- Changed from manual string concatenation to Uri.parse().replace(queryParameters: ...)
- This properly encodes the WOPISrc while maintaining encoding through iframe.src
- Fixes Collabora 'WOPISrc validation error: unencoded WOPISrc' warning
- Uri API ensures query parameters are properly percent-encoded
- WOPISrc is a full URL that needs URL encoding when passed as query param
- Use Uri.encodeComponent() to properly encode the WOPISrc value
- Simplify iframe setup to just use the properly constructed URL
- This fixes the 400 Bad Request from Collabora when loading documents
- Reverted to direct iframe src approach instead of form submission
- This avoids 'Form submission canceled' error
- Removed allow-same-origin from sandbox to improve security
- Added allow-popups-to-escape-sandbox for Collabora functionality
- Use direct URL with WOPISrc parameter instead of POST form
- Collabora's loleaflet.html expects WOPISrc as POST parameter, not URL query param
- Changed from iframe with src= to form submission approach
- Extract WOPISrc from URL and pass as hidden form input
- This avoids 400 Bad Request from Collabora when using GET with URL params
- Added dart:html and dart:ui_web imports for iframe support
- Created _buildCollaboraIframe() method to register and display iframe
- Set proper sandbox and allow attributes for Collabora functionality
- Full-screen iframe embedding of Collabora Online document editor
- Replaces placeholder UI with actual document viewing capability
Go backend:
- Fix WOPI models file (remove duplicate package declaration and syntax errors)
- Add GetOrgMember method to database as alias for GetUserMembership
- Add UpdateFileSize method to database
- Remove unused net/url import from wopi_handlers.go
- Fix field names in WOPI struct initializers (match JSON tags)
Flutter frontend:
- Remove webview_flutter import (use simpler placeholder for now)
- Fix _createWOPISession to safely access SessionBloc state
- Replace WebViewController usage with placeholder UI
- Remove unused _generateRandomHex methods from login/signup forms
- Add missing mimeType parameter to DocumentCapabilities in mock repository
- Remove unused local variables in file_browser_bloc
- Reverted WebViewWidget approach that was causing null check errors
- Show placeholder UI for Office documents until proper WOPI support is implemented
- Fixed web/index.html to only load PixelatedElegance font that actually exists
- Removed references to non-existent fonts causing OTS parsing errors
- Clear file lists in ResetFileBrowser to prevent org files showing in personal workspace
- Include JWT token as query parameter in PDF download URL for viewer compatibility
- Remove Authorization header from SfPdfViewer (browser security restrictions)
- Fix mock repository EditorSession to include required token parameter
- Increase Dio receiveTimeout from 10s to 60s to allow file uploads and org creation
to complete (Nextcloud user provisioning takes 5-7s)
- Hide 'Empty Folder' text and back button in root directory (main folder)
- Back button and empty message now only show in actual subdirectories
- Organization creation now works even before orgs are loaded (fixes state guard)
- Org creation UI now preserves state and shows inline error messages
- Wrong password login no longer triggers global logout; shows inline error instead
- ApiClient now excludes /auth/ endpoints from global 401 session expiry
