fix(ui): use feature detection for crypto.randomUUID to support HTTP deployments#1868
Open
wsszh wants to merge 2 commits into
Open
fix(ui): use feature detection for crypto.randomUUID to support HTTP deployments#1868wsszh wants to merge 2 commits into
wsszh wants to merge 2 commits into
Conversation
…deployments crypto.randomUUID() requires a Secure Context (HTTPS or localhost). Deployments served over plain HTTP crash on /agents/new with "Uncaught TypeError: crypto.randomUUID is not a function". Add a generateId() utility that detects crypto.randomUUID availability at runtime and falls back to the uuid package (already a dependency) when unavailable. Replace all 8 crypto.randomUUID() call sites. Signed-off-by: wsszh <wsszh@users.noreply.github.com> Signed-off-by: sup <sup@supdeMacBook-Pro.local>
Contributor
There was a problem hiding this comment.
Pull request overview
Fixes a runtime crash on HTTP deployments where crypto.randomUUID() is unavailable outside Secure Contexts. Adds a generateId() helper with feature detection that falls back to the uuid package, and replaces all call sites.
Changes:
- Add
generateId()utility inui/src/lib/utils.tswith runtime feature detection anduuidv4 fallback. - Replace all 8
crypto.randomUUID()call sites in 4 files withgenerateId().
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
ui/src/lib/utils.ts |
Adds generateId() helper and imports uuidv4 fallback. |
ui/src/lib/promptSourceRow.ts |
Switches to generateId() for prompt source row ids. |
ui/src/lib/openClawSandboxForm.ts |
Switches to generateId() for sandbox channel row ids. |
ui/src/components/prompts/FragmentEntriesEditor.tsx |
Switches 4 call sites to generateId() for fragment row ids. |
ui/src/app/agents/new/page.tsx |
Switches 2 call sites to generateId() for prompt source row ids. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
peterj
approved these changes
May 14, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
crypto.randomUUID()which requires a Secure Context (HTTPS or localhost). Deployments served over plain HTTP crash on/agents/newwithUncaught TypeError: crypto.randomUUID is not a function.generateId()utility inui/src/lib/utils.tsthat detectscrypto.randomUUIDavailability at runtime and falls back to theuuidpackage (already a dependency, v14) when unavailable.crypto.randomUUID()call sites across 4 source files.Changes
ui/src/lib/utils.tsgenerateId()with runtime feature detectionui/src/lib/promptSourceRow.tscrypto.randomUUID()→generateId()ui/src/lib/openClawSandboxForm.tscrypto.randomUUID()→generateId()ui/src/components/prompts/FragmentEntriesEditor.tsxcrypto.randomUUID()→generateId()ui/src/app/agents/new/page.tsxcrypto.randomUUID()→generateId()Context
crypto.randomUUID()is a Web Crypto API gated behind Secure Context. Any deployment accessed viahttp://(common in internal/dev clusters without TLS termination) crashes when rendering the agent creation form. Theuuidnpm package (v14, already inpackage.json) usescrypto.getRandomValues()which works in all contexts.The fix uses runtime feature detection (
typeof crypto.randomUUID === "function") so it works with the pre-built Docker image regardless of deployment configuration — no Helm or environment variable changes needed.ui/public/mockServiceWorker.jsalso callscrypto.randomUUID()but is auto-generated by MSW and runs in a Service Worker context (always secure), so it is not modified.Test plan
cd ui && npm run buildpassescd ui && npm run lintpasses/agents/new→ "Skip wizard" → form loads without crashcrypto.randomUUID()grep -r 'crypto.randomUUID' ui/src/returns onlyutils.tsfeature-detection branch (andmockServiceWorker.js)