fix: show loading spinner while preset config loads (#2477)

broody · claude · web-flow · commit a44d11b47b72 · 2026-03-06T09:50:50.000-10:00
## Summary - Show a loading spinner while preset config loads to prevent UI flash - Batch `verified` and `theme` state updates in the `loadConfig` callback so React 18 renders them in a single pass — eliminates the render gap where children briefly saw the default theme and `verified=false` - Extract verified computation into a reusable `computeVerifiedState` function - Use `originRef` to make origin available synchronously in async callbacks ## Test plan - [ ] Test with SessionConnector (redirect flow) with a preset — should not flash default theme or "not verified" warning - [ ] Test with ControllerConnector (iframe flow) with a preset — same behavior - [ ] Test without a preset — no behavior change expected 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
diff --git a/examples/next/src/components/providers/StarknetProvider.tsx b/examples/next/src/components/providers/StarknetProvider.tsx
@@ -236,14 +236,14 @@ export const controllerConnector = new ControllerConnector({
 });
 
 const session = new SessionConnector({
-  policies,
   rpc: process.env.NEXT_PUBLIC_RPC_MAINNET!,
-  chainId: constants.StarknetChainId.SN_MAIN,
-  redirectUrl: typeof window !== "undefined" ? window.location.origin : "",
+  chainId: shortString.encodeShortString("WP_JOKERS_CORE_SEASON2"),
+  redirectUrl: "jokers://open",
   disconnectRedirectUrl: "whatsapp://",
   keychainUrl: getKeychainUrl(),
   apiUrl: process.env.NEXT_PUBLIC_CARTRIDGE_API_URL,
   signupOptions,
+  preset: "jokers-of-neon",
 });
 
 export function StarknetProvider({ children }: PropsWithChildren) {
diff --git a/packages/keychain/src/components/provider/index.tsx b/packages/keychain/src/components/provider/index.tsx
@@ -26,6 +26,7 @@ import { IndexerAPIProvider } from "@cartridge/ui/utils/api/indexer";
 import { CartridgeAPIProvider } from "@cartridge/ui/utils/api/cartridge";
 import { ErrorBoundary } from "../ErrorBoundary";
 import { MarketplaceClientProvider } from "@cartridge/arcade/marketplace/react";
+import { SpinnerIcon } from "@cartridge/ui";
 
 export function Provider({ children }: PropsWithChildren) {
   const connection = useConnectionValue();
@@ -59,6 +60,16 @@ export function Provider({ children }: PropsWithChildren) {
     [connection.controller, connection.project],
   );
 
+  // Wait for preset config to load before rendering UI to prevent
+  // flash of default theme and unverified domain warning
+  if (connection.isConfigLoading) {
+    return (
+      <div className="flex items-center justify-center h-screen w-screen bg-background">
+        <SpinnerIcon className="animate-spin text-muted-foreground" size="lg" />
+      </div>
+    );
+  }
+
   return (
     <FeatureProvider>
       <CartridgeAPIProvider url={ENDPOINT}>
diff --git a/packages/keychain/src/hooks/connection.ts b/packages/keychain/src/hooks/connection.ts
@@ -215,6 +215,54 @@ export function resolvePolicies({
   return { policies: urlPolicies, isPoliciesResolved: true };
 }
 
+/**
+ * Computes the verified state from config data and origin.
+ * Extracted as a pure function so it can be called both synchronously
+ * (in the loadConfig callback) and in the verified useEffect.
+ */
+function computeVerifiedState(
+  configData: Record<string, unknown>,
+  currentOrigin: string | undefined,
+): boolean {
+  const allowedOrigins = toArray(configData.origin as string | string[]);
+
+  if (!isIframe()) {
+    const searchParams = new URLSearchParams(window.location.search);
+    const redirectUrl =
+      searchParams.get("redirect_url") || searchParams.get("redirect_uri");
+
+    if (redirectUrl) {
+      try {
+        const redirectUrlObj = new URL(redirectUrl);
+        const redirectOrigin = redirectUrlObj.origin;
+        const isLocalhost =
+          redirectOrigin.includes("localhost") ||
+          redirectOrigin === "capacitor://localhost";
+        const isOriginAllowed = isOriginVerified(redirectUrl, allowedOrigins);
+        return isLocalhost || isOriginAllowed;
+      } catch (error) {
+        console.error("Failed to parse redirect_url:", error);
+      }
+    }
+
+    return false;
+  }
+
+  if (!configData.origin) {
+    return false;
+  }
+
+  if (currentOrigin) {
+    const isLocalhost =
+      currentOrigin.includes("localhost") ||
+      currentOrigin === "capacitor://localhost";
+    const isOriginAllowed = isOriginVerified(currentOrigin, allowedOrigins);
+    return isLocalhost || isOriginAllowed;
+  }
+
+  return false;
+}
+
 export function useConnectionValue() {
   const { navigate } = useNavigation();
   const [parent, setParent] = useState<ParentMethods>();
@@ -254,6 +302,10 @@ export function useConnectionValue() {
     isPoliciesResolved,
     isConfigLoading,
   });
+  // Ref to track origin synchronously for use in async callbacks (e.g. loadConfig)
+  // where the state value may not yet be available via closure.
+  const originRef = useRef<string | undefined>(undefined);
+
   const [onModalClose, setOnModalCloseInternal] = useState<
     (() => void) | undefined
   >();
@@ -504,7 +556,26 @@ export function useConnectionValue() {
     setIsConfigLoading(true);
     loadConfig(urlParams.preset)
       .then((config) => {
-        setConfigData((config as Record<string, unknown>) || null);
+        const configObj = (config as Record<string, unknown>) || null;
+        setConfigData(configObj);
+
+        if (configObj) {
+          // Compute verified and theme immediately so React 18 batches
+          // all state updates into a single render, preventing a flash
+          // of default theme / unverified domain warning.
+          const computedVerified = computeVerifiedState(
+            configObj,
+            originRef.current,
+          );
+          setVerified(computedVerified);
+
+          if ("theme" in configObj) {
+            setTheme({
+              verified: computedVerified,
+              ...(configObj.theme as ControllerTheme),
+            });
+          }
+        }
       })
       .catch((error: Error) => {
         console.error("Failed to load config:", error);
@@ -515,60 +586,16 @@ export function useConnectionValue() {
       });
   }, [urlParams.preset]);
 
-  // Compute verified state separately once config is loaded and origin or redirect_url are available
+  // Compute verified state when config is loaded and origin or redirect_url change.
+  // Initial computation also happens in the loadConfig callback above to avoid
+  // a flash, but this effect handles subsequent changes (e.g. origin arriving
+  // later in iframe mode).
   useEffect(() => {
     if (!configData || isConfigLoading) {
       return;
     }
 
-    const allowedOrigins = toArray(configData.origin as string | string[]);
-
-    // In standalone mode (not iframe), verify preset if redirect_url matches preset whitelist
-    if (!isIframe()) {
-      const searchParams = new URLSearchParams(window.location.search);
-      const redirectUrl =
-        searchParams.get("redirect_url") || searchParams.get("redirect_uri");
-
-      if (redirectUrl) {
-        try {
-          const redirectUrlObj = new URL(redirectUrl);
-          const redirectOrigin = redirectUrlObj.origin;
-
-          // Always consider localhost and default capacitor as verified for development
-          const isLocalhost =
-            redirectOrigin.includes("localhost") ||
-            redirectOrigin === "capacitor://localhost";
-          const isOriginAllowed = isOriginVerified(redirectUrl, allowedOrigins);
-          const finalVerified = isLocalhost || isOriginAllowed;
-
-          setVerified(finalVerified);
-          return;
-        } catch (error) {
-          console.error("Failed to parse redirect_url:", error);
-        }
-      }
-
-      // No redirect_url or invalid redirect_url - don't verify preset in standalone mode
-      setVerified(false);
-      return;
-    }
-
-    if (!configData.origin) {
-      setVerified(false);
-      return;
-    }
-
-    // Embedded mode: verify against parent origin
-    // Always consider localhost and default capacitor as verified for development (not 127.0.0.1)
-    if (origin) {
-      const isLocalhost =
-        origin.includes("localhost") || origin === "capacitor://localhost";
-      const isOriginAllowed = isOriginVerified(origin, allowedOrigins);
-      const finalVerified = isLocalhost || isOriginAllowed;
-      setVerified(finalVerified);
-    } else {
-      setVerified(false);
-    }
+    setVerified(computeVerifiedState(configData, origin));
   }, [origin, configData, isConfigLoading]);
 
   // Store referral data when URL params are available
@@ -708,7 +735,9 @@ export function useConnectionValue() {
 
       connection.promise
         .then((parentConnection) => {
-          setOrigin(normalizeOrigin(parentConnection.origin));
+          const normalizedOrigin = normalizeOrigin(parentConnection.origin);
+          originRef.current = normalizedOrigin;
+          setOrigin(normalizedOrigin);
           // Extract origin and spread the rest to match ParentMethods type
           // eslint-disable-next-line @typescript-eslint/no-unused-vars
           const { origin: _, ...methods } = parentConnection;
@@ -741,6 +770,7 @@ export function useConnectionValue() {
         }
       }
 
+      originRef.current = appOrigin;
       setOrigin(appOrigin);
 
       setParent({
