From b2955fb695e9addeb08242727908d051b22ed157 Mon Sep 17 00:00:00 2001 From: Marcel Date: Mon, 11 May 2026 16:52:42 +0200 Subject: [PATCH 1/2] fix(frontend): disable prerender crawl so /, /documents, /persons aren't baked Closes #514. The build was prerendering protected routes via crawl from /hilfe/transkription. Their load functions throw redirect('/login') during the build (no auth cookie), so SvelteKit captured the redirect as static HTML and shipped /app/build/prerendered/{index,documents, persons,geschichten,stammbaum}.html with a `location.href=/login` script. In production these files are served BEFORE hooks.server.ts runs, so an authenticated user with a valid cookie is still served the baked bounce-back page. Setting `crawl: false` keeps the explicit /hilfe/transkription entry prerendered (needed for the public help page) without dragging the nav targets along with it. Verified locally: build now emits only `hilfe/transkription.html` under build/prerendered/, no index.html or documents.html etc. Co-Authored-By: Claude Opus 4.7 --- frontend/svelte.config.js | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/frontend/svelte.config.js b/frontend/svelte.config.js index ca42a340..e94e293c 100644 --- a/frontend/svelte.config.js +++ b/frontend/svelte.config.js @@ -8,7 +8,17 @@ const config = { preprocess: vitePreprocess(), kit: { adapter: adapter(), - prerender: { entries: ['/hilfe/transkription'] } + prerender: { + entries: ['/hilfe/transkription'], + // Disable crawl: by default SvelteKit follows nav links from + // prerendered pages and prerenders the targets too. The targets + // (/, /documents, /persons, …) throw redirect('/login') during + // the build (no auth cookie), so SvelteKit bakes a + // `` HTML page and serves + // it before the runtime hooks ever run. Result: authenticated + // users with a valid cookie still get bounced. See #514. + crawl: false + } } }; -- 2.49.1 From 6ba7254344724e8e65985cbc08ac469c2eacf0a9 Mon Sep 17 00:00:00 2001 From: Marcel Date: Mon, 11 May 2026 17:00:54 +0200 Subject: [PATCH 2/2] test(ci): assert prerender output is only /hilfe/transkription Addresses Sara's review request on #515. Without this gate, a future regression that turns prerender.crawl back on (or adds a new prerender entry whose nav links into protected routes) would silently bake /, /documents, /persons etc. to "redirect-to-login" HTML and re-introduce #514. Verified the script catches the current broken build state: $ find build/prerendered ... -not -path 'hilfe/*' ... build/prerendered/{index,documents,persons,geschichten,stammbaum}.html Co-Authored-By: Claude Opus 4.7 --- .gitea/workflows/ci.yml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index d48d6a48..00ebf695 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -59,6 +59,29 @@ jobs: run: npm run build working-directory: frontend + # ── Prerender output is exactly the public help page ─────────────────── + # SvelteKit prerender + crawl follows nav links and bakes "redirect to + # /login" HTML for every protected route, served BEFORE runtime hooks + # (see #514). With `crawl: false` only the explicit entry should land + # in build/prerendered/. Anything else is a regression — fail the build. + - name: Assert prerender output is only /hilfe/transkription + run: | + cd frontend + set -e + extra=$(find build/prerendered -type f \ + -not -path 'build/prerendered/hilfe/*' \ + -not -name '*.br' -not -name '*.gz' \ + || true) + if [ -n "$extra" ]; then + echo "FAIL: unexpected prerendered files (would shadow runtime hooks):" + echo "$extra" + exit 1 + fi + # And the help page must still be there. + test -f build/prerendered/hilfe/transkription.html \ + || { echo "FAIL: /hilfe/transkription.html missing from prerender output"; exit 1; } + echo "PASS: only /hilfe/transkription.html prerendered." + - name: Upload screenshots if: always() uses: actions/upload-artifact@v4 -- 2.49.1