Fixed
- App names with trailing spaces or dashes (e.g. "qBittorrent - ") no longer produce malformed URL slugs with consecutive dashes -- the slugifier now collapses separators and trims edges
setAttribute('src', url)in proxied apps is now intercepted synchronously -- fixes apps using MooTools or similar libraries that set URL attributes via setAttribute instead of property assignmentHTMLImageElement.srcsetproperty setter in proxied apps is now intercepted -- responsive image libraries setting srcset via JS no longer 404<base href>set via JS in proxied apps is now intercepted -- prevents relative URL resolution from breaking when the base element is modified programmaticallynew Audio(url)in proxied apps now routes through the proxy -- previously only subsequent.srcassignments were caughtCSSStyleSheet.insertRule()withurl()references in proxied apps now rewrites paths through the proxy -- fixes CSS-in-JS libraries injecting background images and font sourcesinsertAdjacentHTML()in proxied apps now synchronously rewrites URLs -- closes the same async MutationObserver timing gap that affected setAttributeOriginandRefererrequest headers are now rewritten to match the backend host when proxying -- fixes CSRF validation failures in apps like Django, Rails, and .NET that check these headersSet-CookieDomainattribute is now stripped from proxied responses -- cookies default to the proxy host instead of being scoped to the unreachable backend hostSet-CookieSecureflag is now stripped when Muximux serves over HTTP -- prevents cookies from being silently dropped by browsers on non-HTTPS connectionsSet-CookieSameSite=Strictis now downgraded toLaxin proxied responses --Strictis too restrictive when the app is embedded through a proxyETagandLast-Modifiedheaders are now stripped from rewritten proxy responses -- prevents stale caching after the interceptor script is injectedAccess-Control-Allow-Originheaders from proxied backends are now rewritten to match the request origin -- fixes CORS failures when the backend returns its own host instead of the proxy host