Skip to content
Open
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ and this project partially follows [Semantic Versioning](https://semver.org/spec
- Improved fallback behavior of shortcut icons to first-letter icons when custom icons fail to load or when offline ([@prem-k-r](https://github.com/prem-k-r)) ([#187](https://github.com/prem-k-r/MaterialYouNewTab/pull/187/))
- Disabled dragging for weather and location icons ([@anndiy](https://github.com/anndiy)) ([#183](https://github.com/prem-k-r/MaterialYouNewTab/pull/183))
- Added support for right-click to access AI Tools settings ([@prem-k-r](https://github.com/prem-k-r)) ([#210](https://github.com/prem-k-r/MaterialYouNewTab/pull/210/))
- Added smooth wallpaper fade-in and fixed the widget transparency delay on page load. ([@prem-k-r](https://github.com/prem-k-r)) ([#217](https://github.com/prem-k-r/MaterialYouNewTab/pull/217/))

### Fixed

Expand Down
1 change: 1 addition & 0 deletions index.html
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,7 @@
<body>
<!-- --------------------- Loading Screen Starting --------------------- -->
<img src="./images/Loading.png" id="LoadingScreen" fetchpriority="high" />
<img id="bg-img" alt="" />

<!-- --------------------- ToDo List Setup Starting --------------------- -->
<!-- ToDo Icon -->
Expand Down
2 changes: 1 addition & 1 deletion manifest(firefox).json
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"manifest_version": 2,
"name": "MYNT: Material You New Tab",
"version": "3.3.510",
"version": "3.3.516",
"description": "A Simple New Tab (browser's home page) inspired by Google's 'Material You' design.",
"permissions": [
"search",
Expand Down
2 changes: 1 addition & 1 deletion manifest.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"manifest_version": 3,
"name": "MYNT: Material You New Tab",
"version": "3.3.510",
"version": "3.3.516",
"description": "A Simple New Tab (browser's home page) inspired by Google's 'Material You' design.",
"permissions": ["search"],
"optional_permissions": ["bookmarks", "favicon"],
Expand Down
33 changes: 27 additions & 6 deletions scripts/wallpaper.js
Original file line number Diff line number Diff line change
Expand Up @@ -15,16 +15,31 @@

let currentBgUrl = null;

if (localStorage.getItem("hasWallpaper") === "true") {
toggleBackgroundType(true);
}

// To set background image using a Blob
function setBackground(blob) {
const img = document.getElementById("bg-img");
const previousUrl = currentBgUrl;
const newUrl = URL.createObjectURL(blob);
currentBgUrl = newUrl;
document.body.style.setProperty("--bg-image", `url(${newUrl})`);

toggleBackgroundType(true);
if (previousUrl) {
URL.revokeObjectURL(previousUrl);
}
localStorage.setItem("hasWallpaper", "true");

img.classList.remove("bg-visible"); // reset opacity for the fade-in

img.onload = () => {
requestAnimationFrame(() => {
requestAnimationFrame(() => {
currentBgUrl = newUrl;
img.classList.add("bg-visible"); // fade in only the image
if (previousUrl) URL.revokeObjectURL(previousUrl);
});
});
};
img.src = newUrl;

Check failure

Code scanning / CodeQL

DOM text reinterpreted as HTML High

DOM text
is reinterpreted as HTML without escaping meta-characters.
}
Comment on lines +24 to 43

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Prevent stale onload callbacks from restoring cleared wallpapers and leaking object URLs.

Line 33’s async onload path is not cancellable. A fast re-apply/clear sequence can let an older load callback re-show the image after clear, and intermediate object URLs can remain unreleased.

💡 Proposed fix (token-based cancellation + pending URL cleanup)
 let currentBgUrl = null;
+let pendingBgUrl = null;
+let bgLoadToken = 0;

 function setBackground(blob) {
     const img = document.getElementById("bg-img");
     const previousUrl = currentBgUrl;
     const newUrl = URL.createObjectURL(blob);
+    const loadToken = ++bgLoadToken;
+
+    // Revoke any not-yet-committed URL from a previous in-flight load.
+    if (pendingBgUrl) {
+        URL.revokeObjectURL(pendingBgUrl);
+        pendingBgUrl = null;
+    }

     toggleBackgroundType(true);
     localStorage.setItem("hasWallpaper", "true");

     img.classList.remove("bg-visible"); // reset opacity for the fade-in

     img.onload = () => {
+        if (loadToken !== bgLoadToken) {
+            URL.revokeObjectURL(newUrl);
+            return;
+        }
         requestAnimationFrame(() => {
             requestAnimationFrame(() => {
                 currentBgUrl = newUrl;
+                pendingBgUrl = null;
                 img.classList.add("bg-visible"); // fade in only the image
                 if (previousUrl) URL.revokeObjectURL(previousUrl);
             });
         });
     };
+
+    img.onerror = () => {
+        if (loadToken !== bgLoadToken) return;
+        URL.revokeObjectURL(newUrl);
+        pendingBgUrl = null;
+        localStorage.removeItem("hasWallpaper");
+        toggleBackgroundType(false);
+    };
+
+    pendingBgUrl = newUrl;
     img.src = newUrl;
 }

And when clearing, cancel in-flight loads before hiding:

const img = document.getElementById("bg-img");
bgLoadToken++;
img.onload = null;
img.onerror = null;
img.removeAttribute("src");
if (pendingBgUrl) {
  URL.revokeObjectURL(pendingBgUrl);
  pendingBgUrl = null;
}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
const img = document.getElementById("bg-img");
const previousUrl = currentBgUrl;
const newUrl = URL.createObjectURL(blob);
currentBgUrl = newUrl;
document.body.style.setProperty("--bg-image", `url(${newUrl})`);
toggleBackgroundType(true);
if (previousUrl) {
URL.revokeObjectURL(previousUrl);
}
localStorage.setItem("hasWallpaper", "true");
img.classList.remove("bg-visible"); // reset opacity for the fade-in
img.onload = () => {
requestAnimationFrame(() => {
requestAnimationFrame(() => {
currentBgUrl = newUrl;
img.classList.add("bg-visible"); // fade in only the image
if (previousUrl) URL.revokeObjectURL(previousUrl);
});
});
};
img.src = newUrl;
}
let currentBgUrl = null;
let pendingBgUrl = null;
let bgLoadToken = 0;
function setBackground(blob) {
const img = document.getElementById("bg-img");
const previousUrl = currentBgUrl;
const newUrl = URL.createObjectURL(blob);
const loadToken = ++bgLoadToken;
// Revoke any not-yet-committed URL from a previous in-flight load.
if (pendingBgUrl) {
URL.revokeObjectURL(pendingBgUrl);
pendingBgUrl = null;
}
toggleBackgroundType(true);
localStorage.setItem("hasWallpaper", "true");
img.classList.remove("bg-visible"); // reset opacity for the fade-in
img.onload = () => {
if (loadToken !== bgLoadToken) {
URL.revokeObjectURL(newUrl);
return;
}
requestAnimationFrame(() => {
requestAnimationFrame(() => {
currentBgUrl = newUrl;
pendingBgUrl = null;
img.classList.add("bg-visible"); // fade in only the image
if (previousUrl) URL.revokeObjectURL(previousUrl);
});
});
};
img.onerror = () => {
if (loadToken !== bgLoadToken) return;
URL.revokeObjectURL(newUrl);
pendingBgUrl = null;
localStorage.removeItem("hasWallpaper");
toggleBackgroundType(false);
};
pendingBgUrl = newUrl;
img.src = newUrl;
}
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@scripts/wallpaper.js` around lines 24 - 43, The onload callback can fire
after a clear and revive an old wallpaper and leak object URLs; implement a
token-based cancellation and pending URL tracking: add a numeric bgLoadToken and
pendingBgUrl variables, increment bgLoadToken and clear
img.onload/img.onerror/removeAttribute("src") when clearing, revoke pendingBgUrl
if present, and when creating newUrl set pendingBgUrl = newUrl and capture the
current token in the onload/onerror handlers so they ignore stale tokens before
assigning currentBgUrl, adding "bg-visible" or revoking previousUrl; also ensure
any errored or cancelled newUrl is revoked and pendingBgUrl cleared to avoid
leaks.


// Open IndexedDB database
Expand Down Expand Up @@ -134,6 +149,7 @@
const lastUpdate = new Date(savedTimestamp);

if (!blob || !savedTimestamp || isNaN(lastUpdate)) {
localStorage.removeItem("hasWallpaper");
toggleBackgroundType(false);
return;
}
Expand All @@ -152,6 +168,7 @@
})
.catch((error) => {
console.error("Error loading image details:", error);
localStorage.removeItem("hasWallpaper");
toggleBackgroundType(false);
});
}
Expand All @@ -173,11 +190,15 @@
if (await confirmPrompt(confirmationMessage)) {
try {
await clearImageFromIndexedDB();
localStorage.removeItem("hasWallpaper");

const img = document.getElementById("bg-img");
img.classList.remove("bg-visible");

if (currentBgUrl) {
URL.revokeObjectURL(currentBgUrl);
currentBgUrl = null;
}
document.body.style.removeProperty("--bg-image");
toggleBackgroundType(false);
} catch (error) {
console.error(error);
Expand Down
24 changes: 18 additions & 6 deletions style.css
Original file line number Diff line number Diff line change
Expand Up @@ -212,15 +212,27 @@ body {
width: 100%;
min-height: 100vh;
overflow: auto;
background-image: var(--bg-image, none);
background-size: cover;
background-repeat: no-repeat;
background-position: center;
background-attachment: fixed;
height: 100%; /* Ensure the image fits the viewport height */
height: 100%;
margin: 0;
}

#bg-img {
position: fixed;
inset: 0;
width: 100%;
height: 100%;
object-fit: cover;
object-position: center;
z-index: -1;
opacity: 0;
pointer-events: none;
transition: opacity 0.3s ease;
}

#bg-img.bg-visible {
opacity: 1;
}

/* Apply dark mode when: Dark Mode is selected manually, OR System Theme is selected */
html:has(body[data-bg="color"] .menuBar .themeSegment[data-active="dark"]):not(
:has(#darkTheme:checked)
Expand Down