程序员阿江(Relakkes) 75c3c59613 Define opt-in H5 access before implementation
The H5 surface needs a small personal/team workflow instead of a public login system, so the spec keeps the first version to an explicit Settings switch, generated token, browser connection screen, controlled CORS, and mobile chat shell changes.

Constraint: Preserve the existing desktop/Tauri local flow by default
Constraint: H5 is for personal and team controlled environments, not public multi-tenant hosting
Rejected: Full account login and short-lived session exchange | too much scope for the requested first version
Confidence: high
Scope-risk: moderate
Directive: Do not implement H5 by simply exposing the current desktop API without token, origin, and mobile-shell boundaries
Tested: Spec self-review for placeholders, contradictions, scope, and ambiguity
Not-tested: Runtime behavior; this commit is design documentation only
2026-05-09 23:09:32 +08:00
..