Variet/gravity_control
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(extension): HTML 패치 안전성 강화 — pre-patch backup + 구조 검증 + 자동 복원

Browse Source
This commit is contained in:
Variet Worker
2026-03-12 17:55:42 +09:00
parent bb6c03e957
commit 6d8c6f182c
2 changed files with 77 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
extension/src/extension.ts
View File

@@ -431,21 +431,71 @@ async function setupApprovalObserver() {
// workbench.html — loaded by DevTools/standard mode
// workbench-jetski-agent.html — loaded by AG agent mode
const scriptDir = path.dirname(scriptPath);
const htmlFiles = ['workbench.html', 'workbench-jetski-agent.html'];
for (const htmlFileName of htmlFiles) {
const htmlPath = path.join(scriptDir, htmlFileName);
// Each HTML file has DIFFERENT CSS/JS entry points — they are NOT interchangeable:
// workbench.html → workbench.desktop.main.css + workbench.js
// workbench-jetski-agent.html → tw-base.tailwind.css + jetskiMain.tailwind.css + jetskiAgent.js
// Cross-restoring between them causes CSS to not load → layout broken (elements visible but all shifted left).
const htmlFileSpecs = [
{
name: 'workbench.html',
requiredMarker: 'workbench.desktop.main.css', // CSS unique to this file
requiredScript: 'workbench.js', // JS entry point
},
{
name: 'workbench-jetski-agent.html',
requiredMarker: 'jetskiMain.tailwind.css', // CSS unique to this file
requiredScript: 'jetskiAgent.js', // JS entry point
},
];
for (const spec of htmlFileSpecs) {
const htmlPath = path.join(scriptDir, spec.name);
const backupPath = htmlPath + '.orig';
try {
if (!fs.existsSync(htmlPath)) {
logToFile(`[OBSERVER] ${htmlFileName} not found — skipping`);
logToFile(`[OBSERVER] ${spec.name} not found — skipping`);
continue;
}
let html = fs.readFileSync(htmlPath, 'utf8');
// SAFETY: Refuse to patch if file is empty or suspiciously small
// (race condition: another extension instance may be mid-write)
if (html.length < 500 || !html.includes('<!DOCTYPE html>')) {
logToFile(`[OBSERVER] ${htmlFileName} appears corrupt or empty (${html.length} bytes) — SKIPPING to prevent further damage`);
continue;
// ── BACKUP: Save original before first-ever patch ──
// Only backup if the file looks valid AND hasn't been backed up yet.
if (!fs.existsSync(backupPath)
&& html.length >= 500
&& html.includes('<!DOCTYPE html>')
&& html.includes(spec.requiredMarker)) {
fs.writeFileSync(backupPath, html, 'utf8');
logToFile(`[OBSERVER] ${spec.name} backed up to .orig (${html.length} bytes)`);
}
// ── SAFETY: Refuse to patch if file is corrupt, empty, or wrong type ──
// Race condition: another extension instance may be mid-write (0-byte).
// Wrong type: restored from the other HTML file (different CSS/JS refs).
const isCorrupt = html.length < 500 || !html.includes('<!DOCTYPE html>');
const isWrongType = !isCorrupt && !html.includes(spec.requiredMarker);
if (isCorrupt || isWrongType) {
const reason = isCorrupt
? `corrupt/empty (${html.length} bytes)`
: `wrong type (missing ${spec.requiredMarker})`;
logToFile(`[OBSERVER] ${spec.name} detected ${reason}`);
// Try to restore from backup
if (fs.existsSync(backupPath)) {
const backup = fs.readFileSync(backupPath, 'utf8');
if (backup.length >= 500
&& backup.includes('<!DOCTYPE html>')
&& backup.includes(spec.requiredMarker)) {
fs.writeFileSync(htmlPath, backup, 'utf8');
html = backup;
logToFile(`[OBSERVER] ${spec.name} RESTORED from .orig backup (${backup.length} bytes) ✅`);
} else {
logToFile(`[OBSERVER] ${spec.name} .orig backup also invalid — SKIPPING`);
continue;
}
} else {
logToFile(`[OBSERVER] ${spec.name} no .orig backup available — SKIPPING to prevent further damage`);
continue;
}
}
// CRITICAL: Patch CSP to allow inline scripts.
@@ -456,7 +506,7 @@ async function setupApprovalObserver() {
/(script-src\s[^;]*?)('self')/,
"$1$2\n\t\t\t\t\t'unsafe-inline'"
);
logToFile(`[OBSERVER] ${htmlFileName} CSP patched: added 'unsafe-inline' to script-src`);
logToFile(`[OBSERVER] ${spec.name} CSP patched: added 'unsafe-inline' to script-src`);
}
// Remove old external script tag if present (legacy, cannot be served)
@@ -469,7 +519,7 @@ async function setupApprovalObserver() {
extMarkerEnd.replace(/[[\]]/g, '\\$&') + '\\n?'
);
html = html.replace(extRe, '');
logToFile(`[OBSERVER] removed external script tag from ${htmlFileName}`);
logToFile(`[OBSERVER] removed external script tag from ${spec.name}`);
}
// Insert or update inline script
@@ -484,20 +534,20 @@ async function setupApprovalObserver() {
);
html = html.replace(re,
`${inlineMarkerStart}\n<script>\n${combinedScript}\n</script>\n${inlineMarkerEnd}`);
logToFile(`[OBSERVER] ${htmlFileName} inline script UPDATED`);
logToFile(`[OBSERVER] ${spec.name} inline script UPDATED`);
} else {
html = html.replace('</html>',
`\n${inlineMarkerStart}\n<script>\n${combinedScript}\n</script>\n${inlineMarkerEnd}\n</html>`);
logToFile(`[OBSERVER] ${htmlFileName} inline script INSERTED`);
logToFile(`[OBSERVER] ${spec.name} inline script INSERTED`);
}
// SAFETY: Final validation before write — never write empty or invalid HTML
if (html.length < 500 || !html.includes('<!DOCTYPE html>')) {
logToFile(`[OBSERVER] ${htmlFileName} WOULD BE CORRUPT after patching (${html.length} bytes) — ABORTING write`);
// SAFETY: Final validation before write
if (html.length < 500 || !html.includes('<!DOCTYPE html>') || !html.includes(spec.requiredMarker)) {
logToFile(`[OBSERVER] ${spec.name} WOULD BE CORRUPT after patching (${html.length} bytes) — ABORTING write`);
continue;
}
fs.writeFileSync(htmlPath, html, 'utf8');
} catch (e: any) {
logToFile(`[OBSERVER] ${htmlFileName} patch error: ${e.message}`);
logToFile(`[OBSERVER] ${spec.name} patch error: ${e.message}`);
}
}
}