = "width: 100%; height: 100%; border: none;";
+			this.iframe.srcdoc = `
+				<html>
+				<body style="font-family: monospace; padding: 20px; background: #fff; color: #000;">
+					<h3 style="color: #c00;">HTML Validation Error</h3>
+					<pre style="background: #f5f5f5; padding: 10px; border-radius: 4px; overflow-x: auto; white-space: pre-wrap;">${validationError}</pre>
+				</body>
+				</html>
+			`;
+			this.appendChild(this.iframe);
+			return;
+		}
+
+		// Remove previous iframe if exists
+		this.iframe?.remove();
 
 		if (this.sandboxUrlProvider) {
 			// Browser extension mode: use sandbox.html with postMessage
-			this.loadViaSandboxUrl(sandboxId, completeHtml, attachments);
+			this.loadViaSandboxUrl(sandboxId, completeHtml);
 		} else {
 			// Web mode: use srcdoc
-			this.loadViaSrcdoc(completeHtml);
+			this.loadViaSrcdoc(sandboxId, completeHtml);
 		}
 	}
 
-	private loadViaSandboxUrl(sandboxId: string, completeHtml: string, attachments: Attachment[]): void {
-		// Wait for sandbox-ready and send content
+	private loadViaSandboxUrl(sandboxId: string, completeHtml: string): void {
+		// Create iframe pointing to sandbox URL
+		this.iframe = document.createElement("iframe");
+		this.iframe.sandbox.add("allow-scripts");
+		this.iframe.sandbox.add("allow-modals");
+		this.iframe.style.width = "100%";
+		this.iframe.style.height = "100%";
+		this.iframe.style.border = "none";
+		this.iframe.src = this.sandboxUrlProvider!();
+
+		// Update router with iframe reference BEFORE appending to DOM
+		RUNTIME_MESSAGE_ROUTER.setSandboxIframe(sandboxId, this.iframe);
+
+		// Listen for open-external-url messages from iframe
+		const externalUrlHandler = (e: MessageEvent) => {
+			if (e.data.type === "open-external-url" && e.source === this.iframe?.contentWindow) {
+				// Use chrome.tabs API to open in new tab
+				const chromeAPI = (globalThis as any).chrome;
+				if (chromeAPI?.tabs) {
+					chromeAPI.tabs.create({ url: e.data.url });
+				} else {
+					// Fallback for non-extension context
+					window.open(e.data.url, "_blank");
+				}
+			}
+		};
+		window.addEventListener("message", externalUrlHandler);
+
+		// Listen for sandbox-ready and sandbox-error messages directly
 		const readyHandler = (e: MessageEvent) => {
 			if (e.data.type === "sandbox-ready" && e.source === this.iframe?.contentWindow) {
 				window.removeEventListener("message", readyHandler);
+				window.removeEventListener("message", errorHandler);
+
+				// Send content to sandbox
 				this.iframe?.contentWindow?.postMessage(
 					{
 						type: "sandbox-load",
 						sandboxId,
 						code: completeHtml,
-						attachments,
 					},
 					"*",
 				);
 			}
 		};
-		window.addEventListener("message", readyHandler);
 
-		// Always recreate iframe to ensure fresh sandbox and sandbox-ready message
-		this.iframe?.remove();
-		this.iframe = document.createElement("iframe");
-		this.iframe.sandbox.add("allow-scripts");
-		this.iframe.sandbox.add("allow-modals");
-		this.iframe.style.width = "100%";
-		this.iframe.style.height = "100%";
-		this.iframe.style.border = "none";
+		const errorHandler = (e: MessageEvent) => {
+			if (e.data.type === "sandbox-error" && e.source === this.iframe?.contentWindow) {
+				window.removeEventListener("message", readyHandler);
+				window.removeEventListener("message", errorHandler);
 
-		this.iframe.src = this.sandboxUrlProvider!();
+				// The sandbox.js already sent us the error via postMessage.
+				// We need to convert it to an execution-error message that the execute() consumer will handle.
+				// Simulate receiving an execution-error from the sandbox
+				window.postMessage(
+					{
+						sandboxId: sandboxId,
+						type: "execution-error",
+						error: { message: e.data.error, stack: e.data.stack },
+					},
+					"*",
+				);
+			}
+		};
+
+		window.addEventListener("message", readyHandler);
+		window.addEventListener("message", errorHandler);
 
 		this.appendChild(this.iframe);
 	}
 
-	private loadViaSrcdoc(completeHtml: string): void {
-		// Always recreate iframe to ensure fresh sandbox
-		this.iframe?.remove();
+	private loadViaSrcdoc(sandboxId: string, completeHtml: string): void {
+		// Create iframe with srcdoc
 		this.iframe = document.createElement("iframe");
 		this.iframe.sandbox.add("allow-scripts");
 		this.iframe.sandbox.add("allow-modals");
 		this.iframe.style.width = "100%";
 		this.iframe.style.height = "100%";
 		this.iframe.style.border = "none";
-
-		// Set content directly via srcdoc (no CSP restrictions in web apps)
 		this.iframe.srcdoc = completeHtml;
 
+		// Update router with iframe reference BEFORE appending to DOM
+		RUNTIME_MESSAGE_ROUTER.setSandboxIframe(sandboxId, this.iframe);
+
+		// Listen for open-external-url messages from iframe
+		const externalUrlHandler = (e: MessageEvent) => {
+			if (e.data.type === "open-external-url" && e.source === this.iframe?.contentWindow) {
+				// Fallback for non-extension context
+				window.open(e.data.url, "_blank");
+			}
+		};
+		window.addEventListener("message", externalUrlHandler);
+
 		this.appendChild(this.iframe);
 	}
 
@@ -115,159 +233,215 @@ export class SandboxIframe extends LitElement {
 	 * Execute code in sandbox
 	 * @param sandboxId Unique ID for this execution
 	 * @param code User code (plain JS for REPL, or full HTML for artifacts)
-	 * @param attachments Attachments available to the code
+	 * @param providers Runtime providers to inject
+	 * @param consumers Additional message consumers (optional, execute has its own internal consumer)
 	 * @param signal Abort signal
 	 * @returns Promise resolving to execution result
 	 */
 	public async execute(
 		sandboxId: string,
 		code: string,
-		attachments: Attachment[],
+		providers: SandboxRuntimeProvider[] = [],
+		consumers: MessageConsumer[] = [],
 		signal?: AbortSignal,
+		isHtmlArtifact: boolean = false,
 	): Promise<SandboxResult> {
 		if (signal?.aborted) {
 			throw new Error("Execution aborted");
 		}
 
-		// Prepare the complete HTML document with runtime + user code
-		const completeHtml = this.prepareHtmlDocument(sandboxId, code, attachments);
+		const consoleProvider = new ConsoleRuntimeProvider();
+		providers = [consoleProvider, ...providers];
+		RUNTIME_MESSAGE_ROUTER.registerSandbox(sandboxId, providers, consumers);
+
+		const files: SandboxFile[] = [];
+		let completed = false;
 
-		// Wait for execution to complete
 		return new Promise((resolve, reject) => {
-			const logs: Array<{ type: string; text: string }> = [];
-			const files: SandboxFile[] = [];
-			let completed = false;
-
-			const messageHandler = (e: MessageEvent) => {
-				// Ignore messages not for this sandbox
-				if (e.data.sandboxId !== sandboxId) return;
-
-				if (e.data.type === "console") {
-					logs.push({
-						type: e.data.method === "error" ? "error" : "log",
-						text: e.data.text,
-					});
-				} else if (e.data.type === "file-returned") {
-					files.push({
-						fileName: e.data.fileName,
-						content: e.data.content,
-						mimeType: e.data.mimeType,
-					});
-				} else if (e.data.type === "execution-complete") {
-					completed = true;
-					cleanup();
-					resolve({
-						success: true,
-						console: logs,
-						files: files,
-					});
-				} else if (e.data.type === "execution-error") {
-					completed = true;
-					cleanup();
-					resolve({
-						success: false,
-						console: logs,
-						error: e.data.error,
-						files,
-					});
-				}
+			// 4. Create execution consumer for lifecycle messages
+			const executionConsumer: MessageConsumer = {
+				async handleMessage(message: any): Promise<void> {
+					if (message.type === "file-returned") {
+						files.push({
+							fileName: message.fileName,
+							content: message.content,
+							mimeType: message.mimeType,
+						});
+					} else if (message.type === "execution-complete") {
+						completed = true;
+						cleanup();
+						resolve({
+							success: true,
+							console: consoleProvider.getLogs(),
+							files,
+							returnValue: message.returnValue,
+						});
+					} else if (message.type === "execution-error") {
+						completed = true;
+						cleanup();
+						resolve({ success: false, console: consoleProvider.getLogs(), error: message.error, files });
+					}
+				},
 			};
 
+			RUNTIME_MESSAGE_ROUTER.addConsumer(sandboxId, executionConsumer);
+
+			const cleanup = () => {
+				RUNTIME_MESSAGE_ROUTER.unregisterSandbox(sandboxId);
+				signal?.removeEventListener("abort", abortHandler);
+				clearTimeout(timeoutId);
+				this.iframe?.remove();
+				this.iframe = undefined;
+			};
+
+			// Abort handler
 			const abortHandler = () => {
 				if (!completed) {
+					completed = true;
 					cleanup();
 					reject(new Error("Execution aborted"));
 				}
 			};
 
-			let readyHandler: ((e: MessageEvent) => void) | undefined;
-
-			const cleanup = () => {
-				window.removeEventListener("message", messageHandler);
-				signal?.removeEventListener("abort", abortHandler);
-				if (readyHandler) {
-					window.removeEventListener("message", readyHandler);
-				}
-				clearTimeout(timeoutId);
-			};
-
-			// Set up listeners BEFORE creating iframe
-			window.addEventListener("message", messageHandler);
-			signal?.addEventListener("abort", abortHandler);
+			if (signal) {
+				signal.addEventListener("abort", abortHandler);
+			}
 
-			// Timeout after 30 seconds
+			// Timeout handler (30 seconds)
 			const timeoutId = setTimeout(() => {
 				if (!completed) {
+					completed = true;
 					cleanup();
 					resolve({
 						success: false,
-						error: { message: "Execution timeout (30s)", stack: "" },
-						console: logs,
+						console: consoleProvider.getLogs(),
+						error: { message: "Execution timeout (120s)", stack: "" },
 						files,
 					});
 				}
-			}, 30000);
+			}, 120000);
+
+			// 4. Prepare HTML and create iframe
+			const completeHtml = this.prepareHtmlDocument(sandboxId, code, providers, {
+				isHtmlArtifact,
+				isStandalone: false,
+			});
+
+			// 5. Validate HTML before sending to sandbox
+			const validationError = this.validateHtml(completeHtml);
+			if (validationError) {
+				reject(new Error(`HTML validation failed: ${validationError}`));
+				return;
+			}
 
 			if (this.sandboxUrlProvider) {
-				// Browser extension mode: wait for sandbox-ready and send content
-				readyHandler = (e: MessageEvent) => {
+				// Browser extension mode: wait for sandbox-ready
+				this.iframe = document.createElement("iframe");
+				this.iframe.sandbox.add("allow-scripts", "allow-modals");
+				this.iframe.style.cssText = "width: 100%; height: 100%; border: none;";
+				this.iframe.src = this.sandboxUrlProvider();
+
+				// Update router with iframe reference BEFORE appending to DOM
+				RUNTIME_MESSAGE_ROUTER.setSandboxIframe(sandboxId, this.iframe);
+
+				// Listen for sandbox-ready and sandbox-error messages
+				const readyHandler = (e: MessageEvent) => {
 					if (e.data.type === "sandbox-ready" && e.source === this.iframe?.contentWindow) {
-						window.removeEventListener("message", readyHandler!);
-						// Send the complete HTML
+						window.removeEventListener("message", readyHandler);
+						window.removeEventListener("message", errorHandler);
+
+						// Send content to sandbox
 						this.iframe?.contentWindow?.postMessage(
 							{
 								type: "sandbox-load",
 								sandboxId,
 								code: completeHtml,
-								attachments,
 							},
 							"*",
 						);
 					}
 				};
-				window.addEventListener("message", readyHandler);
 
-				// Create iframe AFTER all listeners are set up
-				this.iframe?.remove();
-				this.iframe = document.createElement("iframe");
-				this.iframe.sandbox.add("allow-scripts");
-				this.iframe.sandbox.add("allow-modals");
-				this.iframe.style.width = "100%";
-				this.iframe.style.height = "100%";
-				this.iframe.style.border = "none";
+				const errorHandler = (e: MessageEvent) => {
+					if (e.data.type === "sandbox-error" && e.source === this.iframe?.contentWindow) {
+						window.removeEventListener("message", readyHandler);
+						window.removeEventListener("message", errorHandler);
 
-				this.iframe.src = this.sandboxUrlProvider();
+						// Convert sandbox-error to execution-error for the execution consumer
+						window.postMessage(
+							{
+								sandboxId: sandboxId,
+								type: "execution-error",
+								error: { message: e.data.error, stack: e.data.stack },
+							},
+							"*",
+						);
+					}
+				};
+
+				window.addEventListener("message", readyHandler);
+				window.addEventListener("message", errorHandler);
 
 				this.appendChild(this.iframe);
 			} else {
 				// Web mode: use srcdoc
-				this.iframe?.remove();
 				this.iframe = document.createElement("iframe");
-				this.iframe.sandbox.add("allow-scripts");
-				this.iframe.sandbox.add("allow-modals");
-				this.iframe.style.width = "100%";
-				this.iframe.style.height = "100%";
-				this.iframe.style.border = "none";
-
-				// Set content via srcdoc BEFORE appending to DOM
+				this.iframe.sandbox.add("allow-scripts", "allow-modals");
+				this.iframe.style.cssText = "width: 100%; height: 100%; border: none; display: none;";
 				this.iframe.srcdoc = completeHtml;
 
+				// Update router with iframe reference BEFORE appending to DOM
+				RUNTIME_MESSAGE_ROUTER.setSandboxIframe(sandboxId, this.iframe);
+
 				this.appendChild(this.iframe);
 			}
 		});
 	}
 
+	/**
+	 * Validate HTML using DOMParser - returns error message if invalid, null if valid
+	 * Note: JavaScript syntax validation is done in sandbox.js to avoid CSP restrictions
+	 */
+	private validateHtml(html: string): string | null {
+		try {
+			const parser = new DOMParser();
+			const doc = parser.parseFromString(html, "text/html");
+
+			// Check for parser errors
+			const parserError = doc.querySelector("parsererror");
+			if (parserError) {
+				return parserError.textContent || "Unknown parse error";
+			}
+
+			return null;
+		} catch (error: any) {
+			return error.message || "Unknown validation error";
+		}
+	}
+
 	/**
 	 * Prepare complete HTML document with runtime + user code
+	 * PUBLIC so HtmlArtifact can use it for download button
 	 */
-	private prepareHtmlDocument(sandboxId: string, userCode: string, attachments: Attachment[]): string {
-		// Runtime script that will be injected
-		const runtime = this.getRuntimeScript(sandboxId, attachments);
+	public prepareHtmlDocument(
+		sandboxId: string,
+		userCode: string,
+		providers: SandboxRuntimeProvider[] = [],
+		options?: PrepareHtmlOptions,
+	): string {
+		// Default options
+		const opts: PrepareHtmlOptions = {
+			isHtmlArtifact: false,
+			isStandalone: false,
+			...options,
+		};
 
-		// Check if user provided full HTML
-		const hasHtmlTag = /<html[^>]*>/i.test(userCode);
+		// Runtime script that will be injected
+		const runtime = this.getRuntimeScript(sandboxId, providers, opts.isStandalone || false);
 
-		if (hasHtmlTag) {
+		// Only check for HTML tags if explicitly marked as HTML artifact
+		// For javascript_repl, userCode is JavaScript that may contain HTML in string literals
+		if (opts.isHtmlArtifact) {
 			// HTML Artifact - inject runtime into existing HTML
 			const headMatch = userCode.match(/<head[^>]*>/i);
 			if (headMatch) {
@@ -285,6 +459,9 @@ export class SandboxIframe extends LitElement {
 			return runtime + userCode;
 		} else {
 			// REPL - wrap code in HTML with runtime and call complete() when done
+			// Escape </script> in user code to prevent premature tag closure
+			const escapedUserCode = escapeScriptContent(userCode);
+
 			return `<!DOCTYPE html>
 <html>
 <head>
@@ -294,11 +471,35 @@ export class SandboxIframe extends LitElement {
 	<script type="module">
 		(async () => {
 			try {
-				${userCode}
-				window.complete();
+				// Wrap user code in async function to capture return value
+				const userCodeFunc = async () => {
+					${escapedUserCode}
+				};
+
+				const returnValue = await userCodeFunc();
+
+				// Call completion callbacks before complete()
+				if (window.__completionCallbacks && window.__completionCallbacks.length > 0) {
+					try {
+						await Promise.all(window.__completionCallbacks.map(cb => cb(true)));
+					} catch (e) {
+						console.error('Completion callback error:', e);
+					}
+				}
+
+				await window.complete(null, returnValue);
 			} catch (error) {
-				console.error(error?.stack || error?.message || String(error));
-				window.complete({
+
+				// Call completion callbacks before complete() (error path)
+				if (window.__completionCallbacks && window.__completionCallbacks.length > 0) {
+					try {
+						await Promise.all(window.__completionCallbacks.map(cb => cb(false)));
+					} catch (e) {
+						console.error('Completion callback error:', e);
+					}
+				}
+
+				await window.complete({
 					message: error?.message || String(error),
 					stack: error?.stack || new Error().stack
 				});
@@ -311,215 +512,105 @@ export class SandboxIframe extends LitElement {
 	}
 
 	/**
-	 * Get the runtime script that captures console, provides helpers, etc.
+	 * Generate runtime script from providers
+	 * @param sandboxId Unique sandbox ID
+	 * @param providers Runtime providers
+	 * @param isStandalone If true, skip runtime bridge and navigation interceptor (for standalone downloads)
 	 */
-	private getRuntimeScript(sandboxId: string, attachments: Attachment[]): string {
-		// Convert attachments to serializable format
-		const attachmentsData = attachments.map((a) => ({
-			id: a.id,
-			fileName: a.fileName,
-			mimeType: a.mimeType,
-			size: a.size,
-			content: a.content,
-			extractedText: a.extractedText,
-		}));
-
-		// Runtime function that will run in the sandbox (NO parameters - values injected before function)
-		const runtimeFunc = () => {
-			// Helper functions
-			(window as any).listFiles = () =>
-				(attachments || []).map((a: any) => ({
-					id: a.id,
-					fileName: a.fileName,
-					mimeType: a.mimeType,
-					size: a.size,
-				}));
-
-			(window as any).readTextFile = (attachmentId: string) => {
-				const a = (attachments || []).find((x: any) => x.id === attachmentId);
-				if (!a) throw new Error("Attachment not found: " + attachmentId);
-				if (a.extractedText) return a.extractedText;
-				try {
-					return atob(a.content);
-				} catch {
-					throw new Error("Failed to decode text content for: " + attachmentId);
-				}
-			};
-
-			(window as any).readBinaryFile = (attachmentId: string) => {
-				const a = (attachments || []).find((x: any) => x.id === attachmentId);
-				if (!a) throw new Error("Attachment not found: " + attachmentId);
-				const bin = atob(a.content);
-				const bytes = new Uint8Array(bin.length);
-				for (let i = 0; i < bin.length; i++) bytes[i] = bin.charCodeAt(i);
-				return bytes;
-			};
-
-			(window as any).returnFile = async (fileName: string, content: any, mimeType?: string) => {
-				let finalContent: any, finalMimeType: string;
-
-				if (content instanceof Blob) {
-					const arrayBuffer = await content.arrayBuffer();
-					finalContent = new Uint8Array(arrayBuffer);
-					finalMimeType = mimeType || content.type || "application/octet-stream";
-					if (!mimeType && !content.type) {
-						throw new Error(
-							"returnFile: MIME type is required for Blob content. Please provide a mimeType parameter (e.g., 'image/png').",
-						);
-					}
-				} else if (content instanceof Uint8Array) {
-					finalContent = content;
-					if (!mimeType) {
-						throw new Error(
-							"returnFile: MIME type is required for Uint8Array content. Please provide a mimeType parameter (e.g., 'image/png').",
-						);
-					}
-					finalMimeType = mimeType;
-				} else if (typeof content === "string") {
-					finalContent = content;
-					finalMimeType = mimeType || "text/plain";
-				} else {
-					finalContent = JSON.stringify(content, null, 2);
-					finalMimeType = mimeType || "application/json";
-				}
-
-				window.parent.postMessage(
-					{
-						type: "file-returned",
-						sandboxId,
-						fileName,
-						content: finalContent,
-						mimeType: finalMimeType,
-					},
-					"*",
-				);
-			};
-
-			// Console capture
-			const originalConsole = {
-				log: console.log,
-				error: console.error,
-				warn: console.warn,
-				info: console.info,
-			};
-
-			["log", "error", "warn", "info"].forEach((method) => {
-				(console as any)[method] = (...args: any[]) => {
-					const text = args
-						.map((arg) => {
-							try {
-								return typeof arg === "object" ? JSON.stringify(arg) : String(arg);
-							} catch {
-								return String(arg);
-							}
-						})
-						.join(" ");
-
-					window.parent.postMessage(
-						{
-							type: "console",
-							sandboxId,
-							method,
-							text,
-						},
-						"*",
-					);
-
-					(originalConsole as any)[method].apply(console, args);
-				};
-			});
-
-			// Track errors for HTML artifacts
-			let lastError: { message: string; stack: string } | null = null;
-
-			// Error handlers
-			window.addEventListener("error", (e) => {
-				const text =
-					(e.error?.stack || e.message || String(e)) + " at line " + (e.lineno || "?") + ":" + (e.colno || "?");
-
-				// Store the error
-				lastError = {
-					message: e.error?.message || e.message || String(e),
-					stack: e.error?.stack || text,
-				};
-
-				window.parent.postMessage(
-					{
-						type: "console",
-						sandboxId,
-						method: "error",
-						text,
-					},
-					"*",
-				);
-			});
-
-			window.addEventListener("unhandledrejection", (e) => {
-				const text = "Unhandled promise rejection: " + (e.reason?.message || e.reason || "Unknown error");
-
-				// Store the error
-				lastError = {
-					message: e.reason?.message || String(e.reason) || "Unhandled promise rejection",
-					stack: e.reason?.stack || text,
-				};
+	private getRuntimeScript(
+		sandboxId: string,
+		providers: SandboxRuntimeProvider[] = [],
+		isStandalone: boolean = false,
+	): string {
+		// Collect all data from providers
+		const allData: Record<string, any> = {};
+		for (const provider of providers) {
+			Object.assign(allData, provider.getData());
+		}
 
-				window.parent.postMessage(
-					{
-						type: "console",
-						sandboxId,
-						method: "error",
-						text,
-					},
-					"*",
-				);
-			});
+		// Generate bridge code (skip if standalone)
+		const bridgeCode = isStandalone
+			? ""
+			: RuntimeMessageBridge.generateBridgeCode({
+					context: "sandbox-iframe",
+					sandboxId,
+				});
 
-			// Expose complete() method for user code to call
-			let completionSent = false;
-			(window as any).complete = (error?: { message: string; stack: string }) => {
-				if (completionSent) return;
-				completionSent = true;
-
-				// Use provided error or last caught error
-				const finalError = error || lastError;
-
-				if (finalError) {
-					window.parent.postMessage(
-						{
-							type: "execution-error",
-							sandboxId,
-							error: finalError,
-						},
-						"*",
-					);
-				} else {
-					window.parent.postMessage(
-						{
-							type: "execution-complete",
-							sandboxId,
-						},
-						"*",
-					);
-				}
-			};
+		// Collect all runtime functions - pass sandboxId as string literal
+		const runtimeFunctions: string[] = [];
+		for (const provider of providers) {
+			runtimeFunctions.push(`(${provider.getRuntime().toString()})(${JSON.stringify(sandboxId)});`);
+		}
 
-			// Fallback timeout for HTML artifacts that don't call complete()
-			if (document.readyState === "complete" || document.readyState === "interactive") {
-				setTimeout(() => (window as any).complete(), 2000);
-			} else {
-				window.addEventListener("load", () => {
-					setTimeout(() => (window as any).complete(), 2000);
-				});
+		// Build script with HTML escaping
+		// Escape </script> to prevent premature tag closure in HTML parser
+		const dataInjection = Object.entries(allData)
+			.map(([key, value]) => {
+				const jsonStr = JSON.stringify(value).replace(/<\/script/gi, "<\\/script");
+				return `window.${key} = ${jsonStr};`;
+			})
+			.join("\n");
+
+		// TODO the font-size is needed, as chrome seems to inject a stylesheet into iframes
+		// found in an extension context like sidepanel, settin body { font-size: 75% }. It's
+		// definitely not our code doing that.
+		// See  https://stackoverflow.com/questions/71480433/chrome-is-injecting-some-stylesheet-in-popup-ui-which-reduces-the-font-size-to-7
+
+		// Navigation interceptor (only if NOT standalone)
+		const navigationInterceptor = isStandalone
+			? ""
+			: `
+// Navigation interceptor: prevent all navigation and open externally
+(function() {
+	// Intercept link clicks
+	document.addEventListener('click', function(e) {
+		const link = e.target.closest('a');
+		if (link && link.href) {
+			// Check if it's an external link (not javascript: or #hash)
+			if (link.href.startsWith('http://') || link.href.startsWith('https://')) {
+				e.preventDefault();
+				e.stopPropagation();
+				window.parent.postMessage({ type: 'open-external-url', url: link.href }, '*');
 			}
-		};
+		}
+	}, true);
+
+	// Intercept form submissions
+	document.addEventListener('submit', function(e) {
+		const form = e.target;
+		if (form && form.action) {
+			e.preventDefault();
+			e.stopPropagation();
+			window.parent.postMessage({ type: 'open-external-url', url: form.action }, '*');
+		}
+	}, true);
+
+	// Prevent window.location changes (only if not already redefined)
+	try {
+		const originalLocation = window.location;
+		Object.defineProperty(window, 'location', {
+			get: function() { return originalLocation; },
+			set: function(url) {
+				window.parent.postMessage({ type: 'open-external-url', url: url.toString() }, '*');
+			}
+		});
+	} catch (e) {
+		// Already defined, skip
+	}
+})();
+`;
 
-		// Prepend the const declarations, then the function
-		return (
-			`<script>\n` +
-			`window.sandboxId = ${JSON.stringify(sandboxId)};\n` +
-			`window.attachments = ${JSON.stringify(attachmentsData)};\n` +
-			`(${runtimeFunc.toString()})();\n` +
-			`</script>`
-		);
+		return `<style>
+html, body {
+	font-size: initial;
+}
+</style>
+<script>
+window.sandboxId = ${JSON.stringify(sandboxId)};
+${dataInjection}
+${bridgeCode}
+${runtimeFunctions.join("\n")}
+${navigationInterceptor}
+</script>`;
 	}
 }