fix: Code-Quality und Security-Verbesserungen

Security Fixes: - Fix XSS vulnerability in orchestrator.html (escapeHtml für user input) - Verbesserte Error-Handling: 4 bare except clauses mit spezifischen Exception-Typen Code Quality: - Logging für alle Exception-Handler hinzugefügt - Timeout für Agent-Tasks von 300s auf 600s erhöht (10 Min) - Bessere Kommentare für Exception-Handling Performance: - Wissensdatenbank aus Systemprompt entfernt - Agents nutzen @READ_KNOWLEDGE für on-demand Zugriff - Reduziert Prompt-Größe um ~15KB pro Task UI Improvements (aus vorherigem Work): - Tasks: Auto-Refresh Info statt Toggle - Tasks: Status-Anzeigen statt manuelle Buttons - Konsistentes Auto-Refresh (15s) wenn Tasks aktiv
2026-02-21 12:36:24 +01:00 · 2026-02-21 12:36:24 +01:00 · ca820d20db
commit ca820d20db
parent 93eb8c6d47
3 changed files with 290 additions and 41 deletions
--- a/templates/orchestrator.html
+++ b/templates/orchestrator.html
@ -130,7 +130,7 @@ function sendPromptWithStream() {
  msgDiv.className = 'chat-message';
  msgDiv.innerHTML = `
    <div class="chat-timestamp">${new Date().toLocaleTimeString()} · <span class="badge bg-primary" style="font-size:.65rem;" id="agentBadge">wird ausgewählt…</span></div>
-    <div class="chat-prompt mt-1"><strong>Sie:</strong> ${prompt}</div>
+    <div class="chat-prompt mt-1"><strong>Sie:</strong> ${escapeHtml(prompt)}</div>
    <div class="chat-response mt-1" id="responseDiv"><strong>Orchestrator:</strong> <span id="responseText">⏳ Agent arbeitet…</span></div>
  `;
  chatContainer.insertBefore(msgDiv, chatContainer.firstChild);
@ -220,5 +220,11 @@ function distributeTodos() {
    status.className = 'form-text mt-2 text-danger';
  });
 }
+
+function escapeHtml(text) {
+  const div = document.createElement('div');
+  div.textContent = text;
+  return div.innerHTML;
+}
 </script>
 {% endblock %}
--- a/templates/tasks.html
+++ b/templates/tasks.html
@ -40,13 +40,13 @@
    
    <div class="card">
      <div class="card-header bg-info">
-        <h5 class="mb-0">🔄 Auto-Refresh</h5>
+        <h5 class="mb-0">ℹ️ Info</h5>
      </div>
      <div class="card-body">
-        <div class="form-check form-switch">
-          <input class="form-check-input" type="checkbox" id="autoRefresh" onchange="toggleAutoRefresh()">
-          <label class="form-check-label" for="autoRefresh">Automatisch aktualisieren (alle 30s)</label>
-        </div>
+        <p class="mb-0" style="font-size:0.875rem;color:var(--text-muted);">
+          Tasks werden automatisch alle 10 Sekunden vom TaskBeat verarbeitet.
+          <br>Diese Seite aktualisiert sich automatisch alle 15 Sekunden wenn Tasks aktiv sind.
+        </p>
      </div>
    </div>
  </div>
@ -108,14 +108,14 @@
                </td>
                <td style="color:var(--text-muted);font-size:.75rem;">{{ task.created }}</td>
                <td>
-                  {% if task.type == 'email' %}
-                    <span style="color:var(--text-muted);font-size:.75rem;">Auto</span>
-                  {% elif task.status == 'pending' %}
-                    <a href="/tasks/update/{{ task.id }}/in_progress" class="btn btn-sm btn-primary">Start</a>
+                  {% if task.status == 'pending' %}
+                    <span style="color:var(--text-muted);font-size:.75rem;">⏳ Wartend</span>
                  {% elif task.status == 'in_progress' %}
-                    <a href="/tasks/update/{{ task.id }}/completed" class="btn btn-sm btn-success">Fertig</a>
+                    <span style="color:var(--info);font-size:.75rem;">🔄 Läuft...</span>
+                  {% elif task.status == 'completed' %}
+                    <span style="color:var(--success);font-size:.75rem;">✓ Auto</span>
                  {% else %}
-                    <span style="color:var(--text-muted);">—</span>
+                    <span style="color:var(--text-muted);font-size:.75rem;">—</span>
                  {% endif %}
                </td>
              </tr>
@ -137,20 +137,13 @@

 {% block scripts %}
 <script>
-let autoRefreshInterval = null;
+// Auto-Refresh alle 15 Sekunden wenn Tasks pending/in_progress sind
+const hasPendingTasks = {{ 'true' if tasks|selectattr('status', 'in', ['pending', 'in_progress'])|list else 'false' }};

-function toggleAutoRefresh() {
-  const checkbox = document.getElementById('autoRefresh');
-  if (checkbox.checked) {
-    autoRefreshInterval = setInterval(() => {
-      location.reload();
-    }, 30000);
-  } else {
-    if (autoRefreshInterval) {
-      clearInterval(autoRefreshInterval);
-      autoRefreshInterval = null;
-    }
-  }
+if (hasPendingTasks) {
+  setInterval(() => {
+    location.reload();
+  }, 15000); // 15 Sekunden
 }
 </script>
 {% endblock %}