fix: pass event to errorResponse for proper CORS on errors

+16 -16

docs/git-history.json

··· 1 1 [ 2 2 { 3 - "hash": "be9f4207b61429400e44ccfda326595c1087235c", 4 - "short_hash": "be9f420", 3 + "hash": "bb14ec5fb6426bbf4a7bc8bf1661bfbad29f16bd", 4 + "short_hash": "bb14ec5", 5 5 "author": "Ariel M. Lighty", 6 - "date": "2025-12-28T19:21:29-05:00", 7 - "message": "feat: add Firefox support with webextension-polyfill\n\nImplemented cross-browser compatibility for the extension:\n\n- Installed webextension-polyfill for unified browser.* API\n- Replaced all chrome.* API calls with browser.* imports\n- Updated build system to output both chrome/ and firefox/ directories\n- Created Firefox-specific manifest with browser_specific_settings", 8 - "files_changed": 12 6 + "date": "2025-12-28T20:32:16-05:00", 7 + "message": "fix: add Firefox extension CORS support\n\n- Added moz-extension:// origin detection to CORS handler\n- Added cookies permission to Firefox manifest for credentialed requests\n- Functions now properly reflect Firefox extension origins with credentials", 8 + "files_changed": 5 9 9 }, 10 10 { 11 11 "hash": "603cf0a187850664336a12c9e5cbb49038906f53", ··· 32 32 "files_changed": 9 33 33 }, 34 34 { 35 - "hash": "6ac877ee6d1990bdab4ef3b03ac59f4682afe0a5", 36 - "short_hash": "6ac877e", 35 + "hash": "d07180cd3a19328b82b35118e525b59d4e2e060b", 36 + "short_hash": "d07180c", 37 37 "author": "Ariel M. Lighty", 38 - "date": "2025-12-27T16:03:56-05:00", 39 - "message": "docs: update decision graph after markdown updates", 40 - "files_changed": 2 38 + "date": "2025-12-27T18:38:39-05:00", 39 + "message": "feat: add Tailwind CSS to extension\n\nReplaced 299 lines of vanilla CSS with Tailwind for design consistency with web app. Production build minified to 13KB.", 40 + "files_changed": 9 41 41 }, 42 42 { 43 43 "hash": "fe29bb3e5faa0151f63c14724f7509af669860de", ··· 160 160 "files_changed": 3 161 161 }, 162 162 { 163 - "hash": "ba29fd68872913ba0a587aa7f29f97b3d373a732", 164 - "short_hash": "ba29fd6", 163 + "hash": "32cdee3aeac7ef986df47e0fff786b5f7471e55b", 164 + "short_hash": "32cdee3", 165 165 "author": "Ariel M. Lighty", 166 166 "date": "2025-12-25T13:22:32-05:00", 167 167 "message": "configure Netlify dev for monorepo with --filter flag\n\nFixed Netlify CLI monorepo detection issue by using --filter flag:\n- Updated root package.json scripts to use 'npx netlify-cli dev --filter @atlast/web'\n- Updated netlify.toml [dev] section to use npm with --prefix for framework command\n- Added monorepo development instructions to CLAUDE.md\n- Documented Windows Git Bash compatibility issue with netlify command\n\nSolution: Use 'npx netlify-cli dev --filter @atlast/web' to bypass monorepo\nproject selection prompt and specify which workspace package to run.\n\nDev server now runs successfully at http://localhost:8888 with all backend\nfunctions loaded.", 168 - "files_changed": 5 168 + "files_changed": 4 169 169 }, 170 170 { 171 - "hash": "32cdee3aeac7ef986df47e0fff786b5f7471e55b", 172 - "short_hash": "32cdee3", 171 + "hash": "ba29fd68872913ba0a587aa7f29f97b3d373a732", 172 + "short_hash": "ba29fd6", 173 173 "author": "Ariel M. Lighty", 174 174 "date": "2025-12-25T13:22:32-05:00", 175 175 "message": "configure Netlify dev for monorepo with --filter flag\n\nFixed Netlify CLI monorepo detection issue by using --filter flag:\n- Updated root package.json scripts to use 'npx netlify-cli dev --filter @atlast/web'\n- Updated netlify.toml [dev] section to use npm with --prefix for framework command\n- Added monorepo development instructions to CLAUDE.md\n- Documented Windows Git Bash compatibility issue with netlify command\n\nSolution: Use 'npx netlify-cli dev --filter @atlast/web' to bypass monorepo\nproject selection prompt and specify which workspace package to run.\n\nDev server now runs successfully at http://localhost:8888 with all backend\nfunctions loaded.", 176 - "files_changed": 4 176 + "files_changed": 5 177 177 }, 178 178 { 179 179 "hash": "c3e7afad396d130791d801a85cbfc9643bcd6309",

+92 -4

docs/graph-data.json

··· 4263 4263 "node_type": "observation", 4264 4264 "title": "Health check uses HEAD request to root URL (Vite server), not a Netlify function. Doesn't get CORS headers from getCorsHeaders. Need dedicated health endpoint or change check to use existing function.", 4265 4265 "description": null, 4266 - "status": "pending", 4266 + "status": "completed", 4267 4267 "created_at": "2025-12-28T20:37:22.132717600-05:00", 4268 - "updated_at": "2025-12-28T20:37:22.132717600-05:00", 4268 + "updated_at": "2025-12-28T20:38:41.630020900-05:00", 4269 4269 "metadata_json": "{\"branch\":\"master\",\"confidence\":95}" 4270 4270 }, 4271 4271 { ··· 4274 4274 "node_type": "outcome", 4275 4275 "title": "Created /health function endpoint with CORS support. Updated checkServerHealth to use /.netlify/functions/health instead of root URL. Extension rebuilt successfully.", 4276 4276 "description": null, 4277 - "status": "pending", 4277 + "status": "completed", 4278 4278 "created_at": "2025-12-28T20:38:19.981309500-05:00", 4279 - "updated_at": "2025-12-28T20:38:19.981309500-05:00", 4279 + "updated_at": "2025-12-28T20:38:41.780183300-05:00", 4280 + "metadata_json": "{\"branch\":\"master\",\"confidence\":95}" 4281 + }, 4282 + { 4283 + "id": 390, 4284 + "change_id": "cfdcf45b-47b3-4239-8053-417bd31957ed", 4285 + "node_type": "observation", 4286 + "title": "Server receives session request but returns CORS wildcard (*) instead of extension origin. No session cookie received. Origin header might not be sent by Firefox extension or not detected correctly.", 4287 + "description": null, 4288 + "status": "pending", 4289 + "created_at": "2025-12-28T20:48:12.770638500-05:00", 4290 + "updated_at": "2025-12-28T20:48:12.770638500-05:00", 4291 + "metadata_json": "{\"branch\":\"master\",\"confidence\":95}" 4292 + }, 4293 + { 4294 + "id": 391, 4295 + "change_id": "2b53a419-9a47-4285-9a12-9bdfaeeb9ff0", 4296 + "node_type": "observation", 4297 + "title": "Health endpoint gets CORS headers correctly (moz-extension detected). Session endpoint error middleware doesn't pass event to errorResponse, returns wildcard CORS. Need to fix error middleware to pass event.", 4298 + "description": null, 4299 + "status": "pending", 4300 + "created_at": "2025-12-28T20:55:32.024834200-05:00", 4301 + "updated_at": "2025-12-28T20:55:32.024834200-05:00", 4302 + "metadata_json": "{\"branch\":\"master\",\"confidence\":95}" 4303 + }, 4304 + { 4305 + "id": 392, 4306 + "change_id": "c941d136-3405-483d-bf34-7fb011f6d072", 4307 + "node_type": "action", 4308 + "title": "Fixed error middleware to pass event to errorResponse for proper CORS headers on errors", 4309 + "description": null, 4310 + "status": "pending", 4311 + "created_at": "2025-12-28T20:56:38.876266200-05:00", 4312 + "updated_at": "2025-12-28T20:56:38.876266200-05:00", 4313 + "metadata_json": "{\"branch\":\"master\",\"confidence\":95}" 4314 + }, 4315 + { 4316 + "id": 393, 4317 + "change_id": "aafd9977-8800-4152-9f7f-b817db6df573", 4318 + "node_type": "outcome", 4319 + "title": "Fixed Firefox extension CORS completely. Error middleware now passes event to errorResponse so Firefox extension origin is properly reflected in error responses with credentials. Debug logging removed.", 4320 + "description": null, 4321 + "status": "pending", 4322 + "created_at": "2025-12-28T21:37:22.780953600-05:00", 4323 + "updated_at": "2025-12-28T21:37:22.780953600-05:00", 4280 4324 "metadata_json": "{\"branch\":\"master\",\"confidence\":95}" 4281 4325 } 4282 4326 ], ··· 8515 8559 "weight": 1.0, 8516 8560 "rationale": "Fix implemented", 8517 8561 "created_at": "2025-12-28T20:38:22.044029100-05:00" 8562 + }, 8563 + { 8564 + "id": 386, 8565 + "from_node_id": 389, 8566 + "to_node_id": 390, 8567 + "from_change_id": "f522d5b2-c325-4f34-9f27-b8ea5c50618d", 8568 + "to_change_id": "cfdcf45b-47b3-4239-8053-417bd31957ed", 8569 + "edge_type": "leads_to", 8570 + "weight": 1.0, 8571 + "rationale": "Issue persists - need to debug headers", 8572 + "created_at": "2025-12-28T20:48:14.949702100-05:00" 8573 + }, 8574 + { 8575 + "id": 387, 8576 + "from_node_id": 390, 8577 + "to_node_id": 391, 8578 + "from_change_id": "cfdcf45b-47b3-4239-8053-417bd31957ed", 8579 + "to_change_id": "2b53a419-9a47-4285-9a12-9bdfaeeb9ff0", 8580 + "edge_type": "leads_to", 8581 + "weight": 1.0, 8582 + "rationale": "Root cause identified from debug logs", 8583 + "created_at": "2025-12-28T20:55:34.094943700-05:00" 8584 + }, 8585 + { 8586 + "id": 388, 8587 + "from_node_id": 391, 8588 + "to_node_id": 392, 8589 + "from_change_id": "2b53a419-9a47-4285-9a12-9bdfaeeb9ff0", 8590 + "to_change_id": "c941d136-3405-483d-bf34-7fb011f6d072", 8591 + "edge_type": "leads_to", 8592 + "weight": 1.0, 8593 + "rationale": "Fix implemented", 8594 + "created_at": "2025-12-28T20:57:35.872426900-05:00" 8595 + }, 8596 + { 8597 + "id": 389, 8598 + "from_node_id": 392, 8599 + "to_node_id": 393, 8600 + "from_change_id": "c941d136-3405-483d-bf34-7fb011f6d072", 8601 + "to_change_id": "aafd9977-8800-4152-9f7f-b817db6df573", 8602 + "edge_type": "leads_to", 8603 + "weight": 1.0, 8604 + "rationale": "Complete fix with cleanup", 8605 + "created_at": "2025-12-28T21:37:27.704906300-05:00" 8518 8606 } 8519 8607 ] 8520 8608 }

+4 -2

packages/functions/src/core/middleware/error.middleware.ts

··· 21 21 } 22 22 23 23 if (error instanceof ApiError) { 24 - return errorResponse(error.message, error.statusCode, error.details); 24 + return errorResponse(error.message, error.statusCode, error.details, event); 25 25 } 26 26 27 27 // Unknown errors ··· 29 29 "Internal server error", 30 30 500, 31 31 error instanceof Error ? error.message : "Unknown error", 32 + event, 32 33 ); 33 34 } 34 35 }; ··· 48 49 console.error("Authenticated handler error:", error); 49 50 50 51 if (error instanceof ApiError) { 51 - return errorResponse(error.message, error.statusCode, error.details); 52 + return errorResponse(error.message, error.statusCode, error.details, event); 52 53 } 53 54 54 55 return errorResponse( 55 56 "Internal server error", 56 57 500, 57 58 error instanceof Error ? error.message : "Unknown error", 59 + event, 58 60 ); 59 61 } 60 62 };

Configure Feed

Configure Feed