Harden security, modularize API bootstrap, and fix scale SSE auth.

Block web access to sensitive paths, require API_TOKEN for mutations, encrypt GitHub issue credentials in .env, auto-provision tokens for same-origin clients, and pass api_token in scale relay URLs since EventSource cannot send headers. Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-03 18:04:19 +00:00
parent 7104483dac
commit d33b0ca2fe
34 changed files with 1619 additions and 277 deletions
@@ -101,6 +101,20 @@ class KioskActivity : AppCompatActivity() {
    // Pending WebView permission request
    private var pendingWebPermission: PermissionRequest? = null

+    private fun safeEvalJs(script: String) {
+        if (!::webView.isInitialized) return
+        if (isFinishing || isDestroyed) return
+        if (webView.visibility != View.VISIBLE) return
+        runCatching { webView.evaluateJavascript(script, null) }
+            .onFailure {
+                ErrorReporter.reportMessage(
+                    type = "webview-js-bridge-error",
+                    message = "Failed to deliver JS callback to WebView",
+                    extra = mapOf("error" to (it.message ?: "unknown"))
+                )
+            }
+    }
+
    companion object {
        private const val FILE_CHOOSER_REQUEST    = 1002
        private const val PERMISSION_REQUEST_CODE = 1003
@@ -150,18 +164,18 @@ class KioskActivity : AppCompatActivity() {
                    override fun onStart(utteranceId: String?) {}
                    override fun onDone(utteranceId: String?) {
                        runOnUiThread {
-                            webView.evaluateJavascript("if(window._kioskTtsDone)window._kioskTtsDone('$utteranceId')", null)
+                            safeEvalJs("if(window._kioskTtsDone)window._kioskTtsDone('$utteranceId')")
                        }
                    }
                    @Deprecated("Deprecated in API 21")
                    override fun onError(utteranceId: String?) {
                        runOnUiThread {
-                            webView.evaluateJavascript("if(window._kioskTtsError)window._kioskTtsError('$utteranceId','error')", null)
+                            safeEvalJs("if(window._kioskTtsError)window._kioskTtsError('$utteranceId','error')")
                        }
                    }
                    override fun onError(utteranceId: String?, errorCode: Int) {
                        runOnUiThread {
-                            webView.evaluateJavascript("if(window._kioskTtsError)window._kioskTtsError('$utteranceId',$errorCode)", null)
+                            safeEvalJs("if(window._kioskTtsError)window._kioskTtsError('$utteranceId',$errorCode)")
                        }
                    }
                })