ai-or-die 0.1.69 → 0.1.70

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ai-or-die",
-  "version": "0.1.69",
+  "version": "0.1.70",
   "description": "Universal AI coding terminal — Claude, Copilot, Gemini & more in your browser",
   "main": "src/server.js",
   "bin": {

package/src/public/app.js

@@ -2182,6 +2182,16 @@ class ClaudeCodeWebInterface {
                     this._sessionWorkingDirs.set(message.sessionId, message.workingDir);
                 }
                 this.updateSessionButton(message.sessionName);
+
+                // Re-root the (singleton) file-browser panel to the newly
+                // active session's dir. open() short-circuits when already
+                // open, so without this an open panel would keep showing the
+                // previous tab's directory after a tab switch. Fires only when
+                // the panel is open and the session actually changed.
+                if (this._fileBrowserPanel &&
+                    typeof this._fileBrowserPanel.notifyActiveSessionChanged === 'function') {
+                    this._fileBrowserPanel.notifyActiveSessionChanged(message.sessionId);
+                }
                 
                 // Update tab status
                 if (this.sessionTabManager) {
@@ -4138,6 +4148,10 @@ class ClaudeCodeWebInterface {
                 // opens picks up the new cwd (per ADR-0016 / task #14).
                 initialPath: this.getCurrentWorkingDir(),
                 getCwd: () => this.getCurrentWorkingDir(),
+                // Active session id → sent as ?session on /api/files so the
+                // server can resolve the per-tab default root even when the
+                // client cwd cache is cold (e.g. just after a page reload).
+                getSessionId: () => this.currentClaudeSessionId,
             });
         }
         return this._fileBrowserPanel;

package/src/public/file-browser.js

@@ -338,6 +338,17 @@
     // callback is also tolerated (defensive coding per agent-instructions/05).
     this.getCwd = typeof options.getCwd === 'function' ? options.getCwd : null;
 
+    // Optional callback returning the active session's id. Sent as the
+    // `session` query param on /api/files so the SERVER can resolve the
+    // default root (session.liveCwd || session.workingDir) even when the
+    // client's cwd cache is cold (e.g. right after a page reload). Tolerant
+    // of falsy/throwing callbacks like getCwd.
+    this.getSessionId = typeof options.getSessionId === 'function' ? options.getSessionId : null;
+    // Server-reported "home" for the active session (its working dir). Set
+    // from each /api/files response; navigateHome() roots here so "Home"
+    // means the tab's session dir, not the server's global baseFolder.
+    this._homePath = null;
+
     this._open = false;
     this._currentPath = null;
     this._basePath = null;
@@ -858,9 +869,23 @@
     var self = this;
     var params = new URLSearchParams();
     if (dirPath) params.append('path', dirPath);
+    // Always forward the active session id (when known). The server uses it
+    // ONLY to pick the default root when no `path` is given, and to report
+    // `home`; it is ignored when `path` is present, so explicit navigation
+    // (breadcrumbs / up / folder clicks) is unaffected.
+    var sid = null;
+    if (this.getSessionId) { try { sid = this.getSessionId(); } catch (_) { sid = null; } }
+    if (sid) params.append('session', sid);
+    this._lastRenderedSession = sid;
     params.append('limit', '500');
     params.append('offset', '0');
 
+    // Monotonic request token: tab switches / rapid folder clicks can leave
+    // several /api/files fetches in flight at once. Only the LATEST request is
+    // allowed to commit its response, so a slow earlier fetch can't overwrite
+    // the UI (or _homePath / the watcher root) with stale data.
+    var reqId = (this._navSeq = (this._navSeq || 0) + 1);
+
     this._statusBar.textContent = 'Loading...';
 
     this.authFetch('/api/files?' + params.toString())
@@ -869,14 +894,28 @@
         return resp.json();
       })
       .then(function (data) {
+        if (reqId !== self._navSeq) return; // superseded by a newer navigateTo
         self._currentPath = data.currentPath;
         self._basePath = data.baseFolder;
+        // `home` is the session's working dir (server-resolved); navigateHome
+        // roots here. Falls back to baseFolder for sessionless/legacy responses.
+        self._homePath = data.home || data.baseFolder;
         self._items = data.items;
         self._renderBreadcrumbs();
         self._renderItems();
         self._showBrowseView();
         self._statusBar.textContent = data.totalCount + ' item' + (data.totalCount !== 1 ? 's' : '');
 
+        // fs-watcher: (re)connect to the dir the server actually resolved.
+        // open() only connects when it knows the path client-side; on a cold
+        // cache it passes null and the server resolves the session root here,
+        // so connect against data.currentPath to cover that case (and re-root
+        // when a tab switch re-navigates). connect() is idempotent per path.
+        var w = self._ensureFileWatcher();
+        if (w && typeof w.connect === 'function' && data.currentPath) {
+          try { w.connect(data.currentPath); } catch (_) { /* swallow */ }
+        }
+
         // fs-watcher (#41 / ADR-0017 — wire model post-ff79038): one
         // EventSource per session at panel mount, refcount-based per-path
         // subscriptions multiplexed over it. Listing direct-child paths
@@ -900,6 +939,7 @@
         }
       })
       .catch(function (err) {
+        if (reqId !== self._navSeq) return; // superseded; don't clobber newer status
         self._statusBar.textContent = 'Error: ' + err.message;
       });
   };
@@ -916,7 +956,9 @@
 
   FileBrowserPanel.prototype.navigateHome = function () {
     this._markManualNav();
-    this.navigateTo(this._basePath);
+    // "Home" is the active session's working dir (server-reported `home`),
+    // falling back to the sandbox base if we haven't loaded a listing yet.
+    this.navigateTo(this._homePath || this._basePath);
   };
 
   // ---------------------------------------------------------------------------
@@ -945,6 +987,22 @@
     return this._activeSessionId() === sessionId;
   };
 
+  /**
+   * Entry point for app.js when the active tab/session changes. The panel is
+   * a singleton shared across tabs, so a tab switch must re-root it to the
+   * new session's working dir — open() short-circuits when already open and
+   * would otherwise keep showing the previous tab's directory. Re-navigates
+   * with NO explicit path so the server resolves the new session's root from
+   * the `?session` param (getSessionId() now returns the new id). No-op when
+   * the panel is closed or the session is unchanged. _markManualNav() is NOT
+   * called: a tab switch should re-root and resume following the new tab.
+   */
+  FileBrowserPanel.prototype.notifyActiveSessionChanged = function (sessionId) {
+    if (!this._open) return;
+    if (!sessionId || sessionId === this._lastRenderedSession) return;
+    this.navigateTo(null);
+  };
+
   /**
    * Returns true when the panel is currently configured to follow the
    * given session's OSC-7 CWD. Defaults to true on first lookup, and

package/src/server.js

@@ -870,7 +870,21 @@ class ClaudeCodeWebServer {
 
   setupExpress() {
     this.app.use(cors());
-    this.app.use(express.json());
+    // Global JSON parser for normal endpoints (Express default ~100kb limit).
+    // The upload route mounts its own higher-limit parser (see
+    // POST /api/files/upload below); exempt it here so a base64 file body
+    // isn't rejected by the ~100kb default before the route runs. The
+    // trailing-slash normalization matches exactly the set of paths Express
+    // routes to that handler (`/api/files/upload` and `/api/files/upload/`).
+    const _globalJsonParser = express.json();
+    this.app.use((req, res, next) => {
+      // Case-insensitive + trailing-slash-normalized to match Express's
+      // default route matching (case-insensitive routing), so every form that
+      // reaches the upload handler is exempt from the ~100kb global parser.
+      const p = req.path.replace(/\/+$/, '').toLowerCase() || '/';
+      if (p === '/api/files/upload') return next();
+      return _globalJsonParser(req, res, next);
+    });
     
     // Serve manifest.json with correct MIME type
     this.app.get('/manifest.json', (req, res) => {
@@ -1403,7 +1417,30 @@ class ClaudeCodeWebServer {
 
     // GET /api/files — List directory (files + folders), paginated
     this.app.get('/api/files', (req, res) => {
-      const requestedPath = req.query.path || this.baseFolder;
+      // Per-tab file-browser root. Resolve the requesting session's home dir
+      // (live OSC 7 cwd if tracked, else the spawn dir) when a `session` id is
+      // supplied and its dir still validates. Used as (a) the default root
+      // when the client sends no explicit `path`, and (b) the `home` value the
+      // client points "Home" at — so Home stays the tab's dir even while
+      // browsing subdirs. Mirrors GET /api/files/find. Falls back to baseFolder
+      // for unknown/stale sessions so the browser never 403s on open.
+      let sessionHome = null;
+      const sid = typeof req.query.session === 'string' ? req.query.session : '';
+      if (sid) {
+        const session = this.claudeSessions.get(sid);
+        if (session) {
+          const candidate = session.liveCwd || session.workingDir;
+          if (candidate && this.validatePath(candidate).valid) {
+            sessionHome = candidate;
+          } else {
+            // Known session but its dir is missing or no longer inside the
+            // sandbox — a real misconfiguration worth logging. (Unknown session
+            // ids fall through silently: expected during cold-cache races.)
+            console.warn(`/api/files: session ${sid} working dir unavailable; using baseFolder`);
+          }
+        }
+      }
+      const requestedPath = req.query.path || sessionHome || this.baseFolder;
       const validation = this.validatePath(requestedPath);
       if (!validation.valid) {
         return res.status(403).json({ error: validation.error });
@@ -1480,7 +1517,7 @@ class ClaudeCodeWebServer {
             totalCount,
             offset,
             limit,
-            home: normalizePath(this.baseFolder),
+            home: normalizePath(sessionHome || this.baseFolder),
             baseFolder: normalizePath(this.baseFolder),
           });
         } catch (error) {
@@ -2739,7 +2776,12 @@ class ClaudeCodeWebServer {
     //     per spec ("user shell config is sacrosanct" applies to .gitignore
     //     too — we don't want to silently introduce a new tracked-by-default
     //     side effect on the user's repo).
-    this.app.post('/api/files/upload', express.json({ limit: '10mb' }), async (req, res) => {
+    // Route parser limit is sized for base64 of the 10 MB decoded cap
+    // (~14 MB) plus the small JSON envelope. The decoded-size guard below
+    // (buffer.length > 10 MB) remains the real per-file cap. This parser is
+    // the ONLY one that runs for this route — the global parser above skips
+    // `/api/files/upload`, so this limit governs (not the ~100kb default).
+    this.app.post('/api/files/upload', express.json({ limit: '20mb' }), async (req, res) => {
       const { targetDir, fileName, content, overwrite } = req.body;
       if (!targetDir || !fileName || !content) {
         return res.status(400).json({ error: 'targetDir, fileName, and content are required' });
@@ -2932,6 +2974,24 @@ class ClaudeCodeWebServer {
         res.sendFile(path.join(__dirname, 'public', 'index.html'));
       }
     });
+
+    // Body-parser error handler (4-arg, must be registered AFTER routes).
+    // express.json() rejects oversized/malformed bodies via next(err) BEFORE
+    // the route runs; without this, Express's default handler returns HTML,
+    // which the JSON API clients can't parse. We key on err.type — the marker
+    // body-parser stamps on its own errors — so unrelated next(err) calls are
+    // left to the default handler.
+    this.app.use((err, req, res, next) => {
+      if (res.headersSent || !err || !err.type) return next(err);
+      if (err.type === 'entity.too.large') {
+        return res.status(413).json({ error: 'Request body too large' });
+      }
+      if (err.type === 'entity.parse.failed' || err.type === 'encoding.unsupported'
+          || err.type === 'charset.unsupported' || err.type === 'entity.verify.failed') {
+        return res.status(err.status || err.statusCode || 400).json({ error: 'Invalid request body' });
+      }
+      return next(err);
+    });
   }
 
   /**