v0.4.0 — production hardening
0.4.0 — 2026-07-03
Production hardening.
Security
POST /api/webhooknow requires a random per-session token (headerX-Sidecar-Token,?token=, orAuthorization: Bearer), closing a cross-site request forgery hole where any webpage could inject text in front of Claude via localhost POSTs.- Artifact iframes are sandboxed (
allow-scripts allow-forms allow-popups, opaque origin).claude.send()now crosses a postMessage bridge validated and forwarded by the canvas shell, which holds the token; artifact code never sees it.
Reliability
- Multiple sessions coexist: if the preferred port (default 8765) is taken, the server falls back to an ephemeral port instead of crashing. Each session writes
.sidecar/session.json(pid, port, url, token) for discovery by external callers. - Canvas contents persist to
.sidecar/artifacts.jsonand are restored on restart. await_interactionacceptsartifact_idto filter, so stale clicks on other artifacts can't be misread as the answer.claude.send()debounces identical payloads within 1.5s (double-click protection).- Canvas reconnects jump to the newest artifact instead of staying pinned to the URL-hash one.
interactions.jsonlrotates at 5MB.- Browser auto-open works on macOS, Linux, and Windows.
Tooling
- End-to-end test suite in-repo (
bun test), exercising the server over real MCP stdio. - CI workflow: tests plus a check that the committed
dist/sidecar.jsmatches the source. - Landing page deploys to GitHub Pages.