yushen 9e23fb76fc fix(upload): harden upload flow — sanitize filenames, refresh CF cookies, deduplicate handlers ... - Sanitize Content-Disposition filenames to prevent header injection (strip control chars, quotes, semicolons) - Add CloudFront cookie refresh middleware so cookies are re-issued when expired - Log errors in groupAttachments instead of silently swallowing them - Move useFileUpload hook to shared/hooks/ per project architecture conventions - Add uploadWithToast helper to deduplicate try/catch/toast pattern across 3 components - Refactor ApiClient.uploadFile to reuse auth headers, 401 handling, and error parsing - Allow empty MIME types client-side (let server sniff and decide) - Constrain Image extension max-width in rich-text-editor to prevent layout overflow Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>		2026-03-31 15:52:40 +08:00
..
auth	fix(auth): restore email verification login flow from main	2026-03-26 17:40:54 +08:00
inbox	feat(realtime): WS invalidation + refetch pattern, inbox bugfixes, UI polish	2026-03-29 13:49:40 +08:00
issues	fix(upload): harden upload flow — sanitize filenames, refresh CF cookies, deduplicate handlers	2026-03-31 15:52:40 +08:00
modals	feat(ui): restyle issue status and priority with colored badges	2026-03-31 03:26:43 +08:00
my-issues	feat(web): add My Issues page with grouped filters	2026-03-31 12:53:21 +08:00
navigation	feat(ui): route persistence, sidebar active fix, header spacing	2026-03-26 10:57:32 +08:00
realtime	fix(sync): board-card rollback, inbox status sync, markRead error handling	2026-03-31 13:09:17 +08:00
runtimes	revert(runtimes): remove runtime delete functionality	2026-03-29 17:05:36 +08:00
skills	feat(realtime): WS invalidation + refetch pattern, inbox bugfixes, UI polish	2026-03-29 13:49:40 +08:00
workspace	feat(upload): add file upload UI — avatar, editor paste/drop, attachments	2026-03-31 15:17:54 +08:00