feat: proxy AbortSignal across iframe boundary for V3 plugin provider callbacks (#1276)

## PR Checklist

- Required Checks
    - [x] Have you added type definitions?
    - [x] Have you tested your changes?
    - [x] Have you checked that it won't break any existing features?
- [ ] If your PR uses models[^1], if true, check the following:
    - [ ] Have you checked if it works normally in all models?
- [ ] Have you checked if it works normally in all web, local, and node
hosted versions? If it doesn't, have you blocked it in those versions?
- [x] If your PR is highly ai generated[^2], check the following:
    - [x] Have you understanded what the code does?
    - [x] Have you cleaned up any unnecessary or redundant code?
    - [x] Is is not a huge change?
- We currently do not accept highly ai generated PRs that are large
changes.


[^1]: Modifies the behavior of prompting, requesting or handling
responses from ai models.
[^2]: Almost over 80% of the code is ai generated.

## Summary

Follow-up to #1273. Instead of discarding `AbortSignal` (replacing with
`null`), this PR proxies it across the iframe boundary using an ID-based
message protocol, restoring abort/cancel functionality for V3 plugin
providers.

## Related Issues

- PR #1273 — Initial fix that sanitized `AbortSignal` to `null` to
prevent `DataCloneError`. This PR builds on that foundation.

## Changes

`AbortSignal` is not structured-cloneable (HTML spec), so it cannot be
passed via `postMessage`. PR #1273 solved the crash by replacing it with
`null`, but this meant plugins lost all abort/cancel functionality.

This PR introduces a lightweight proxy protocol within factory.ts
(single file, ~46 lines added):

**Host side** (`SandboxHost.deserializeArgs`):
- `AbortSignal` → serializable `AbortSignalRef` object `{ __type:
'ABORT_SIGNAL_REF', abortId, aborted }`
- Attaches a one-shot `abort` event listener on the real signal that
sends an `ABORT_SIGNAL` message to the guest iframe when triggered

**Guest side** (`GUEST_BRIDGE_SCRIPT`):
- New `abortControllers` registry (Map)
- `INVOKE_CALLBACK` handler deserializes `AbortSignalRef` → local
`AbortController`, stores in registry, returns `controller.signal` to
the plugin callback
- If `aborted: true` in ref, immediately calls `controller.abort()`
- New `ABORT_SIGNAL` message handler: looks up controller by `abortId`,
calls `.abort()`, removes from registry

**Type additions**:
- `'ABORT_SIGNAL'` added to `MsgType` union
- `AbortSignalRef` interface added

### Data flow

```
Host (real AbortSignal)          Guest (reconstructed AbortSignal)
───────────────────────          ────────────────────────────────
AbortSignal                      AbortController + .signal
    │                                 │
    │  INVOKE_CALLBACK                │
    ├──→ { __type: 'ABORT_SIGNAL_REF', ──→ new AbortController()
    │      abortId: 'abc',               abortControllers.set('abc', ctrl)
    │      aborted: false }              return ctrl.signal to plugin
    │                                 │
    │  (user clicks Stop)             │
    │  abort event fires              │
    ├──→ postMessage({                │
    │      type: 'ABORT_SIGNAL', ────→ ctrl.abort()
    │      abortId: 'abc'              abortControllers.delete('abc')
    │    })                           │
```

## Impact

**Backward compatible** — no breaking changes:

- Plugins that **ignore** `abortSignal` (pass it as unused param or
check for null): no behavior change. They received `null` before, now
they receive a real `AbortSignal` that simply never fires if the host
doesn't abort.
- Plugins that **use** `abortSignal` (e.g., `signal: abortSignal` in
fetch, or `.addEventListener('abort', ...)`): these now work correctly,
whereas before they had no abort capability.
- The `ABORT_SIGNAL` message type is ignored by older guest bridge code
that doesn't recognize it, so forward compatibility is maintained.
- No sandbox flags are modified (`allow-scripts allow-modals
allow-downloads` only).
- No host objects or references leak to the guest — only a plain `{
__type, abortId, aborted }` object crosses the boundary.

## Additional Notes

- This change is scoped entirely to factory.ts — no other files are
modified.
- The protocol is unidirectional (host→guest only). Guest-to-host
AbortSignal proxying (e.g., plugin passing `signal` in `nativeFetch`
options) is not covered and would require a separate change. (It will
probably be resolved by #1274)
- The `aborted` field in `AbortSignalRef` handles the edge case where
the signal is already aborted at serialization time.

---

Author: kwaroran

src/ts/plugins/apiV3/factory.ts

@@ -4,7 +4,8 @@ type MsgType =
     | 'INVOKE_CALLBACK'
     | 'CALLBACK_RETURN'
     | 'RESPONSE'
-    | 'RELEASE_INSTANCE';
+    | 'RELEASE_INSTANCE'
+    | 'ABORT_SIGNAL';
 
 interface RpcMessage {
     type: MsgType;
@@ -14,6 +15,7 @@ interface RpcMessage {
     args?: any[];
     result?: any;
     error?: string;
+    abortId?: string;
 }
 
 interface RemoteRef {
@@ -26,12 +28,19 @@ interface CallbackRef {
     id: string;
 }
 
+interface AbortSignalRef {
+    __type: 'ABORT_SIGNAL_REF';
+    abortId: string;
+    aborted: boolean;
+}
+
 
 const GUEST_BRIDGE_SCRIPT = `
 await (async function() {
     const pendingRequests = new Map();
     const callbackRegistry = new Map();
     const proxyRefRegistry = new Map();
+    const abortControllers = new Map();
 
     function serializeArg(arg) {
         if (typeof arg === 'function') {
@@ -150,17 +159,40 @@ await (async function() {
             send(response);
         }
 
+        else if (data.type === 'ABORT_SIGNAL' && data.abortId) {
+            const controller = abortControllers.get(data.abortId);
+            if (controller) {
+                controller.abort();
+                abortControllers.delete(data.abortId);
+            }
+        }
+
         else if (data.type === 'INVOKE_CALLBACK' && data.id) {
             const fn = callbackRegistry.get(data.id);
             const response = { type: 'CALLBACK_RETURN', reqId: data.reqId };
+            const usedAbortIds = [];
 
             try {
                 if (!fn) throw new Error("Callback not found or released");
-                const result = await fn(...(data.args || []));
+                const deserializedArgs = (data.args || []).map(function(a) {
+                    if (a && typeof a === 'object' && a.__type === 'ABORT_SIGNAL_REF') {
+                        const controller = new AbortController();
+                        abortControllers.set(a.abortId, controller);
+                        usedAbortIds.push(a.abortId);
+                        if (a.aborted) { controller.abort(); }
+                        return controller.signal;
+                    }
+                    return a;
+                });
+                const result = await fn(...deserializedArgs);
                 response.result = result;
             } catch (e) {
                 response.error = e.message || "Guest callback error";
             }
+            // Clean up abort controllers after callback completes
+            for (const id of usedAbortIds) {
+                abortControllers.delete(id);
+            }
             const transferables = collectTransferables(response);
             send(response, transferables);
         }
@@ -351,11 +383,37 @@ export class SandboxHost {
                         const reqId = 'cb_req_' + Math.random().toString(36).substring(2);
                         this.pendingCallbacks.set(reqId, { resolve, reject });
 
+                        // AbortSignal cannot be structured-cloned for postMessage.
+                        // Convert to a serializable ref and forward abort events
+                        // via a separate ABORT_SIGNAL message.
+                        const sanitizedArgs = innerArgs.map(arg => {
+                            if (arg instanceof AbortSignal) {
+                                const abortId = 'abort_' + Math.random().toString(36).substring(2);
+                                const ref: AbortSignalRef = {
+                                    __type: 'ABORT_SIGNAL_REF',
+                                    abortId,
+                                    aborted: arg.aborted
+                                };
+                                if (!arg.aborted) {
+                                    arg.addEventListener('abort', () => {
+                                        try {
+                                            this.iframe.contentWindow?.postMessage({
+                                                type: 'ABORT_SIGNAL',
+                                                abortId
+                                            } as RpcMessage, '*');
+                                        } catch (_) { /* iframe already removed */ }
+                                    }, { once: true });
+                                }
+                                return ref;
+                            }
+                            return arg;
+                        });
+
                         const message = {
                             type: 'INVOKE_CALLBACK',
                             id: cbRef.id,
                             reqId,
-                            args: innerArgs
+                            args: sanitizedArgs
                         };
                         const transferables = this.collectTransferables(message);
                         this.iframe.contentWindow?.postMessage(message, '*', transferables);
@@ -499,4 +557,4 @@ export class SandboxHost {
         this.instanceRegistry.clear();
         this.pendingCallbacks.clear();
     }
-}
+}