From d3a0de6b009c9ba7c4dd0d14b089f423dff2490b Mon Sep 17 00:00:00 2001 From: wobsoriano Date: Tue, 10 Feb 2026 13:39:28 -0800 Subject: [PATCH 1/3] fix(repo): Handle framework query param in Next.js keyless test MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Update the Next.js keyless integration test to verify that claim URLs include the framework=nextjs query parameter. This aligns with backend changes that add framework query params to claim URLs for dashboard analytics and proper routing. Changes: - Check for 'framework=nextjs' in sign_in_force_redirect_url - Check for 'framework=nextjs' in sign_up_force_redirect_url (both regular and prepare-account cases) - Use .includes() instead of .startsWith() for more flexible URL validation - Properly handle URL-encoded framework parameter in prepare-account flow Test coverage: ✅ Sign-in redirect URL contains framework=nextjs ✅ Sign-up redirect URL contains framework=nextjs (regular case) ✅ Sign-up redirect URL contains framework=nextjs (prepare-account case) ✅ All other claim URL parameters (token, dashboard URL) still validated --- .../tests/next-quickstart-keyless.test.ts | 30 ++++++++++++------- 1 file changed, 19 insertions(+), 11 deletions(-) diff --git a/integration/tests/next-quickstart-keyless.test.ts b/integration/tests/next-quickstart-keyless.test.ts index d143b60385e..4007d2b8e3e 100644 --- a/integration/tests/next-quickstart-keyless.test.ts +++ b/integration/tests/next-quickstart-keyless.test.ts @@ -89,20 +89,28 @@ test.describe('Keyless mode @quickstart', () => { await newPage.waitForLoadState(); await newPage.waitForURL(url => { - const urlToReturnTo = `${dashboardUrl}apps/claim?token=`; - + const signInForceRedirectUrl = url.searchParams.get('sign_in_force_redirect_url'); const signUpForceRedirectUrl = url.searchParams.get('sign_up_force_redirect_url'); - const signUpForceRedirectUrlCheck = - signUpForceRedirectUrl?.startsWith(urlToReturnTo) || - (signUpForceRedirectUrl?.startsWith(`${dashboardUrl}prepare-account`) && - signUpForceRedirectUrl?.includes(encodeURIComponent('apps/claim?token='))); + const signInHasRequiredParams = + signInForceRedirectUrl?.includes(`${dashboardUrl}apps/claim`) && + signInForceRedirectUrl?.includes('token=') && + signInForceRedirectUrl?.includes('framework=nextjs'); + + const signUpRegularCase = + signUpForceRedirectUrl?.includes(`${dashboardUrl}apps/claim`) && + signUpForceRedirectUrl?.includes('token=') && + signUpForceRedirectUrl?.includes('framework=nextjs'); + + const signUpPrepareAccountCase = + signUpForceRedirectUrl?.startsWith(`${dashboardUrl}prepare-account`) && + signUpForceRedirectUrl?.includes(encodeURIComponent('apps/claim')) && + signUpForceRedirectUrl?.includes(encodeURIComponent('token=')) && + signUpForceRedirectUrl?.includes(encodeURIComponent('framework=nextjs')); + + const signUpHasRequiredParams = signUpRegularCase || signUpPrepareAccountCase; - return ( - url.pathname === '/apps/claim/sign-in' && - url.searchParams.get('sign_in_force_redirect_url')?.startsWith(urlToReturnTo) && - signUpForceRedirectUrlCheck - ); + return url.pathname === '/apps/claim/sign-in' && signInHasRequiredParams && signUpHasRequiredParams; }); }); From 194d93f02c93cae716bcc67f12fcff4a3a29965c Mon Sep 17 00:00:00 2001 From: Ben Singer Date: Tue, 10 Feb 2026 11:04:09 -0600 Subject: [PATCH 2/3] fix(clerk-js): Remove beforeunload event listener from SafeLock (#7775) Co-authored-by: Claude Co-authored-by: Nikos Douvlis Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- .changeset/remove-beforeunload-safelock.md | 5 +++++ packages/clerk-js/src/core/auth/safeLock.ts | 6 ------ 2 files changed, 5 insertions(+), 6 deletions(-) create mode 100644 .changeset/remove-beforeunload-safelock.md diff --git a/.changeset/remove-beforeunload-safelock.md b/.changeset/remove-beforeunload-safelock.md new file mode 100644 index 00000000000..591a4eb3e19 --- /dev/null +++ b/.changeset/remove-beforeunload-safelock.md @@ -0,0 +1,5 @@ +--- +'@clerk/clerk-js': patch +--- + +Removed redundant `beforeunload` event listener from SafeLock that was disabling the browser's back-forward cache (bfcache), degrading navigation performance. diff --git a/packages/clerk-js/src/core/auth/safeLock.ts b/packages/clerk-js/src/core/auth/safeLock.ts index 405190a73ff..5fb08ea5a06 100644 --- a/packages/clerk-js/src/core/auth/safeLock.ts +++ b/packages/clerk-js/src/core/auth/safeLock.ts @@ -3,12 +3,6 @@ import Lock from 'browser-tabs-lock'; export function SafeLock(key: string) { const lock = new Lock(); - // TODO: Figure out how to fix this linting error - // eslint-disable-next-line @typescript-eslint/no-misused-promises - window.addEventListener('beforeunload', async () => { - await lock.releaseLock(key); - }); - const acquireLockAndRun = async (cb: () => Promise) => { if ('locks' in navigator && isSecureContext) { const controller = new AbortController(); From 49ecb193e77191d03794dac7aeb518e2d22958fb Mon Sep 17 00:00:00 2001 From: wobsoriano Date: Tue, 10 Feb 2026 15:35:51 -0800 Subject: [PATCH 3/3] Sync test file with release/core-2 --- integration/tests/next-quickstart-keyless.test.ts | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/integration/tests/next-quickstart-keyless.test.ts b/integration/tests/next-quickstart-keyless.test.ts index 4007d2b8e3e..082367c1a7a 100644 --- a/integration/tests/next-quickstart-keyless.test.ts +++ b/integration/tests/next-quickstart-keyless.test.ts @@ -92,21 +92,17 @@ test.describe('Keyless mode @quickstart', () => { const signInForceRedirectUrl = url.searchParams.get('sign_in_force_redirect_url'); const signUpForceRedirectUrl = url.searchParams.get('sign_up_force_redirect_url'); + // Backend adds framework=nextjs query param before token, so use .includes() instead of .startsWith() const signInHasRequiredParams = - signInForceRedirectUrl?.includes(`${dashboardUrl}apps/claim`) && - signInForceRedirectUrl?.includes('token=') && - signInForceRedirectUrl?.includes('framework=nextjs'); + signInForceRedirectUrl?.includes(`${dashboardUrl}apps/claim`) && signInForceRedirectUrl?.includes('token='); const signUpRegularCase = - signUpForceRedirectUrl?.includes(`${dashboardUrl}apps/claim`) && - signUpForceRedirectUrl?.includes('token=') && - signUpForceRedirectUrl?.includes('framework=nextjs'); + signUpForceRedirectUrl?.includes(`${dashboardUrl}apps/claim`) && signUpForceRedirectUrl?.includes('token='); const signUpPrepareAccountCase = signUpForceRedirectUrl?.startsWith(`${dashboardUrl}prepare-account`) && signUpForceRedirectUrl?.includes(encodeURIComponent('apps/claim')) && - signUpForceRedirectUrl?.includes(encodeURIComponent('token=')) && - signUpForceRedirectUrl?.includes(encodeURIComponent('framework=nextjs')); + signUpForceRedirectUrl?.includes(encodeURIComponent('token=')); const signUpHasRequiredParams = signUpRegularCase || signUpPrepareAccountCase;