Conversation
…tory function Script tags inserted via innerHTML are not executed by the browser. After loading version history HTML into the modal container, we now manually re-create script elements so the browser executes them, making closeVersionHistory and other functions available to onclick handlers. Fixes #666
lane711
added a commit
that referenced
this pull request
Apr 4, 2026
…tory function (#741) Script tags inserted via innerHTML are not executed by the browser. After loading version history HTML into the modal container, we now manually re-create script elements so the browser executes them, making closeVersionHistory and other functions available to onclick handlers. Fixes #666
lane711
added a commit
that referenced
this pull request
Apr 5, 2026
* feat: add OAuth/social login providers plugin (Phase 1) Implements the core OAuth2 authorization code flow as a SonicJS plugin, enabling social login via GitHub and Google providers. Changes: - New oauth-providers plugin with PluginBuilder SDK pattern - OAuth2 authorization code flow with CSRF state protection - GitHub and Google as built-in providers (provider-agnostic design) - Account linking: auto-links OAuth to existing email accounts - New user creation from OAuth profile data - oauth_accounts database migration (table + indexes) - Registered in core plugins, bootstrap service, and app routes - No new dependencies — uses native fetch for all OAuth HTTP calls - Cloudflare Workers compatible Routes added: GET /auth/oauth/:provider — Redirect to provider GET /auth/oauth/:provider/callback — Handle callback POST /auth/oauth/link — Link OAuth to account POST /auth/oauth/unlink — Unlink OAuth provider GET /auth/oauth/accounts — List linked accounts Fixes #737 * docs(www): sync changelog with v2.9.0, v2.10.0, v2.10.1 releases Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * docs(www): add plugin docs, update auth/field-types/API docs + fix OTP site name New docs pages: - QR Code Generator plugin - Redirect Management plugin - Forms as Collections Updated docs: - Authentication: RBAC enforcement details, rate limiting, CSRF - Field Types: collapsible fields, objectLayout - Core Plugins: added new plugins - API Reference: auto-discovery mention Bug fix: - OTP plugin email preview now reads site name from General Settings (was using wrong DB query, always showed 'SonicJS') 🤖 Generated with [Claude Code](https://claude.com/claude-code) * fix: resolve version modal not closing due to missing closeVersionHistory function (#741) Script tags inserted via innerHTML are not executed by the browser. After loading version history HTML into the modal container, we now manually re-create script elements so the browser executes them, making closeVersionHistory and other functions available to onclick handlers. Fixes #666 * fix: pass logo URL to OTP email template and preview The OTP plugin settings page has a Logo URL field but it was never passed to the email template or the admin preview. Now: - logoUrl is passed from plugin settings to the email template data - Admin preview shows the logo above 'Your Login Code' header - Added logoUrl to OTPSettings interface 🤖 Generated with [Claude Code](https://claude.com/claude-code) * fix: use relative imports in OAuth plugin to fix build Change the Plugin type import in oauth-providers/index.ts from '@sonicjs-cms/core' (circular package import) to relative '../../types'. Change index.ts to import OAuth exports directly from the oauth-providers subdirectory instead of from core-plugins/index.ts, which was pulling in all core plugins and their unresolvable @sonicjs-cms/core imports. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes the version history modal not closing when clicking the Close or X buttons. The
closeVersionHistoryfunction (and other modal functions) were undefined because the HTML was loaded viainnerHTML, which does not execute embedded<script>tags.Changes
innerHTML, manually re-create<script>elements so the browser executes themcloseVersionHistory,restoreVersion,previewVersion, andtoggleChangesfunctions available to theironclickhandlersTesting
innerHTMLdoes not execute script tags per the HTML specFixes #666