[feat] 버전 정보 js injection 구현

[ff1451]

No description provided.

[coderabbitai]

Warning

Rate limit exceeded

@ff1451 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 25 minutes and 41 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 3bc6edd1-c7f7-4fd1-90da-d287020626dc

📥 Commits

Reviewing files that changed from the base of the PR and between b8c7895 and fbd1e2f.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• app/webview/[path].tsx

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch 58-feat-버전-정보-js-injection-구현

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

Implements JavaScript injection in the WebView route so the embedded web app can read the native app version at runtime.

Changes:

• Import appVersion from services/forceupdate.
• Define an injectedJavaScript snippet that sets window.APP_VERSION.
• Pass the snippet to the WebView via injectedJavaScript.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

injectedJavaScript builds a JS string using "${appVersion}" without escaping. If the version ever contains quotes/backslashes (or other characters needing escaping), this will generate invalid JS and can also become an injection footgun. Prefer assigning via JSON.stringify(appVersion ?? '0.0.0') (or equivalent escaping) instead of manual quoting.

Suggested change

	const injectedJavaScript = `window.APP_VERSION = "${appVersion ?? '0.0.0'}";true;`;
	const injectedJavaScript = `window.APP_VERSION = ${JSON.stringify(appVersion ?? '0.0.0')};true;`;

[Copilot]

injectedJavaScript runs for every navigation. With originWhitelist={['*']} and onShouldStartLoadWithRequest allowing any https?:// URL, this will also inject APP_VERSION into third-party pages if the WebView ever navigates off webUrl. If the version should only be exposed to your first-party origin, gate the injected script on window.location.origin (or restrict navigation/originWhitelist accordingly).