KLKLine FrontendDashboard · Preview · Embed shell

F051

Snapshot / export image intent readiness

Validates the safe snapshot intent boundary. Metadata export is allowed; canvas PNG and public share links remain deferred until browser and backend QA pass.

Metadata snapshot

Ready

safe JSON envelope.

Canvas PNG

Deferred

needs browser QA.

Upload/share

Disabled

needs backend store/audit.

Snapshot policy

Allowed
metadata-json, browser-download
Blocked
canvas-png, share-link-deferred
Capabilities
runtime-metadata, svg-fallback, cross-origin-guard, upload-disabled
Privacy
No runtime token, admin token or provider credential is included in snapshot metadata. · No automatic upload or public share link is enabled in frontend-only runtime. · Canvas PNG export is not promised until browser/KLineCharts/cross-origin QA passes.

Safe metadata envelope sample

{
  "schemaVersion": "kline.snapshot.metadata.v1",
  "exportedAt": 1784097188260,
  "widgetId": "demo-advanced-kline",
  "symbol": "BINANCE:BTCUSDT",
  "interval": "1h",
  "candleCount": 12,
  "lastTimestamp": 1784093588260,
  "lastClose": 1.09879,
  "chartStyle": "candle",
  "theme": "dark",
  "objectCounts": {
    "indicators": 0,
    "overlays": 0
  },
  "warnings": [
    "Metadata snapshot only. Canvas/image export remains behind browser QA and cross-origin guard.",
    "No runtime token, admin token, provider credential, chart instance or DOM node is included.",
    "Admin route sample uses deterministic mock candles for metadata-shape QA only."
  ]
}

Snapshot intent boundary

PASS

UI emits a take-snapshot intent and the runtime service owns snapshot metadata creation.

KlineRuntimeIntent: take-snapshot · ChartRuntimeSnapshot metadata

Metadata snapshot is safe

PASS

The current snapshot path returns candle count, latest price/timestamp, chart style, theme and object counts only.

no canvas bytes in logs · no DOM node in contract

Canvas PNG export deferred

WARNING

PNG/canvas export needs browser QA for KLineCharts canvas support, cross-origin safety and unsupported-state errors before it is advertised.

canvas-png blocked in policy · metadata-json allowed

Share link/upload deferred

BLOCKED

Public snapshot share links need backend storage, retention, tenant ownership, privacy and audit policy before enablement.

no upload endpoint used by frontend runtime