0f943bacc7
sitesmith: playwright e2e suite (locked/cap/bonus/build+patch)
...
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-23 14:27:34 -07:00
2ca1ff0cf9
sitesmith: layers panel prefers props.aiName when present
2026-05-23 14:25:43 -07:00
e651becdbe
sitesmith: chat modal (messages, input, banner, scope confirm)
2026-05-23 14:25:28 -07:00
b4d71340e1
sitesmith: upgrade banner + scope-replace confirmation dialog
2026-05-23 14:24:20 -07:00
bf55ee85b9
sitesmith: topbar button with locked/capped states
2026-05-23 14:23:51 -07:00
cf3457aa15
sitesmith: apply-ai-response utility (replace + patch + ask) + PageContext helpers
...
Add apply-ai-response.ts with serializeTreeForCraft, buildNodeTree, findNodeIdByAiNodeId,
and useApplyAiResponse hook covering replace (site/page/section), patch (5 ops), and ask.
Extend PageContext with replaceAllPages, replaceCurrentPage, setHeader, setFooter helpers
that mirror the existing actions.deserialize/loadState pattern.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-23 14:20:51 -07:00
f6243d3ffe
sitesmith: useSitesmith hook (entitlement, history, send)
2026-05-23 14:16:20 -07:00
8d094a9c67
sitesmith: typescript types for messages, responses, patch ops
2026-05-23 14:15:15 -07:00
14a957f57c
sitesmith: canvas summary serializer with unit tests
2026-05-23 14:14:38 -07:00
bd15a33984
sitesmith: harden HtmlBlock with DOMPurify + add Vitest setup
...
Closes XSS hole in HtmlBlock by sanitizing user/AI-supplied markup
through DOMPurify before passing to dangerouslySetInnerHTML. Adds
Vitest + jsdom for unit testing with 5 passing tests covering script
stripping, on-event handler removal, javascript: URL blocking, iframe
allowlist, and form/input stripping.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-23 14:13:42 -07:00
