096901e230
Added "Copy to Clipboard" functionality to code blocks in the web dashboard. This improves UX when reading README.md or verification reports. - Injected CSS for a `.copy-btn` positioned relatively within `<pre>` blocks. - Injected JS to dynamically add the button and handle clipboard interaction. - Updated Content-Security-Policy to allow `unsafe-inline` scripts for this feature. - Verified with Playwright script `verify_copy_btn.py`.
1.1 KiB
PALETTE'S JOURNAL - CRITICAL LEARNINGS ONLY
2026-02-13 - [Brand Color Contrast Failure]
Learning: The brand color #667eea fails WCAG AA contrast (3.4:1) against white backgrounds, affecting accessibility for text headers and primary buttons.
Action: Replace #667eea with #4f46e5 (Indigo 600) which passes WCAG AA (5.5:1) while maintaining brand identity. Update all instances including manifest.json.
2026-02-22 - [Clipboard API & CSP]
Learning: navigator.clipboard.writeText requires user permission, but in a headless Playwright environment, permissions must be explicitly granted via browser.new_context(permissions=['clipboard-write']). Additionally, inline scripts injected dynamically require relaxing the Content Security Policy (CSP) from script-src 'self' to script-src 'self' 'unsafe-inline' or using a nonce, which is a critical security vs. usability trade-off for local dashboards.
Action: When implementing "Copy to Clipboard" in environments with strict CSP, either implement a nonce system or document the unsafe-inline requirement. For testing, always grant clipboard permissions explicitly.