fix(ratewise): 修復 PWA 冷啟動 HTTPS 連線不安全#493
Merged
Merged
Conversation
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
Contributor
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.Scanned FilesNone |
Contributor
|
✅ SEO 審計通過!所有 2026 標準驗證項目都符合要求。
|
- manifest.webmanifest 改 NetworkOnly,避免 SWR 快取舊版相對 start_url - scope 同步絕對 HTTPS SSOT(與 #447 start_url 對齊) - 補 sw/build-scripts 防回歸測試與 patch changeset 測試:pnpm --filter @app/ratewise test -- sw.test build-scripts.test;pnpm build:ratewise Co-authored-by: Cursor <cursoragent@cursor.com>
6eacd2e to
3048542
Compare
Contributor
|
✅ SEO 審計通過!所有 2026 標準驗證項目都符合要求。
|
This was referenced Jun 28, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
manifest.webmanifest改 NetworkOnly,避免seo-files-cacheSWR 鎖定 fix(ratewise): 修復冷啟動未還原單/多幣別模式與強化 PWA https 啟動 #447 前舊版相對start_urlscope同步為絕對 HTTPS SSOT(與 fix(ratewise): 修復冷啟動未還原單/多幣別模式與強化 PWA https 啟動 #447start_url對齊)Root cause
#447 已將
start_url改為絕對 HTTPS,但 SW 仍以 StaleWhileRevalidate 快取.webmanifest。已安裝 PWA 冷啟動時可能讀到舊 manifest(相對start_url),在 Chrome standalone + HTTPS-First 下觸發「此連結並不安全」。另:
scope仍為相對路徑/ratewise/,與絕對 HTTPSstart_url不一致。Changed files
apps/ratewise/src/sw.tsapps/ratewise/scripts/generate-manifest.mjsapps/ratewise/public/manifest.webmanifestapps/ratewise/src/__tests__/sw.test.tsapps/ratewise/src/config/__tests__/build-scripts.test.ts.changeset/pwa-https-cold-start-hotfix.mddocs/dev/002_development_reward_penalty_log.mdTest plan
pnpm --filter @app/ratewise test -- sw.test build-scripts.test(87 passed)typecheck+test+build:ratewiseQA verification matrix
start_url/scope/idscope=start_urlsw.jsprecache URLshttp://dist/index.htmlmixed content#456 navigation timeout 決策(刻意不納入本 PR)
結論:保留 case 3 的 8s bounded timeout,不另開 follow-up 移除。
Promise.race8s 後 fallback offline.html#456 要移除的是舊版 3s 全域 navigation timeout(iOS eviction 時誤判離線),已在 hybrid SWR + precache-first 重構中移除。現行 8s 僅限 case 3,且有
sw.test.ts行為測試覆蓋;移除會讓 precache 被驅逐且網路掛住時無限白屏。reinstall banner:依 KISS 原則不納入;manifest NetworkOnly + 一次線上冷啟動即可讓新 SW 生效。
Notes