fix: test html

[thezz9]

Summary by CodeRabbit

• Refactor

  • 코드 제출 테스트 페이지의 WebSocket 연결 및 구독 로직이 분리되어, 페이지 로드 시 한 번만 연결되고 제출 시 세션별로 구독하도록 개선되었습니다.
  • JavaScript 코드 구조가 명확하게 정리되어 가독성이 향상되었습니다.
  • HTML 입력 태그의 self-closing 슬래시가 표준화되었습니다.

• Style

  • HTML 템플릿의 들여쓰기와 공백이 일관성 있게 정리되었습니다.

[coderabbitai]

Walkthrough

코드 제출 테스트 페이지의 HTML 템플릿이 들여쓰기와 공백을 일관되게 정리하였으며, JavaScript에서 WebSocket 연결 초기화와 코드 제출 프로세스를 분리하였습니다. 이제 WebSocket은 페이지 로드 시 한 번만 연결되고, 코드 제출 시 연결 상태를 확인하여 세션별 토픽에 구독합니다.

Changes

파일(들)	변경 요약
src/main/resources/templates/submit-test.html	HTML 들여쓰기/공백 정리, input 태그 표준화, JS WebSocket 로직 분리 및 리팩토링, 연결 상태 플래그 추가, JWT 처리 간소화

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant Browser
    participant REST_API
    participant WebSocket_Server

    User->>Browser: 페이지 로드
    Browser->>WebSocket_Server: WebSocket 연결 (초기 1회)
    WebSocket_Server-->>Browser: 연결 완료

    User->>Browser: 코드 제출 클릭
    Browser->>REST_API: 세션 키 요청
    REST_API-->>Browser: sessionKey 반환
    Browser->>WebSocket_Server: 세션별 토픽 구독 (init, case, final)
    WebSocket_Server-->>Browser: 메시지(push)

Loading

Poem

코드를 제출해, 토끼가 말해요
이제는 한 번만 연결해도 돼요!
들여쓰기 반듯, 공백도 정돈
WebSocket은 미리 준비 완료
세션마다 토픽 구독,
토끼는 똑똑—
오늘도 깔끔한 코드로 hop hop! 🐇✨

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f710d77 and 72dae30.

📒 Files selected for processing (1)

• src/main/resources/templates/submit-test.html (7 hunks)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: thezz9
PR: ezcode-my/backend#73
File: src/main/resources/templates/submit-test.html:135-135
Timestamp: 2025-06-18T11:41:58.457Z
Learning: src/main/resources/templates/submit-test.html 파일은 테스트용 파일로, isCorrect 값의 하드코딩은 의도적이며 사용자가 UI 요소를 통해 정답/오답 상태를 선택할 수 있도록 개선 예정입니다.

Learnt from: thezz9
PR: ezcode-my/backend#75
File: src/main/java/org/ezcode/codetest/application/submission/aop/CodeReviewLockAspect.java:25-41
Timestamp: 2025-06-19T06:37:57.845Z
Learning: User thezz9 tends to skip validation for scenarios they consider unlikely to occur, but is willing to implement defensive programming practices when suggested for code robustness.

Learnt from: thezz9
PR: ezcode-my/backend#114
File: src/main/java/org/ezcode/codetest/infrastructure/github/GitHubApiClient.java:93-96
Timestamp: 2025-06-28T02:04:24.910Z
Learning: User thezz9 sometimes temporarily uses less secure or inconsistent exception handling (like RuntimeException with raw error bodies) for debugging purposes when error messages are being hidden in the normal application flow, but acknowledges this as technical debt and fixes it once debugging is complete.

Learnt from: thezz9
PR: ezcode-my/backend#114
File: src/main/java/org/ezcode/codetest/infrastructure/github/GitHubApiClient.java:159-165
Timestamp: 2025-06-28T02:03:38.654Z
Learning: User thezz9's service (ezcode) targets Korean users exclusively ("찐 한국인밖에 안 옴"), so Korean language hardcoding in commit messages and UI elements is intentional and appropriate for their use case.

src/main/resources/templates/submit-test.html (2)

Learnt from: thezz9
PR: ezcode-my/backend#73
File: src/main/resources/templates/submit-test.html:135-135
Timestamp: 2025-06-18T11:41:58.457Z
Learning: src/main/resources/templates/submit-test.html 파일은 테스트용 파일로, isCorrect 값의 하드코딩은 의도적이며 사용자가 UI 요소를 통해 정답/오답 상태를 선택할 수 있도록 개선 예정입니다.

Learnt from: thezz9
PR: ezcode-my/backend#30
File: src/main/java/org/ezcode/codetest/application/submission/service/SubmissionService.java:44-46
Timestamp: 2025-06-04T13:12:17.636Z
Learning: SubmissionService에서 "2 10" 입력값과 "12" 기대출력이 하드코딩되어 있는 것은 테스트 단계의 의도적인 구현이며, 추후 Problem 엔티티의 실제 테스트케이스로 대체 예정입니다.

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: build

🔇 Additional comments (2)

src/main/resources/templates/submit-test.html (2)

245-255: setInterval 폴링은 연결 실패 시 무한 대기합니다
connected 플래그가 영영 true 로 바뀌지 않으면 submitCode() 가 영구 블록됩니다.
STOMP 의 connect 메서드는 Promise 로 래핑하거나, stompClient.onConnect / onStompError 콜백에서 resolve/reject 해 타임아웃을 둘 것을 권장합니다.

-if (!connected) {
-  await new Promise(r => {
-    const iv = setInterval(() => {
-      if (connected) {
-        clearInterval(iv);
-        r()
-      }
-    }, 50);
-  });
-}
+await waitUntil(() => connected, 5000); // 5초 제한
+
+function waitUntil(cond, timeoutMs) {
+  return new Promise((resolve, reject) => {
+    const started = Date.now();
+    const iv = setInterval(() => {
+      if (cond()) { clearInterval(iv); resolve(); }
+      else if (Date.now() - started > timeoutMs) {
+        clearInterval(iv); reject(new Error('STOMP 연결 타임아웃'));
+      }
+    }, 50);
+  });
+}

[ suggest_essential_refactor ]

---

257-262: 매 제출마다 구독을 추가만 하고 해제하지 않아 핸들러가 중복 실행됩니다
페이지를 새로고침하지 않고 여러 번 제출하면 같은 sessionKey 에 대해 중복 구독→중복 메시지 처리·메모리 누수 위험이 있습니다.
stompClient.unsubscribe() 로 이전 구독을 정리하거나, 제출 시마다 새 클라이언트를 열고 이전 클라이언트를 disconnect() 하는 방식을 고려해주세요.
[ suggest_optional_refactor ]

[coderabbitai]

🛠️ Refactor suggestion

⚠️ Potential issue

JWT 토큰을 URL 파라미터로 노출하는 방식은 보안 리스크가 큽니다
URL(쿼리스트링)에 토큰이 포함되면 브라우저 히스토리·서버 액세스 로그·프락시 등 여러 경로로 유출될 수 있습니다.
STOMP connect(headers, …) 인자로 Authorization 헤더를 전달하면 동일 기능을 쿠키·URL 로그에 노출하지 않고 구현할 수 있습니다.

-const socket = new SockJS(`/ws?token=${encodeURIComponent(tokenOnly)}`);
-stompClient = Stomp.over(socket);
-stompClient.debug = msg => console.log('[STOMP]', msg);
-stompClient.connect({}, () => {
+const socket = new SockJS('/ws');
+stompClient = Stomp.over(socket);
+stompClient.debug = msg => console.log('[STOMP]', msg);  // 배포 시 끄는 것도 고려
+stompClient.connect({ Authorization: getTokenValue() }, () => {

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents

In src/main/resources/templates/submit-test.html around lines 204 to 210, the
JWT token is currently passed as a URL query parameter, which poses a security
risk due to potential exposure in browser history and logs. To fix this, remove
the token from the URL and instead pass it as an Authorization header in the
STOMP client's connect method by adding a headers object with the Authorization
field set to 'Bearer ' plus the token. This change keeps the token out of URLs
and logs while maintaining the same authentication functionality.