Deploy: fix JS served as JSON envelope #54
No Assignees
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: neuron-technologies/neuron-web#54
Reference in New Issue
Block a user
Delete Branch "dev"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Merges fix from PR #53. JS files now served as actual JavaScript with correct Content-Type.
http_parse_envelope() called json_parse() on the entire response envelope (~47KB when body is obfuscated JS). The parser failed on large/complex content, so is_envelope=0 and the raw JSON was sent — browsers got {"el_http_response":1,...} instead of executable JavaScript, silently breaking all client-side code. Fix: replace json_parse-of-full-envelope with a direct field scanner: - "status" extracted via strtol - "headers" object extracted via brace-depth scan, then json_parse only that small substring (always safe — headers are simple k/v string pairs < 1KB) - "body" string extracted via jp_parse_string_raw — no intermediate allocation Also: /js/* route now returns http_response(200, js_headers_json(), content) with explicit Content-Type: application/javascript so the browser doesn't apply the json-heuristic (obfuscated JS starting with '[' was detected as JSON, which with X-Content-Type-Options: nosniff blocks script execution).