ETT-686: refactor download; add matomo tags and error handling

[carylwyatt]

Ironically, this download-with-fetch branch doesn't actually use the fetch API anywhere after we made the decision to "just use a link" for simple downloads.

The tests that are failing are imgsrv related. Some of the requests I wrote return a 403/Restricted, and I can't figure out why.

It occasionally happens in the browser when I try to download that scan as a full-resolution TIFF:

And the related request in my docker apache:

2026-02-19 14:43:50 127.0.0.1 - - [19/Feb/2026:19:43:50 +0000] "GET / HTTP/1.1" 200 9746 "-" "curl/8.14.1"
2026-02-19 14:43:50 172.18.0.1 - - [19/Feb/2026:19:43:50 +0000] "GET /cgi/imgsrv/download/image?id=test.pd_open&attachment=1&tracker=D3&format=image%2Ftiff&target_ppi=0&seq=2 HTTP/1.1" 403 336 "http://localhost:8080/cgi/pt?id=test.pd_open&seq=2" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36"

After I added the download attribute to the download link, it stopped redirecting when I got the restricted error, and started downloading... nothing. In back-to-back attempts at an identical download of that scan, one was successful and one was not 🤷‍♀️

I haven't run in to this on any other volume, so I'm wondering if this is a problem with the version of imgsrv in docker? It can't just be my machine if these tests are also failing in github actions.

Following up on "simple" downloads that don't actually download

While I was testing the matomo tag for download errors on dev-3, I realized that there is no way to catch errors from broken links. The user makes a selection, clicks "Download," the download modal appears with the second "Download" button. They click the button, it looks like something downloaded... but it's just errors. Do we want to try to mitigate this by reverting back to fetch? It doesn't feel right to assume that as long as the link is correct that imgsrv will respond correctly 100% of the time.

Testing

This is staged on dev-3. Gayathri already approved the UI/a11y changes, but there are multiple versions of downloads you could test:

All the "simple download" options that should give you a download modal without a progress bar:

1. single-page PDF/JPEG/TIFF/txt
2. PDF/JPEG/txt "selected scans" of 10 or fewer pages
3. PDF/JPEG/TIFF/txt "current scan"

everything else should trigger the "build" version of the download modal with the progress ba

1. whole items
2. more than 1 selected TIFF
3. more than 10 selected pages of anything else

Conclusion

1. what's up with imgsrv tests? maybe pull this down and run tests locally (bin/run_playwright_tests.sh all) to see if this is just a me problem
2. do we care about not catching errors from "just use a link" method for simple downloads?
3. please test on dev-3

[carylwyatt]

I updated this component to svelte 5 syntax, so any variable that needs to be reactive is declared with the $state() rune.

[carylwyatt]

I extracted the error messages and their conditionals out of the submission logic so they could be reactive and update the UI as soon as a condition is met (instead of waiting for the "Download" button to be clicked).

[carylwyatt]

Added matomo to this component.

[carylwyatt]

This was once a tangled mess of conditionals inside submitDownload() and now it's a $derived variable that updates whenever any of the reactive/$state() variables change. The conditionals were extracted to their own function, all this does is construct a URL and return it.

[carylwyatt]

Since we don't really care about the tracker cookie, I removed this tracker/interval altogether.

[carylwyatt]

This function was never called. 🤷‍♀️

[carylwyatt]

For the downloads that use the JSONP callback from imgsrv, we don't use an iframe for that request anymore, but we do use a script tag that gets appended to the <body>. It's doing essentially the same thing as before, but without with the outdated and sort-of-shady hidden iframe.

[carylwyatt]

Here are the submission conditionals that I extracted from submitDownload().

[carylwyatt]

This is the other half of the logic that was originally in submitDownload().

[carylwyatt]

More conditionals that were extracted from submitDownload() and refactored a bit with reactivity in mind.

[carylwyatt]

Now this function that was over 100 lines is just 24 lines long 🤩 (and most of that is making sure the spinner on the download button stops spinning after the Save As window disappears/download is finished)

[carylwyatt]

There are a lot of new $effect()s in this component. In Svelte 5, the $effect rune is reserved for state mutations made to reactive variables. If any reactive $state() variables referenced inside the $effect change, then the whole effect block runs. This can be handy for this kind of tricky UI/state management that we do in the download form. We have so many variations of which form inputs need to be enabled/disabled, appear/disappear, change their wording/value based on the volume itself, the user's role or permissions, and what the user clicks on in the form itself, which view the user selects... it's diabolical.

Some of these effects were updated from the svelte 4 magic $ syntax (which you can see in the red side of the diff), but I added 4 new ones to handle all the state/UI updates necessary for a reactive form.

Generally, svelte suggests not mutating state inside an $effect as it can lead to complicated state management (yes, indeed), but one of the things the docs suggests to use it for is DOM manipulation, which is what we're doing here.

[carylwyatt]

Svelte 5 swaps slots for snippets.

[carylwyatt]

Goodbye hidden form!

[carylwyatt]

Goodbye hidden iframe!

[carylwyatt]

Added some template conditionals for different wording depending on simple/callback download.

[carylwyatt]

Now that all downloads see the modal, I added the modal portion of the download to all existing playwright tests.

[carylwyatt]

I added some new imgsrv tests after getting that 403 error for single selection, full-resolution TIFF. I'm still baffled by why this is failing.

[moseshll]

@carylwyatt I'm not sure if the "tests/sidebar.spec.js:105:5 › sidebar actions › download scans › download selected scans as tiff" failures are a work in progress but they were the low hanging fruit here. The "TIFF downloads are limited to 10 page scans" notice appears to be removed, hence the failure. Commenting out await expect(page.getByText('Note: TIFF downloads are limited')).toBeVisible(); fixes that set of failures.

On to the trickier one...

[moseshll]

@carylwyatt The "Restricted" message is originating with imgsrv/lib/SRV/Volume/Image/Bundle.pm in the _authorize routine: the specific condition is if ( $$ses{is_new} && ! $ENV{XYZZY} ) -- there was no existing session.

Does this represent a way forward? Ummm, not sure. I am tremendously ignorant of session management under Playwright.

babel/imgsrv/lib/SRV/Volume/Image/Bundle.pm

Lines 89 to 105 in 97accac

	sub _authorize {
	my $self = shift;
	my $env = shift;
	$self->SUPER::_authorize($env);
	unless ( $self->restricted ) {
	# technically the user has access but we need to
	# limit resources for bundling to users in a current session
	# unless you're using XYZZY=1 on the command line
	my $C = $$env{'psgix.context'};
	my $ses = $C->get_object('Session');
	if ( $$ses{is_new} && ! $ENV{XYZZY} ) { $self->restricted(1); }
	elsif ( $self->format eq 'image/tiff' && $self->total_pages > 10 ) {
	$self->restricted(1);
	}
	}
	}

[carylwyatt]

there was no existing session.

@moseshll What's so weird about this test failure is that it starts exactly like all the other imgsrv tests by going to the browser and accepting the cookies via the cookie banner, which should successfully set up the session. It then makes a GET request to imgsrv and checks the response.

I opened the playwright error trace to double check it is indeed going to pageturner and accepting the cookies, so why does imgsrv think there is no session, but only for this one test and not the others? It's so consistent and very weird!

As for the other test failure, I cleaned up the other tests that referenced that TIFF error but must've forgotten one! Thanks!

[carylwyatt]

@moseshll I used claude to help me understand the perl from that routine (thanks for the breadcrumb!), and I see now that it's expecting to not have a new/not-empty session. What fixed the tests was to change how the request was made. Playwright has a browser context and an HTTP context. The cookie banner click that accepts the cookies/creates new cookies is in the browser context, but the imgsrv request was being made with the HTTP context. I updated the imgsrv requests to use the page/browser context where the cookies were accepted, and this whole issue went away. I updated the other tests that I added to diagnose this problem, and they all pass now, too. 🥳

[moseshll]

@carylwyatt I was about to mention a discovery to you, and then I got caught up in the whole Jira API token discussion with Ryan... yes I had discovered that if you commented out the test.beforeEach it had no effect, so I was muddling along on sorta the right track. Glad you got the tests sorted. I'll have more time to devote to following up on the changes tomorrow.