Bug fixes, security hardening, and performance improvements
- BUG-16: Fixed pagination deadlock (fetching flag stuck on error path) - BUG-17: Fixed absoluteIndex===0 falsy check skipping unread jump - BUG-19: Fixed mEvt.getRoomId()! non-null assertion crash - BUG-20: Wrapped getSettings()/setSettings() in try/catch for corrupt localStorage - SEC: Replaced randomStr() Math.random() with crypto.getRandomValues() CSPRNG - SEC: Fixed afterLoginRedirectPath open redirect validation - SEC: Narrowed OSM iframe sandbox to scripts-only (removed allow-same-origin) - Perf-2: Memoized selectAtom in useSetting (prevented new atom ref per render) - Perf-4: Fixed typingMembers setTimeout leak (tracked timers per user/room) - Perf-8: Memoized getChatBg() result in RoomView (not inline in JSX) - Perf-12: Replaced body.class * font-family with body.class (inherited) - Perf-15: Memoized typingNames array chain in RoomViewTyping - Perf-9: Added blob URL cleanup useEffect in AudioContent - BUG: Fixed forEach(async) -> Promise.all in useCommands join handler - BUG: Fixed useCompositionEndTracking missing dependency array - A11y: Fixed spoiler button aria-pressed + keyboard handler - A11y: Added aria-label to Send message button - Build: Set sourcemap:false, removed netlify.toml from copyFiles Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Lotus Bot
@@ -461,11 +461,12 @@ export const getReactCustomHtmlParser = (
|
||||
<span
|
||||
{...props}
|
||||
role="button"
|
||||
tabIndex={params.handleSpoilerClick ? 0 : -1}
|
||||
onKeyDown={params.handleSpoilerClick}
|
||||
tabIndex={0}
|
||||
onKeyDown={(e) => { if (e.key === 'Enter' || e.key === ' ') params.handleSpoilerClick?.(e as any); }}
|
||||
onClick={params.handleSpoilerClick}
|
||||
className={css.Spoiler()}
|
||||
aria-pressed
|
||||
aria-label="Spoiler — click to reveal"
|
||||
aria-pressed={false}
|
||||
style={{ cursor: 'pointer' }}
|
||||
>
|
||||
{domToReact(children, opts)}
|
||||
|
||||
Reference in New Issue
Block a user