Switchbordswitchbord
Sign inGet started
All releases
v0.15.62

v0.15.62

Adversarial review fixes for the CTWA ad attribution rollout — Meta access tokens now travel in the Authorization header, Graph error classification is JSON-parsed, and CTWA image URLs are allowlisted against Meta's CDN at write and render time.

What's fixed


  • The CTWA enrichment adapter now sends the workspace Meta access token in the Authorization: Bearer … header instead of the Graph URL query string, matching every other Meta Graph call in the codebase. Tokens no longer leak into Sentry breadcrumbs or proxy access logs.
  • Meta Graph error responses are JSON-parsed and classified by error.code — only codes 100 (deleted/archived) and 803 (alias not found), plus HTTP 404, mark the attribution as unavailable. Every other error stays failed so the operator sees a real status badge.
  • CTWA referral image URLs are validated against a Meta CDN allowlist (fbcdn.net / cdninstagram.com / fbsbx.com) at webhook write time and again at render time in the operator-only info card. A spoofed or future-format referral can no longer ship an attacker-controlled URL to operators' browsers.
  • The persistFailure update on conversation_attributions is now also scoped by workspace_id, matching the rest of the adapter.
  • Refreshing the ad info card uses router.refresh() instead of window.location.reload(), so operators keep scroll position, draft messages, and unrelated inbox state across a manual refresh.

Notes


This release is a follow-up to v0.15.60 after an adversarial code review. The CTWA functionality and the operator-only info card itself are unchanged; only the implementation hardening is new.

Olderv0.15.64Newerv0.15.60