[Fixes] Packaged desktop: connector redirect + linux launcher icon#1429
Merged
Conversation
The citations fix (cacb27e) added a "Chunk citations in your prose" section to system_prompt_desktop.md telling the KB subagent to always leave `evidence.chunk_ids` null and emit no `[citation:...]` markers in desktop mode, but left the pre-existing line declaring that `chunk_ids` apply to `<priority_documents>` hits. The two rules contradicted each other; the model picked one per turn. Strike the stale conditional clause and point at the dedicated section as the single source of truth. Matches the parallel line in system_prompt_cloud.md and the already-consistent system_prompt_readonly_desktop.md.
setupDeepLinks() only listened for second-instance and open-url events. On Windows/Linux a fresh launch via `surfsense://` delivers the URL in argv of the first instance, where it was silently dropped. Scan argv on setup so the existing handlePendingDeepLink() pass picks it up.
Linux registered the scheme via desktop-file MIME, but mac.extendInfo never declared CFBundleURLTypes, leaving install-time LaunchServices unaware of the protocol. The runtime app.setAsDefaultProtocolClient call still runs as a fallback.
…d self-hosters
The interceptor previously matched a strict `${HOSTED_FRONTEND_URL}/*`
prefix and did a naive String.replace, which broke whenever the backend
NEXT_FRONTEND_URL differed at all (apex vs www, http vs https, or a
self-hosted domain). Now:
- Match by host: apex + www. sibling, both http and https.
- Rewrite via URL parsing so only protocol/host change; query strings
containing the host as a value are left intact.
- Read HOSTED_FRONTEND_URL through getHostedFrontendUrl() which honors
a SURFSENSE_HOSTED_FRONTEND_URL_OVERRIDE env var, letting self-hosters
point their builds at their own frontend without rebuilding.
Default behavior is identical when override is unset and backend host
matches the baked-in value.
Adds two diagnostic events to surface OAuth-redirect failures we can't reproduce on Linux: - desktop_oauth_redirect_intercepted fires from inside onBeforeRequest with the original host, path, and target port — confirms the rewrite actually ran. - desktop_oauth_redirect_missed fires from a read-only onCompleted listener when a /dashboard/*/connectors/callback URL lands off-localhost, meaning the rewrite filter didn't catch it. This is the smoking-gun event for "connector OAuth dies on mac/win" reports. Read-only; no behavior change.
… stable Setting HOSTNAME=0.0.0.0 made Next.js standalone canonicalize request.url to http://0.0.0.0:PORT. The connector OAuth callback's NextResponse.redirect built its Location from that URL, so navigating it flipped window.location.origin from http://localhost:PORT to http://0.0.0.0:PORT. The backend CORS allowlist matches localhost/127.0.0.1 only, blocking every subsequent API call until app restart — producing the "no internet" / app-down state after connecting any connector.
electron-builder was given a single 2048x2048 icon.png and dumped it into hicolor/2048x2048/apps/, a bucket no Linux desktop environment indexes — launchers and taskbar fell back to a generic placeholder. Pre-render the standard sizes (16, 32, 48, 64, 128, 256, 512, 1024) and point linux.icon at the directory so each PNG lands in the matching hicolor/NxN/apps/ slot. Tray icon was unaffected (loaded at runtime via Electron's Tray API from bundled resources, no theme lookup).
|
@CREDO23 is attempting to deploy a commit to the Rohan Verma's projects Team on Vercel. A member of the Team first needs to authorize it. |
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
API Changes
Change Type
Testing Performed
Checklist
High-level PR Summary
This PR fixes two critical bugs in the packaged desktop application: corrects OAuth connector redirect issues that were stranding users off-app during authentication flows, and resolves Linux launcher icon display problems by providing proper multi-resolution icon assets and configuration. The core fix is OAuth callbacks, adds URL rewrite filters for hosted frontend domains, implements cold-start deep-link handling for Windows/Linux, and introduces runtime environment variable overrides for self-hosted deployments. Additionally, it includes diagnostic event tracking for OAuth redirects and updates agent documentation to clarify desktop-specific behavior.
⏱️ Estimated Review Time: 30-90 minutes
💡 Review Order Suggestion
surfsense_desktop/.env.examplesurfsense_desktop/src/modules/server.tssurfsense_desktop/src/modules/window.tssurfsense_desktop/src/modules/deep-links.tssurfsense_desktop/electron-builder.ymlsurfsense_desktop/assets/icons/16x16.pngsurfsense_desktop/assets/icons/32x32.pngsurfsense_desktop/assets/icons/48x48.pngsurfsense_desktop/assets/icons/64x64.pngsurfsense_desktop/assets/icons/128x128.pngsurfsense_desktop/assets/icons/256x256.pngsurfsense_desktop/assets/icons/512x512.pngsurfsense_desktop/assets/icons/1024x1024.pngsurfsense_backend/app/agents/multi_agent_chat/subagents/builtins/knowledge_base/system_prompt_desktop.mdsurfsense_backend/app/agents/multi_agent_chat/subagents/builtins/knowledge_base/system_prompt_desktop.md