npm - @mushi-mushi/web - Versions diffs - 1.7.6 → 1.7.8 - Mend

@mushi-mushi/web 1.7.6 → 1.7.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.cjs CHANGED Viewed

@@ -3660,18 +3660,18 @@ function createScreenshotCapture(options = {}) {
       const url = URL.createObjectURL(blob);
       return new Promise((resolve) => {
         img.onload = () => {
-          ctx.drawImage(img, 0, 0, width, height);
-          URL.revokeObjectURL(url);
           try {
-            const dataUrl = canvas.toDataURL("image/jpeg", 0.7);
-            resolve(dataUrl);
+            ctx.drawImage(img, 0, 0, width, height);
+            URL.revokeObjectURL(url);
+            resolve(canvas.toDataURL("image/jpeg", 0.7));
           } catch {
-            resolve(null);
+            URL.revokeObjectURL(url);
+            resolve(buildDegradedScreenshot(width, height));
           }
         };
         img.onerror = () => {
           URL.revokeObjectURL(url);
-          resolve(null);
+          resolve(buildDegradedScreenshot(width, height));
         };
         img.src = url;
       });
@@ -3692,6 +3692,8 @@ var DEFAULT_REDACT_SELECTORS = [
 ];
 function buildPrivacySafeDocument(privacy) {
   const clone = document.documentElement.cloneNode(true);
+  clone.querySelector("#mushi-mushi-widget")?.remove();
+  stripTaintSources(clone);
   const redactSelectors = privacy?.redactSelectors !== void 0 ? privacy.redactSelectors : DEFAULT_REDACT_SELECTORS;
   for (const selector of redactSelectors) {
     for (const el of safeQueryAll(clone, selector)) {
@@ -3730,6 +3732,46 @@ function redactElement(el) {
   el.setAttribute("data-mushi-redacted", "true");
   while (el.firstChild) el.removeChild(el.firstChild);
 }
+function stripTaintSources(root) {
+  const pageOrigin = typeof location !== "undefined" ? location.origin : "";
+  for (const el of root.querySelectorAll("img, video, iframe, object, embed, picture")) {
+    el.remove();
+  }
+  for (const link of root.querySelectorAll('link[rel="stylesheet"], link[as="style"]')) {
+    const href = link.getAttribute("href");
+    if (!href || isCrossOriginUrl(href, pageOrigin)) link.remove();
+  }
+  for (const script of root.querySelectorAll("script")) {
+    script.remove();
+  }
+}
+function isCrossOriginUrl(raw, pageOrigin) {
+  if (!raw || raw.startsWith("data:") || raw.startsWith("blob:")) return false;
+  try {
+    const resolved = new URL(raw, typeof location !== "undefined" ? location.href : "http://localhost/");
+    return Boolean(pageOrigin) && resolved.origin !== pageOrigin;
+  } catch {
+    return true;
+  }
+}
+function buildDegradedScreenshot(width, height) {
+  const canvas = document.createElement("canvas");
+  const ctx = canvas.getContext("2d");
+  if (!ctx) return null;
+  canvas.width = width;
+  canvas.height = height;
+  ctx.fillStyle = "#111827";
+  ctx.fillRect(0, 0, width, height);
+  ctx.fillStyle = "#e5e7eb";
+  ctx.font = "13px system-ui, sans-serif";
+  ctx.fillText("Screenshot: layout captured (external media stripped)", 16, 28);
+  ctx.fillText(`${width}\xD7${height}px`, 16, 48);
+  try {
+    return canvas.toDataURL("image/jpeg", 0.7);
+  } catch {
+    return null;
+  }
+}
 function maskElement(el) {
   if (el instanceof HTMLInputElement || el instanceof HTMLTextAreaElement) {
     el.value = "";
@@ -4781,7 +4823,7 @@ function createProactiveManager(config = {}) {
 // src/version.ts
 var MUSHI_SDK_PACKAGE = "@mushi-mushi/web";
-var MUSHI_SDK_VERSION = "1.7.6" ;
+var MUSHI_SDK_VERSION = "1.7.7" ;
 // src/mushi.ts
 var instance = null;
@@ -4962,13 +5004,30 @@ function createInstance(config) {
   });
   let detachAutoBreadcrumbs = null;
   detachAutoBreadcrumbs = installAutoBreadcrumbs(breadcrumbs);
+  async function takeScreenshotWithoutChrome() {
+    if (!screenshotCap) return null;
+    const panelWasVisible = widget.getIsOpen();
+    if (panelWasVisible) widget.hidePanel();
+    const host = document.getElementById("mushi-mushi-widget");
+    const prevVisibility = host?.style.visibility ?? "";
+    if (host) host.style.visibility = "hidden";
+    await new Promise((resolve) => {
+      requestAnimationFrame(() => requestAnimationFrame(() => resolve()));
+    });
+    try {
+      return await screenshotCap.take();
+    } finally {
+      if (host) host.style.visibility = prevVisibility;
+      if (panelWasVisible) widget.showPanel();
+    }
+  }
   async function autoCaptureScreenshot(when) {
     const mode = activeConfig.capture?.screenshot;
     if (!screenshotCap || mode === "off" || pendingScreenshot) return;
     if (when === "open" && mode !== "auto") return;
     if (when === "submit" && mode !== "on-report" && mode !== "auto") return;
     log.debug("Auto-capturing screenshot", { when, mode });
-    pendingScreenshot = await screenshotCap.take();
+    pendingScreenshot = await takeScreenshotWithoutChrome();
     widget.setScreenshotAttached(pendingScreenshot !== null);
   }
   widget = new MushiWidget(bootstrapConfig.widget, {
@@ -4998,7 +5057,7 @@ function createInstance(config) {
     onScreenshotRequest: async () => {
       if (!screenshotCap || activeConfig.capture?.screenshot === "off") return;
       log.debug("Taking screenshot");
-      pendingScreenshot = await screenshotCap.take();
+      pendingScreenshot = await takeScreenshotWithoutChrome();
       widget.setScreenshotAttached(pendingScreenshot !== null);
     },
     onScreenshotRemove: () => {