From abc1cef7c2c63cfa540c71cce9424aead6585568 Mon Sep 17 00:00:00 2001
From: Slawomir Koszewski <slawek@koszewscy.waw.pl>
Date: Fri, 23 Jan 2026 06:15:21 +0100
Subject: [PATCH] Implement missing sample data loading and one-time use
 security

- Fix UI to load server-hosted sample data at startup as per specification
- Add one-time use security: server clears sample data after retrieval
- Ensure React app periodically checks for new sample data availability
- Remove complex same-origin protection in favor of simpler one-time use model
- Improve data security by preventing data persistence after consumption
---
 package.json |  2 +-
 server.js    |  8 +++++++-
 src/App.js   | 24 ++++++++++++++++--------
 3 files changed, 24 insertions(+), 10 deletions(-)

diff --git a/package.json b/package.json
index f9e07e4..18a313f 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "jmespath-playground",
-  "version": "1.1.6",
+  "version": "1.1.7",
   "description": "A React-based web application for testing JMESPath expressions against JSON data",
   "main": "index.js",
   "scripts": {
diff --git a/server.js b/server.js
index bc56769..6822478 100644
--- a/server.js
+++ b/server.js
@@ -51,7 +51,13 @@ function createApp() {
 
   app.get('/api/v1/sample', (req, res) => {
     try {
-      res.json(sampleData);
+      const dataToReturn = sampleData;
+
+      // Security: Clear the sample data after it's retrieved (one-time use)
+      sampleData = null;
+      console.log('📤 Sample data retrieved and cleared from server memory');
+
+      res.json(dataToReturn);
     } catch (error) {
       res.status(500).json({ error: 'Failed to retrieve sample data' });
     }
diff --git a/src/App.js b/src/App.js
index 77b26a3..1eee32b 100644
--- a/src/App.js
+++ b/src/App.js
@@ -54,22 +54,30 @@ function App() {
     localStorage.setItem('theme', theme);
   }, [theme]);
 
-  // API polling for state changes
+  // API polling for state changes and initial sample data load
   useEffect(() => {
-    // Initial state load
-    const loadInitialState = async () => {
+    // Initial load: get both state and sample data
+    const loadInitialData = async () => {
       try {
-        const response = await fetch('/api/v1/state');
-        if (response.ok) {
-          const data = await response.json();
-          setCurrentStateGuid(data.state);
+        // Load sample data first
+        const sampleResponse = await fetch('/api/v1/sample');
+        if (sampleResponse.ok) {
+          const sampleData = await sampleResponse.json();
+          setJsonData(JSON.stringify(sampleData, null, 2));
+        }
+
+        // Then load state GUID
+        const stateResponse = await fetch('/api/v1/state');
+        if (stateResponse.ok) {
+          const stateData = await stateResponse.json();
+          setCurrentStateGuid(stateData.state);
         }
       } catch (error) {
         console.debug('API not available:', error);
       }
     };
 
-    loadInitialState();
+    loadInitialData();
 
     // Poll for state changes every 3 seconds
     const interval = setInterval(async () => {