- Wrapped the initial script execution in try-catch
- Added alert for critical errors to show if script fails
- This will help identify if JavaScript syntax errors are preventing execution
- If alert appears, it means script is running but has errors
- If no alert appears, script is completely blocked

- Added checks to verify if DOM elements exist before attaching listeners
- Added detailed logging for each event listener attachment
- Log format shows which elements are found and which listeners are attached
- This will reveal if buttons exist in DOM and if listeners are properly attached

- Added alert('RDP page script is loading!') at the very beginning
- This will show if the script is being executed or blocked
- If no alert appears, the issue is script loading or CSP
- If alert appears but no console logs, there's a JavaScript error

- Added console.log statements throughout RDP page JavaScript
- Log WebAssembly module loading progress
- Log event listener attachment
- Log button click events (connect, disconnect, window controls)
- Log function calls (showRdpConfig, startRdpConnection, connect)
- This will help identify where the execution stops when buttons are clicked

- Added complete keyboard and mouse event handling from example.html
- Implemented Keyboard, EmulatedKeyboard, and UnicodeKeyboard classes
- Added mouse event handlers for movement, clicks, and wheel
- Added proper WebAssembly module loading with async/await
- Added missing constants (KeyAcquire, KeyRelease, SyncFlags)
- Fixed event listener attachments for canvas and input focus
- RDP page should now respond to user interactions

- Removed Content Security Policy header for RDP pages
- CSP was blocking WebAssembly eval() and other required functionality
- RDP pages now load without CSP restrictions
- WebAssembly and RDP client can now execute properly

- Simplified Content Security Policy to use wildcard https://* for external resources
- Reduced CSP length to prevent parsing issues
- Maintained 'unsafe-eval' for WebAssembly functionality
- CSP now allows all HTTPS resources while maintaining security

- Added fonts.gstatic.com to font-src for Google Fonts
- Added fonts.googleapis.com to script-src and style-src for Google Fonts API
- Expanded img-src to allow all HTTPS images
- CSP now properly allows all required resources for RDP functionality

- Added full CSP header allowing WebAssembly, external scripts/styles, WebSocket connections
- Includes 'unsafe-eval' and 'unsafe-inline' for RDP functionality
- Allows CDN resources from jsdelivr and cloudflare
- Permits WebSocket connections for RDP protocol

- Added https://cdn.jsdelivr.net and https://cdnjs.cloudflare.com to script-src, style-src, and font-src
- Required for Bootstrap and FontAwesome loading
- Maintains security while allowing necessary external resources

- Added Content-Security-Policy header with 'unsafe-eval' for script-src
- Required for WebAssembly module loading in RDP client
- Only applied to RDP HTML responses

- Made connect() function async to properly load WallixModule
- Moved WebAssembly initialization into connect function
- Set module constants after loading
- Ensured module is ready before creating RDP client

- Added WallixModule initialization with logging
- Integrated keyboard classes (Keyboard, EmulatedKeyboard, UnicodeKeyboard) from example
- Added mouse event handling functions
- Implemented event listeners for canvas and focus
- Updated connect function to properly set up RDP client with input handling
- Added updateInput and keyboard layout management
- Cleaned up event listeners on disconnect

- WallixModule is not a Promise, Module is the global WebAssembly object
- Check if newRdpGraphics2D is defined before using it
- Use Module.RdpClient directly like in rdpwasm/mstsc.js
- Rebuild project to embed updated HTML template

- WallixModule is the Promise returned by the IIFE, not an object with .ready property
- Use WallixModule.then((module) => { ... }) to access the loaded module
- Rebuild project to embed updated HTML template

- Replace undefined GraphicsDevice with newRdpGraphics2D
- Replace undefined RdpClient with WallixModule.RdpClient
- Add proper WebAssembly module loading with WallixModule.ready promise
- Rebuild project to embed updated HTML template

The client was failing WebSocket connection because the server was sending
Sec-WebSocket-Protocol: binary header in the handshake response, but the
client did not request any protocol. According to WebSocket RFC 6455,
servers should not send protocol headers if not requested by the client.

Changed the handshake response for RDP to not include the protocol header,
matching the terminal WebSocket behavior.

- Changed the path check in get_embedded_asset from /rdp/ to /rdpwasm/
- Rebuilt the project to include the updated asset serving logic

- Renamed templates/rdp/ to templates/rdpwasm/
- Updated embed_assets.sh to embed from rdpwasm and map to /rdpwasm/ paths
- Updated rdp.html to load scripts from /rdpwasm/
- Regenerated Makefile and rebuilt successfully

- Add patterns for wssshd2 build artifacts (*.o, *.a, *.so, wssshd, Makefile, etc.)
- Consolidate wssshtools executable patterns to wss*/test_*
- Ensure all build artifacts are properly ignored to prevent accidental commits

- Add Bootstrap modal for VNC password input
- Implement credentialsrequired event handler to show password prompt
- Handle password submission and resume authentication
- Allow Enter key to submit password
- Disconnect if user cancels without providing password

- Remove WebSocket-level chunking of VNC data (breaks streaming protocol)
- Send VNC data as complete WebSocket frames instead of chunks
- Enhance SSL error handling with better retry logic and exponential backoff
- Make VNC handler resilient to temporary SSL buffer issues
- Add comprehensive debug logging for WebSocket frame transmission
- Add client-side debug logging for VNC rectangle processing

Root cause: WebSocket chunking interrupted VNC TightDecoder which expects
complete compressed data blocks. Client accumulated partial data until
connection reset with ECONNRESET.

- Remove wsProtocols: ['binary'] setting that was causing reserved bits error
- WebSocket extension negotiation was failing with 'reserved3 = 1'
- Use default WebSocket protocol negotiation instead

- Wrap client cards in Bootstrap row container
- Each client uses col-md-4 for 3 columns per row on medium+ screens
- Maintains responsive design for smaller screens

- Allow container to expand with height: auto and max-height: none in full-size mode
- Set min-width and min-height to fit-content for #noVNC_screen to allow proper canvas sizing
- Add debugging logs to check canvas and container dimensions after zoom toggle
- Ensure scrollbars appear when remote desktop is larger than viewport

- Add CSS class .vnc-container.full-size with overflow: auto to show scrollbars
- Modify toggleZoom() function to toggle the full-size CSS class on the container
- When zoom button is active (full-size mode), scrollbars appear for navigation
- Maintains scaled view (no scrollbars) when zoom button is inactive

- Add zoom/scale toggle button in the window titlebar
- Implement toggle functionality between scaled view (fit to window) and full-size view with scrollbars
- Add CSS styling for the zoom button with active state
- Button toggles between search-plus and search-minus icons
- When active, shows remote desktop at actual size with clipping and scrollbars enabled

- Add comprehensive logging to Display.flip() method for viewport and scaling debugging
- Fix missing KeyboardUtil object in input/util.js
- Add backbuffer content verification before and after rectangle processing
- Enhance WebSocket message logging for frame data debugging
- Improve error handling for corrupted FramebufferUpdate messages
- Add data skipping for unsupported encodings to prevent connection stalls
- Clean up excessive console.log statements for production readiness
- Verify loading system with cancel button functionality

- Disable viewport clipping to prevent large screens from being hidden
- Add proper handling of corrupted FramebufferUpdate messages
- Skip data for unsupported encodings to prevent data accumulation
- Add comprehensive debugging for message processing flow
- Fix infinite loop in rectangle processing for corrupted data

- Added retry logic with partial write handling to ws_send_binary_frame()
- Prevents WebSocket frame corruption during large VNC data transmission
- Fixes 'server must not mask frames' error in noVNC browser connections
- ws_send_binary_frame now handles SSL write interruptions properly

- Implements VNC protocol handshake (version exchange, security negotiation, client init)
- Uses wsssht --pipe mode for bidirectional communication
- Includes timeout handling and proper error management
- Tested successfully with VNC server negotiation

- Replace ws_send_frame with ws_send_binary_frame for VNC WebSocket data
- This ensures proper binary frame handling for VNC protocol data
- Fixes immediate disconnection after 'VNC connected' message

- Fix Base64 object definition in wssshd2/templates/novnc/base64.js
- Change 'window.{' to 'window.Base64 = {' to properly define global Base64 object
- This resolves ReferenceError when decoding JPEG rectangles in Tight encoding
- VNC connections now establish successfully instead of disconnecting immediately

- Implement bidirectional pipe communication for VNC sessions
- Replace single pipe with separate stdin/stdout pipes
- Fix child process redirection to properly handle both input and output
- Add enhanced debug logging for VNC data flow
- Update resource cleanup in vnc_free_session()

This resolves the issue where VNC connections would hang after exchanging
the first 12 bytes (RFB protocol version strings) because input from
noVNC WebSocket wasn't reaching the wsssht process.

- Fix pipe handling in vnc.c: was writing to read end instead of write end
- Add separate read_fd/write_fd fields to vnc_session_t struct
- Add debug logging for VNC data exchange in websocket handler
- Add hex dump logging for VNC pipe communication

This resolves the 'Wrote -1 bytes to pipe' error that was preventing
VNC connections from working properly.

- Add output buffering to vnc_session_t structure
- Modify read_pipe_output to buffer wsssht stdout
- Update vnc_get_output to return buffered data
- Modify websocket_vnc_handler to send output to WebSocket client
- Enable bidirectional communication for VNC WebSocket connections