PR #274 Merged: SSR Redux Store Isolation Fixed

in Steem Devyesterday

A few days ago, I wrote a post about my recent PR sent to the Steemit Wallet Repository that was pending merge.

Today, I'm happy to share that PR #274 has been merged by @ety001. ✅


1504917c-8760-4919-bcb9-5a9b916f9b09.png
Image generated by ChatGPT — visualizing secure, isolated Redux stores per SSR request.

What Was Fixed

This PR resolves Issue #273 — a potential SSR security concern where a module-level singleton Redux store could allow one user's auth state to leak into another user's rendered HTML.

The fix:

  • Replaced the singleton store with a makeStore() factory
  • Server: new store instance per request via useState(() => makeStore())
  • Client: retains a single persistent store

Result: isolated Redux state per SSR request, eliminating cross-user data leakage risks.

Additional Cleanup Included

  • Type exports (AppStore, RootState, AppDispatch) now derived from factory return type
  • Simplified getCurrentTheme() utility
  • Added SSR-safe documentation for useSyncExternalStore no-op subscription

All tests passed. Grateful for the timely review and merge.

📝 For the full technical context and background, see my previous post:
Another Contribution to the Future of the Steemit Wallet: SSR State Isolation Fix (PR #274)

If you value ongoing contributions to the STEEM ecosystem, consider supporting my witness: blaze.apps

🗳️ Vote for blaze.apps

#steemdevlopers #wallet #steemitwallet #witnesscategory
yesterday in Steem Dev by
$16.12
  • Pending payout amount: $16.12
  • Breakdown:
        0.00 SBD,
        146.55 STEEM,
        146.55 SP
  • Payout in 6 days
35 votes
Reply 0