feat: keyboard shortcuts in remote sessions

Add an opt-in keyboard-shortcut system that triggers session
actions (Send Ctrl+Alt+Del, Toggle Fullscreen, Switch Display,
Screenshot, Switch Tab, etc.) via three-modifier combinations
during a remote session.

Architecture
- Native: src/keyboard/shortcuts.rs intercepts at the encoder
  layer (process_event and process_event_with_session), so the
  feature is input-source-independent. Bindings persist as a
  single JSON blob in LocalConfig.
- Web: matching + keydown intercept live in the separate hand-
  written TS client at flutter/web/js/ (gitignored, not in this
  repo). flutter/lib/web/bridge.dart::mainInit registers
  window.onShortcutTriggered so the JS matcher can dispatch
  back into the active session's ShortcutModel; the bridge's
  mainReloadKeyboardShortcuts forwards to a JS reloadShortcuts
  on settings writes.
- Three-modifier prefix (Ctrl+Alt+Shift; Cmd+Option+Shift on
  macOS/iOS) sidesteps the need for a pass-through toggle.
- Flutter native path threads the explicit per-call SessionID
  for tab-precise routing; rdev path uses globally-current
  session.

UI
- Settings -> General -> Keyboard Shortcuts opens a dedicated
  configuration page; desktop and mobile share a body widget.
- Recording dialog with live capture, prefix validation, and a
  conflict-replace flow.
- Toolbar menu items display the bound shortcut inline.
- Default bindings (adapted from AnyDesk):
    +Del    Send Ctrl+Alt+Del
    +Enter  Toggle Fullscreen
    +Left/Right  Switch Display Prev/Next
    +P      Screenshot
    +1..9   Switch Session Tab

Other
- AGENTS.md: documented (a) flutter_rust_bridge_codegen needs
  a pinned version + Dart bridge wrappers should be hand-
  written, and (b) the Web-target split where flutter/web/js/
  is the runtime owner on Web rather than wasm-compiled Rust.
- 38 new i18n strings in src/lang/en.rs with Chinese
  translations in src/lang/cn.rs.

Refs discussion #1933.

.claude/commands/reflection.md

@@ -1,56 +0,0 @@
-You are an expert in prompt engineering, specializing in optimizing AI code assistant instructions. Your task is to analyze and improve the instructions for Claude Code.
-Follow these steps carefully:
-
-1. Analysis Phase:
-Review the chat history in your context window.
-
-Then, examine the current Claude instructions, commands and config
-<claude_instructions>
-/CLAUDE.md
-/.claude/commands/*
-**/CLAUDE.md
-.claude/settings.json
-.claude/settings.local.json
-</claude_instructions>
-
-Analyze the chat history, instructions, commands and config to identify areas that could be improved. Look for:
-- Inconsistencies in Claude's responses
-- Misunderstandings of user requests
-- Areas where Claude could provide more detailed or accurate information
-- Opportunities to enhance Claude's ability to handle specific types of queries or tasks
-- New commands or improvements to a commands name, function or response
-- Permissions and MCPs we've approved locally that we should add to the config, especially if we've added new tools or require them for the command to work
-
-2. Interaction Phase:
-Present your findings and improvement ideas to the human. For each suggestion:
-a) Explain the current issue you've identified
-b) Propose a specific change or addition to the instructions
-c) Describe how this change would improve Claude's performance
-
-Wait for feedback from the human on each suggestion before proceeding. If the human approves a change, move it to the implementation phase. If not, refine your suggestion or move on to the next idea.
-
-3. Implementation Phase:
-For each approved change:
-a) Clearly state the section of the instructions you're modifying
-b) Present the new or modified text for that section
-c) Explain how this change addresses the issue identified in the analysis phase
-
-4. Output Format:
-Present your final output in the following structure:
-
-<analysis>
-[List the issues identified and potential improvements]
-</analysis>
-
-<improvements>
-[For each approved improvement:
-1. Section being modified
-2. New or modified instruction text
-3. Explanation of how this addresses the identified issue]
-</improvements>
-
-<final_instructions>
-[Present the complete, updated set of instructions for Claude, incorporating all approved changes]
-</final_instructions>
-
-Remember, your goal is to enhance Claude's performance and consistency while maintaining the core functionality and purpose of the AI assistant. Be thorough in your analysis, clear in your explanations, and precise in your implementations.

.github/workflows/flutter-build.yml

@@ -39,8 +39,8 @@ env:
   # 2. Update the `VCPKG_COMMIT_ID` in `ci.yml` and `playground.yml`.
   VCPKG_COMMIT_ID: "120deac3062162151622ca4860575a33844ba10b"
   ARMV7_VCPKG_COMMIT_ID: "6f29f12e82a8293156836ad81cc9bf5af41fe836" # 2025.01.13, got "/opt/artifacts/vcpkg/vcpkg: No such file or directory" with latest version
-  VERSION: "1.4.5"
-  NDK_VERSION: "r27c"
+  VERSION: "1.4.6"
+  NDK_VERSION: "r28c"
   #signing keys env variable checks
   ANDROID_SIGNING_KEY: "${{ secrets.ANDROID_SIGNING_KEY }}"
   MACOS_P12_BASE64: "${{ secrets.MACOS_P12_BASE64 }}"

.github/workflows/playground.yml

@@ -17,7 +17,7 @@ env:
   TAG_NAME: "nightly"
   VCPKG_BINARY_SOURCES: "clear;x-gha,readwrite"
   VCPKG_COMMIT_ID: "120deac3062162151622ca4860575a33844ba10b"
-  VERSION: "1.4.5"
+  VERSION: "1.4.6"
   NDK_VERSION: "r26d"
   #signing keys env variable checks
   ANDROID_SIGNING_KEY: "${{ secrets.ANDROID_SIGNING_KEY }}"

.github/workflows/winget.yml

@@ -1,15 +0,0 @@
-name: Publish to WinGet
-on:
-  release:
-    types: [released]
-  workflow_dispatch:
-jobs:
-  publish:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: vedantmgoyal9/winget-releaser@main
-        with:
-          identifier: RustDesk.RustDesk
-          version: "1.4.5"
-          release-tag: "1.4.5"
-          token: ${{ secrets.WINGET_TOKEN }}

.gitignore

@@ -3,6 +3,7 @@
 .vscode
 .idea
 .DS_Store
+.env
 libsciter-gtk.so
 src/ui/inline.rs
 extractor
@@ -54,4 +55,6 @@ examples/**/target/
 vcpkg_installed
 flutter/lib/generated_plugin_registrant.dart
 libsciter.dylib
-flutter/web/
+flutter/web/
+# Local git worktrees
+.worktrees/

AGENTS.md

@@ -0,0 +1,86 @@
+# RustDesk Guide
+
+## Project Layout
+
+### Directory Structure
+* `src/` Rust app
+* `src/server/` audio / clipboard / input / video / network
+* `src/platform/` platform-specific code
+* `src/ui/` legacy Sciter UI (deprecated)
+* `flutter/` current UI
+* `libs/hbb_common/` config / proto / shared utils
+* `libs/scrap/` screen capture
+* `libs/enigo/` input control
+* `libs/clipboard/` clipboard
+* `libs/hbb_common/src/config.rs` all options
+
+### Key Components
+- **Remote Desktop Protocol**: Custom protocol implemented in `src/rendezvous_mediator.rs` for communicating with rustdesk-server
+- **Screen Capture**: Platform-specific screen capture in `libs/scrap/`
+- **Input Handling**: Cross-platform input simulation in `libs/enigo/`
+- **Audio/Video Services**: Real-time audio/video streaming in `src/server/`
+- **File Transfer**: Secure file transfer implementation in `libs/hbb_common/`
+
+### UI Architecture
+- **Legacy UI**: Sciter-based (deprecated) - files in `src/ui/`
+- **Modern UI**: Flutter-based - files in `flutter/`
+  - Desktop: `flutter/lib/desktop/`
+  - Mobile: `flutter/lib/mobile/`
+  - Shared: `flutter/lib/common/` and `flutter/lib/models/`
+
+## Rust Rules
+
+* Avoid `unwrap()` / `expect()` in production code.
+* Exceptions:
+
+  * tests;
+  * lock acquisition where failure means poisoning, not normal control flow.
+* Otherwise prefer `Result` + `?` or explicit handling.
+* Do not ignore errors silently.
+* Avoid unnecessary `.clone()`.
+* Prefer borrowing when practical.
+* Do not add dependencies unless needed.
+* Keep code simple and idiomatic.
+
+## Tokio Rules
+
+* Assume a Tokio runtime already exists.
+* Never create nested runtimes.
+* Never call `Runtime::block_on()` inside Tokio / async code.
+* Do not hide runtime creation inside helpers or libraries.
+* Do not hold locks across `.await`.
+* Prefer `.await`, `tokio::spawn`, channels.
+* Use `spawn_blocking` or dedicated threads for blocking work.
+* Do not use `std::thread::sleep()` in async code.
+
+## Flutter Rust Bridge
+
+* Do **not** run `flutter_rust_bridge_codegen` — it requires a specific pinned version that is not easy to set up locally.
+* When adding new FFI functions in `src/flutter_ffi.rs`, hand-write the corresponding Dart wrappers instead of regenerating.
+* Web bridge (committed): edit `flutter/lib/web/bridge.dart` directly. Follow the existing patterns there for `SyncReturn<T>` / `Future<T>` and the `dart:js` glue.
+* Native bridge (`flutter/lib/generated_bridge.dart`, `src/bridge_generated.rs`, `src/bridge_generated.io.rs`): these are gitignored and regenerated by the project's CI codegen. Manually editing them locally is fine for development testing, but those edits do not persist into commits.
+
+## Web (Flutter Web) Architecture
+
+Flutter Web in this repo is **not** "Dart compiled to JS via Flutter alone". The runtime is split:
+
+* **Native targets (Win/Mac/Linux/Android/iOS)**: Rust drives sessions via `flutter_rust_bridge`; Dart only renders UI.
+* **Web target**: Rust does **not** run. There is a separate hand-written TypeScript / JavaScript client at `flutter/web/js/` (gitignored — not present in this repo, lives in the maintainer's local tree). It owns connection, codec, keyboard, clipboard, etc. — basically a JS port of the Rust client. The Dart UI talks to it through `flutter/lib/web/bridge.dart`, which uses `dart:js` to call JS-side functions and to register Dart-side callbacks on `window.*`.
+
+Implications when adding any session-runtime feature (keyboard, clipboard, audio, …):
+
+* The Rust implementation in `src/` is for **native only**. Don't try to compile it to wasm.
+* The matching Web-side logic must be written in TS/JS under `flutter/web/js/src/`. It's a translation of the Rust logic, usually simpler — Web is single-window, so any per-session-id plumbing in Rust collapses to a single global on Web.
+* `flutter/lib/web/bridge.dart` is the only place where Dart sees JS. Other Dart code stays platform-agnostic and goes through `bind`. Don't sprinkle `if (isWeb)` runtime branches in shared Dart files to call Web-specific logic — put the platform divergence in the bridge.
+* For JS → Dart events (e.g., a Web matcher firing), the convention is: Dart sets `js.context['onFooBar'] = (...) {...}` once at startup (typically in `mainInit`); the JS side calls `window.onFooBar(...)`. See `onLoadAbFinished`, `onLoadGroupFinished` for reference.
+* The maintainer cannot easily run `flutter_rust_bridge_codegen`, so when a new FFI function lands in `src/flutter_ffi.rs`:
+  1. add the Web counterpart to `flutter/lib/web/bridge.dart` by hand;
+  2. note that on the Web target it may need to be a no-op or a JS bridge call rather than a real Rust invocation.
+
+## Editing Hygiene
+
+* Change only what is required.
+* Prefer the smallest valid diff.
+* Do not refactor unrelated code.
+* Do not make formatting-only changes.
+* Keep naming/style consistent with nearby code.

CLAUDE.md

@@ -1,91 +1 @@
-# CLAUDE.md
-
-This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
-
-## Development Commands
-
-### Build Commands
-- `cargo run` - Build and run the desktop application (requires libsciter library)
-- `python3 build.py --flutter` - Build Flutter version (desktop)
-- `python3 build.py --flutter --release` - Build Flutter version in release mode
-- `python3 build.py --hwcodec` - Build with hardware codec support
-- `python3 build.py --vram` - Build with VRAM feature (Windows only)
-- `cargo build --release` - Build Rust binary in release mode
-- `cargo build --features hwcodec` - Build with specific features
-
-### Flutter Mobile Commands
-- `cd flutter && flutter build android` - Build Android APK
-- `cd flutter && flutter build ios` - Build iOS app
-- `cd flutter && flutter run` - Run Flutter app in development mode
-- `cd flutter && flutter test` - Run Flutter tests
-
-### Testing
-- `cargo test` - Run Rust tests
-- `cd flutter && flutter test` - Run Flutter tests
-
-### Platform-Specific Build Scripts
-- `flutter/build_android.sh` - Android build script
-- `flutter/build_ios.sh` - iOS build script
-- `flutter/build_fdroid.sh` - F-Droid build script
-
-## Project Architecture
-
-### Directory Structure
-- **`src/`** - Main Rust application code
-  - `src/ui/` - Legacy Sciter UI (deprecated, use Flutter instead)
-  - `src/server/` - Audio/clipboard/input/video services and network connections
-  - `src/client.rs` - Peer connection handling
-  - `src/platform/` - Platform-specific code
-- **`flutter/`** - Flutter UI code for desktop and mobile
-- **`libs/`** - Core libraries
-  - `libs/hbb_common/` - Video codec, config, network wrapper, protobuf, file transfer utilities
-  - `libs/scrap/` - Screen capture functionality
-  - `libs/enigo/` - Platform-specific keyboard/mouse control
-  - `libs/clipboard/` - Cross-platform clipboard implementation
-
-### Key Components
-- **Remote Desktop Protocol**: Custom protocol implemented in `src/rendezvous_mediator.rs` for communicating with rustdesk-server
-- **Screen Capture**: Platform-specific screen capture in `libs/scrap/`
-- **Input Handling**: Cross-platform input simulation in `libs/enigo/`
-- **Audio/Video Services**: Real-time audio/video streaming in `src/server/`
-- **File Transfer**: Secure file transfer implementation in `libs/hbb_common/`
-
-### UI Architecture
-- **Legacy UI**: Sciter-based (deprecated) - files in `src/ui/`
-- **Modern UI**: Flutter-based - files in `flutter/`
-  - Desktop: `flutter/lib/desktop/`
-  - Mobile: `flutter/lib/mobile/`
-  - Shared: `flutter/lib/common/` and `flutter/lib/models/`
-
-## Important Build Notes
-
-### Dependencies
-- Requires vcpkg for C++ dependencies: `libvpx`, `libyuv`, `opus`, `aom`
-- Set `VCPKG_ROOT` environment variable
-- Download appropriate Sciter library for legacy UI support
-
-### Ignore Patterns
-When working with files, ignore these directories:
-- `target/` - Rust build artifacts
-- `flutter/build/` - Flutter build output
-- `flutter/.dart_tool/` - Flutter tooling files
-
-### Cross-Platform Considerations
-- Windows builds require additional DLLs and virtual display drivers
-- macOS builds need proper signing and notarization for distribution
-- Linux builds support multiple package formats (deb, rpm, AppImage)
-- Mobile builds require platform-specific toolchains (Android SDK, Xcode)
-
-### Feature Flags
-- `hwcodec` - Hardware video encoding/decoding
-- `vram` - VRAM optimization (Windows only)
-- `flutter` - Enable Flutter UI
-- `unix-file-copy-paste` - Unix file clipboard support
-- `screencapturekit` - macOS ScreenCaptureKit (macOS only)
-
-### Config
-All configurations or options are under `libs/hbb_common/src/config.rs` file, 4 types:
-- Settings
-- Local
-- Display
-- Built-in
+AGENTS.md

Cargo.lock

@@ -33,6 +33,12 @@ version = "1.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe"
 
+[[package]]
+name = "adler2"
+version = "2.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "320119579fcad9c21884f5c4861d16174d0e06250625266f50fe6898340abefa"
+
 [[package]]
 name = "aead"
 version = "0.5.2"
@@ -293,8 +299,8 @@ dependencies = [
  "image 0.25.1",
  "log",
  "objc2 0.5.2",
- "objc2-app-kit",
- "objc2-foundation",
+ "objc2-app-kit 0.2.2",
+ "objc2-foundation 0.2.2",
  "parking_lot",
  "percent-encoding",
  "serde 1.0.228",
@@ -637,7 +643,7 @@ dependencies = [
  "cc",
  "cfg-if 1.0.0",
  "libc",
- "miniz_oxide",
+ "miniz_oxide 0.7.4",
  "object",
  "rustc-demangle",
 ]
@@ -860,6 +866,15 @@ dependencies = [
  "objc2 0.5.2",
 ]
 
+[[package]]
+name = "block2"
+version = "0.6.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cdeb9d870516001442e364c5220d3574d2da8dc765554b4a617230d33fa58ef5"
+dependencies = [
+ "objc2 0.6.4",
+]
+
 [[package]]
 name = "blocking"
 version = "1.6.1"
@@ -1182,7 +1197,7 @@ dependencies = [
  "js-sys",
  "num-traits 0.2.19",
  "wasm-bindgen",
- "windows-link",
+ "windows-link 0.1.1",
 ]
 
 [[package]]
@@ -1290,8 +1305,8 @@ dependencies = [
  "lazy_static",
  "libc",
  "objc2 0.5.2",
- "objc2-app-kit",
- "objc2-foundation",
+ "objc2-app-kit 0.2.2",
+ "objc2-foundation 0.2.2",
  "once_cell",
  "parking_lot",
  "percent-encoding",
@@ -2216,6 +2231,15 @@ dependencies = [
  "dirs-sys 0.4.1",
 ]
 
+[[package]]
+name = "dirs"
+version = "6.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c3e8aa94d75141228480295a7d0e7feb620b1a5ad9f12bc40be62411e38cce4e"
+dependencies = [
+ "dirs-sys 0.5.0",
+]
+
 [[package]]
 name = "dirs-next"
 version = "2.0.0"
@@ -2233,7 +2257,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1b1d1d91c932ef41c0f2663aa8b0ca0342d444d842c06914aa0a7e352d0bada6"
 dependencies = [
  "libc",
- "redox_users",
+ "redox_users 0.4.5",
  "winapi 0.3.9",
 ]
 
@@ -2245,10 +2269,22 @@ checksum = "520f05a5cbd335fae5a99ff7a6ab8627577660ee5cfd6a94a6a929b52ff0321c"
 dependencies = [
  "libc",
  "option-ext",
- "redox_users",
+ "redox_users 0.4.5",
  "windows-sys 0.48.0",
 ]
 
+[[package]]
+name = "dirs-sys"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e01a3366d27ee9890022452ee61b2b63a67e6f13f58900b651ff5665f0bb1fab"
+dependencies = [
+ "libc",
+ "option-ext",
+ "redox_users 0.5.2",
+ "windows-sys 0.61.2",
+]
+
 [[package]]
 name = "dirs-sys-next"
 version = "0.1.2"
@@ -2256,7 +2292,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4ebda144c4fe02d1f7ea1a7d9641b6fc6b580adcfa024ae48797ecdeb6825b4d"
 dependencies = [
  "libc",
- "redox_users",
+ "redox_users 0.4.5",
  "winapi 0.3.9",
 ]
 
@@ -2266,6 +2302,16 @@ version = "0.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bd0c93bb4b0c6d9b77f4435b0ae98c24d17f1c45b2ff844c6151a07256ca923b"
 
+[[package]]
+name = "dispatch2"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1e0e367e4e7da84520dedcac1901e4da967309406d1e51017ae1abfb97adbd38"
+dependencies = [
+ "bitflags 2.9.1",
+ "objc2 0.6.4",
+]
+
 [[package]]
 name = "displaydoc"
 version = "0.2.5"
@@ -2715,7 +2761,7 @@ dependencies = [
  "flume",
  "half",
  "lebe",
- "miniz_oxide",
+ "miniz_oxide 0.7.4",
  "rayon-core",
  "smallvec",
  "zune-inflate",
@@ -2801,12 +2847,12 @@ checksum = "0ce7134b9999ecaf8bcd65542e436736ef32ddca1b3e06094cb6ec5755203b80"
 
 [[package]]
 name = "flate2"
-version = "1.0.30"
+version = "1.1.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5f54427cfd1c7829e2a139fcefea601bf088ebca651d2bf53ebc600eac295dae"
+checksum = "843fba2746e448b37e26a819579957415c8cef339bf08564fe8b7ddbd959573c"
 dependencies = [
  "crc32fast",
- "miniz_oxide",
+ "miniz_oxide 0.8.9",
 ]
 
 [[package]]
@@ -4041,7 +4087,7 @@ dependencies = [
  "gif",
  "jpeg-decoder",
  "num-traits 0.2.19",
- "png",
+ "png 0.17.13",
  "qoi",
  "tiff",
 ]
@@ -4055,7 +4101,7 @@ dependencies = [
  "bytemuck",
  "byteorder",
  "num-traits 0.2.19",
- "png",
+ "png 0.17.13",
  "tiff",
 ]
 
@@ -4766,6 +4812,16 @@ dependencies = [
  "simd-adler32",
 ]
 
+[[package]]
+name = "miniz_oxide"
+version = "0.8.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1fa76a2c86f704bdb222d66965fb3d63269ce38518b83cb0575fca855ebb6316"
+dependencies = [
+ "adler2",
+ "simd-adler32",
+]
+
 [[package]]
 name = "mio"
 version = "0.8.11"
@@ -4816,21 +4872,23 @@ dependencies = [
 
 [[package]]
 name = "muda"
-version = "0.13.5"
+version = "0.17.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "86b959f97c97044e4c96e32e1db292a7d594449546a3c6b77ae613dc3a5b5145"
+checksum = "01c1738382f66ed56b3b9c8119e794a2e23148ac8ea214eda86622d4cb9d415a"
 dependencies = [
- "cocoa 0.25.0",
  "crossbeam-channel",
  "dpi",
  "gtk",
  "keyboard-types",
  "libxdo",
- "objc",
+ "objc2 0.6.4",
+ "objc2-app-kit 0.3.2",
+ "objc2-core-foundation",
+ "objc2-foundation 0.3.2",
  "once_cell",
- "png",
- "thiserror 1.0.61",
- "windows-sys 0.52.0",
+ "png 0.17.13",
+ "thiserror 2.0.17",
+ "windows-sys 0.60.2",
 ]
 
 [[package]]
@@ -5374,7 +5432,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "46a785d4eeff09c14c487497c162e92766fbb3e4059a71840cecc03d9a50b804"
 dependencies = [
  "objc-sys 0.3.5",
- "objc2-encode 4.0.3",
+ "objc2-encode 4.1.0",
+]
+
+[[package]]
+name = "objc2"
+version = "0.6.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3a12a8ed07aefc768292f076dc3ac8c48f3781c8f2d5851dd3d98950e8c5a89f"
+dependencies = [
+ "objc2-encode 4.1.0",
 ]
 
 [[package]]
@@ -5389,10 +5456,22 @@ dependencies = [
  "objc2 0.5.2",
  "objc2-core-data",
  "objc2-core-image",
- "objc2-foundation",
+ "objc2-foundation 0.2.2",
  "objc2-quartz-core",
 ]
 
+[[package]]
+name = "objc2-app-kit"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d49e936b501e5c5bf01fda3a9452ff86dc3ea98ad5f283e1455153142d97518c"
+dependencies = [
+ "bitflags 2.9.1",
+ "objc2 0.6.4",
+ "objc2-core-foundation",
+ "objc2-foundation 0.3.2",
+]
+
 [[package]]
 name = "objc2-cloud-kit"
 version = "0.2.2"
@@ -5403,7 +5482,7 @@ dependencies = [
  "block2 0.5.1",
  "objc2 0.5.2",
  "objc2-core-location",
- "objc2-foundation",
+ "objc2-foundation 0.2.2",
 ]
 
 [[package]]
@@ -5414,7 +5493,7 @@ checksum = "a5ff520e9c33812fd374d8deecef01d4a840e7b41862d849513de77e44aa4889"
 dependencies = [
  "block2 0.5.1",
  "objc2 0.5.2",
- "objc2-foundation",
+ "objc2-foundation 0.2.2",
 ]
 
 [[package]]
@@ -5426,7 +5505,28 @@ dependencies = [
  "bitflags 2.9.1",
  "block2 0.5.1",
  "objc2 0.5.2",
- "objc2-foundation",
+ "objc2-foundation 0.2.2",
+]
+
+[[package]]
+name = "objc2-core-foundation"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2a180dd8642fa45cdb7dd721cd4c11b1cadd4929ce112ebd8b9f5803cc79d536"
+dependencies = [
+ "bitflags 2.9.1",
+ "dispatch2",
+ "objc2 0.6.4",
+]
+
+[[package]]
+name = "objc2-core-graphics"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e022c9d066895efa1345f8e33e584b9f958da2fd4cd116792e15e07e4720a807"
+dependencies = [
+ "bitflags 2.9.1",
+ "objc2-core-foundation",
 ]
 
 [[package]]
@@ -5437,7 +5537,7 @@ checksum = "55260963a527c99f1819c4f8e3b47fe04f9650694ef348ffd2227e8196d34c80"
 dependencies = [
  "block2 0.5.1",
  "objc2 0.5.2",
- "objc2-foundation",
+ "objc2-foundation 0.2.2",
  "objc2-metal",
 ]
 
@@ -5450,7 +5550,7 @@ dependencies = [
  "block2 0.5.1",
  "objc2 0.5.2",
  "objc2-contacts",
- "objc2-foundation",
+ "objc2-foundation 0.2.2",
 ]
 
 [[package]]
@@ -5464,9 +5564,9 @@ dependencies = [
 
 [[package]]
 name = "objc2-encode"
-version = "4.0.3"
+version = "4.1.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7891e71393cd1f227313c9379a26a584ff3d7e6e7159e988851f0934c993f0f8"
+checksum = "ef25abbcd74fb2609453eb695bd2f860d389e457f67dc17cafc8b8cbc89d0c33"
 
 [[package]]
 name = "objc2-foundation"
@@ -5481,6 +5581,18 @@ dependencies = [
  "objc2 0.5.2",
 ]
 
+[[package]]
+name = "objc2-foundation"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e3e0adef53c21f888deb4fa59fc59f7eb17404926ee8a6f59f5df0fd7f9f3272"
+dependencies = [
+ "bitflags 2.9.1",
+ "block2 0.6.2",
+ "objc2 0.6.4",
+ "objc2-core-foundation",
+]
+
 [[package]]
 name = "objc2-link-presentation"
 version = "0.2.2"
@@ -5489,8 +5601,8 @@ checksum = "a1a1ae721c5e35be65f01a03b6d2ac13a54cb4fa70d8a5da293d7b0020261398"
 dependencies = [
  "block2 0.5.1",
  "objc2 0.5.2",
- "objc2-app-kit",
- "objc2-foundation",
+ "objc2-app-kit 0.2.2",
+ "objc2-foundation 0.2.2",
 ]
 
 [[package]]
@@ -5502,7 +5614,7 @@ dependencies = [
  "bitflags 2.9.1",
  "block2 0.5.1",
  "objc2 0.5.2",
- "objc2-foundation",
+ "objc2-foundation 0.2.2",
 ]
 
 [[package]]
@@ -5514,7 +5626,7 @@ dependencies = [
  "bitflags 2.9.1",
  "block2 0.5.1",
  "objc2 0.5.2",
- "objc2-foundation",
+ "objc2-foundation 0.2.2",
  "objc2-metal",
 ]
 
@@ -5525,7 +5637,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "0a684efe3dec1b305badae1a28f6555f6ddd3bb2c2267896782858d5a78404dc"
 dependencies = [
  "objc2 0.5.2",
- "objc2-foundation",
+ "objc2-foundation 0.2.2",
 ]
 
 [[package]]
@@ -5541,7 +5653,7 @@ dependencies = [
  "objc2-core-data",
  "objc2-core-image",
  "objc2-core-location",
- "objc2-foundation",
+ "objc2-foundation 0.2.2",
  "objc2-link-presentation",
  "objc2-quartz-core",
  "objc2-symbols",
@@ -5557,7 +5669,7 @@ checksum = "44fa5f9748dbfe1ca6c0b79ad20725a11eca7c2218bceb4b005cb1be26273bfe"
 dependencies = [
  "block2 0.5.1",
  "objc2 0.5.2",
- "objc2-foundation",
+ "objc2-foundation 0.2.2",
 ]
 
 [[package]]
@@ -5570,7 +5682,7 @@ dependencies = [
  "block2 0.5.1",
  "objc2 0.5.2",
  "objc2-core-location",
- "objc2-foundation",
+ "objc2-foundation 0.2.2",
 ]
 
 [[package]]
@@ -6178,7 +6290,20 @@ dependencies = [
  "crc32fast",
  "fdeflate",
  "flate2",
- "miniz_oxide",
+ "miniz_oxide 0.7.4",
+]
+
+[[package]]
+name = "png"
+version = "0.18.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "60769b8b31b2a9f263dae2776c37b1b28ae246943cf719eb6946a1db05128a61"
+dependencies = [
+ "bitflags 2.9.1",
+ "crc32fast",
+ "fdeflate",
+ "flate2",
+ "miniz_oxide 0.8.9",
 ]
 
 [[package]]
@@ -6863,6 +6988,17 @@ dependencies = [
  "thiserror 1.0.61",
 ]
 
+[[package]]
+name = "redox_users"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a4e608c6638b9c18977b00b475ac1f28d14e84b27d8d42f70e0bf1e3dec127ac"
+dependencies = [
+ "getrandom 0.2.15",
+ "libredox",
+ "thiserror 2.0.17",
+]
+
 [[package]]
 name = "regex"
 version = "1.11.1"
@@ -7134,7 +7270,7 @@ dependencies = [
 
 [[package]]
 name = "rustdesk"
-version = "1.4.5"
+version = "1.4.6"
 dependencies = [
  "android-wakelock",
  "android_logger",
@@ -7249,7 +7385,7 @@ dependencies = [
 
 [[package]]
 name = "rustdesk-portable-packer"
-version = "1.4.5"
+version = "1.4.6"
 dependencies = [
  "brotli",
  "dirs 5.0.1",
@@ -7981,8 +8117,8 @@ dependencies = [
  "log",
  "memmap2",
  "objc2 0.5.2",
- "objc2-app-kit",
- "objc2-foundation",
+ "objc2-app-kit 0.2.2",
+ "objc2-foundation 0.2.2",
  "objc2-quartz-core",
  "raw-window-handle 0.6.2",
  "redox_syscall 0.5.2",
@@ -8312,7 +8448,7 @@ dependencies = [
  "objc",
  "once_cell",
  "parking_lot",
- "png",
+ "png 0.17.13",
  "raw-window-handle 0.6.2",
  "scopeguard",
  "tao-macros",
@@ -8566,7 +8702,7 @@ dependencies = [
  "bytemuck",
  "cfg-if 1.0.0",
  "log",
- "png",
+ "png 0.17.13",
  "tiny-skia-path",
 ]
 
@@ -8939,21 +9075,22 @@ dependencies = [
 
 [[package]]
 name = "tray-icon"
-version = "0.14.3"
-source = "git+https://github.com/tauri-apps/tray-icon#d4078696edba67b0ab42cef67e6a421a0332c96f"
+version = "0.21.3"
+source = "git+https://github.com/tauri-apps/tray-icon#0a5835b0e6828e37a1f781de9c2d671ae7a939e6"
 dependencies = [
- "core-graphics 0.23.2",
  "crossbeam-channel",
- "dirs 5.0.1",
+ "dirs 6.0.0",
  "libappindicator",
  "muda",
- "objc2 0.5.2",
- "objc2-app-kit",
- "objc2-foundation",
+ "objc2 0.6.4",
+ "objc2-app-kit 0.3.2",
+ "objc2-core-foundation",
+ "objc2-core-graphics",
+ "objc2-foundation 0.3.2",
  "once_cell",
- "png",
- "thiserror 1.0.61",
- "windows-sys 0.52.0",
+ "png 0.18.1",
+ "thiserror 2.0.17",
+ "windows-sys 0.60.2",
 ]
 
 [[package]]
@@ -10058,7 +10195,7 @@ dependencies = [
  "windows-collections",
  "windows-core 0.61.0",
  "windows-future",
- "windows-link",
+ "windows-link 0.1.1",
  "windows-numerics",
 ]
 
@@ -10107,7 +10244,7 @@ checksum = "4763c1de310c86d75a878046489e2e5ba02c649d185f21c67d4cf8a56d098980"
 dependencies = [
  "windows-implement 0.60.0",
  "windows-interface 0.59.1",
- "windows-link",
+ "windows-link 0.1.1",
  "windows-result 0.3.2",
  "windows-strings 0.4.0",
 ]
@@ -10119,7 +10256,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7a1d6bbefcb7b60acd19828e1bc965da6fcf18a7e39490c5f8be71e54a19ba32"
 dependencies = [
  "windows-core 0.61.0",
- "windows-link",
+ "windows-link 0.1.1",
 ]
 
 [[package]]
@@ -10172,6 +10309,12 @@ version = "0.1.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "76840935b766e1b0a05c0066835fb9ec80071d4c09a16f6bd5f7e655e3c14c38"
 
+[[package]]
+name = "windows-link"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f0805222e57f7521d6a62e36fa9163bc891acd422f971defe97d64e70d0a4fe5"
+
 [[package]]
 name = "windows-numerics"
 version = "0.2.0"
@@ -10179,7 +10322,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9150af68066c4c5c07ddc0ce30421554771e528bde427614c61038bc2c92c2b1"
 dependencies = [
  "windows-core 0.61.0",
- "windows-link",
+ "windows-link 0.1.1",
 ]
 
 [[package]]
@@ -10197,7 +10340,7 @@ version = "0.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c64fd11a4fd95df68efcfee5f44a294fe71b8bc6a91993e2791938abcc712252"
 dependencies = [
- "windows-link",
+ "windows-link 0.1.1",
 ]
 
 [[package]]
@@ -10217,7 +10360,7 @@ version = "0.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "87fa48cc5d406560701792be122a10132491cff9d0aeb23583cc2dcafc847319"
 dependencies = [
- "windows-link",
+ "windows-link 0.1.1",
 ]
 
 [[package]]
@@ -10226,7 +10369,7 @@ version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7a2ba9642430ee452d5a7aa78d72907ebe8cfda358e8cb7918a2050581322f97"
 dependencies = [
- "windows-link",
+ "windows-link 0.1.1",
 ]
 
 [[package]]
@@ -10256,6 +10399,24 @@ dependencies = [
  "windows-targets 0.52.6",
 ]
 
+[[package]]
+name = "windows-sys"
+version = "0.60.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f2f500e4d28234f72040990ec9d39e3a6b950f9f22d3dba18416c35882612bcb"
+dependencies = [
+ "windows-targets 0.53.5",
+]
+
+[[package]]
+name = "windows-sys"
+version = "0.61.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ae137229bcbd6cdf0f7b80a31df61766145077ddf49416a728b02cb3921ff3fc"
+dependencies = [
+ "windows-link 0.2.1",
+]
+
 [[package]]
 name = "windows-targets"
 version = "0.42.2"
@@ -10295,13 +10456,30 @@ dependencies = [
  "windows_aarch64_gnullvm 0.52.6",
  "windows_aarch64_msvc 0.52.6",
  "windows_i686_gnu 0.52.6",
- "windows_i686_gnullvm",
+ "windows_i686_gnullvm 0.52.6",
  "windows_i686_msvc 0.52.6",
  "windows_x86_64_gnu 0.52.6",
  "windows_x86_64_gnullvm 0.52.6",
  "windows_x86_64_msvc 0.52.6",
 ]
 
+[[package]]
+name = "windows-targets"
+version = "0.53.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4945f9f551b88e0d65f3db0bc25c33b8acea4d9e41163edf90dcd0b19f9069f3"
+dependencies = [
+ "windows-link 0.2.1",
+ "windows_aarch64_gnullvm 0.53.1",
+ "windows_aarch64_msvc 0.53.1",
+ "windows_i686_gnu 0.53.1",
+ "windows_i686_gnullvm 0.53.1",
+ "windows_i686_msvc 0.53.1",
+ "windows_x86_64_gnu 0.53.1",
+ "windows_x86_64_gnullvm 0.53.1",
+ "windows_x86_64_msvc 0.53.1",
+]
+
 [[package]]
 name = "windows-version"
 version = "0.1.1"
@@ -10338,6 +10516,12 @@ version = "0.52.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3"
 
+[[package]]
+name = "windows_aarch64_gnullvm"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a9d8416fa8b42f5c947f8482c43e7d89e73a173cead56d044f6a56104a6d1b53"
+
 [[package]]
 name = "windows_aarch64_msvc"
 version = "0.32.0"
@@ -10368,6 +10552,12 @@ version = "0.52.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469"
 
+[[package]]
+name = "windows_aarch64_msvc"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b9d782e804c2f632e395708e99a94275910eb9100b2114651e04744e9b125006"
+
 [[package]]
 name = "windows_i686_gnu"
 version = "0.32.0"
@@ -10398,12 +10588,24 @@ version = "0.52.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b"
 
+[[package]]
+name = "windows_i686_gnu"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "960e6da069d81e09becb0ca57a65220ddff016ff2d6af6a223cf372a506593a3"
+
 [[package]]
 name = "windows_i686_gnullvm"
 version = "0.52.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66"
 
+[[package]]
+name = "windows_i686_gnullvm"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fa7359d10048f68ab8b09fa71c3daccfb0e9b559aed648a8f95469c27057180c"
+
 [[package]]
 name = "windows_i686_msvc"
 version = "0.32.0"
@@ -10434,6 +10636,12 @@ version = "0.52.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66"
 
+[[package]]
+name = "windows_i686_msvc"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1e7ac75179f18232fe9c285163565a57ef8d3c89254a30685b57d83a38d326c2"
+
 [[package]]
 name = "windows_x86_64_gnu"
 version = "0.32.0"
@@ -10464,6 +10672,12 @@ version = "0.52.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78"
 
+[[package]]
+name = "windows_x86_64_gnu"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9c3842cdd74a865a8066ab39c8a7a473c0778a3f29370b5fd6b4b9aa7df4a499"
+
 [[package]]
 name = "windows_x86_64_gnullvm"
 version = "0.42.2"
@@ -10482,6 +10696,12 @@ version = "0.52.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d"
 
+[[package]]
+name = "windows_x86_64_gnullvm"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0ffa179e2d07eee8ad8f57493436566c7cc30ac536a3379fdf008f47f6bb7ae1"
+
 [[package]]
 name = "windows_x86_64_msvc"
 version = "0.32.0"
@@ -10512,6 +10732,12 @@ version = "0.52.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec"
 
+[[package]]
+name = "windows_x86_64_msvc"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d6bbff5f0aada427a1e5a6da5f1f98158182f26556f345ac9e04d36d0ebed650"
+
 [[package]]
 name = "winit"
 version = "0.30.9"
@@ -10536,8 +10762,8 @@ dependencies = [
  "memmap2",
  "ndk 0.9.0",
  "objc2 0.5.2",
- "objc2-app-kit",
- "objc2-foundation",
+ "objc2-app-kit 0.2.2",
+ "objc2-foundation 0.2.2",
  "objc2-ui-kit",
  "orbclient",
  "percent-encoding",

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "rustdesk"
-version = "1.4.5"
+version = "1.4.6"
 authors = ["rustdesk <info@rustdesk.com>"]
 edition = "2021"
 build= "build.rs"
@@ -160,7 +160,7 @@ piet-coregraphics = "0.6"
 foreign-types = "0.3"
 
 [target.'cfg(any(target_os = "macos", target_os = "linux", target_os = "windows"))'.dependencies]
-tray-icon = { git = "https://github.com/tauri-apps/tray-icon" }
+tray-icon = { git = "https://github.com/tauri-apps/tray-icon", version = "0.21.3" }
 tao = { git = "https://github.com/rustdesk-org/tao", branch = "dev" }
 image = "0.24"
 
@@ -245,3 +245,6 @@ panic = 'abort'
 strip = true
 #opt-level = 'z' # only have smaller size after strip
 rpath = true
+
+[profile.dev]
+debug = 1

GEMINI.md

@@ -0,0 +1 @@
+AGENTS.md

appimage/AppImageBuilder-aarch64.yml

@@ -18,7 +18,7 @@ AppDir:
     id: rustdesk
     name: rustdesk
     icon: rustdesk
-    version: 1.4.5
+    version: 1.4.6
     exec: usr/share/rustdesk/rustdesk
     exec_args: $@
   apt:

appimage/AppImageBuilder-x86_64.yml

@@ -18,7 +18,7 @@ AppDir:
     id: rustdesk
     name: rustdesk
     icon: rustdesk
-    version: 1.4.5
+    version: 1.4.6
     exec: usr/share/rustdesk/rustdesk
     exec_args: $@
   apt:

build.py

@@ -299,7 +299,7 @@ Version: %s
 Architecture: %s
 Maintainer: rustdesk <info@rustdesk.com>
 Homepage: https://rustdesk.com
-Depends: libgtk-3-0, libxcb-randr0, libxdo3, libxfixes3, libxcb-shape0, libxcb-xfixes0, libasound2, libsystemd0, curl, libva2, libva-drm2, libva-x11-2, libgstreamer-plugins-base1.0-0, libpam0g, gstreamer1.0-pipewire%s
+Depends: libgtk-3-0, libxcb-randr0, libxdo3 | libxdo4, libxfixes3, libxcb-shape0, libxcb-xfixes0, libasound2, libsystemd0, curl, libva2, libva-drm2, libva-x11-2, libgstreamer-plugins-base1.0-0, libpam0g, gstreamer1.0-pipewire%s
 Recommends: libayatana-appindicator3-1
 Description: A remote control software.
 
@@ -512,7 +512,7 @@ def main():
         system2('pip3 install -r requirements.txt')
         system2(
             f'python3 ./generate.py -f ../../{res_dir} -o . -e ../../{res_dir}/rustdesk-{version}-win7-install.exe')
-        system2('mv ../../{res_dir}/rustdesk-{version}-win7-install.exe ../..')
+        system2(f'mv ../../{res_dir}/rustdesk-{version}-win7-install.exe ../..')
     elif os.path.isfile('/usr/bin/pacman'):
         # pacman -S -needed base-devel
         system2("sed -i 's/pkgver=.*/pkgver=%s/g' res/PKGBUILD" % version)

docs/CODE_OF_CONDUCT-FR.md

@@ -0,0 +1,143 @@
+
+# Code de conduite des contributeurs
+
+## Notre engagement
+
+En tant que membres, contributeurs et responsables, nous nous engageons à faire
+de la participation à notre communauté une expérience exempte de harcèlement pour
+tous, indépendamment de l'âge, de la taille corporelle, du handicap visible ou
+invisible, de l'origine ethnique, des caractéristiques sexuelles, de l'identité
+et de l'expression de genre, du niveau d'expérience, de l'éducation, du statut
+socio-économique, de la nationalité, de l'apparence personnelle, de la race, de
+la religion ou de l'identité et de l'orientation sexuelle.
+
+Nous nous engageons à agir et à interagir de manière à contribuer à une
+communauté ouverte, accueillante, diversifiée, inclusive et saine.
+
+## Nos standards
+
+Exemples de comportements qui contribuent à un environnement positif pour notre
+communauté :
+
+* Faire preuve d'empathie et de bienveillance envers les autres
+* Respecter les opinions, les points de vue et les expériences différents
+* Donner et accepter gracieusement les retours constructifs
+* Assumer ses responsabilités, s'excuser auprès des personnes affectées par nos
+  erreurs et apprendre de l'expérience
+* Se concentrer sur ce qui est le mieux non seulement pour nous en tant
+  qu'individus, mais pour l'ensemble de la communauté
+
+Exemples de comportements inacceptables :
+
+* L'utilisation de langage ou d'images à caractère sexuel, et les attentions ou
+  avances sexuelles de quelque nature que ce soit
+* Le trolling, les commentaires insultants ou désobligeants, et les attaques
+  personnelles ou politiques
+* Le harcèlement public ou privé
+* La publication d'informations privées d'autrui, telles qu'une adresse physique
+  ou électronique, sans autorisation explicite
+* Tout autre comportement qui pourrait raisonnablement être considéré comme
+  inapproprié dans un cadre professionnel
+
+## Responsabilités en matière d'application
+
+Les responsables de la communauté sont chargés de clarifier et d'appliquer nos
+standards de comportement acceptable et prendront des mesures correctives
+appropriées et équitables en réponse à tout comportement qu'ils jugent
+inapproprié, menaçant, offensant ou nuisible.
+
+Les responsables de la communauté ont le droit et la responsabilité de
+supprimer, modifier ou rejeter les commentaires, commits, code, modifications
+du wiki, issues et autres contributions qui ne sont pas conformes à ce Code de
+conduite, et communiqueront les raisons de leurs décisions de modération le cas
+échéant.
+
+## Portée
+
+Ce Code de conduite s'applique dans tous les espaces communautaires, et
+s'applique également lorsqu'une personne représente officiellement la communauté
+dans les espaces publics. Les exemples de représentation de notre communauté
+incluent l'utilisation d'une adresse e-mail officielle, la publication via un
+compte de réseau social officiel, ou le fait d'agir en tant que représentant
+désigné lors d'un événement en ligne ou hors ligne.
+
+## Application
+
+Les cas de comportements abusifs, harcelants ou autrement inacceptables peuvent
+être signalés aux responsables de la communauté chargés de l'application à
+[info@rustdesk.com](mailto:info@rustdesk.com).
+Toutes les plaintes seront examinées et feront l'objet d'une enquête rapide et
+équitable.
+
+Tous les responsables de la communauté sont tenus de respecter la vie privée et
+la sécurité de la personne ayant signalé un incident.
+
+## Directives d'application
+
+Les responsables de la communauté suivront ces Directives d'impact communautaire
+pour déterminer les conséquences de toute action qu'ils jugent en violation de ce
+Code de conduite :
+
+### 1. Correction
+
+**Impact communautaire** : Utilisation d'un langage inapproprié ou autre
+comportement jugé non professionnel ou indésirable dans la communauté.
+
+**Conséquence** : Un avertissement écrit et privé de la part des responsables de
+la communauté, expliquant la nature de la violation et pourquoi le comportement
+était inapproprié. Des excuses publiques peuvent être demandées.
+
+### 2. Avertissement
+
+**Impact communautaire** : Une violation par un incident isolé ou une série
+d'actions.
+
+**Conséquence** : Un avertissement avec des conséquences en cas de comportement
+répété. Aucune interaction avec les personnes impliquées, y compris les
+interactions non sollicitées avec les personnes chargées d'appliquer le Code de
+conduite, pendant une période déterminée. Cela inclut d'éviter les interactions
+dans les espaces communautaires ainsi que dans les canaux externes comme les
+réseaux sociaux. Le non-respect de ces conditions peut entraîner une exclusion
+temporaire ou permanente.
+
+### 3. Exclusion temporaire
+
+**Impact communautaire** : Une violation grave des standards communautaires, y
+compris un comportement inapproprié persistant.
+
+**Conséquence** : Une exclusion temporaire de toute interaction ou communication
+publique avec la communauté pendant une période déterminée. Aucune interaction
+publique ou privée avec les personnes impliquées, y compris les interactions non
+sollicitées avec les personnes chargées d'appliquer le Code de conduite, n'est
+autorisée pendant cette période. Le non-respect de ces conditions peut entraîner
+une exclusion permanente.
+
+### 4. Exclusion permanente
+
+**Impact communautaire** : Démontrer un schéma de violation des standards
+communautaires, y compris un comportement inapproprié persistant, le harcèlement
+d'une personne, ou une agression envers des catégories de personnes ou leur
+dénigrement.
+
+**Conséquence** : Une exclusion permanente de toute interaction publique au sein
+de la communauté.
+
+## Attribution
+
+Ce Code de conduite est adapté du [Contributor Covenant][homepage], version 2.0,
+disponible à l'adresse
+[https://www.contributor-covenant.org/version/2/0/code_of_conduct.html][v2.0].
+
+Les Directives d'impact communautaire ont été inspirées par
+[l'échelle d'application du code de conduite de Mozilla][Mozilla CoC].
+
+Pour des réponses aux questions fréquentes sur ce code de conduite, consultez la
+FAQ à l'adresse [https://www.contributor-covenant.org/faq][FAQ]. Des traductions
+sont disponibles à l'adresse
+[https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.0]: https://www.contributor-covenant.org/version/2/0/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations

docs/CONTRIBUTING-FR.md

@@ -0,0 +1,55 @@
+
+# Contribuer à RustDesk
+
+RustDesk accueille les contributions de tous. Voici les directives si vous
+envisagez de nous aider :
+
+## Contributions
+
+Les contributions à RustDesk ou à ses dépendances doivent être soumises sous
+forme de pull requests GitHub. Chaque pull request sera examinée par un
+contributeur principal (une personne ayant la permission d'intégrer des
+correctifs) et sera soit intégrée dans la branche principale, soit accompagnée
+de retours sur les modifications requises. Toutes les contributions doivent
+suivre ce format, même celles des contributeurs principaux.
+
+Si vous souhaitez travailler sur une issue, veuillez d'abord la revendiquer en
+commentant sur l'issue GitHub indiquant que vous souhaitez la traiter. Cela
+permet d'éviter les efforts en double de la part des contributeurs sur la même
+issue.
+
+## Liste de vérification pour les pull requests
+
+- Partez de la branche master et, si nécessaire, effectuez un rebase sur la
+  branche master actuelle avant de soumettre votre pull request. Si elle ne
+  fusionne pas proprement avec master, il vous sera peut-être demandé de
+  rebaser vos modifications.
+
+- Les commits doivent être aussi petits que possible, tout en s'assurant que
+  chaque commit est correct de manière indépendante (c.-à-d. que chaque commit
+  doit compiler et passer les tests).
+
+- Les commits doivent être accompagnés d'une signature Developer Certificate of
+  Origin (http://developercertificate.org), indiquant que vous (et votre
+  employeur le cas échéant) acceptez d'être liés par les termes de la
+  [licence du projet](../LICENCE). Dans git, il s'agit de l'option `-s` de
+  `git commit`.
+
+- Si votre correctif n'est pas examiné ou si vous avez besoin qu'une personne
+  spécifique l'examine, vous pouvez @-mentionner un relecteur pour demander une
+  revue dans la pull request ou un commentaire, ou vous pouvez demander une
+  revue par [e-mail](mailto:info@rustdesk.com).
+
+- Ajoutez des tests relatifs au bug corrigé ou à la nouvelle fonctionnalité.
+
+Pour des instructions git spécifiques, consultez le
+[GitHub workflow 101](https://github.com/servo/servo/wiki/GitHub-workflow).
+
+## Conduite
+
+https://github.com/rustdesk/rustdesk/blob/master/docs/CODE_OF_CONDUCT.md
+
+## Communication
+
+Les contributeurs de RustDesk se retrouvent fréquemment sur
+[Discord](https://discord.gg/nDceKgxnkV).

docs/README-FR.md

@@ -34,9 +34,9 @@ Les versions de bureau utilisent [sciter](https://sciter.com/) pour l'interface
 - Installez [vcpkg](https://github.com/microsoft/vcpkg), et définissez correctement la variable d'environnement `VCPKG_ROOT`.
 
   - Windows : vcpkg install libvpx:x64-windows-static libyuv:x64-windows-static opus:x64-windows-static aom:x64-windows-static
-  - Linux/Osx : vcpkg install libvpx libyuv opus aom
+  - Linux/macOS : vcpkg install libvpx libyuv opus aom
 
-- Exécuter `cargo run`
+- Exécutez `cargo run`
 
 ## Comment compiler/build sous Linux
 
@@ -93,7 +93,7 @@ cd rustdesk
 mkdir -p target/debug
 wget https://raw.githubusercontent.com/c-smile/sciter-sdk/master/bin.lnx/x64/libsciter-gtk.so
 mv libsciter-gtk.so target/debug
-Exécution du cargo
+cargo run
 ```
 
 ## Comment construire avec Docker

docs/README-RU.md

@@ -167,7 +167,7 @@ target/release/rustdesk
 - **[src/ui](https://github.com/rustdesk/rustdesk/tree/master/src/ui)**: графический пользовательский интерфейс на Sciter (устаревшее)
 - **[src/server](https://github.com/rustdesk/rustdesk/tree/master/src/server)**: сервисы аудио, буфера обмена, ввода, видео и сетевых подключений
 - **[src/client.rs](https://github.com/rustdesk/rustdesk/tree/master/src/client.rs)**: одноранговое соединение
-- **[src/rendezvous_mediator.rs](https://github.com/rustdesk/rustdesk/tree/master/src/rendezvous_mediator.rs)**: связь с [сервером Rustdesk](https://github.com/rustdesk/rustdesk-server), ожидает удаленного прямого (через TCP hole punching) или ретранслируемого соединения
+- **[src/rendezvous_mediator.rs](https://github.com/rustdesk/rustdesk/tree/master/src/rendezvous_mediator.rs)**: связь с [сервером RustDesk](https://github.com/rustdesk/rustdesk-server), ожидает удаленного прямого (через TCP hole punching) или ретранслируемого соединения
 - **[src/platform](https://github.com/rustdesk/rustdesk/tree/master/src/platform)**: специфичный для платформы код
 - **[flutter](https://github.com/rustdesk/rustdesk/tree/master/flutter)**: код Flutter для ПК-версии и мобильных устройств
 - **[flutter/web/js](https://github.com/rustdesk/rustdesk/tree/master/flutter/web/v1/js)**: JavaScript для Web-клиента Flutter

docs/SECURITY-FR.md

@@ -0,0 +1,16 @@
+
+# Politique de sécurité
+
+## Signaler une vulnérabilité
+
+Nous accordons une très grande importance à la sécurité du projet. Nous
+encourageons tous les utilisateurs à nous signaler toute vulnérabilité qu'ils
+découvrent.
+
+Si vous trouvez une vulnérabilité de sécurité dans le projet RustDesk, veuillez
+la signaler de manière responsable en envoyant un e-mail à info@rustdesk.com.
+
+À ce stade, nous n'avons pas de programme de bug bounty. Nous sommes une petite
+équipe qui s'attaque à un grand défi. Nous vous encourageons vivement à signaler
+toute vulnérabilité de manière responsable afin que nous puissions continuer à
+développer une application sécurisée pour l'ensemble de la communauté.

flatpak/com.rustdesk.RustDesk.metainfo.xml

@@ -18,7 +18,7 @@
       <li> Supports VP8 / VP9 / AV1 software codecs, and H264 / H265 hardware codecs. </li>
       <li> Own your data, easily set up self-hosting solution on your infrastructure. </li>
       <li> P2P connection with end-to-end encryption based on NaCl. </li>
-      <li> No administrative privileges or installation needed for Windows, elevate priviledge locally or from remote on demand. </li>
+      <li> No administrative privileges or installation needed for Windows, elevate privilege locally or from remote on demand. </li>
       <li> We like to keep things simple and will strive to make simpler where possible. </li>
     </ul>
     <p>
@@ -56,4 +56,4 @@
     <control>pointing</control>
   </supports>
   <content_rating type="oars-1.1"/>
-</component>
+</component>

flatpak/rustdesk.json

@@ -55,6 +55,7 @@
   ],
   "finish-args": [
     "--share=ipc",
+    "--socket=wayland",
     "--socket=x11",
     "--share=network",
     "--filesystem=home",

flutter/android/app/src/main/kotlin/com/carriez/flutter_hbb/AudioRecordHandle.kt

@@ -62,7 +62,13 @@ class AudioRecordHandle(private var context: Context, private var isVideoStart:
                 return false
             }
         }
-        audioRecorder = builder.build()
+        val recorder = try {
+            builder.build()
+        } catch (e: Exception) {
+            Log.e(logTag, "createAudioRecorder failed", e)
+            return false
+        }
+        audioRecorder = recorder
         Log.d(logTag, "createAudioRecorder done,minBufferSize:$minBufferSize")
         return true
     }

flutter/android/app/src/main/kotlin/com/carriez/flutter_hbb/FloatingWindowService.kt

@@ -311,7 +311,10 @@ class FloatingWindowService : Service(), View.OnTouchListener {
              popupMenu.menu.add(0, idSyncClipboard, 0, translate("Update client clipboard"))
          }
          val idStopService = 2
-         popupMenu.menu.add(0, idStopService, 0, translate("Stop service"))
+         val hideStopService = FFI.getBuildinOption("hide-stop-service") == "Y"
+         if (!hideStopService) {
+             popupMenu.menu.add(0, idStopService, 0, translate("Stop service"))
+         }
          popupMenu.setOnMenuItemClickListener { menuItem ->
              when (menuItem.itemId) {
                  idShowRustDesk -> {
@@ -389,4 +392,3 @@ class FloatingWindowService : Service(), View.OnTouchListener {
         return false
     }
 }
-

flutter/android/app/src/main/kotlin/ffi.kt

@@ -24,6 +24,7 @@ object FFI {
     external fun setFrameRawEnable(name: String, value: Boolean)
     external fun setCodecInfo(info: String)
     external fun getLocalOption(key: String): String
+    external fun getBuildinOption(key: String): String
     external fun onClipboardUpdate(clips: ByteBuffer)
     external fun isServiceClipboardEnabled(): Boolean
 }

flutter/assets/auth-microsoft.svg

@@ -0,0 +1 @@
+<svg width="48" height="48" viewBox="0 0 48 48" xmlns="http://www.w3.org/2000/svg"><rect x="4" y="4" width="19" height="19" fill="#f25022"/><rect x="25" y="4" width="19" height="19" fill="#7fba00"/><rect x="4" y="25" width="19" height="19" fill="#00a4ef"/><rect x="25" y="25" width="19" height="19" fill="#ffb900"/></svg>

flutter/build_fdroid.sh

@@ -7,7 +7,7 @@
 #               2024, Vasyl Gello <vasek.gello@gmail.com>
 #
 
-# The script is invoked by F-Droid builder system ste-by-step.
+# The script is invoked by F-Droid builder system step-by-step.
 #
 # It accepts the following arguments:
 #
@@ -16,7 +16,6 @@
 # - Android architecture to build APK for: armeabi-v7a arm64-v8av x86 x86_64
 # - The build step to execute:
 #
-#   + sudo-deps: as root, install needed Debian packages into builder VM
 #   + prebuild: patch sources and do other stuff before the build
 #   + build: perform actual build of APK file
 #
@@ -184,13 +183,9 @@ prebuild)
 	fi
 
 	# Map NDK version to revision
-
-	NDK_VERSION="$(wget \
-		-qO- \
-		-H "Accept: application/vnd.github+json" \
-		-H "X-GitHub-Api-Version: 2022-11-28" \
-		'https://api.github.com/repos/android/ndk/releases' |
-		jq -r ".[] | select(.tag_name == \"${NDK_VERSION}\") | .body | match(\"ndkVersion \\\"(.*)\\\"\").captures[0].string")"
+	NDK_VERSION="$(curl https://gitlab.com/fdroid/android-sdk-transparency-log/-/raw/master/signed/checksums.json |
+		jq -r ".\"https://dl.google.com/android/repository/android-ndk-${NDK_VERSION}-linux.zip\"[0].\"source.properties\"" |
+		sed -n -E 's/.*Pkg.Revision = ([0-9.]+).*/\1/p')"
 
 	if [ -z "${NDK_VERSION}" ]; then
 		echo "ERROR: Can not map Android NDK codename to revision!" >&2
@@ -316,6 +311,18 @@ prebuild)
 	# `FLUTTER_BRIDGE_VERSION` an restore the pubspec later
 
 	if [ "${FLUTTER_VERSION}" != "${FLUTTER_BRIDGE_VERSION}" ]; then
+		# Find first libclang.so and set BRIDGE_LLVM_PATH
+
+		BRIDGE_LLVM_PATH="$(find /usr/lib/ -name libclang.so | head -n1)"
+
+		if [ -z "${BRIDGE_LLVM_PATH}" ]; then
+			echo 'ERROR: Can not find libclang.so for bridge generator!' >&2
+			exit 1
+		fi
+
+		BRIDGE_LLVM_PATH="$(dirname "${BRIDGE_LLVM_PATH}")"
+		BRIDGE_LLVM_PATH="$(dirname "${BRIDGE_LLVM_PATH}")"
+
 		# Install Flutter bridge version
 
 		prepare_flutter "${FLUTTER_BRIDGE_VERSION}" "${HOME}/flutter"
@@ -344,7 +351,8 @@ prebuild)
 
 		flutter_rust_bridge_codegen \
 			--rust-input ./src/flutter_ffi.rs \
-			--dart-output ./flutter/lib/generated_bridge.dart
+			--dart-output ./flutter/lib/generated_bridge.dart \
+			--llvm-path "${BRIDGE_LLVM_PATH}"
 
 		# Add bridge files to save-list
 
@@ -355,13 +363,15 @@ prebuild)
 		git checkout '*'
 		git clean -dffx
 		git reset
+
+		unset BRIDGE_LLVM_PATH
 	fi
 
 	# Install Flutter version for RustDesk library build
 
 	prepare_flutter "${FLUTTER_VERSION}" "${HOME}/flutter"
 
-	# gms is not in thoes files now, but we still keep the following line for future reference(maybe).
+	# gms is not in these files now, but we still keep the following line for future reference(maybe).
 
 	sed \
 		-i \
@@ -414,13 +424,9 @@ build)
 		.github/workflows/flutter-build.yml)"
 
 	# Map NDK version to revision
-
-	NDK_VERSION="$(wget \
-		-qO- \
-		-H "Accept: application/vnd.github+json" \
-		-H "X-GitHub-Api-Version: 2022-11-28" \
-		'https://api.github.com/repos/android/ndk/releases' |
-		jq -r ".[] | select(.tag_name == \"${NDK_VERSION}\") | .body | match(\"ndkVersion \\\"(.*)\\\"\").captures[0].string")"
+	NDK_VERSION="$(curl https://gitlab.com/fdroid/android-sdk-transparency-log/-/raw/master/signed/checksums.json |
+		jq -r ".\"https://dl.google.com/android/repository/android-ndk-${NDK_VERSION}-linux.zip\"[0].\"source.properties\"" |
+		sed -n -E 's/.*Pkg.Revision = ([0-9.]+).*/\1/p')"
 
 	if [ -z "${NDK_VERSION}" ]; then
 		echo "ERROR: Can not map Android NDK codename to revision!" >&2

flutter/lib/common.dart

@@ -2365,6 +2365,19 @@ List<String>? urlLinkToCmdArgs(Uri uri) {
     id = uri.path.substring("/new/".length);
   } else if (uri.authority == "config") {
     if (isAndroid || isIOS) {
+      final allowDeepLinkServerSettings =
+          bind.mainGetBuildinOption(key: kOptionAllowDeepLinkServerSettings) ==
+              'Y';
+      if (!allowDeepLinkServerSettings) {
+        debugPrint(
+            "Ignore rustdesk://config because $kOptionAllowDeepLinkServerSettings is not enabled.");
+        // Keep the user-facing error generic; detailed rejection reason is in debug logs.
+        // Delay toast to avoid missing overlay during cold-start deeplink handling.
+        Timer(Duration(seconds: 1), () {
+          showToast(translate('Failed'));
+        });
+        return null;
+      }
       final config = uri.path.substring("/".length);
       // add a timer to make showToast work
       Timer(Duration(seconds: 1), () {
@@ -2374,11 +2387,24 @@ List<String>? urlLinkToCmdArgs(Uri uri) {
     return null;
   } else if (uri.authority == "password") {
     if (isAndroid || isIOS) {
+      final allowDeepLinkPassword =
+          bind.mainGetBuildinOption(key: kOptionAllowDeepLinkPassword) == 'Y';
+      if (!allowDeepLinkPassword) {
+        debugPrint(
+            "Ignore rustdesk://password because $kOptionAllowDeepLinkPassword is not enabled.");
+        // Keep the user-facing error generic; detailed rejection reason is in debug logs.
+        // Delay toast to avoid missing overlay during cold-start deeplink handling.
+        Timer(Duration(seconds: 1), () {
+          showToast(translate('Failed'));
+        });
+        return null;
+      }
       final password = uri.path.substring("/".length);
       if (password.isNotEmpty) {
         Timer(Duration(seconds: 1), () async {
-          await bind.mainSetPermanentPassword(password: password);
-          showToast(translate('Successful'));
+          final ok =
+              await bind.mainSetPermanentPasswordWithResult(password: password);
+          showToast(translate(ok ? 'Successful' : 'Failed'));
         });
       }
     }
@@ -3063,6 +3089,11 @@ Future<void> start_service(bool is_start) async {
 }
 
 Future<bool> canBeBlocked() async {
+  if (isWeb) {
+    // Web can only act as a controller, never as a controlled side,
+    // so it should never be blocked by a remote session.
+    return false;
+  }
   // First check control permission
   final controlPermission = await bind.mainGetCommon(
       key: "is-remote-modify-enabled-by-control-permissions");
@@ -4113,3 +4144,43 @@ String mouseButtonsToPeer(int buttons) {
       return '';
   }
 }
+
+/// Build an avatar widget from an avatar URL or data URI string.
+/// Returns [fallback] if avatar is empty or cannot be decoded.
+/// [borderRadius] defaults to [size]/2 (circle).
+Widget? buildAvatarWidget({
+  required String avatar,
+  required double size,
+  double? borderRadius,
+  Widget? fallback,
+}) {
+  final trimmed = avatar.trim();
+  if (trimmed.isEmpty) return fallback;
+
+  ImageProvider? imageProvider;
+  if (trimmed.startsWith('data:image/')) {
+    final comma = trimmed.indexOf(',');
+    if (comma > 0) {
+      try {
+        imageProvider = MemoryImage(base64Decode(trimmed.substring(comma + 1)));
+      } catch (_) {}
+    }
+  } else if (trimmed.startsWith('http://') || trimmed.startsWith('https://')) {
+    imageProvider = NetworkImage(trimmed);
+  }
+
+  if (imageProvider == null) return fallback;
+
+  final radius = borderRadius ?? size / 2;
+  return ClipRRect(
+    borderRadius: BorderRadius.circular(radius),
+    child: Image(
+      image: imageProvider,
+      width: size,
+      height: size,
+      fit: BoxFit.cover,
+      errorBuilder: (_, __, ___) =>
+          fallback ?? SizedBox.shrink(),
+    ),
+  );
+}

flutter/lib/common/hbbs/hbbs.dart

@@ -25,6 +25,8 @@ enum UserStatus { kDisabled, kNormal, kUnverified }
 // Is all the fields of the user needed?
 class UserPayload {
   String name = '';
+  String displayName = '';
+  String avatar = '';
   String email = '';
   String note = '';
   String? verifier;
@@ -33,6 +35,8 @@ class UserPayload {
 
   UserPayload.fromJson(Map<String, dynamic> json)
       : name = json['name'] ?? '',
+        displayName = json['display_name'] ?? '',
+        avatar = json['avatar'] ?? '',
         email = json['email'] ?? '',
         note = json['note'] ?? '',
         verifier = json['verifier'],
@@ -46,6 +50,8 @@ class UserPayload {
   Map<String, dynamic> toJson() {
     final Map<String, dynamic> map = {
       'name': name,
+      'display_name': displayName,
+      'avatar': avatar,
       'status': status == UserStatus.kDisabled
           ? 0
           : status == UserStatus.kUnverified
@@ -58,9 +64,14 @@ class UserPayload {
   Map<String, dynamic> toGroupCacheJson() {
     final Map<String, dynamic> map = {
       'name': name,
+      'display_name': displayName,
     };
     return map;
   }
+
+  String get displayNameOrName {
+    return displayName.trim().isEmpty ? name : displayName;
+  }
 }
 
 class PeerPayload {

flutter/lib/common/widgets/address_book.dart

@@ -54,9 +54,9 @@ class _AddressBookState extends State<AddressBook> {
                 const LinearProgressIndicator(),
               buildErrorBanner(context,
                   loading: gFFI.abModel.currentAbLoading,
-                  err: gFFI.abModel.currentAbPullError,
+                  err: gFFI.abModel.abPullError,
                   retry: null,
-                  close: () => gFFI.abModel.currentAbPullError.value = ''),
+                  close: gFFI.abModel.clearPullErrors),
               buildErrorBanner(context,
                   loading: gFFI.abModel.currentAbLoading,
                   err: gFFI.abModel.currentAbPushError,

flutter/lib/common/widgets/keyboard_shortcuts/display.dart

@@ -0,0 +1,65 @@
+// flutter/lib/common/widgets/keyboard_shortcuts/display.dart
+import 'dart:convert';
+import 'package:flutter/foundation.dart';
+import '../../../consts.dart';
+import '../../../models/platform_model.dart';
+
+/// Read the bindings JSON and produce a human-readable shortcut string for
+/// `actionId`, formatted for the current OS. Returns null if unbound.
+class ShortcutDisplay {
+  static String? formatFor(String actionId) {
+    final raw = bind.mainGetLocalOption(key: kShortcutLocalConfigKey);
+    if (raw.isEmpty) return null;
+    final Map<String, dynamic> parsed;
+    try {
+      parsed = jsonDecode(raw) as Map<String, dynamic>;
+    } catch (_) {
+      return null;
+    }
+    if (parsed['enabled'] != true) return null;
+    final list = (parsed['bindings'] as List? ?? []).cast<Map<String, dynamic>>();
+    final found = list.firstWhere(
+      (b) => b['action'] == actionId,
+      orElse: () => {},
+    );
+    if (found.isEmpty) return null;
+
+    // Guard against a hand-edited / corrupt config where `key` is missing or
+    // not a string — silently treat the binding as unbound rather than
+    // crashing the toolbar render.
+    final keyValue = found['key'];
+    if (keyValue is! String) return null;
+
+    final isMac = defaultTargetPlatform == TargetPlatform.macOS ||
+                  defaultTargetPlatform == TargetPlatform.iOS;
+    // `mods` similarly may be malformed; treat a non-list as no modifiers.
+    final modsRaw = found['mods'];
+    final mods = modsRaw is List
+        ? modsRaw.whereType<String>().toList()
+        : const <String>[];
+    final parts = <String>[];
+    for (final m in ['primary', 'alt', 'shift']) {
+      if (!mods.contains(m)) continue;
+      switch (m) {
+        case 'primary': parts.add(isMac ? '⌘' : 'Ctrl'); break;
+        case 'alt':     parts.add(isMac ? '⌥' : 'Alt'); break;
+        case 'shift':   parts.add(isMac ? '⇧' : 'Shift'); break;
+      }
+    }
+    parts.add(_keyDisplay(keyValue, isMac));
+    return isMac ? parts.join('') : parts.join('+');
+  }
+
+  static String _keyDisplay(String key, bool isMac) {
+    switch (key) {
+      case 'delete':     return isMac ? '⌫' : 'Del';
+      case 'enter':      return isMac ? '⏎' : 'Enter';
+      case 'arrow_left': return '←';
+      case 'arrow_right':return '→';
+      case 'arrow_up':   return '↑';
+      case 'arrow_down': return '↓';
+    }
+    if (key.startsWith('digit')) return key.substring(5);
+    return key.toUpperCase();
+  }
+}

flutter/lib/common/widgets/keyboard_shortcuts/page_body.dart

@@ -0,0 +1,490 @@
+// flutter/lib/common/widgets/keyboard_shortcuts/page_body.dart
+//
+// Shared body widget for the Keyboard Shortcuts configuration page. Both the
+// desktop (`desktop/pages/desktop_keyboard_shortcuts_page.dart`) and mobile
+// (`mobile/pages/mobile_keyboard_shortcuts_page.dart`) pages render this
+// widget inside their own platform-styled Scaffold + AppBar shell.
+//
+// The body owns:
+//   * the top-level enable/disable toggle (mirrors the General-tab toggle —
+//     same JSON key, same semantics);
+//   * a grouped list of actions, each with its current binding plus
+//     edit / clear icons;
+//   * the JSON read/write helpers under [kShortcutLocalConfigKey] in the
+//     canonical {enabled, bindings:[{action,mods,key}]} shape;
+//   * the recording-dialog round-trip and conflict-replace bookkeeping;
+//   * "Reset to defaults" (called from the platform AppBar).
+//
+// Platform shells supply only:
+//   * the AppBar (with a "Reset to defaults" action that calls
+//     [KeyboardShortcutsPageBodyState.resetToDefaultsWithConfirm]);
+//   * surrounding padding / list-tile vs. dense-row visuals via the
+//     [compact] flag.
+
+import 'dart:convert';
+
+import 'package:flutter/foundation.dart';
+import 'package:flutter/material.dart';
+
+import '../../../common.dart';
+import '../../../consts.dart';
+import '../../../models/platform_model.dart';
+import '../../../models/shortcut_model.dart';
+import 'recording_dialog.dart';
+
+/// One configurable action — id + i18n key for its label.
+class KeyboardShortcutActionEntry {
+  final String id;
+  final String labelKey;
+  const KeyboardShortcutActionEntry(this.id, this.labelKey);
+}
+
+/// A named group of actions (e.g. "Session Control").
+class KeyboardShortcutActionGroup {
+  final String titleKey;
+  final List<KeyboardShortcutActionEntry> actions;
+  const KeyboardShortcutActionGroup(this.titleKey, this.actions);
+}
+
+/// Canonical action group definitions used by both the desktop and mobile
+/// configuration pages. The order of groups and entries here is the order
+/// the user sees in the UI. (Not `const` because the per-tab ids come from
+/// the `kShortcutActionSwitchTab(n)` helper in `consts.dart`.)
+final List<KeyboardShortcutActionGroup> kKeyboardShortcutActionGroups = [
+  KeyboardShortcutActionGroup('Session Control', [
+    KeyboardShortcutActionEntry(
+        kShortcutActionSendCtrlAltDel, 'Insert Ctrl + Alt + Del'),
+    KeyboardShortcutActionEntry(kShortcutActionInsertLock, 'Insert Lock'),
+    KeyboardShortcutActionEntry(kShortcutActionRefresh, 'Refresh'),
+    KeyboardShortcutActionEntry(kShortcutActionSwitchSides, 'Switch Sides'),
+    KeyboardShortcutActionEntry(
+        kShortcutActionToggleRecording, 'Toggle Recording'),
+    KeyboardShortcutActionEntry(
+        kShortcutActionToggleBlockInput, 'Toggle Block User Input'),
+  ]),
+  KeyboardShortcutActionGroup('Display', [
+    KeyboardShortcutActionEntry(
+        kShortcutActionToggleFullscreen, 'Toggle Fullscreen'),
+    KeyboardShortcutActionEntry(
+        kShortcutActionSwitchDisplayNext, 'Switch to next display'),
+    KeyboardShortcutActionEntry(
+        kShortcutActionSwitchDisplayPrev, 'Switch to previous display'),
+    KeyboardShortcutActionEntry(kShortcutActionViewMode1to1, 'View Mode 1:1'),
+    KeyboardShortcutActionEntry(
+        kShortcutActionViewModeShrink, 'View Mode Shrink'),
+    KeyboardShortcutActionEntry(
+        kShortcutActionViewModeStretch, 'View Mode Stretch'),
+  ]),
+  KeyboardShortcutActionGroup('Other', [
+    KeyboardShortcutActionEntry(kShortcutActionScreenshot, 'Take Screenshot'),
+    KeyboardShortcutActionEntry(kShortcutActionToggleAudio, 'Toggle Audio'),
+    KeyboardShortcutActionEntry(
+        kShortcutActionTogglePrivacyMode, 'Toggle Privacy Mode'),
+    for (var n = 1; n <= 9; n++)
+      KeyboardShortcutActionEntry(
+          kShortcutActionSwitchTab(n), 'Switch Tab $n'),
+  ]),
+];
+
+/// The shared body widget. Render this inside a platform-styled Scaffold.
+///
+/// [compact] toggles the desktop dense-row layout (`true`) versus the mobile
+/// touch-friendly ListTile layout (`false`).
+///
+/// [editButtonHint] is shown as the tooltip on the Edit icon. Mobile shells
+/// use this to clarify that recording requires a physical keyboard.
+///
+/// [headerBanner] is an optional widget rendered above the toggle. Mobile
+/// uses this to show the "Recording requires a physical keyboard" hint.
+class KeyboardShortcutsPageBody extends StatefulWidget {
+  final bool compact;
+  final String? editButtonHint;
+  final Widget? headerBanner;
+
+  const KeyboardShortcutsPageBody({
+    Key? key,
+    this.compact = true,
+    this.editButtonHint,
+    this.headerBanner,
+  }) : super(key: key);
+
+  @override
+  State<KeyboardShortcutsPageBody> createState() =>
+      KeyboardShortcutsPageBodyState();
+}
+
+/// Public state so platform shells can call [resetToDefaultsWithConfirm] from
+/// their AppBar action.
+class KeyboardShortcutsPageBodyState extends State<KeyboardShortcutsPageBody> {
+  // ----- Persistence helpers -----
+
+  Map<String, dynamic> _readJson() {
+    final raw = bind.mainGetLocalOption(key: kShortcutLocalConfigKey);
+    if (raw.isEmpty) return {'enabled': false, 'bindings': <dynamic>[]};
+    try {
+      final parsed = jsonDecode(raw) as Map<String, dynamic>;
+      parsed['bindings'] ??= <dynamic>[];
+      parsed['enabled'] ??= false;
+      return parsed;
+    } catch (_) {
+      return {'enabled': false, 'bindings': <dynamic>[]};
+    }
+  }
+
+  Future<void> _writeJson(Map<String, dynamic> json) async {
+    await bind.mainSetLocalOption(
+        key: kShortcutLocalConfigKey, value: jsonEncode(json));
+    // Refresh the matcher cache so writes take effect immediately. On native
+    // this hits the Rust matcher; on Web the bridge forwards to the JS-side
+    // matcher in flutter/web/js/.
+    bind.mainReloadKeyboardShortcuts();
+    if (mounted) setState(() {});
+  }
+
+  /// Replace the bindings entry for [actionId] with [binding]. If [binding]
+  /// is null, removes the existing entry. If the user is replacing a
+  /// conflicting binding, [clearActionId] points at the action whose
+  /// (now-stale) binding should be removed in the same write.
+  Future<void> _setBinding(
+    String actionId, {
+    Map<String, dynamic>? binding,
+    String? clearActionId,
+  }) async {
+    final json = _readJson();
+    final list = ((json['bindings'] as List?) ?? <dynamic>[])
+        .cast<Map<String, dynamic>>()
+        .toList();
+    list.removeWhere((b) {
+      final a = b['action'];
+      return a == actionId || (clearActionId != null && a == clearActionId);
+    });
+    if (binding != null) {
+      list.add(binding);
+    }
+    json['bindings'] = list;
+    await _writeJson(json);
+  }
+
+  Future<void> _setEnabled(bool v) async {
+    final json = _readJson();
+    json['enabled'] = v;
+    // First-time enable: seed defaults if the user has never bound anything.
+    final list = (json['bindings'] as List?) ?? const [];
+    if (v && list.isEmpty) {
+      json['bindings'] = jsonDecode(bind.mainGetDefaultKeyboardShortcuts());
+    }
+    await _writeJson(json);
+  }
+
+  Future<void> _resetToDefaults() async {
+    final json = _readJson();
+    json['bindings'] = jsonDecode(bind.mainGetDefaultKeyboardShortcuts());
+    await _writeJson(json);
+  }
+
+  String _labelFor(String actionId) {
+    for (final g in kKeyboardShortcutActionGroups) {
+      for (final a in g.actions) {
+        if (a.id == actionId) return translate(a.labelKey);
+      }
+    }
+    return actionId;
+  }
+
+  // ----- UI handlers -----
+
+  Future<void> _onEdit(KeyboardShortcutActionEntry entry) async {
+    final json = _readJson();
+    final bindings = ((json['bindings'] as List?) ?? <dynamic>[])
+        .cast<Map<String, dynamic>>();
+    final result = await showRecordingDialog(
+      context: context,
+      actionId: entry.id,
+      actionLabel: translate(entry.labelKey),
+      existingBindings: bindings,
+      actionLabelLookup: _labelFor,
+    );
+    if (result == null) return;
+    await _setBinding(
+      entry.id,
+      binding: result.binding,
+      clearActionId: result.clearActionId,
+    );
+  }
+
+  Future<void> _onClear(KeyboardShortcutActionEntry entry) async {
+    await _setBinding(entry.id, binding: null);
+  }
+
+  /// Public — invoked from the platform AppBar action.
+  Future<void> resetToDefaultsWithConfirm() async {
+    final confirmed = await showDialog<bool>(
+      context: context,
+      builder: (ctx) => AlertDialog(
+        title: Text(translate('Reset to defaults')),
+        content: Text(translate('shortcut-reset-confirm-tip')),
+        actions: [
+          dialogButton('Cancel',
+              onPressed: () => Navigator.of(ctx).pop(false),
+              isOutline: true),
+          dialogButton('OK', onPressed: () => Navigator.of(ctx).pop(true)),
+        ],
+      ),
+    );
+    if (confirmed == true) {
+      await _resetToDefaults();
+    }
+  }
+
+  // ----- Build -----
+
+  @override
+  Widget build(BuildContext context) {
+    final enabled = ShortcutModel.isEnabled();
+    final theme = Theme.of(context);
+
+    return ListView(
+      padding: const EdgeInsets.all(16),
+      children: [
+        if (widget.headerBanner != null) ...[
+          widget.headerBanner!,
+          const SizedBox(height: 12),
+        ],
+        // Top toggle — mirrors the General-tab _OptionCheckBox semantics.
+        Row(
+          children: [
+            Checkbox(
+              value: enabled,
+              onChanged: (v) async {
+                if (v == null) return;
+                await _setEnabled(v);
+              },
+            ),
+            const SizedBox(width: 4),
+            Expanded(
+              child: GestureDetector(
+                behavior: HitTestBehavior.opaque,
+                onTap: () => _setEnabled(!enabled),
+                child: Text(
+                  translate('Enable keyboard shortcuts in remote session'),
+                ),
+              ),
+            ),
+          ],
+        ),
+        const SizedBox(height: 8),
+        Padding(
+          padding: const EdgeInsets.symmetric(horizontal: 8),
+          child: Text(
+            translate('shortcut-page-description'),
+            style: TextStyle(color: theme.hintColor),
+          ),
+        ),
+        const SizedBox(height: 16),
+        // Disabled visual state when toggle is off — but still scrollable.
+        Opacity(
+          opacity: enabled ? 1.0 : 0.5,
+          child: AbsorbPointer(
+            absorbing: !enabled,
+            child: Column(
+              crossAxisAlignment: CrossAxisAlignment.start,
+              children: [
+                for (final group in kKeyboardShortcutActionGroups)
+                  _buildGroup(context, group),
+              ],
+            ),
+          ),
+        ),
+      ],
+    );
+  }
+
+  Widget _buildGroup(BuildContext context, KeyboardShortcutActionGroup group) {
+    return Column(
+      crossAxisAlignment: CrossAxisAlignment.start,
+      children: [
+        const SizedBox(height: 12),
+        Padding(
+          padding: const EdgeInsets.symmetric(horizontal: 8),
+          child: Row(
+            children: [
+              Text(
+                translate(group.titleKey),
+                style: TextStyle(
+                  fontWeight: FontWeight.w600,
+                  color: Theme.of(context).colorScheme.primary,
+                ),
+              ),
+              const SizedBox(width: 8),
+              const Expanded(
+                child: Divider(thickness: 1),
+              ),
+            ],
+          ),
+        ),
+        const SizedBox(height: 4),
+        for (final action in group.actions)
+          widget.compact
+              ? _buildCompactRow(context, action)
+              : _buildTouchRow(context, action),
+      ],
+    );
+  }
+
+  /// Desktop dense row: label | shortcut | edit | clear, all in one Row.
+  Widget _buildCompactRow(
+      BuildContext context, KeyboardShortcutActionEntry entry) {
+    final shortcut = ShortcutDisplayForActionId.format(entry.id);
+    final hasBinding = shortcut != null;
+    return Padding(
+      padding: const EdgeInsets.symmetric(horizontal: 8, vertical: 6),
+      child: Row(
+        children: [
+          Expanded(
+            flex: 5,
+            child: Text(translate(entry.labelKey)),
+          ),
+          Expanded(
+            flex: 4,
+            child: Text(
+              shortcut ?? '—',
+              style: TextStyle(
+                fontFamily: defaultTargetPlatform == TargetPlatform.windows
+                    ? 'Consolas'
+                    : 'monospace',
+                color: hasBinding ? null : Theme.of(context).hintColor,
+              ),
+            ),
+          ),
+          IconButton(
+            tooltip: widget.editButtonHint ?? translate('Edit'),
+            onPressed: () => _onEdit(entry),
+            icon: const Icon(Icons.edit_outlined, size: 18),
+          ),
+          SizedBox(
+            width: 40,
+            child: hasBinding
+                ? IconButton(
+                    tooltip: translate('Clear'),
+                    onPressed: () => _onClear(entry),
+                    icon: const Icon(Icons.close, size: 18),
+                  )
+                : const SizedBox.shrink(),
+          ),
+        ],
+      ),
+    );
+  }
+
+  /// Mobile touch row: ListTile with title + subtitle + trailing icons.
+  Widget _buildTouchRow(
+      BuildContext context, KeyboardShortcutActionEntry entry) {
+    final shortcut = ShortcutDisplayForActionId.format(entry.id);
+    final hasBinding = shortcut != null;
+    return ListTile(
+      dense: false,
+      contentPadding: const EdgeInsets.symmetric(horizontal: 8),
+      title: Text(translate(entry.labelKey)),
+      subtitle: Text(
+        shortcut ?? '—',
+        style: TextStyle(
+          fontFamily: defaultTargetPlatform == TargetPlatform.windows
+              ? 'Consolas'
+              : 'monospace',
+          color: hasBinding ? null : Theme.of(context).hintColor,
+        ),
+      ),
+      trailing: Row(
+        mainAxisSize: MainAxisSize.min,
+        children: [
+          IconButton(
+            tooltip: widget.editButtonHint ?? translate('Edit'),
+            onPressed: () => _onEdit(entry),
+            icon: const Icon(Icons.edit_outlined),
+          ),
+          if (hasBinding)
+            IconButton(
+              tooltip: translate('Clear'),
+              onPressed: () => _onClear(entry),
+              icon: const Icon(Icons.close),
+            )
+          else
+            const SizedBox(width: 48),
+        ],
+      ),
+    );
+  }
+}
+
+/// Thin wrapper around [ShortcutDisplay.formatFor] that ignores the
+/// `enabled` flag so the configuration page can always show the user what
+/// they have bound, even when the feature is currently disabled.
+class ShortcutDisplayForActionId {
+  static String? format(String actionId) {
+    final raw = bind.mainGetLocalOption(key: kShortcutLocalConfigKey);
+    if (raw.isEmpty) return null;
+    final Map<String, dynamic> parsed;
+    try {
+      parsed = jsonDecode(raw) as Map<String, dynamic>;
+    } catch (_) {
+      return null;
+    }
+    final list = (parsed['bindings'] as List? ?? const [])
+        .cast<Map<String, dynamic>>();
+    final found = list.firstWhere(
+      (b) => b['action'] == actionId,
+      orElse: () => {},
+    );
+    if (found.isEmpty) return null;
+
+    // Guard against a hand-edited / corrupt config where `key` is missing or
+    // not a string — render the row as unbound instead of crashing the
+    // settings page.
+    final keyValue = found['key'];
+    if (keyValue is! String) return null;
+
+    final isMac = defaultTargetPlatform == TargetPlatform.macOS ||
+        defaultTargetPlatform == TargetPlatform.iOS;
+    // `mods` similarly may be malformed; treat a non-list as no modifiers.
+    final modsRaw = found['mods'];
+    final mods = modsRaw is List
+        ? modsRaw.whereType<String>().toList()
+        : const <String>[];
+    final parts = <String>[];
+    for (final m in ['primary', 'alt', 'shift']) {
+      if (!mods.contains(m)) continue;
+      switch (m) {
+        case 'primary':
+          parts.add(isMac ? '⌘' : 'Ctrl');
+          break;
+        case 'alt':
+          parts.add(isMac ? '⌥' : 'Alt');
+          break;
+        case 'shift':
+          parts.add(isMac ? '⇧' : 'Shift');
+          break;
+      }
+    }
+    parts.add(_keyDisplay(keyValue, isMac));
+    return isMac ? parts.join('') : parts.join('+');
+  }
+
+  static String _keyDisplay(String key, bool isMac) {
+    switch (key) {
+      case 'delete':
+        return isMac ? '⌫' : 'Del';
+      case 'enter':
+        return isMac ? '⏎' : 'Enter';
+      case 'arrow_left':
+        return '←';
+      case 'arrow_right':
+        return '→';
+      case 'arrow_up':
+        return '↑';
+      case 'arrow_down':
+        return '↓';
+    }
+    if (key.startsWith('digit')) return key.substring(5);
+    return key.toUpperCase();
+  }
+}

flutter/lib/common/widgets/keyboard_shortcuts/recording_dialog.dart

@@ -0,0 +1,371 @@
+// flutter/lib/common/widgets/keyboard_shortcuts/recording_dialog.dart
+//
+// Modal dialog used by the Keyboard Shortcuts settings page to capture a new
+// key combination for a given action. The dialog listens for KeyDown events,
+// extracts the modifier set + non-modifier key, validates against the
+// "must include Ctrl+Alt+Shift (Cmd+Option+Shift on macOS)" rule, and reports
+// any conflict with another already-bound action.
+//
+// On Save, returns the new binding map ({action, mods, key}) plus the
+// optional id of the action whose binding should be cleared (the conflict
+// "Replace" path). On Cancel, returns null.
+
+import 'package:flutter/foundation.dart';
+import 'package:flutter/material.dart';
+import 'package:flutter/services.dart';
+
+import '../../../common.dart';
+
+/// Result of the recording dialog.
+class RecordingResult {
+  /// The new binding map to write: {action, mods, key}.
+  final Map<String, dynamic> binding;
+
+  /// If the chosen combo conflicted with another action, the user chose
+  /// "Replace" — the caller must clear this action's binding before writing
+  /// the new one.
+  final String? clearActionId;
+
+  RecordingResult(this.binding, this.clearActionId);
+}
+
+/// Show the recording dialog.
+///
+/// [actionId] is the action being edited (used for the title and to detect
+/// "binding to itself" — that's not a conflict).
+/// [actionLabel] is the translated, user-facing action name.
+/// [existingBindings] is the current bindings list (used for conflict detection).
+/// [actionLabelLookup] resolves an actionId to its translated label, used in
+/// the conflict warning.
+Future<RecordingResult?> showRecordingDialog({
+  required BuildContext context,
+  required String actionId,
+  required String actionLabel,
+  required List<Map<String, dynamic>> existingBindings,
+  required String Function(String) actionLabelLookup,
+}) {
+  return showDialog<RecordingResult>(
+    context: context,
+    barrierDismissible: false,
+    builder: (ctx) => _RecordingDialog(
+      actionId: actionId,
+      actionLabel: actionLabel,
+      existingBindings: existingBindings,
+      actionLabelLookup: actionLabelLookup,
+    ),
+  );
+}
+
+class _RecordingDialog extends StatefulWidget {
+  final String actionId;
+  final String actionLabel;
+  final List<Map<String, dynamic>> existingBindings;
+  final String Function(String) actionLabelLookup;
+
+  const _RecordingDialog({
+    required this.actionId,
+    required this.actionLabel,
+    required this.existingBindings,
+    required this.actionLabelLookup,
+  });
+
+  @override
+  State<_RecordingDialog> createState() => _RecordingDialogState();
+}
+
+class _RecordingDialogState extends State<_RecordingDialog> {
+  final FocusNode _focusNode = FocusNode();
+
+  // Captured combo. null until the user presses something with a non-modifier.
+  Set<String> _mods = {};
+  String? _key;
+
+  @override
+  void initState() {
+    super.initState();
+    WidgetsBinding.instance.addPostFrameCallback((_) {
+      _focusNode.requestFocus();
+    });
+  }
+
+  @override
+  void dispose() {
+    _focusNode.dispose();
+    super.dispose();
+  }
+
+  bool get _isMac =>
+      defaultTargetPlatform == TargetPlatform.macOS ||
+      defaultTargetPlatform == TargetPlatform.iOS;
+
+  /// True when the captured combo includes the required Ctrl+Alt+Shift
+  /// (Cmd+Option+Shift on macOS) prefix and a non-modifier key.
+  bool get _hasRequiredPrefix =>
+      _mods.contains('primary') &&
+      _mods.contains('alt') &&
+      _mods.contains('shift');
+
+  /// Return the actionId that this combo currently conflicts with, or null.
+  /// The action being edited is not a conflict with itself.
+  String? get _conflictActionId {
+    if (_key == null || !_hasRequiredPrefix) return null;
+    for (final b in widget.existingBindings) {
+      final otherAction = b['action'] as String?;
+      if (otherAction == null || otherAction == widget.actionId) continue;
+      final otherKey = b['key'] as String?;
+      final otherMods =
+          ((b['mods'] as List?) ?? const []).cast<String>().toSet();
+      if (otherKey == _key &&
+          otherMods.length == _mods.length &&
+          otherMods.containsAll(_mods)) {
+        return otherAction;
+      }
+    }
+    return null;
+  }
+
+  KeyEventResult _onKeyEvent(FocusNode node, KeyEvent event) {
+    if (event is KeyDownEvent && event.logicalKey == LogicalKeyboardKey.escape) {
+      Navigator.of(context).pop();
+      return KeyEventResult.handled;
+    }
+    if (event is! KeyDownEvent) return KeyEventResult.handled;
+
+    // Ignore modifier-only KeyDowns: don't lock in a partial combo.
+    final logical = event.logicalKey;
+    final keyName = _logicalToKeyName(logical);
+
+    final mods = <String>{};
+    if (HardwareKeyboard.instance.isAltPressed) mods.add('alt');
+    if (HardwareKeyboard.instance.isShiftPressed) mods.add('shift');
+    final primary = _isMac
+        ? HardwareKeyboard.instance.isMetaPressed
+        : HardwareKeyboard.instance.isControlPressed;
+    if (primary) mods.add('primary');
+
+    setState(() {
+      _mods = mods;
+      // Only lock in the key when it's a non-modifier we recognize.
+      // Modifier-only KeyDowns (Shift, Ctrl, etc.) leave the captured key
+      // untouched, so the user can adjust modifiers after the fact.
+      if (keyName != null) {
+        _key = keyName;
+      }
+    });
+    return KeyEventResult.handled;
+  }
+
+  void _onSave() {
+    if (_key == null || !_hasRequiredPrefix) return;
+    // Sort mods to match the canonical order used by Rust default_bindings:
+    // primary, alt, shift.
+    final ordered = <String>[
+      if (_mods.contains('primary')) 'primary',
+      if (_mods.contains('alt')) 'alt',
+      if (_mods.contains('shift')) 'shift',
+    ];
+    final binding = <String, dynamic>{
+      'action': widget.actionId,
+      'mods': ordered,
+      'key': _key!,
+    };
+    Navigator.of(context).pop(RecordingResult(binding, _conflictActionId));
+  }
+
+  String _formatPrefix() {
+    if (_isMac) return 'Cmd+Option+Shift';
+    return 'Ctrl+Alt+Shift';
+  }
+
+  String _formatCombo() {
+    final parts = <String>[];
+    for (final m in ['primary', 'alt', 'shift']) {
+      if (!_mods.contains(m)) continue;
+      switch (m) {
+        case 'primary':
+          parts.add(_isMac ? '⌘' : 'Ctrl');
+          break;
+        case 'alt':
+          parts.add(_isMac ? '⌥' : 'Alt');
+          break;
+        case 'shift':
+          parts.add(_isMac ? '⇧' : 'Shift');
+          break;
+      }
+    }
+    if (_key != null) {
+      parts.add(_keyDisplay(_key!));
+    }
+    if (parts.isEmpty) return translate('shortcut-recording-press-keys-tip');
+    return _isMac ? parts.join('') : parts.join('+');
+  }
+
+  String _keyDisplay(String key) {
+    switch (key) {
+      case 'delete':
+        return _isMac ? '⌫' : 'Del';
+      case 'enter':
+        return _isMac ? '⏎' : 'Enter';
+      case 'arrow_left':
+        return '←';
+      case 'arrow_right':
+        return '→';
+      case 'arrow_up':
+        return '↑';
+      case 'arrow_down':
+        return '↓';
+    }
+    if (key.startsWith('digit')) return key.substring(5);
+    return key.toUpperCase();
+  }
+
+  @override
+  Widget build(BuildContext context) {
+    final hasKey = _key != null;
+    final conflictId = _conflictActionId;
+    final hasConflict = conflictId != null;
+    final canSave = hasKey && _hasRequiredPrefix;
+
+    Widget statusLine;
+    if (!hasKey) {
+      statusLine = Text(
+        translate('shortcut-recording-press-keys-tip'),
+        style: TextStyle(color: Theme.of(context).hintColor),
+      );
+    } else if (!_hasRequiredPrefix) {
+      statusLine = Row(
+        children: [
+          Icon(Icons.close, size: 16, color: Colors.red),
+          const SizedBox(width: 6),
+          Flexible(
+            child: Text(
+              '${translate('shortcut-must-include-prefix')} ${_formatPrefix()}',
+              style: const TextStyle(color: Colors.red),
+            ),
+          ),
+        ],
+      );
+    } else if (hasConflict) {
+      final otherLabel = widget.actionLabelLookup(conflictId);
+      statusLine = Row(
+        children: [
+          Icon(Icons.warning_amber_outlined,
+              size: 16, color: Colors.orange.shade700),
+          const SizedBox(width: 6),
+          Flexible(
+            child: Text(
+              '${translate('shortcut-already-bound-to')} "$otherLabel"',
+              style: TextStyle(color: Colors.orange.shade700),
+            ),
+          ),
+        ],
+      );
+    } else {
+      statusLine = Row(
+        children: [
+          const Icon(Icons.check, size: 16, color: Colors.green),
+          const SizedBox(width: 6),
+          Text(translate('Valid'),
+              style: const TextStyle(color: Colors.green)),
+        ],
+      );
+    }
+
+    final saveLabel = hasConflict ? 'Replace' : 'Save';
+
+    return AlertDialog(
+      title: Text(
+        '${translate('Set Shortcut')}: ${widget.actionLabel}',
+      ),
+      content: Focus(
+        focusNode: _focusNode,
+        autofocus: true,
+        onKeyEvent: _onKeyEvent,
+        child: ConstrainedBox(
+          constraints: const BoxConstraints(minWidth: 380),
+          child: Column(
+            mainAxisSize: MainAxisSize.min,
+            crossAxisAlignment: CrossAxisAlignment.start,
+            children: [
+              Text(translate('shortcut-recording-instruction')),
+              const SizedBox(height: 12),
+              Container(
+                width: double.infinity,
+                padding: const EdgeInsets.symmetric(
+                    vertical: 18, horizontal: 12),
+                decoration: BoxDecoration(
+                  border: Border.all(color: Theme.of(context).dividerColor),
+                  borderRadius: BorderRadius.circular(4),
+                ),
+                child: Text(
+                  _formatCombo(),
+                  textAlign: TextAlign.center,
+                  style: TextStyle(
+                    fontSize: 18,
+                    fontWeight: FontWeight.w600,
+                    color: hasKey
+                        ? Theme.of(context).textTheme.titleLarge?.color
+                        : Theme.of(context).hintColor,
+                  ),
+                ),
+              ),
+              const SizedBox(height: 12),
+              statusLine,
+            ],
+          ),
+        ),
+      ),
+      actions: [
+        dialogButton('Cancel',
+            onPressed: () => Navigator.of(context).pop(),
+            isOutline: true),
+        dialogButton(saveLabel, onPressed: canSave ? _onSave : null),
+      ],
+    );
+  }
+
+  /// Mirror of `event_to_key_name` in `src/keyboard/shortcuts.rs` and
+  /// `logicalToKeyName` in `flutter/web/js/src/shortcut_matcher.ts` — keep
+  /// the three in lockstep. Returns null for modifier-only or unsupported keys.
+  static String? _logicalToKeyName(LogicalKeyboardKey k) {
+    if (k == LogicalKeyboardKey.delete) return 'delete';
+    if (k == LogicalKeyboardKey.enter ||
+        k == LogicalKeyboardKey.numpadEnter) return 'enter';
+    if (k == LogicalKeyboardKey.arrowLeft) return 'arrow_left';
+    if (k == LogicalKeyboardKey.arrowRight) return 'arrow_right';
+    if (k == LogicalKeyboardKey.arrowUp) return 'arrow_up';
+    if (k == LogicalKeyboardKey.arrowDown) return 'arrow_down';
+
+    final letters = <LogicalKeyboardKey, String>{
+      LogicalKeyboardKey.keyA: 'a', LogicalKeyboardKey.keyB: 'b',
+      LogicalKeyboardKey.keyC: 'c', LogicalKeyboardKey.keyD: 'd',
+      LogicalKeyboardKey.keyE: 'e', LogicalKeyboardKey.keyF: 'f',
+      LogicalKeyboardKey.keyG: 'g', LogicalKeyboardKey.keyH: 'h',
+      LogicalKeyboardKey.keyI: 'i', LogicalKeyboardKey.keyJ: 'j',
+      LogicalKeyboardKey.keyK: 'k', LogicalKeyboardKey.keyL: 'l',
+      LogicalKeyboardKey.keyM: 'm', LogicalKeyboardKey.keyN: 'n',
+      LogicalKeyboardKey.keyO: 'o', LogicalKeyboardKey.keyP: 'p',
+      LogicalKeyboardKey.keyQ: 'q', LogicalKeyboardKey.keyR: 'r',
+      LogicalKeyboardKey.keyS: 's', LogicalKeyboardKey.keyT: 't',
+      LogicalKeyboardKey.keyU: 'u', LogicalKeyboardKey.keyV: 'v',
+      LogicalKeyboardKey.keyW: 'w', LogicalKeyboardKey.keyX: 'x',
+      LogicalKeyboardKey.keyY: 'y', LogicalKeyboardKey.keyZ: 'z',
+    };
+    if (letters.containsKey(k)) return letters[k];
+
+    final digits = <LogicalKeyboardKey, String>{
+      LogicalKeyboardKey.digit1: 'digit1',
+      LogicalKeyboardKey.digit2: 'digit2',
+      LogicalKeyboardKey.digit3: 'digit3',
+      LogicalKeyboardKey.digit4: 'digit4',
+      LogicalKeyboardKey.digit5: 'digit5',
+      LogicalKeyboardKey.digit6: 'digit6',
+      LogicalKeyboardKey.digit7: 'digit7',
+      LogicalKeyboardKey.digit8: 'digit8',
+      LogicalKeyboardKey.digit9: 'digit9',
+    };
+    if (digits.containsKey(k)) return digits[k];
+
+    return null;
+  }
+}

flutter/lib/common/widgets/login.dart

@@ -20,7 +20,8 @@ const kOpSvgList = [
   'okta',
   'facebook',
   'azure',
-  'auth0'
+  'auth0',
+  'microsoft'
 ];
 
 class _IconOP extends StatelessWidget {
@@ -224,21 +225,59 @@ class _WidgetOPState extends State<WidgetOP> {
           return Offstage(
             offstage:
                 _failedMsg.isEmpty && widget.curOP.value != widget.config.op,
-            child: RichText(
-              text: TextSpan(
-                text: '$_stateMsg  ',
-                style:
-                    DefaultTextStyle.of(context).style.copyWith(fontSize: 12),
-                children: <TextSpan>[
-                  TextSpan(
-                    text: _failedMsg,
-                    style: DefaultTextStyle.of(context).style.copyWith(
-                          fontSize: 14,
-                          color: Colors.red,
-                        ),
+            child: Column(
+              crossAxisAlignment: CrossAxisAlignment.center,
+              children: [
+                if (_stateMsg.isNotEmpty && _failedMsg.isEmpty)
+                  Padding(
+                    padding: const EdgeInsets.only(top: 8.0),
+                    child: SelectableText(
+                      translate(_stateMsg),
+                      style: DefaultTextStyle.of(context)
+                          .style
+                          .copyWith(fontSize: 12),
+                    ),
                   ),
-                ],
-              ),
+                if (_failedMsg.isNotEmpty)
+                  Padding(
+                    padding: const EdgeInsets.only(top: 8.0),
+                    child: Builder(builder: (context) {
+                      final errorColor =
+                          Theme.of(context).colorScheme.error;
+                      final bgColor = Theme.of(context)
+                          .colorScheme
+                          .errorContainer
+                          .withOpacity(0.3);
+                      return Container(
+                        padding: const EdgeInsets.symmetric(
+                            horizontal: 8.0, vertical: 6.0),
+                        decoration: BoxDecoration(
+                          color: bgColor,
+                          borderRadius: BorderRadius.circular(4.0),
+                        ),
+                        child: Row(
+                          mainAxisSize: MainAxisSize.min,
+                          children: [
+                            Icon(Icons.error_outline,
+                                color: errorColor, size: 16),
+                            const SizedBox(width: 6),
+                            Flexible(
+                              child: SelectableText(
+                                translate(_failedMsg),
+                                style: DefaultTextStyle.of(context)
+                                    .style
+                                    .copyWith(
+                                      fontSize: 13,
+                                      color: errorColor,
+                                    ),
+                              ),
+                            ),
+                          ],
+                        ),
+                      );
+                    }),
+                  ),
+              ],
             ),
           );
         }),

flutter/lib/common/widgets/my_group.dart

@@ -158,12 +158,18 @@ class _MyGroupState extends State<MyGroup> {
     return Obx(() {
       final userItems = gFFI.groupModel.users.where((p0) {
         if (searchAccessibleItemNameText.isNotEmpty) {
-          return p0.name
-              .toLowerCase()
-              .contains(searchAccessibleItemNameText.value.toLowerCase());
+          final search = searchAccessibleItemNameText.value.toLowerCase();
+          return p0.name.toLowerCase().contains(search) ||
+              p0.displayNameOrName.toLowerCase().contains(search);
         }
         return true;
       }).toList();
+      // Count occurrences of each displayNameOrName to detect duplicates
+      final displayNameCount = <String, int>{};
+      for (final u in userItems) {
+        final dn = u.displayNameOrName;
+        displayNameCount[dn] = (displayNameCount[dn] ?? 0) + 1;
+      }
       final deviceGroupItems = gFFI.groupModel.deviceGroups.where((p0) {
         if (searchAccessibleItemNameText.isNotEmpty) {
           return p0.name
@@ -177,7 +183,8 @@ class _MyGroupState extends State<MyGroup> {
           itemCount: deviceGroupItems.length + userItems.length,
           itemBuilder: (context, index) => index < deviceGroupItems.length
               ? _buildDeviceGroupItem(deviceGroupItems[index])
-              : _buildUserItem(userItems[index - deviceGroupItems.length]));
+              : _buildUserItem(userItems[index - deviceGroupItems.length],
+                  displayNameCount));
       var maxHeight = max(MediaQuery.of(context).size.height / 6, 100.0);
       return Obx(() => stateGlobal.isPortrait.isFalse
           ? listView(false)
@@ -185,8 +192,14 @@ class _MyGroupState extends State<MyGroup> {
     });
   }
 
-  Widget _buildUserItem(UserPayload user) {
+  Widget _buildUserItem(UserPayload user, Map<String, int> displayNameCount) {
     final username = user.name;
+    final dn = user.displayNameOrName;
+    final isDuplicate = (displayNameCount[dn] ?? 0) > 1;
+    final displayName =
+        isDuplicate && user.displayName.trim().isNotEmpty
+            ? '${user.displayName} (@$username)'
+            : dn;
     return InkWell(onTap: () {
       isSelectedDeviceGroup.value = false;
       if (selectedAccessibleItemName.value != username) {
@@ -222,14 +235,14 @@ class _MyGroupState extends State<MyGroup> {
                     alignment: Alignment.center,
                     child: Center(
                       child: Text(
-                        username.characters.first.toUpperCase(),
+                        displayName.characters.first.toUpperCase(),
                         style: TextStyle(color: Colors.white),
                         textAlign: TextAlign.center,
                       ),
                     ),
                   ),
                 ).marginOnly(right: 4),
-                if (isMe) Flexible(child: Text(username)),
+                if (isMe) Flexible(child: Text(displayName)),
                 if (isMe)
                   Flexible(
                     child: Container(
@@ -246,7 +259,7 @@ class _MyGroupState extends State<MyGroup> {
                       ),
                     ),
                   ),
-                if (!isMe) Expanded(child: Text(username)),
+                if (!isMe) Expanded(child: Text(displayName)),
               ],
             ).paddingSymmetric(vertical: 4),
           ),

flutter/lib/common/widgets/peers_view.dart

@@ -570,11 +570,14 @@ class MyGroupPeerView extends BasePeersView {
   static bool filter(Peer peer) {
     final model = gFFI.groupModel;
     if (model.searchAccessibleItemNameText.isNotEmpty) {
-      final text = model.searchAccessibleItemNameText.value;
-      final searchPeersOfUser = peer.loginName.contains(text) &&
-          model.users.any((user) => user.name == peer.loginName);
-      final searchPeersOfDeviceGroup = peer.device_group_name.contains(text) &&
-          model.deviceGroups.any((g) => g.name == peer.device_group_name);
+      final text = model.searchAccessibleItemNameText.value.toLowerCase();
+      final searchPeersOfUser = model.users.any((user) =>
+          user.name == peer.loginName &&
+          (user.name.toLowerCase().contains(text) ||
+              user.displayNameOrName.toLowerCase().contains(text)));
+      final searchPeersOfDeviceGroup =
+          peer.device_group_name.toLowerCase().contains(text) &&
+              model.deviceGroups.any((g) => g.name == peer.device_group_name);
       if (!searchPeersOfUser && !searchPeersOfDeviceGroup) {
         return false;
       }

flutter/lib/common/widgets/remote_input.dart

@@ -31,7 +31,7 @@ class RawKeyFocusScope extends StatelessWidget {
     // https://github.com/flutter/flutter/issues/154053
     final useRawKeyEvents = isLinux && !isWeb;
     // FIXME: On Windows, `AltGr` will generate `Alt` and `Control` key events,
-    // while `Alt` and `Control` are seperated key events for en-US input method.
+    // while `Alt` and `Control` are separated key events for en-US input method.
     return FocusScope(
         autofocus: true,
         child: Focus(
@@ -532,7 +532,9 @@ class _RawTouchGestureDetectorRegionState
       // Official
       TapGestureRecognizer:
           GestureRecognizerFactoryWithHandlers<TapGestureRecognizer>(
-              () => TapGestureRecognizer(), (instance) {
+              () => TapGestureRecognizer(
+                    supportedDevices: kTouchBasedDeviceKinds,
+                  ), (instance) {
         instance
           ..onTapDown = onTapDown
           ..onTapUp = onTapUp
@@ -540,14 +542,18 @@ class _RawTouchGestureDetectorRegionState
       }),
       DoubleTapGestureRecognizer:
           GestureRecognizerFactoryWithHandlers<DoubleTapGestureRecognizer>(
-              () => DoubleTapGestureRecognizer(), (instance) {
+              () => DoubleTapGestureRecognizer(
+                    supportedDevices: kTouchBasedDeviceKinds,
+                  ), (instance) {
         instance
           ..onDoubleTapDown = onDoubleTapDown
           ..onDoubleTap = onDoubleTap;
       }),
       LongPressGestureRecognizer:
           GestureRecognizerFactoryWithHandlers<LongPressGestureRecognizer>(
-              () => LongPressGestureRecognizer(), (instance) {
+              () => LongPressGestureRecognizer(
+                    supportedDevices: kTouchBasedDeviceKinds,
+                  ), (instance) {
         instance
           ..onLongPressDown = onLongPressDown
           ..onLongPressUp = onLongPressUp
@@ -557,7 +563,9 @@ class _RawTouchGestureDetectorRegionState
       // Customized
       HoldTapMoveGestureRecognizer:
           GestureRecognizerFactoryWithHandlers<HoldTapMoveGestureRecognizer>(
-              () => HoldTapMoveGestureRecognizer(),
+              () => HoldTapMoveGestureRecognizer(
+                    supportedDevices: kTouchBasedDeviceKinds,
+                  ),
               (instance) => instance
                 ..onHoldDragStart = onHoldDragStart
                 ..onHoldDragUpdate = onHoldDragUpdate
@@ -565,14 +573,18 @@ class _RawTouchGestureDetectorRegionState
                 ..onHoldDragEnd = onHoldDragEnd),
       DoubleFinerTapGestureRecognizer:
           GestureRecognizerFactoryWithHandlers<DoubleFinerTapGestureRecognizer>(
-              () => DoubleFinerTapGestureRecognizer(), (instance) {
+              () => DoubleFinerTapGestureRecognizer(
+                    supportedDevices: kTouchBasedDeviceKinds,
+                  ), (instance) {
         instance
           ..onDoubleFinerTap = onDoubleFinerTap
           ..onDoubleFinerTapDown = onDoubleFinerTapDown;
       }),
       CustomTouchGestureRecognizer:
           GestureRecognizerFactoryWithHandlers<CustomTouchGestureRecognizer>(
-              () => CustomTouchGestureRecognizer(), (instance) {
+              () => CustomTouchGestureRecognizer(
+                    supportedDevices: kTouchBasedDeviceKinds,
+                  ), (instance) {
         instance.onOneFingerPanStart =
             (DragStartDetails d) => onOneFingerPanStart(context, d);
         instance

flutter/lib/common/widgets/toolbar.dart

@@ -21,11 +21,13 @@ class TTextMenu {
   final VoidCallback? onPressed;
   Widget? trailingIcon;
   bool divider;
+  final String? actionId;
   TTextMenu(
       {required this.child,
       required this.onPressed,
       this.trailingIcon,
-      this.divider = false});
+      this.divider = false,
+      this.actionId});
 
   Widget getChild() {
     if (trailingIcon != null) {
@@ -229,7 +231,8 @@ List<TTextMenu> toolbarControls(BuildContext context, String id, FFI ffi) {
     v.add(
       TTextMenu(
           child: Text('${translate("Insert Ctrl + Alt + Del")}'),
-          onPressed: () => bind.sessionCtrlAltDel(sessionId: sessionId)),
+          onPressed: () => bind.sessionCtrlAltDel(sessionId: sessionId),
+          actionId: kShortcutActionSendCtrlAltDel),
     );
   }
   // restart
@@ -250,7 +253,8 @@ List<TTextMenu> toolbarControls(BuildContext context, String id, FFI ffi) {
     v.add(
       TTextMenu(
           child: Text(translate('Insert Lock')),
-          onPressed: () => bind.sessionLockScreen(sessionId: sessionId)),
+          onPressed: () => bind.sessionLockScreen(sessionId: sessionId),
+          actionId: kShortcutActionInsertLock),
     );
   }
   // blockUserInput
@@ -268,26 +272,28 @@ List<TTextMenu> toolbarControls(BuildContext context, String id, FFI ffi) {
               sessionId: sessionId,
               value: '${blockInput.value ? 'un' : ''}block-input');
           blockInput.value = !blockInput.value;
-        }));
+        },
+        actionId: kShortcutActionToggleBlockInput));
   }
   // switchSides
   if (isDefaultConn &&
       isDesktop &&
       ffiModel.keyboard &&
       pi.platform != kPeerPlatformAndroid &&
-      pi.platform != kPeerPlatformMacOS &&
       versionCmp(pi.version, '1.2.0') >= 0 &&
       bind.peerGetSessionsCount(id: id, connType: ffi.connType.index) == 1) {
     v.add(TTextMenu(
         child: Text(translate('Switch Sides')),
         onPressed: () =>
-            showConfirmSwitchSidesDialog(sessionId, id, ffi.dialogManager)));
+            showConfirmSwitchSidesDialog(sessionId, id, ffi.dialogManager),
+        actionId: kShortcutActionSwitchSides));
   }
   // refresh
   if (pi.version.isNotEmpty) {
     v.add(TTextMenu(
       child: Text(translate('Refresh')),
       onPressed: () => sessionRefreshVideo(sessionId, pi),
+      actionId: kShortcutActionRefresh,
     ));
   }
   // record
@@ -309,7 +315,8 @@ List<TTextMenu> toolbarControls(BuildContext context, String id, FFI ffi) {
             )
           ],
         ),
-        onPressed: () => ffi.recordingModel.toggle()));
+        onPressed: () => ffi.recordingModel.toggle(),
+        actionId: kShortcutActionToggleRecording));
   }
 
   // to-do:
@@ -343,6 +350,7 @@ List<TTextMenu> toolbarControls(BuildContext context, String id, FFI ffi) {
                   });
                 }
               },
+        actionId: kShortcutActionScreenshot,
       ));
     }
   }
@@ -353,6 +361,13 @@ List<TTextMenu> toolbarControls(BuildContext context, String id, FFI ffi) {
       onPressed: () => onCopyFingerprint(FingerprintState.find(id).value),
     ));
   }
+  // Register tagged callbacks with the shortcut model so global keyboard
+  // shortcuts can dispatch the same actions as the toolbar menu items.
+  for (final menu in v) {
+    if (menu.actionId != null && menu.onPressed != null) {
+      ffi.shortcutModel.register(menu.actionId!, menu.onPressed!);
+    }
+  }
   return v;
 }
 

flutter/lib/consts.dart

@@ -175,6 +175,7 @@ const String kOptionEnableFlutterHttpOnRust = "enable-flutter-http-on-rust";
 const String kOptionHideServerSetting = "hide-server-settings";
 const String kOptionHideProxySetting = "hide-proxy-settings";
 const String kOptionHideWebSocketSetting = "hide-websocket-settings";
+const String kOptionHideStopService = "hide-stop-service";
 const String kOptionHideRemotePrinterSetting = "hide-remote-printer-settings";
 const String kOptionHideSecuritySetting = "hide-security-settings";
 const String kOptionHideNetworkSetting = "hide-network-settings";
@@ -186,6 +187,9 @@ const String kOptionDisableChangeId = "disable-change-id";
 const String kOptionDisableUnlockPin = "disable-unlock-pin";
 const kHideUsernameOnCard = "hide-username-on-card";
 const String kOptionHideHelpCards = "hide-help-cards";
+const String kOptionAllowDeepLinkPassword = "allow-deep-link-password";
+const String kOptionAllowDeepLinkServerSettings =
+    "allow-deep-link-server-settings";
 
 const String kOptionToggleViewOnly = "view-only";
 const String kOptionToggleShowMyCursor = "show-my-cursor";
@@ -682,3 +686,24 @@ extension WindowsTargetExt on int {
 }
 
 const kCheckSoftwareUpdateFinish = 'check_software_update_finish';
+
+// Keyboard shortcut Action IDs - must match src/keyboard/shortcuts.rs::action_id.
+const kShortcutActionSendCtrlAltDel = 'send_ctrl_alt_del';
+const kShortcutActionToggleFullscreen = 'toggle_fullscreen';
+const kShortcutActionSwitchDisplayNext = 'switch_display_next';
+const kShortcutActionSwitchDisplayPrev = 'switch_display_prev';
+const kShortcutActionScreenshot = 'screenshot';
+const kShortcutActionInsertLock = 'insert_lock';
+const kShortcutActionRefresh = 'refresh';
+const kShortcutActionToggleAudio = 'toggle_audio';
+const kShortcutActionToggleBlockInput = 'toggle_block_input';
+const kShortcutActionToggleRecording = 'toggle_recording';
+const kShortcutActionTogglePrivacyMode = 'toggle_privacy_mode';
+const kShortcutActionViewMode1to1 = 'view_mode_1_to_1';
+const kShortcutActionViewModeShrink = 'view_mode_shrink';
+const kShortcutActionViewModeStretch = 'view_mode_stretch';
+const kShortcutActionSwitchSides = 'switch_sides';
+String kShortcutActionSwitchTab(int n) => 'switch_tab_$n';
+
+const kShortcutLocalConfigKey = 'keyboard-shortcuts';
+const kShortcutEventName = 'shortcut_triggered';

flutter/lib/desktop/pages/desktop_home_page.dart

@@ -908,12 +908,17 @@ class _DesktopHomePageState extends State<DesktopHomePage>
 }
 
 void setPasswordDialog({VoidCallback? notEmptyCallback}) async {
-  final pw = await bind.mainGetPermanentPassword();
-  final p0 = TextEditingController(text: pw);
-  final p1 = TextEditingController(text: pw);
+  final p0 = TextEditingController(text: "");
+  final p1 = TextEditingController(text: "");
   var errMsg0 = "";
   var errMsg1 = "";
-  final RxString rxPass = pw.trim().obs;
+  final localPasswordSet =
+      (await bind.mainGetCommon(key: "local-permanent-password-set")) == "true";
+  final permanentPasswordSet =
+      (await bind.mainGetCommon(key: "permanent-password-set")) == "true";
+  final presetPassword = permanentPasswordSet && !localPasswordSet;
+  var canSubmit = false;
+  final RxString rxPass = "".obs;
   final rules = [
     DigitValidationRule(),
     UppercaseValidationRule(),
@@ -922,9 +927,21 @@ void setPasswordDialog({VoidCallback? notEmptyCallback}) async {
     MinCharactersValidationRule(8),
   ];
   final maxLength = bind.mainMaxEncryptLen();
+  final statusTip = localPasswordSet
+      ? translate('password-hidden-tip')
+      : (presetPassword ? translate('preset-password-in-use-tip') : '');
+  final showStatusTipOnMobile =
+      statusTip.isNotEmpty && !isDesktop && !isWebDesktop;
 
   gFFI.dialogManager.show((setState, close, context) {
-    submit() {
+    updateCanSubmit() {
+      canSubmit = p0.text.trim().isNotEmpty || p1.text.trim().isNotEmpty;
+    }
+
+    submit() async {
+      if (!canSubmit) {
+        return;
+      }
       setState(() {
         errMsg0 = "";
         errMsg1 = "";
@@ -947,7 +964,13 @@ void setPasswordDialog({VoidCallback? notEmptyCallback}) async {
         });
         return;
       }
-      bind.mainSetPermanentPassword(password: pass);
+      final ok = await bind.mainSetPermanentPasswordWithResult(password: pass);
+      if (!ok) {
+        setState(() {
+          errMsg0 = '${translate('Prompt')}: ${translate("Failed")}';
+        });
+        return;
+      }
       if (pass.isNotEmpty) {
         notEmptyCallback?.call();
       }
@@ -955,14 +978,20 @@ void setPasswordDialog({VoidCallback? notEmptyCallback}) async {
     }
 
     return CustomAlertDialog(
-      title: Text(translate("Set Password")),
+      title: Row(
+        mainAxisAlignment: MainAxisAlignment.center,
+        children: [
+          Icon(Icons.key, color: MyTheme.accent),
+          Text(translate("Set Password")).paddingOnly(left: 10),
+        ],
+      ),
       content: ConstrainedBox(
         constraints: const BoxConstraints(minWidth: 500),
         child: Column(
           crossAxisAlignment: CrossAxisAlignment.start,
           children: [
-            const SizedBox(
-              height: 8.0,
+            SizedBox(
+              height: showStatusTipOnMobile ? 0.0 : 6.0,
             ),
             Row(
               children: [
@@ -978,6 +1007,7 @@ void setPasswordDialog({VoidCallback? notEmptyCallback}) async {
                       rxPass.value = value.trim();
                       setState(() {
                         errMsg0 = '';
+                        updateCanSubmit();
                       });
                     },
                     maxLength: maxLength,
@@ -989,9 +1019,9 @@ void setPasswordDialog({VoidCallback? notEmptyCallback}) async {
               children: [
                 Expanded(child: PasswordStrengthIndicator(password: rxPass)),
               ],
-            ).marginSymmetric(vertical: 8),
-            const SizedBox(
-              height: 8.0,
+            ).marginOnly(top: 2, bottom: showStatusTipOnMobile ? 2 : 8),
+            SizedBox(
+              height: showStatusTipOnMobile ? 0.0 : 8.0,
             ),
             Row(
               children: [
@@ -1005,6 +1035,7 @@ void setPasswordDialog({VoidCallback? notEmptyCallback}) async {
                     onChanged: (value) {
                       setState(() {
                         errMsg1 = '';
+                        updateCanSubmit();
                       });
                     },
                     maxLength: maxLength,
@@ -1012,11 +1043,23 @@ void setPasswordDialog({VoidCallback? notEmptyCallback}) async {
                 ),
               ],
             ),
-            const SizedBox(
-              height: 8.0,
+            if (statusTip.isNotEmpty)
+              Row(
+                children: [
+                  Icon(Icons.info, color: Colors.amber, size: 18)
+                      .marginOnly(right: 6),
+                  Expanded(
+                      child: Text(
+                    statusTip,
+                    style: const TextStyle(fontSize: 13, height: 1.1),
+                  ))
+                ],
+              ).marginOnly(top: 6, bottom: 2),
+            SizedBox(
+              height: showStatusTipOnMobile ? 0.0 : 8.0,
             ),
             Obx(() => Wrap(
-                  runSpacing: 8,
+                  runSpacing: showStatusTipOnMobile ? 2.0 : 8.0,
                   spacing: 4,
                   children: rules.map((e) {
                     var checked = e.validate(rxPass.value.trim());
@@ -1036,11 +1079,67 @@ void setPasswordDialog({VoidCallback? notEmptyCallback}) async {
           ],
         ),
       ),
-      actions: [
-        dialogButton("Cancel", onPressed: close, isOutline: true),
-        dialogButton("OK", onPressed: submit),
-      ],
-      onSubmit: submit,
+      actions: (() {
+        final cancelButton = dialogButton(
+          "Cancel",
+          icon: Icon(Icons.close_rounded),
+          onPressed: close,
+          isOutline: true,
+        );
+        final removeButton = dialogButton(
+          "Remove",
+          icon: Icon(Icons.delete_outline_rounded),
+          onPressed: () async {
+            setState(() {
+              errMsg0 = "";
+              errMsg1 = "";
+            });
+            final ok =
+                await bind.mainSetPermanentPasswordWithResult(password: "");
+            if (!ok) {
+              setState(() {
+                errMsg0 = '${translate('Prompt')}: ${translate("Failed")}';
+              });
+              return;
+            }
+            close();
+          },
+          buttonStyle: ButtonStyle(
+              backgroundColor: MaterialStatePropertyAll(Colors.red)),
+        );
+        final okButton = dialogButton(
+          "OK",
+          icon: Icon(Icons.done_rounded),
+          onPressed: canSubmit ? submit : null,
+        );
+        if (!isDesktop && !isWebDesktop && localPasswordSet) {
+          return [
+            Align(
+              alignment: Alignment.centerRight,
+              child: FittedBox(
+                fit: BoxFit.scaleDown,
+                alignment: Alignment.centerRight,
+                child: Row(
+                  mainAxisSize: MainAxisSize.min,
+                  children: [
+                    cancelButton,
+                    const SizedBox(width: 4),
+                    removeButton,
+                    const SizedBox(width: 4),
+                    okButton,
+                  ],
+                ),
+              ),
+            ),
+          ];
+        }
+        return [
+          cancelButton,
+          if (localPasswordSet) removeButton,
+          okButton,
+        ];
+      })(),
+      onSubmit: canSubmit ? submit : null,
       onCancel: close,
     );
   });

flutter/lib/desktop/pages/desktop_keyboard_shortcuts_page.dart

@@ -0,0 +1,58 @@
+// flutter/lib/desktop/pages/desktop_keyboard_shortcuts_page.dart
+//
+// Desktop shell for the Keyboard Shortcuts configuration page. Users land
+// here from the General settings tab. The page exposes:
+//   * A top-level enable/disable toggle (mirrors the General-tab toggle —
+//     same JSON key, same semantics).
+//   * A grouped, scrollable list of actions, each with a current binding and
+//     edit / clear icons.
+//   * An AppBar "Reset to defaults" action with a confirmation dialog.
+//
+// All edits write back to LocalConfig under [kShortcutLocalConfigKey] in the
+// canonical {enabled, bindings:[{action,mods,key}]} shape that the Rust and
+// Web matchers consume.
+//
+// The body — group definitions, JSON I/O, conflict-replace flow,
+// recording-dialog round-trip — lives in
+// `common/widgets/keyboard_shortcuts/page_body.dart` and is shared with the
+// mobile shell at `mobile/pages/mobile_keyboard_shortcuts_page.dart`.
+
+import 'package:flutter/material.dart';
+import 'package:get/get.dart';
+
+import '../../common.dart';
+import '../../common/widgets/keyboard_shortcuts/page_body.dart';
+
+class DesktopKeyboardShortcutsPage extends StatefulWidget {
+  const DesktopKeyboardShortcutsPage({Key? key}) : super(key: key);
+
+  @override
+  State<DesktopKeyboardShortcutsPage> createState() =>
+      _DesktopKeyboardShortcutsPageState();
+}
+
+class _DesktopKeyboardShortcutsPageState
+    extends State<DesktopKeyboardShortcutsPage> {
+  final GlobalKey<KeyboardShortcutsPageBodyState> _bodyKey = GlobalKey();
+
+  @override
+  Widget build(BuildContext context) {
+    return Scaffold(
+      appBar: AppBar(
+        title: Text(translate('Keyboard Shortcuts')),
+        actions: [
+          TextButton.icon(
+            onPressed: () =>
+                _bodyKey.currentState?.resetToDefaultsWithConfirm(),
+            icon: const Icon(Icons.restore),
+            label: Text(translate('Reset to defaults')),
+          ).marginOnly(right: 12),
+        ],
+      ),
+      body: KeyboardShortcutsPageBody(
+        key: _bodyKey,
+        compact: true,
+      ),
+    );
+  }
+}

flutter/lib/desktop/pages/desktop_setting_page.dart

@@ -10,12 +10,14 @@ import 'package:flutter_hbb/common/widgets/audio_input.dart';
 import 'package:flutter_hbb/common/widgets/setting_widgets.dart';
 import 'package:flutter_hbb/consts.dart';
 import 'package:flutter_hbb/desktop/pages/desktop_home_page.dart';
+import 'package:flutter_hbb/desktop/pages/desktop_keyboard_shortcuts_page.dart';
 import 'package:flutter_hbb/desktop/pages/desktop_tab_page.dart';
 import 'package:flutter_hbb/desktop/widgets/remote_toolbar.dart';
 import 'package:flutter_hbb/mobile/widgets/dialog.dart';
 import 'package:flutter_hbb/models/platform_model.dart';
 import 'package:flutter_hbb/models/printer_model.dart';
 import 'package:flutter_hbb/models/server_model.dart';
+import 'package:flutter_hbb/models/shortcut_model.dart';
 import 'package:flutter_hbb/models/state_model.dart';
 import 'package:flutter_hbb/plugin/manager.dart';
 import 'package:flutter_hbb/plugin/widgets/desktop_settings.dart';
@@ -421,11 +423,57 @@ class _GeneralState extends State<_General> {
         if (!isWeb) audio(context),
         if (!isWeb) record(context),
         if (!isWeb) WaylandCard(),
-        other()
+        other(),
+        if (!bind.isIncomingOnly()) keyboardShortcuts(),
       ],
     ).marginOnly(bottom: _kListViewBottomMargin);
   }
 
+  Widget keyboardShortcuts() {
+    // The bindings JSON (LocalConfig key `keyboard-shortcuts`) is the single
+    // source of truth — it embeds an `enabled` boolean alongside the bindings
+    // list. We mutate the JSON in place via _OptionCheckBox's optGetter /
+    // optSetter hooks rather than introducing a parallel boolean key, so the
+    // Rust matcher and the Web matcher both read the same flag without drift.
+    return _Card(title: 'Keyboard Shortcuts', children: [
+      _OptionCheckBox(
+        context,
+        'Enable keyboard shortcuts in remote session',
+        kShortcutLocalConfigKey,
+        isServer: false,
+        optGetter: ShortcutModel.isEnabled,
+        optSetter: (k, v) async {
+          final raw = bind.mainGetLocalOption(key: k);
+          Map<String, dynamic> parsed = {};
+          if (raw.isNotEmpty) {
+            try {
+              parsed = jsonDecode(raw) as Map<String, dynamic>;
+            } catch (_) {
+              parsed = {};
+            }
+          }
+          parsed['enabled'] = v;
+          parsed['bindings'] ??= <dynamic>[];
+          // Seed defaults the first time the user enables shortcuts so the
+          // common combos (Ctrl+Alt+Shift+Enter for fullscreen, etc.) work
+          // out of the box. Mirrors the same logic on the dedicated config
+          // page.
+          final list = (parsed['bindings'] as List?) ?? const [];
+          if (v && list.isEmpty) {
+            parsed['bindings'] =
+                jsonDecode(bind.mainGetDefaultKeyboardShortcuts());
+          }
+          await bind.mainSetLocalOption(key: k, value: jsonEncode(parsed));
+          // Refresh the matcher cache so the new flag / bindings take effect
+          // immediately. On native this hits the Rust matcher; on Web the
+          // bridge forwards to the JS-side matcher in flutter/web/js/.
+          bind.mainReloadKeyboardShortcuts();
+        },
+      ),
+      _ShortcutsConfigureRow(),
+    ]);
+  }
+
   Widget theme() {
     final current = MyTheme.getThemeModePreference().toShortString();
     onChanged(String value) async {
@@ -458,23 +506,31 @@ class _GeneralState extends State<_General> {
       return const Offstage();
     }
 
-    return _Card(title: 'Service', children: [
-      Obx(() => _Button(serviceStop.value ? 'Start' : 'Stop', () {
-            () async {
-              serviceBtnEnabled.value = false;
-              await start_service(serviceStop.value);
-              // enable the button after 1 second
-              Future.delayed(const Duration(seconds: 1), () {
-                serviceBtnEnabled.value = true;
-              });
-            }();
-          }, enabled: serviceBtnEnabled.value))
-    ]);
+    final hideStopService =
+        bind.mainGetBuildinOption(key: kOptionHideStopService) == 'Y';
+
+    return Obx(() {
+      if (hideStopService && !serviceStop.value) {
+        return const Offstage();
+      }
+
+      return _Card(title: 'Service', children: [
+        _Button(serviceStop.value ? 'Start' : 'Stop', () {
+          () async {
+            serviceBtnEnabled.value = false;
+            await start_service(serviceStop.value);
+            // enable the button after 1 second
+            Future.delayed(const Duration(seconds: 1), () {
+              serviceBtnEnabled.value = true;
+            });
+          }();
+        }, enabled: serviceBtnEnabled.value)
+      ]);
+    });
   }
 
   Widget other() {
-    final showAutoUpdate =
-        isWindows && bind.mainIsInstalled() && !bind.isCustomClient();
+    final showAutoUpdate = isWindows && bind.mainIsInstalled();
     final children = <Widget>[
       if (!isWeb && !bind.isIncomingOnly())
         _OptionCheckBox(context, 'Confirm before closing multiple tabs',
@@ -1101,8 +1157,9 @@ class _SafetyState extends State<_Safety> with AutomaticKeepAliveClientMixin {
                             if (value ==
                                     passwordValues[passwordKeys
                                         .indexOf(kUsePermanentPassword)] &&
-                                (await bind.mainGetPermanentPassword())
-                                    .isEmpty) {
+                                (await bind.mainGetCommon(
+                                        key: "permanent-password-set")) !=
+                                    "true") {
                               if (isChangePermanentPasswordDisabled()) {
                                 await callback();
                                 return;
@@ -2016,7 +2073,9 @@ class _AccountState extends State<_Account> {
 
   Widget accountAction() {
     return Obx(() => _Button(
-        gFFI.userModel.userName.value.isEmpty ? 'Login' : 'Logout',
+        gFFI.userModel.userName.value.isEmpty
+            ? 'Login'
+            : '${translate('Logout')} (${gFFI.userModel.accountLabelWithHandle})',
         () => {
               gFFI.userModel.userName.value.isEmpty
                   ? loginDialog()
@@ -2025,24 +2084,65 @@ class _AccountState extends State<_Account> {
   }
 
   Widget useInfo() {
-    text(String key, String value) {
-      return Align(
-        alignment: Alignment.centerLeft,
-        child: SelectionArea(child: Text('${translate(key)}: $value'))
-            .marginSymmetric(vertical: 4),
-      );
-    }
-
     return Obx(() => Offstage(
           offstage: gFFI.userModel.userName.value.isEmpty,
-          child: Column(
-            children: [
-              text('Username', gFFI.userModel.userName.value),
-              // text('Group', gFFI.groupModel.groupName.value),
-            ],
+          child: Container(
+            padding: const EdgeInsets.all(12),
+            decoration: BoxDecoration(
+              color: Theme.of(context).colorScheme.surfaceContainerHighest,
+              borderRadius: BorderRadius.circular(10),
+            ),
+            child: Builder(builder: (context) {
+              final avatarWidget = _buildUserAvatar();
+              return Row(
+                children: [
+                  if (avatarWidget != null) avatarWidget,
+                  const SizedBox(width: 12),
+                  Expanded(
+                    child: Column(
+                      crossAxisAlignment: CrossAxisAlignment.start,
+                      children: [
+                        Text(
+                          gFFI.userModel.displayNameOrUserName,
+                          maxLines: 1,
+                          overflow: TextOverflow.ellipsis,
+                          style: const TextStyle(
+                            fontSize: 16,
+                            fontWeight: FontWeight.w600,
+                          ),
+                        ),
+                        const SizedBox(height: 2),
+                        SelectionArea(
+                          child: Text(
+                            '@${gFFI.userModel.userName.value}',
+                            maxLines: 1,
+                            overflow: TextOverflow.ellipsis,
+                            style: TextStyle(
+                              fontSize: 13,
+                              color:
+                                  Theme.of(context).textTheme.bodySmall?.color,
+                            ),
+                          ),
+                        ),
+                      ],
+                    ),
+                  ),
+                ],
+              );
+            }),
           ),
         )).marginOnly(left: 18, top: 16);
   }
+
+  Widget? _buildUserAvatar() {
+    // Resolve relative avatar path at display time
+    final avatar =
+        bind.mainResolveAvatarUrl(avatar: gFFI.userModel.avatar.value);
+    return buildAvatarWidget(
+      avatar: avatar,
+      size: 44,
+    );
+  }
 }
 
 class _Checkbox extends StatefulWidget {
@@ -2130,7 +2230,9 @@ class _PluginState extends State<_Plugin> {
 
   Widget accountAction() {
     return Obx(() => _Button(
-        gFFI.userModel.userName.value.isEmpty ? 'Login' : 'Logout',
+        gFFI.userModel.userName.value.isEmpty
+            ? 'Login'
+            : '${translate('Logout')} (${gFFI.userModel.accountLabelWithHandle})',
         () => {
               gFFI.userModel.userName.value.isEmpty
                   ? loginDialog()
@@ -2538,6 +2640,49 @@ class WaylandCard extends StatefulWidget {
 
 class _WaylandCardState extends State<WaylandCard> {
   final restoreTokenKey = 'wayland-restore-token';
+  static const _kClearShortcutsInhibitorEventKey =
+      'clear-gnome-shortcuts-inhibitor-permission-res';
+  final _clearShortcutsInhibitorFailedMsg = ''.obs;
+  // Don't show the shortcuts permission reset button for now.
+  // Users can change it manually:
+  //   "Settings" -> "Apps" -> "RustDesk" -> "Permissions" -> "Inhibit Shortcuts".
+  // For resetting(clearing) the permission from the portal permission store, you can
+  // use (replace <desktop-id> with the RustDesk desktop file ID):
+  //   busctl --user call org.freedesktop.impl.portal.PermissionStore \
+  //   /org/freedesktop/impl/portal/PermissionStore org.freedesktop.impl.portal.PermissionStore \
+  //   DeletePermission sss "gnome" "shortcuts-inhibitor" "<desktop-id>"
+  // On a native install this is typically "rustdesk.desktop"; on Flatpak it is usually
+  // the exported desktop ID derived from the Flatpak app-id (e.g. "com.rustdesk.RustDesk.desktop").
+  //
+  // We may add it back in the future if needed.
+  final showResetInhibitorPermission = false;
+
+  @override
+  void initState() {
+    super.initState();
+    if (showResetInhibitorPermission) {
+      platformFFI.registerEventHandler(
+          _kClearShortcutsInhibitorEventKey, _kClearShortcutsInhibitorEventKey,
+          (evt) async {
+        if (!mounted) return;
+        if (evt['success'] == true) {
+          setState(() {});
+        } else {
+          _clearShortcutsInhibitorFailedMsg.value =
+              evt['msg'] as String? ?? 'Unknown error';
+        }
+      });
+    }
+  }
+
+  @override
+  void dispose() {
+    if (showResetInhibitorPermission) {
+      platformFFI.unregisterEventHandler(
+          _kClearShortcutsInhibitorEventKey, _kClearShortcutsInhibitorEventKey);
+    }
+    super.dispose();
+  }
 
   @override
   Widget build(BuildContext context) {
@@ -2545,9 +2690,16 @@ class _WaylandCardState extends State<WaylandCard> {
       future: bind.mainHandleWaylandScreencastRestoreToken(
           key: restoreTokenKey, value: "get"),
       hasData: (restoreToken) {
+        final hasShortcutsPermission = showResetInhibitorPermission &&
+            bind.mainGetCommonSync(
+                    key: "has-gnome-shortcuts-inhibitor-permission") ==
+                "true";
+
         final children = [
           if (restoreToken.isNotEmpty)
             _buildClearScreenSelection(context, restoreToken),
+          if (hasShortcutsPermission)
+            _buildClearShortcutsInhibitorPermission(context),
         ];
         return Offstage(
           offstage: children.isEmpty,
@@ -2592,6 +2744,50 @@ class _WaylandCardState extends State<WaylandCard> {
       ),
     );
   }
+
+  Widget _buildClearShortcutsInhibitorPermission(BuildContext context) {
+    onConfirm() {
+      _clearShortcutsInhibitorFailedMsg.value = '';
+      bind.mainSetCommon(
+          key: "clear-gnome-shortcuts-inhibitor-permission", value: "");
+      gFFI.dialogManager.dismissAll();
+    }
+
+    showConfirmMsgBox() => msgBoxCommon(
+            gFFI.dialogManager,
+            'Confirmation',
+            Text(
+              translate('confirm-clear-shortcuts-inhibitor-permission-tip'),
+            ),
+            [
+              dialogButton('OK', onPressed: onConfirm),
+              dialogButton('Cancel',
+                  onPressed: () => gFFI.dialogManager.dismissAll())
+            ]);
+
+    return Column(children: [
+      Obx(
+        () => _clearShortcutsInhibitorFailedMsg.value.isEmpty
+            ? Offstage()
+            : Align(
+                alignment: Alignment.topLeft,
+                child: Text(_clearShortcutsInhibitorFailedMsg.value,
+                        style: DefaultTextStyle.of(context)
+                            .style
+                            .copyWith(color: Colors.red))
+                    .marginOnly(bottom: 10.0)),
+      ),
+      _Button(
+        'Reset keyboard shortcuts permission',
+        showConfirmMsgBox,
+        tip: 'clear-shortcuts-inhibitor-permission-tip',
+        style: ButtonStyle(
+          backgroundColor: MaterialStateProperty.all<Color>(
+              Theme.of(context).colorScheme.error.withOpacity(0.75)),
+        ),
+      ),
+    ]);
+  }
 }
 
 // ignore: non_constant_identifier_names
@@ -2798,6 +2994,37 @@ class _CountDownButtonState extends State<_CountDownButton> {
   }
 }
 
+// Tappable row that pushes the shortcut configuration page.
+class _ShortcutsConfigureRow extends StatelessWidget {
+  // ignore: unused_element
+  const _ShortcutsConfigureRow({Key? key}) : super(key: key);
+
+  @override
+  Widget build(BuildContext context) {
+    return InkWell(
+      onTap: () {
+        Navigator.of(context).push(MaterialPageRoute(
+          builder: (_) => const DesktopKeyboardShortcutsPage(),
+        ));
+      },
+      child: Row(
+        children: [
+          Expanded(
+            child: Text(translate('Configure shortcuts...')),
+          ),
+          Icon(Icons.arrow_forward_ios,
+                  size: 16, color: disabledTextColor(context, true))
+              .marginOnly(right: 4),
+        ],
+      ).marginOnly(
+        left: _kCheckBoxLeftMargin,
+        top: 6,
+        bottom: 6,
+      ),
+    );
+  }
+}
+
 //#endregion
 
 //#region dialogs

flutter/lib/desktop/pages/remote_page.dart

@@ -17,6 +17,7 @@ import '../../common/widgets/toolbar.dart';
 import '../../models/model.dart';
 import '../../models/input_model.dart';
 import '../../models/platform_model.dart';
+import '../../models/shortcut_model.dart';
 import '../../common/shared_state.dart';
 import '../../utils/image.dart';
 import '../widgets/remote_toolbar.dart';
@@ -126,6 +127,19 @@ class _RemotePageState extends State<RemotePage>
           _ffi.ffiModel.pi.platform, _ffi.dialogManager);
       _ffi.recordingModel
           .updateStatus(bind.sessionGetIsRecording(sessionId: _ffi.sessionId));
+      // Seed shortcut action callbacks once the session is ready, so that
+      // global keyboard shortcuts work even if the user never opens the
+      // toolbar menu. The returned list is intentionally discarded — the
+      // side effect of registering callbacks (inside toolbarControls) is
+      // what we want here.
+      if (mounted) {
+        toolbarControls(context, widget.id, _ffi);
+        // Register the default-bound actions that `toolbarControls` doesn't
+        // own (fullscreen, switch display, switch tab). Done in addition,
+        // not instead of, the toolbar registration above.
+        registerSessionShortcutActions(_ffi,
+            tabController: widget.tabController);
+      }
     });
     _ffi.canvasModel.initializeEdgeScrollFallback(this);
     _ffi.start(

flutter/lib/desktop/pages/server_page.dart

@@ -462,23 +462,7 @@ class _CmHeaderState extends State<_CmHeader>
       child: Row(
         crossAxisAlignment: CrossAxisAlignment.start,
         children: [
-          Container(
-            width: 70,
-            height: 70,
-            alignment: Alignment.center,
-            decoration: BoxDecoration(
-              color: str2color(client.name),
-              borderRadius: BorderRadius.circular(15.0),
-            ),
-            child: Text(
-              client.name[0],
-              style: TextStyle(
-                fontWeight: FontWeight.bold,
-                color: Colors.white,
-                fontSize: 55,
-              ),
-            ),
-          ).marginOnly(right: 10.0),
+          _buildClientAvatar().marginOnly(right: 10.0),
           Expanded(
             child: Column(
               mainAxisAlignment: MainAxisAlignment.start,
@@ -582,6 +566,36 @@ class _CmHeaderState extends State<_CmHeader>
 
   @override
   bool get wantKeepAlive => true;
+
+  Widget _buildClientAvatar() {
+    return buildAvatarWidget(
+          avatar: client.avatar,
+          size: 70,
+          borderRadius: 15,
+          fallback: _buildInitialAvatar(),
+        ) ??
+        _buildInitialAvatar();
+  }
+
+  Widget _buildInitialAvatar() {
+    return Container(
+      width: 70,
+      height: 70,
+      alignment: Alignment.center,
+      decoration: BoxDecoration(
+        color: str2color(client.name),
+        borderRadius: BorderRadius.circular(15.0),
+      ),
+      child: Text(
+        client.name.isNotEmpty ? client.name[0] : '?',
+        style: TextStyle(
+          fontWeight: FontWeight.bold,
+          color: Colors.white,
+          fontSize: 55,
+        ),
+      ),
+    );
+  }
 }
 
 class _PrivilegeBoard extends StatefulWidget {

flutter/lib/desktop/pages/terminal_page.dart

@@ -1,3 +1,4 @@
+import 'dart:async';
 import 'package:flutter/material.dart';
 import 'package:flutter/services.dart';
 import 'package:flutter_hbb/common.dart';
@@ -15,6 +16,7 @@ class TerminalPage extends StatefulWidget {
     required this.tabController,
     required this.isSharedPassword,
     required this.terminalId,
+    required this.tabKey,
     this.forceRelay,
     this.connToken,
   }) : super(key: key);
@@ -25,6 +27,8 @@ class TerminalPage extends StatefulWidget {
   final bool? isSharedPassword;
   final String? connToken;
   final int terminalId;
+  /// Tab key for focus management, passed from parent to avoid duplicate construction
+  final String tabKey;
   final SimpleWrapper<State<TerminalPage>?> _lastState = SimpleWrapper(null);
 
   FFI get ffi => (_lastState.value! as _TerminalPageState)._ffi;
@@ -42,11 +46,16 @@ class _TerminalPageState extends State<TerminalPage>
   late FFI _ffi;
   late TerminalModel _terminalModel;
   double? _cellHeight;
+  final FocusNode _terminalFocusNode = FocusNode(canRequestFocus: false);
+  StreamSubscription<DesktopTabState>? _tabStateSubscription;
 
   @override
   void initState() {
     super.initState();
 
+    // Listen for tab selection changes to request focus
+    _tabStateSubscription = widget.tabController.state.listen(_onTabStateChanged);
+
     // Use shared FFI instance from connection manager
     _ffi = TerminalConnectionManager.getConnection(
       peerId: widget.id,
@@ -64,6 +73,13 @@ class _TerminalPageState extends State<TerminalPage>
     _terminalModel.onResizeExternal = (w, h, pw, ph) {
       _cellHeight = ph * 1.0;
 
+      // Enable focus once terminal has valid dimensions (first valid resize)
+      if (!_terminalFocusNode.canRequestFocus && w > 0 && h > 0) {
+        _terminalFocusNode.canRequestFocus = true;
+        // Auto-focus if this tab is currently selected
+        _requestFocusIfSelected();
+      }
+
       // Schedule the setState for the next frame
       WidgetsBinding.instance.addPostFrameCallback((_) {
         if (mounted) {
@@ -99,14 +115,42 @@ class _TerminalPageState extends State<TerminalPage>
 
   @override
   void dispose() {
+    // Cancel tab state subscription to prevent memory leak
+    _tabStateSubscription?.cancel();
     // Unregister terminal model from FFI
     _ffi.unregisterTerminalModel(widget.terminalId);
     _terminalModel.dispose();
+    _terminalFocusNode.dispose();
     // Release connection reference instead of closing directly
     TerminalConnectionManager.releaseConnection(widget.id);
     super.dispose();
   }
 
+  void _onTabStateChanged(DesktopTabState state) {
+    // Check if this tab is now selected and request focus
+    if (state.selected >= 0 && state.selected < state.tabs.length) {
+      final selectedTab = state.tabs[state.selected];
+      if (selectedTab.key == widget.tabKey && mounted) {
+        _requestFocusIfSelected();
+      }
+    }
+  }
+
+  void _requestFocusIfSelected() {
+    if (!mounted || !_terminalFocusNode.canRequestFocus) return;
+    // Use post-frame callback to ensure widget is fully laid out in focus tree
+    WidgetsBinding.instance.addPostFrameCallback((_) {
+      // Re-check conditions after frame: mounted, focusable, still selected, not already focused
+      if (!mounted || !_terminalFocusNode.canRequestFocus || _terminalFocusNode.hasFocus) return;
+      final state = widget.tabController.state.value;
+      if (state.selected >= 0 && state.selected < state.tabs.length) {
+        if (state.tabs[state.selected].key == widget.tabKey) {
+          _terminalFocusNode.requestFocus();
+        }
+      }
+    });
+  }
+
   // This method ensures that the number of visible rows is an integer by computing the
   // extra space left after dividing the available height by the height of a single
   // terminal row (`_cellHeight`) and distributing it evenly as top and bottom padding.
@@ -131,7 +175,9 @@ class _TerminalPageState extends State<TerminalPage>
           return TerminalView(
             _terminalModel.terminal,
             controller: _terminalModel.terminalController,
-            autofocus: true,
+            focusNode: _terminalFocusNode,
+            // Note: autofocus is not used here because focus is managed manually
+            // via _onTabStateChanged() to handle tab switching properly.
             backgroundOpacity: 0.7,
             padding: _calculatePadding(heightPx),
             onSecondaryTapDown: (details, offset) async {

flutter/lib/desktop/pages/terminal_tab_page.dart

@@ -34,6 +34,10 @@ class _TerminalTabPageState extends State<TerminalTabPage> {
   static const IconData selectedIcon = Icons.terminal;
   static const IconData unselectedIcon = Icons.terminal_outlined;
   int _nextTerminalId = 1;
+  // Lightweight idempotency guard for async close operations
+  final Set<String> _closingTabs = {};
+  // When true, all session cleanup should persist (window-level close in progress)
+  bool _windowClosing = false;
 
   _TerminalTabPageState(Map<String, dynamic> params) {
     Get.put(DesktopTabController(tabType: DesktopTabType.terminal));
@@ -70,28 +74,12 @@ class _TerminalTabPageState extends State<TerminalTabPage> {
       label: tabLabel,
       selectedIcon: selectedIcon,
       unselectedIcon: unselectedIcon,
-      onTabCloseButton: () async {
-        if (await desktopTryShowTabAuditDialogCloseCancelled(
-          id: tabKey,
-          tabController: tabController,
-        )) {
-          return;
-        }
-        // Close the terminal session first
-        final ffi = TerminalConnectionManager.getExistingConnection(peerId);
-        if (ffi != null) {
-          final terminalModel = ffi.terminalModels[terminalId];
-          if (terminalModel != null) {
-            await terminalModel.closeTerminal();
-          }
-        }
-        // Then close the tab
-        tabController.closeBy(tabKey);
-      },
+      onTabCloseButton: () => _closeTab(tabKey),
       page: TerminalPage(
         key: ValueKey(tabKey),
         id: peerId,
         terminalId: terminalId,
+        tabKey: tabKey,
         password: password,
         isSharedPassword: isSharedPassword,
         tabController: tabController,
@@ -101,6 +89,159 @@ class _TerminalTabPageState extends State<TerminalTabPage> {
     );
   }
 
+  /// Unified tab close handler for all close paths (button, shortcut, programmatic).
+  /// Shows audit dialog, cleans up session if not persistent, then removes the UI tab.
+  Future<void> _closeTab(String tabKey) async {
+    // Idempotency guard: skip if already closing this tab
+    if (_closingTabs.contains(tabKey)) return;
+    _closingTabs.add(tabKey);
+
+    try {
+      // Snapshot peerTabCount BEFORE any await to avoid race with concurrent
+      // _closeAllTabs clearing tabController (which would make the live count
+      // drop to 0 and incorrectly trigger session persistence).
+      // Note: the snapshot may become stale if other individual tabs are closed
+      // during the audit dialog, but this is an acceptable trade-off.
+      int? snapshotPeerTabCount;
+      final parsed = _parseTabKey(tabKey);
+      if (parsed != null) {
+        final (peerId, _) = parsed;
+        snapshotPeerTabCount = tabController.state.value.tabs.where((t) {
+          final p = _parseTabKey(t.key);
+          return p != null && p.$1 == peerId;
+        }).length;
+      }
+
+      if (await desktopTryShowTabAuditDialogCloseCancelled(
+        id: tabKey,
+        tabController: tabController,
+      )) {
+        return;
+      }
+
+      // Close terminal session if not in persistent mode.
+      // Wrapped separately so session cleanup failure never blocks UI tab removal.
+      try {
+        await _closeTerminalSessionIfNeeded(tabKey,
+            peerTabCount: snapshotPeerTabCount);
+      } catch (e) {
+        debugPrint('[TerminalTabPage] Session cleanup failed for $tabKey: $e');
+      }
+      // Always close the tab from UI, regardless of session cleanup result
+      tabController.closeBy(tabKey);
+    } catch (e) {
+      debugPrint('[TerminalTabPage] Error closing tab $tabKey: $e');
+    } finally {
+      _closingTabs.remove(tabKey);
+    }
+  }
+
+  /// Close all tabs with session cleanup.
+  /// Used for window-level close operations (onDestroy, handleWindowCloseButton).
+  /// UI tabs are removed immediately; session cleanup runs in parallel with a
+  /// bounded timeout so window close is not blocked indefinitely.
+  Future<void> _closeAllTabs() async {
+    _windowClosing = true;
+    final tabKeys = tabController.state.value.tabs.map((t) => t.key).toList();
+    // Remove all UI tabs immediately (same instant behavior as the old tabController.clear())
+    tabController.clear();
+    // Run session cleanup in parallel with bounded timeout (closeTerminal() has internal 3s timeout).
+    // Skip tabs already being closed by a concurrent _closeTab() to avoid duplicate FFI calls.
+    final futures = tabKeys
+        .where((tabKey) => !_closingTabs.contains(tabKey))
+        .map((tabKey) async {
+      try {
+        await _closeTerminalSessionIfNeeded(tabKey, persistAll: true);
+      } catch (e) {
+        debugPrint('[TerminalTabPage] Session cleanup failed for $tabKey: $e');
+      }
+    }).toList();
+    if (futures.isNotEmpty) {
+      await Future.wait(futures).timeout(
+        const Duration(seconds: 4),
+        onTimeout: () {
+          debugPrint(
+              '[TerminalTabPage] Session cleanup timed out for batch close');
+          return [];
+        },
+      );
+    }
+  }
+
+  /// Close the terminal session on server side based on persistent mode.
+  ///
+  /// [persistAll] controls behavior when persistent mode is enabled:
+  /// - `true` (window close): persist all sessions, don't close any.
+  /// - `false` (tab close): only persist the last session for the peer,
+  ///   close others so only the most recent disconnected session survives.
+  ///
+  /// Note: if [_windowClosing] is true, persistAll is forced to true so that
+  /// in-flight _closeTab() calls don't accidentally close sessions that the
+  /// window-close flow intends to preserve.
+  Future<void> _closeTerminalSessionIfNeeded(String tabKey,
+      {bool persistAll = false, int? peerTabCount}) async {
+    // If window close is in progress, override to persist all sessions
+    // even if this call originated from an individual tab close.
+    if (_windowClosing) {
+      persistAll = true;
+    }
+    final parsed = _parseTabKey(tabKey);
+    if (parsed == null) return;
+    final (peerId, terminalId) = parsed;
+
+    final ffi = TerminalConnectionManager.getExistingConnection(peerId);
+    if (ffi == null) return;
+
+    final isPersistent = bind.sessionGetToggleOptionSync(
+      sessionId: ffi.sessionId,
+      arg: kOptionTerminalPersistent,
+    );
+
+    if (isPersistent) {
+      if (persistAll) {
+        // Window close: persist all sessions
+        return;
+      }
+      // Tab close: only persist if this is the last tab for this peer.
+      // Use the snapshot value if provided (avoids race with concurrent tab removal).
+      final effectivePeerTabCount = peerTabCount ??
+          tabController.state.value.tabs.where((t) {
+            final p = _parseTabKey(t.key);
+            return p != null && p.$1 == peerId;
+          }).length;
+      if (effectivePeerTabCount <= 1) {
+        // Last tab for this peer — persist the session
+        return;
+      }
+      // Not the last tab — fall through to close the session
+    }
+
+    final terminalModel = ffi.terminalModels[terminalId];
+    if (terminalModel != null) {
+      // closeTerminal() has internal 3s timeout, no need for external timeout
+      await terminalModel.closeTerminal();
+    }
+  }
+
+  /// Parse tabKey (format: "peerId_terminalId") into its components.
+  /// Note: peerId may contain underscores, so we use lastIndexOf('_').
+  /// Returns null if tabKey format is invalid.
+  (String peerId, int terminalId)? _parseTabKey(String tabKey) {
+    final lastUnderscore = tabKey.lastIndexOf('_');
+    if (lastUnderscore <= 0) {
+      debugPrint('[TerminalTabPage] Invalid tabKey format: $tabKey');
+      return null;
+    }
+    final terminalIdStr = tabKey.substring(lastUnderscore + 1);
+    final terminalId = int.tryParse(terminalIdStr);
+    if (terminalId == null) {
+      debugPrint('[TerminalTabPage] Invalid terminalId in tabKey: $tabKey');
+      return null;
+    }
+    final peerId = tabKey.substring(0, lastUnderscore);
+    return (peerId, terminalId);
+  }
+
   Widget _tabMenuBuilder(String peerId, CancelFunc cancelFunc) {
     final List<MenuEntryBase<String>> menu = [];
     const EdgeInsets padding = EdgeInsets.only(left: 8.0, right: 5.0);
@@ -184,7 +325,8 @@ class _TerminalTabPageState extends State<TerminalTabPage> {
       } else if (call.method == kWindowEventRestoreTerminalSessions) {
         _restoreSessions(call.arguments);
       } else if (call.method == "onDestroy") {
-        tabController.clear();
+        // Clean up sessions before window destruction (bounded wait)
+        await _closeAllTabs();
       } else if (call.method == kWindowActionRebuild) {
         reloadCurrentWindow();
       } else if (call.method == kWindowEventActiveSession) {
@@ -194,7 +336,10 @@ class _TerminalTabPageState extends State<TerminalTabPage> {
         final currentTab = tabController.state.value.selectedTabInfo;
         assert(call.arguments is String,
             "Expected String arguments for kWindowEventActiveSession, got ${call.arguments.runtimeType}");
-        if (currentTab.key.startsWith(call.arguments)) {
+        // Use lastIndexOf to handle peerIds containing underscores
+        final lastUnderscore = currentTab.key.lastIndexOf('_');
+        if (lastUnderscore > 0 &&
+            currentTab.key.substring(0, lastUnderscore) == call.arguments) {
           windowOnTop(windowId());
           return true;
         }
@@ -265,7 +410,7 @@ class _TerminalTabPageState extends State<TerminalTabPage> {
           // macOS: Cmd+W (standard for close tab)
           final currentTab = tabController.state.value.selectedTabInfo;
           if (tabController.state.value.tabs.length > 1) {
-            tabController.closeBy(currentTab.key);
+            _closeTab(currentTab.key);
             return true;
           }
         } else if (!isMacOS &&
@@ -274,7 +419,7 @@ class _TerminalTabPageState extends State<TerminalTabPage> {
           // Other platforms: Ctrl+Shift+W (to avoid conflict with Ctrl+W word delete)
           final currentTab = tabController.state.value.selectedTabInfo;
           if (tabController.state.value.tabs.length > 1) {
-            tabController.closeBy(currentTab.key);
+            _closeTab(currentTab.key);
             return true;
           }
         }
@@ -329,7 +474,10 @@ class _TerminalTabPageState extends State<TerminalTabPage> {
   void _addNewTerminal(String peerId, {int? terminalId}) {
     // Find first tab for this peer to get connection parameters
     final firstTab = tabController.state.value.tabs.firstWhere(
-      (tab) => tab.key.startsWith('$peerId\_'),
+      (tab) {
+        final last = tab.key.lastIndexOf('_');
+        return last > 0 && tab.key.substring(0, last) == peerId;
+      },
     );
     if (firstTab.page is TerminalPage) {
       final page = firstTab.page as TerminalPage;
@@ -350,11 +498,10 @@ class _TerminalTabPageState extends State<TerminalTabPage> {
 
   void _addNewTerminalForCurrentPeer({int? terminalId}) {
     final currentTab = tabController.state.value.selectedTabInfo;
-    final parts = currentTab.key.split('_');
-    if (parts.isNotEmpty) {
-      final peerId = parts[0];
-      _addNewTerminal(peerId, terminalId: terminalId);
-    }
+    final parsed = _parseTabKey(currentTab.key);
+    if (parsed == null) return;
+    final (peerId, _) = parsed;
+    _addNewTerminal(peerId, terminalId: terminalId);
   }
 
   @override
@@ -368,10 +515,9 @@ class _TerminalTabPageState extends State<TerminalTabPage> {
           selectedBorderColor: MyTheme.accent,
           labelGetter: DesktopTab.tablabelGetter,
           tabMenuBuilder: (key) {
-            // Extract peerId from tab key (format: "peerId_terminalId")
-            final parts = key.split('_');
-            if (parts.isEmpty) return Container();
-            final peerId = parts[0];
+            final parsed = _parseTabKey(key);
+            if (parsed == null) return Container();
+            final (peerId, _) = parsed;
             return _tabMenuBuilder(peerId, () {});
           },
         ));
@@ -426,7 +572,7 @@ class _TerminalTabPageState extends State<TerminalTabPage> {
       }
     }
     if (connLength <= 1) {
-      tabController.clear();
+      await _closeAllTabs();
       return true;
     } else {
       final bool res;
@@ -437,7 +583,7 @@ class _TerminalTabPageState extends State<TerminalTabPage> {
         res = await closeConfirmDialog();
       }
       if (res) {
-        tabController.clear();
+        await _closeAllTabs();
       }
       return res;
     }

flutter/lib/desktop/widgets/remote_toolbar.dart

@@ -5,6 +5,7 @@ import 'package:flutter/material.dart';
 import 'package:flutter/services.dart';
 import 'package:flutter_hbb/common/widgets/audio_input.dart';
 import 'package:flutter_hbb/common/widgets/dialog.dart';
+import 'package:flutter_hbb/common/widgets/keyboard_shortcuts/display.dart';
 import 'package:flutter_hbb/common/widgets/toolbar.dart';
 import 'package:flutter_hbb/models/chat_model.dart';
 import 'package:flutter_hbb/models/state_model.dart';
@@ -763,8 +764,31 @@ class _ControlMenu extends StatelessWidget {
               if (e.divider) {
                 return Divider();
               } else {
+                final hint = e.actionId == null
+                    ? null
+                    : ShortcutDisplay.formatFor(e.actionId!);
+                final child = hint == null
+                    ? e.child
+                    : Row(
+                        mainAxisSize: MainAxisSize.min,
+                        children: [
+                          Flexible(child: e.child),
+                          Padding(
+                            padding: const EdgeInsets.only(left: 16),
+                            child: Text(
+                              hint,
+                              style: Theme.of(context)
+                                  .textTheme
+                                  .bodySmall
+                                  ?.copyWith(
+                                    color: Theme.of(context).hintColor,
+                                  ),
+                            ),
+                          ),
+                        ],
+                      );
                 return MenuButton(
-                    child: e.child,
+                    child: child,
                     onPressed: e.onPressed,
                     ffi: ffi,
                     trailingIcon: e.trailingIcon);
@@ -1861,8 +1885,18 @@ class _KeyboardMenu extends StatelessWidget {
           continue;
         }
 
-        if (pi.isWayland && mode.key != kKeyMapMode) {
-          continue;
+        if (pi.isWayland) {
+          // Legacy mode is hidden on desktop control side because dead keys
+          // don't work properly on Wayland. When the control side is mobile,
+          // Legacy mode is used automatically (mobile always sends Legacy events).
+          if (mode.key == kKeyLegacyMode) {
+            continue;
+          }
+          // Translate mode requires server >= 1.4.6.
+          if (mode.key == kKeyTranslateMode &&
+              versionCmp(pi.version, '1.4.6') < 0) {
+            continue;
+          }
         }
 
         var text = translate(mode.menu);

flutter/lib/mobile/pages/mobile_keyboard_shortcuts_page.dart

@@ -0,0 +1,95 @@
+// flutter/lib/mobile/pages/mobile_keyboard_shortcuts_page.dart
+//
+// Mobile shell for the Keyboard Shortcuts configuration page. Mirrors
+// `desktop/pages/desktop_keyboard_shortcuts_page.dart` but with a touch-
+// friendly layout (ListTile rows instead of dense rows) and a hint banner
+// that explains the recording flow only works with a physical keyboard.
+//
+// All actual logic — group definitions, JSON I/O, conflict-replace flow,
+// recording-dialog round-trip, "Reset to defaults" — lives in the shared
+// `common/widgets/keyboard_shortcuts/page_body.dart`. This file only
+// supplies the AppBar, the AppBar action, and the platform hint banner.
+//
+// Mobile keyboard detection limitation: Flutter has no reliable
+// "is a physical keyboard attached?" API on iOS or Android. Soft keyboards
+// don't generate the `KeyDownEvent`s the recording dialog listens for, so
+// in practice the dialog only does anything useful when the user actually
+// has a hardware keyboard plugged in (USB / Bluetooth / Smart Connector).
+// For V1 we don't try to detect attachment — we just surface the
+// requirement as an in-page hint instead of disabling the Edit button.
+
+import 'package:flutter/material.dart';
+
+import '../../common.dart';
+import '../../common/widgets/keyboard_shortcuts/page_body.dart';
+
+class MobileKeyboardShortcutsPage extends StatefulWidget {
+  const MobileKeyboardShortcutsPage({Key? key}) : super(key: key);
+
+  @override
+  State<MobileKeyboardShortcutsPage> createState() =>
+      _MobileKeyboardShortcutsPageState();
+}
+
+class _MobileKeyboardShortcutsPageState
+    extends State<MobileKeyboardShortcutsPage> {
+  final GlobalKey<KeyboardShortcutsPageBodyState> _bodyKey = GlobalKey();
+
+  @override
+  Widget build(BuildContext context) {
+    final theme = Theme.of(context);
+    return Scaffold(
+      appBar: AppBar(
+        title: Text(translate('Keyboard Shortcuts')),
+        actions: [
+          IconButton(
+            tooltip: translate('Reset to defaults'),
+            onPressed: () =>
+                _bodyKey.currentState?.resetToDefaultsWithConfirm(),
+            icon: const Icon(Icons.restore),
+          ),
+        ],
+      ),
+      body: KeyboardShortcutsPageBody(
+        key: _bodyKey,
+        compact: false,
+        editButtonHint: translate('shortcut-mobile-physical-keyboard-tip'),
+        headerBanner: _PhysicalKeyboardHintBanner(theme: theme),
+      ),
+    );
+  }
+}
+
+/// A muted info banner shown above the master toggle on mobile. We can't
+/// reliably detect whether a physical keyboard is attached, so instead of
+/// disabling the Edit button we surface the requirement up front.
+class _PhysicalKeyboardHintBanner extends StatelessWidget {
+  final ThemeData theme;
+  const _PhysicalKeyboardHintBanner({required this.theme});
+
+  @override
+  Widget build(BuildContext context) {
+    final color = theme.colorScheme.primary.withOpacity(0.08);
+    return Container(
+      padding: const EdgeInsets.all(12),
+      decoration: BoxDecoration(
+        color: color,
+        borderRadius: BorderRadius.circular(8),
+      ),
+      child: Row(
+        crossAxisAlignment: CrossAxisAlignment.start,
+        children: [
+          Icon(Icons.info_outline,
+              size: 18, color: theme.colorScheme.primary),
+          const SizedBox(width: 8),
+          Expanded(
+            child: Text(
+              translate('shortcut-mobile-physical-keyboard-tip'),
+              style: TextStyle(color: theme.colorScheme.onSurface),
+            ),
+          ),
+        ],
+      ),
+    );
+  }
+}

flutter/lib/mobile/pages/remote_page.dart

@@ -1,5 +1,4 @@
 import 'dart:async';
-import 'dart:ui' as ui;
 
 import 'package:flutter/material.dart';
 import 'package:flutter/services.dart';
@@ -22,6 +21,7 @@ import '../../common/widgets/remote_input.dart';
 import '../../models/input_model.dart';
 import '../../models/model.dart';
 import '../../models/platform_model.dart';
+import '../../models/shortcut_model.dart';
 import '../../utils/image.dart';
 import '../widgets/dialog.dart';
 import '../widgets/custom_scale_widget.dart';
@@ -65,9 +65,8 @@ class _RemotePageState extends State<RemotePage> with WidgetsBindingObserver {
   bool _showGestureHelp = false;
   String _value = '';
   Orientation? _currentOrientation;
-  double _viewInsetsBottom = 0;
   final _uniqueKey = UniqueKey();
-  Timer? _timerDidChangeMetrics;
+  Timer? _iosKeyboardWorkaroundTimer;
 
   final _blockableOverlayState = BlockableOverlayState();
 
@@ -121,6 +120,18 @@ class _RemotePageState extends State<RemotePage> with WidgetsBindingObserver {
       }
       _disableAndroidSoftKeyboard(
           isKeyboardVisible: keyboardVisibilityController.isVisible);
+      // Seed shortcut action callbacks once the session is ready, so that
+      // global keyboard shortcuts work even if the user never opens the
+      // toolbar menu. The returned list is intentionally discarded — the
+      // side effect of registering callbacks (inside toolbarControls) is
+      // what we want here.
+      if (mounted) {
+        toolbarControls(context, widget.id, gFFI);
+        // Mobile has no DesktopTabController, so tab-switch shortcuts
+        // remain unregistered (they will simply log a no-handler debug
+        // line if a mobile user binds one — they have no tabs to switch).
+        registerSessionShortcutActions(gFFI);
+      }
     });
     WidgetsBinding.instance.addObserver(this);
   }
@@ -139,7 +150,7 @@ class _RemotePageState extends State<RemotePage> with WidgetsBindingObserver {
     _physicalFocusNode.dispose();
     await gFFI.close();
     _timer?.cancel();
-    _timerDidChangeMetrics?.cancel();
+    _iosKeyboardWorkaroundTimer?.cancel();
     gFFI.dialogManager.dismissAll();
     await SystemChrome.setEnabledSystemUIMode(SystemUiMode.manual,
         overlays: SystemUiOverlay.values);
@@ -165,26 +176,6 @@ class _RemotePageState extends State<RemotePage> with WidgetsBindingObserver {
     gFFI.invokeMethod("try_sync_clipboard");
   }
 
-  @override
-  void didChangeMetrics() {
-    // If the soft keyboard is visible and the canvas has been changed(panned or scaled)
-    // Don't try reset the view style and focus the cursor.
-    if (gFFI.cursorModel.lastKeyboardIsVisible &&
-        gFFI.canvasModel.isMobileCanvasChanged) {
-      return;
-    }
-
-    final newBottom = MediaQueryData.fromView(ui.window).viewInsets.bottom;
-    _timerDidChangeMetrics?.cancel();
-    _timerDidChangeMetrics = Timer(Duration(milliseconds: 100), () async {
-      // We need this comparation because poping up the floating action will also trigger `didChangeMetrics()`.
-      if (newBottom != _viewInsetsBottom) {
-        gFFI.canvasModel.mobileFocusCanvasCursor();
-        _viewInsetsBottom = newBottom;
-      }
-    });
-  }
-
   // to-do: It should be better to use transparent color instead of the bgColor.
   // But for now, the transparent color will cause the canvas to be white.
   // I'm sure that the white color is caused by the Overlay widget in BlockableOverlay.
@@ -206,7 +197,24 @@ class _RemotePageState extends State<RemotePage> with WidgetsBindingObserver {
           gFFI.ffiModel.pi.version.isNotEmpty) {
         gFFI.invokeMethod("enable_soft_keyboard", false);
       }
+
+      // Workaround for iOS: physical keyboard input fails after virtual keyboard is hidden
+      // https://github.com/flutter/flutter/issues/39900
+      // https://github.com/rustdesk/rustdesk/discussions/11843#discussioncomment-13499698 - Virtual keyboard issue
+      if (isIOS) {
+        _iosKeyboardWorkaroundTimer?.cancel();
+        _iosKeyboardWorkaroundTimer = Timer(Duration(milliseconds: 100), () {
+          if (!mounted) return;
+          _physicalFocusNode.unfocus();
+          _iosKeyboardWorkaroundTimer = Timer(Duration(milliseconds: 50), () {
+            if (!mounted) return;
+            _physicalFocusNode.requestFocus();
+          });
+        });
+      }
     } else {
+      _iosKeyboardWorkaroundTimer?.cancel();
+      _iosKeyboardWorkaroundTimer = null;
       _timer?.cancel();
       _timer = Timer(kMobileDelaySoftKeyboardFocus, () {
         SystemChrome.setEnabledSystemUIMode(SystemUiMode.manual,
@@ -431,12 +439,10 @@ class _RemotePageState extends State<RemotePage> with WidgetsBindingObserver {
                               }
                               return Container(
                                 color: MyTheme.canvasColor,
-                                child: inputModel.isPhysicalMouse.value
-                                    ? getBodyForMobile()
-                                    : RawTouchGestureDetectorRegion(
-                                        child: getBodyForMobile(),
-                                        ffi: gFFI,
-                                      ),
+                                child: RawTouchGestureDetectorRegion(
+                                  child: getBodyForMobile(),
+                                  ffi: gFFI,
+                                ),
                               );
                             }),
                           ),

flutter/lib/mobile/pages/server_page.dart

@@ -150,7 +150,8 @@ class _DropDownAction extends StatelessWidget {
             }
 
             if (value == kUsePermanentPassword &&
-                (await bind.mainGetPermanentPassword()).isEmpty) {
+                (await bind.mainGetCommon(key: "permanent-password-set")) !=
+                    "true") {
               if (isChangePermanentPasswordDisabled()) {
                 callback();
                 return;
@@ -582,10 +583,13 @@ class _PermissionCheckerState extends State<PermissionChecker> {
   Widget build(BuildContext context) {
     final serverModel = Provider.of<ServerModel>(context);
     final hasAudioPermission = androidVersion >= 30;
+    final hideStopService =
+        isAndroid &&
+            bind.mainGetBuildinOption(key: kOptionHideStopService) == 'Y';
     return PaddingCard(
         title: translate("Permissions"),
         child: Column(crossAxisAlignment: CrossAxisAlignment.start, children: [
-          serverModel.mediaOk
+          serverModel.mediaOk && !hideStopService
               ? ElevatedButton.icon(
                       style: ButtonStyle(
                           backgroundColor:
@@ -595,14 +599,15 @@ class _PermissionCheckerState extends State<PermissionChecker> {
                       label: Text(translate("Stop service")))
                   .marginOnly(bottom: 8)
               : SizedBox.shrink(),
-          PermissionRow(
-              translate("Screen Capture"),
-              serverModel.mediaOk,
-              !serverModel.mediaOk &&
-                      gFFI.userModel.userName.value.isEmpty &&
-                      bind.mainGetLocalOption(key: "show-scam-warning") != "N"
-                  ? () => showScamWarning(context, serverModel)
-                  : serverModel.toggleService),
+          if (!hideStopService || !serverModel.mediaOk)
+            PermissionRow(
+                translate("Screen Capture"),
+                serverModel.mediaOk,
+                !serverModel.mediaOk &&
+                        gFFI.userModel.userName.value.isEmpty &&
+                        bind.mainGetLocalOption(key: "show-scam-warning") != "N"
+                    ? () => showScamWarning(context, serverModel)
+                    : serverModel.toggleService),
           PermissionRow(translate("Input Control"), serverModel.inputOk,
               serverModel.toggleInput),
           PermissionRow(translate("Transfer file"), serverModel.fileOk,
@@ -841,13 +846,7 @@ class ClientInfo extends StatelessWidget {
                   flex: -1,
                   child: Padding(
                       padding: const EdgeInsets.only(right: 12),
-                      child: CircleAvatar(
-                          backgroundColor: str2color(
-                              client.name,
-                              Theme.of(context).brightness == Brightness.light
-                                  ? 255
-                                  : 150),
-                          child: Text(client.name[0])))),
+                      child: _buildAvatar(context))),
               Expanded(
                   child: Column(
                       crossAxisAlignment: CrossAxisAlignment.start,
@@ -860,6 +859,20 @@ class ClientInfo extends StatelessWidget {
           ),
         ]));
   }
+
+  Widget _buildAvatar(BuildContext context) {
+    final fallback = CircleAvatar(
+      backgroundColor: str2color(client.name,
+          Theme.of(context).brightness == Brightness.light ? 255 : 150),
+      child: Text(client.name.isNotEmpty ? client.name[0] : '?'),
+    );
+    return buildAvatarWidget(
+          avatar: client.avatar,
+          size: 40,
+          fallback: fallback,
+        ) ??
+        fallback;
+  }
 }
 
 void androidChannelInit() {

flutter/lib/mobile/pages/settings_page.dart

@@ -17,8 +17,10 @@ import '../../common/widgets/login.dart';
 import '../../consts.dart';
 import '../../models/model.dart';
 import '../../models/platform_model.dart';
+import '../../models/shortcut_model.dart';
 import '../widgets/dialog.dart';
 import 'home_page.dart';
+import 'mobile_keyboard_shortcuts_page.dart';
 import 'scan_page.dart';
 
 class SettingsPage extends StatefulWidget implements PageShape {
@@ -617,7 +619,7 @@ class _SettingsState extends State<SettingsPage> with WidgetsBindingObserver {
         onToggle: (bool v) async {
           await mainSetLocalBoolOption(kOptionEnableShowTerminalExtraKeys, v);
           final newValue =
-            mainGetLocalBoolOptionSync(kOptionEnableShowTerminalExtraKeys);
+              mainGetLocalBoolOptionSync(kOptionEnableShowTerminalExtraKeys);
           setState(() {
             _showTerminalExtraKeys = newValue;
           });
@@ -688,8 +690,18 @@ class _SettingsState extends State<SettingsPage> with WidgetsBindingObserver {
               SettingsTile(
                 title: Obx(() => Text(gFFI.userModel.userName.value.isEmpty
                     ? translate('Login')
-                    : '${translate('Logout')} (${gFFI.userModel.userName.value})')),
-                leading: Icon(Icons.person),
+                    : '${translate('Logout')} (${gFFI.userModel.accountLabelWithHandle})')),
+                leading: Obx(() {
+                  final avatar = bind.mainResolveAvatarUrl(
+                      avatar: gFFI.userModel.avatar.value);
+                  return buildAvatarWidget(
+                        avatar: avatar,
+                        size: 28,
+                        borderRadius: null,
+                        fallback: Icon(Icons.person),
+                      ) ??
+                      Icon(Icons.person);
+                }),
                 onPressed: (context) {
                   if (gFFI.userModel.userName.value.isEmpty) {
                     loginDialog();
@@ -809,6 +821,22 @@ class _SettingsState extends State<SettingsPage> with WidgetsBindingObserver {
               showThemeSettings(gFFI.dialogManager);
             },
           ),
+          SettingsTile.navigation(
+            leading: Icon(Icons.keyboard_outlined),
+            title: Text(translate('Keyboard Shortcuts')),
+            description: Text(ShortcutModel.isEnabled()
+                ? translate('On')
+                : translate('Off')),
+            onPressed: (context) {
+              Navigator.push(
+                  context,
+                  MaterialPageRoute(
+                    builder: (_) => const MobileKeyboardShortcutsPage(),
+                  )).then((_) {
+                if (mounted) setState(() {});
+              });
+            },
+          ),
           if (!bind.isDisableAccount())
             SettingsTile.switchTile(
               title: Text(translate('note-at-conn-end-tip')),
@@ -829,10 +857,12 @@ class _SettingsState extends State<SettingsPage> with WidgetsBindingObserver {
             ),
           if (!incomingOnly)
             SettingsTile.switchTile(
-              title: Text(translate('keep-awake-during-outgoing-sessions-label')),
+              title:
+                  Text(translate('keep-awake-during-outgoing-sessions-label')),
               initialValue: _preventSleepWhileConnected,
               onToggle: (v) async {
-                await mainSetLocalBoolOption(kOptionKeepAwakeDuringOutgoingSessions, v);
+                await mainSetLocalBoolOption(
+                    kOptionKeepAwakeDuringOutgoingSessions, v);
                 setState(() {
                   _preventSleepWhileConnected = v;
                 });
@@ -1340,3 +1370,4 @@ SettingsTile _getPopupDialogRadioEntry({
     ),
   );
 }
+

flutter/lib/mobile/pages/terminal_page.dart

@@ -83,7 +83,10 @@ class _TerminalPageState extends State<TerminalPage>
     // Register this terminal model with FFI for event routing
     _ffi.registerTerminalModel(widget.terminalId, _terminalModel);
 
-    _showTerminalExtraKeys = mainGetLocalBoolOptionSync(kOptionEnableShowTerminalExtraKeys);
+    // Web desktop users have full hardware keyboard access, so the on-screen
+    // terminal extra keys bar is unnecessary and disabled.
+    _showTerminalExtraKeys = !isWebDesktop &&
+        mainGetLocalBoolOptionSync(kOptionEnableShowTerminalExtraKeys);
     // Initialize terminal connection
     WidgetsBinding.instance.addPostFrameCallback((_) {
       _ffi.dialogManager

flutter/lib/mobile/pages/view_camera_page.dart

@@ -259,13 +259,11 @@ class _ViewCameraPageState extends State<ViewCameraPage>
                         }
                         return Container(
                           color: MyTheme.canvasColor,
-                          child: inputModel.isPhysicalMouse.value
-                              ? getBodyForMobile()
-                              : RawTouchGestureDetectorRegion(
-                                  child: getBodyForMobile(),
-                                  ffi: gFFI,
-                                  isCamera: true,
-                                ),
+                          child: RawTouchGestureDetectorRegion(
+                            child: getBodyForMobile(),
+                            ffi: gFFI,
+                            isCamera: true,
+                          ),
                         );
                       }),
                     ),

flutter/lib/mobile/widgets/dialog.dart

@@ -12,100 +12,6 @@ void _showSuccess() {
   showToast(translate("Successful"));
 }
 
-void _showError() {
-  showToast(translate("Error"));
-}
-
-void setPermanentPasswordDialog(OverlayDialogManager dialogManager) async {
-  final pw = await bind.mainGetPermanentPassword();
-  final p0 = TextEditingController(text: pw);
-  final p1 = TextEditingController(text: pw);
-  var validateLength = false;
-  var validateSame = false;
-  dialogManager.show((setState, close, context) {
-    submit() async {
-      close();
-      dialogManager.showLoading(translate("Waiting"));
-      if (await gFFI.serverModel.setPermanentPassword(p0.text)) {
-        dialogManager.dismissAll();
-        _showSuccess();
-      } else {
-        dialogManager.dismissAll();
-        _showError();
-      }
-    }
-
-    return CustomAlertDialog(
-      title: Column(
-        mainAxisAlignment: MainAxisAlignment.center,
-        children: [
-          Icon(Icons.password_rounded, color: MyTheme.accent),
-          Text(translate('Set your own password')).paddingOnly(left: 10),
-        ],
-      ),
-      content: Form(
-          autovalidateMode: AutovalidateMode.onUserInteraction,
-          child: Column(mainAxisSize: MainAxisSize.min, children: [
-            TextFormField(
-              autofocus: true,
-              obscureText: true,
-              keyboardType: TextInputType.visiblePassword,
-              decoration: InputDecoration(
-                labelText: translate('Password'),
-              ),
-              controller: p0,
-              validator: (v) {
-                if (v == null) return null;
-                final val = v.trim().length > 5;
-                if (validateLength != val) {
-                  // use delay to make setState success
-                  Future.delayed(Duration(microseconds: 1),
-                      () => setState(() => validateLength = val));
-                }
-                return val
-                    ? null
-                    : translate('Too short, at least 6 characters.');
-              },
-            ).workaroundFreezeLinuxMint(),
-            TextFormField(
-              obscureText: true,
-              keyboardType: TextInputType.visiblePassword,
-              decoration: InputDecoration(
-                labelText: translate('Confirmation'),
-              ),
-              controller: p1,
-              validator: (v) {
-                if (v == null) return null;
-                final val = p0.text == v;
-                if (validateSame != val) {
-                  Future.delayed(Duration(microseconds: 1),
-                      () => setState(() => validateSame = val));
-                }
-                return val
-                    ? null
-                    : translate('The confirmation is not identical.');
-              },
-            ).workaroundFreezeLinuxMint(),
-          ])),
-      onCancel: close,
-      onSubmit: (validateLength && validateSame) ? submit : null,
-      actions: [
-        dialogButton(
-          'Cancel',
-          icon: Icon(Icons.close_rounded),
-          onPressed: close,
-          isOutline: true,
-        ),
-        dialogButton(
-          'OK',
-          icon: Icon(Icons.done_rounded),
-          onPressed: (validateLength && validateSame) ? submit : null,
-        ),
-      ],
-    );
-  });
-}
-
 void setTemporaryPasswordLengthDialog(
     OverlayDialogManager dialogManager) async {
   List<String> lengths = ['6', '8', '10'];

flutter/lib/models/ab_model.dart

@@ -1,6 +1,5 @@
 import 'dart:async';
 import 'dart:convert';
-import 'dart:io';
 
 import 'package:flutter/material.dart';
 import 'package:flutter_hbb/common/hbbs/hbbs.dart';
@@ -53,7 +52,9 @@ class AbModel {
 
   RxBool get currentAbLoading => current.abLoading;
   bool get currentAbEmpty => current.peers.isEmpty && current.tags.isEmpty;
-  RxString get currentAbPullError => current.pullError;
+  final _listPullError = ''.obs;
+  RxString get abPullError =>
+      _listPullError.value.isNotEmpty ? _listPullError : current.pullError;
   RxString get currentAbPushError => current.pushError;
   String? _personalAbGuid;
   RxBool legacyMode = false.obs;
@@ -68,6 +69,7 @@ class AbModel {
   var _syncFromRecentLock = false;
   var _timerCounter = 0;
   var _cacheLoadOnceFlag = false;
+  var _pulledOnce = false;
   var listInitialized = false;
   var _maxPeerOneAb = 0;
 
@@ -97,10 +99,17 @@ class AbModel {
     print("reset ab model");
     addressbooks.clear();
     _currentName.value = '';
+    _listPullError.value = '';
+    _pulledOnce = false;
     await bind.mainClearAb();
     listInitialized = false;
   }
 
+  void clearPullErrors() {
+    _listPullError.value = '';
+    current.pullError.value = '';
+  }
+
 // #region ab
   /// Pulls the address book data from the server.
   ///
@@ -110,31 +119,41 @@ class AbModel {
   var _pulling = false;
   Future<void> pullAb(
       {required ForcePullAb? force, required bool quiet}) async {
+    if (bind.isDisableAb()) return;
+    if (!gFFI.userModel.isLogin) return;
+    if (gFFI.userModel.networkError.isNotEmpty) return;
     if (_pulling) return;
+    if (force == null && _pulledOnce) {
+      return;
+    }
     _pulling = true;
+    if (!quiet) {
+      _listPullError.value = '';
+      current.pullError.value = '';
+    }
     try {
       await _pullAb(force: force, quiet: quiet);
       _refreshTab();
     } catch (_) {}
     _pulling = false;
+    _pulledOnce = true;
   }
 
   Future<void> _pullAb(
       {required ForcePullAb? force, required bool quiet}) async {
-    if (bind.isDisableAb()) return;
-    if (!gFFI.userModel.isLogin) return;
-    if (gFFI.userModel.networkError.isNotEmpty) return;
     if (force == null && listInitialized && current.initialized) return;
     debugPrint("pullAb, force: $force, quiet: $quiet");
     if (!listInitialized || force == ForcePullAb.listAndCurrent) {
       try {
         // Read personal guid every time to avoid upgrading the server without closing the main window
         _personalAbGuid = null;
-        await _getPersonalAbGuid();
-        // Determine legacy mode based on whether _personalAbGuid is null
+        // `true`: continue init. `false`: stop, error already recorded.
+        if (!await _getPersonalAbGuid(quiet: quiet)) {
+          return;
+        }
         legacyMode.value = _personalAbGuid == null;
         if (!legacyMode.value && _maxPeerOneAb == 0) {
-          await _getAbSettings();
+          await _getAbSettings(quiet: quiet);
         }
         if (_personalAbGuid != null) {
           debugPrint("pull ab list");
@@ -142,7 +161,7 @@ class AbModel {
           abProfiles.add(AbProfile(_personalAbGuid!, _personalAddressBookName,
               gFFI.userModel.userName.value, null, ShareRule.read.value, null));
           // get all address book name
-          await _getSharedAbProfiles(abProfiles);
+          await _getSharedAbProfiles(abProfiles, quiet: quiet);
           addressbooks.removeWhere((key, value) =>
               abProfiles.firstWhereOrNull((e) => e.name == key) == null);
           for (int i = 0; i < abProfiles.length; i++) {
@@ -182,6 +201,7 @@ class AbModel {
         }
       } catch (e) {
         debugPrint("pull ab list error: $e");
+        _setListPullError(e, quiet: quiet);
       }
     } else if (listInitialized &&
         (!current.initialized || force == ForcePullAb.current)) {
@@ -197,14 +217,26 @@ class AbModel {
     }
   }
 
-  Future<bool> _getAbSettings() async {
+  void _setListPullError(Object err, {required bool quiet, int? statusCode}) {
+    if (!quiet) {
+      _listPullError.value =
+          '${translate('pull_ab_failed_tip')}: ${translate(err.toString())}';
+    }
+    if (statusCode == 401) {
+      gFFI.userModel.reset(resetOther: true);
+    }
+  }
+
+  Future<bool> _getAbSettings({required bool quiet}) async {
+    int? statusCode;
     try {
       final api = "${await bind.mainGetApiServer()}/api/ab/settings";
       var headers = getHttpHeaders();
       headers['Content-Type'] = "application/json";
       _setEmptyBody(headers);
       final resp = await http.post(Uri.parse(api), headers: headers);
-      if (resp.statusCode == 404) {
+      statusCode = resp.statusCode;
+      if (statusCode == 404) {
         debugPrint("HTTP 404, api server doesn't support shared address book");
         return false;
       }
@@ -213,46 +245,57 @@ class AbModel {
       if (json.containsKey('error')) {
         throw json['error'];
       }
-      if (resp.statusCode != 200) {
-        throw 'HTTP ${resp.statusCode}';
+      if (statusCode != 200) {
+        throw 'HTTP $statusCode';
       }
       _maxPeerOneAb = json['max_peer_one_ab'] ?? 0;
       return true;
     } catch (err) {
       debugPrint('get ab settings err: ${err.toString()}');
+      _setListPullError(err, quiet: quiet, statusCode: statusCode);
     }
     return false;
   }
 
-  Future<bool> _getPersonalAbGuid() async {
+  /// Loads `/api/ab/personal`.
+  /// Returns `true` to continue init, `false` to stop after a real error.
+  Future<bool> _getPersonalAbGuid({required bool quiet}) async {
+    int? statusCode;
     try {
       final api = "${await bind.mainGetApiServer()}/api/ab/personal";
       var headers = getHttpHeaders();
       headers['Content-Type'] = "application/json";
       _setEmptyBody(headers);
       final resp = await http.post(Uri.parse(api), headers: headers);
-      if (resp.statusCode == 404) {
+      statusCode = resp.statusCode;
+      if (statusCode == 404) {
         debugPrint("HTTP 404, current api server is legacy mode");
-        return false;
+        // Old server: keep `_personalAbGuid` null and continue in legacy mode.
+        return true;
       }
       Map<String, dynamic> json =
           _jsonDecodeRespMap(decode_http_response(resp), resp.statusCode);
       if (json.containsKey('error')) {
         throw json['error'];
       }
-      if (resp.statusCode != 200) {
-        throw 'HTTP ${resp.statusCode}';
+      if (statusCode != 200) {
+        throw 'HTTP $statusCode';
       }
       _personalAbGuid = json['guid'];
+      // New server: guid is available, continue in non-legacy mode.
       return true;
     } catch (err) {
       debugPrint('get personal ab err: ${err.toString()}');
+      _setListPullError(err, quiet: quiet, statusCode: statusCode);
     }
+    // Real error: stop the current pull.
     return false;
   }
 
-  Future<bool> _getSharedAbProfiles(List<AbProfile> profiles) async {
+  Future<bool> _getSharedAbProfiles(List<AbProfile> profiles,
+      {required bool quiet}) async {
     final api = "${await bind.mainGetApiServer()}/api/ab/shared/profiles";
+    int? statusCode;
     try {
       var uri0 = Uri.parse(api);
       final pageSize = 100;
@@ -273,13 +316,19 @@ class AbModel {
         headers['Content-Type'] = "application/json";
         _setEmptyBody(headers);
         final resp = await http.post(uri, headers: headers);
+        statusCode = resp.statusCode;
+        if (statusCode == 404) {
+          debugPrint(
+              "HTTP 404, api server doesn't support shared address book");
+          return false;
+        }
         Map<String, dynamic> json =
             _jsonDecodeRespMap(decode_http_response(resp), resp.statusCode);
         if (json.containsKey('error')) {
           throw json['error'];
         }
-        if (resp.statusCode != 200) {
-          throw 'HTTP ${resp.statusCode}';
+        if (statusCode != 200) {
+          throw 'HTTP $statusCode';
         }
         if (json.containsKey('total')) {
           if (total == 0) total = json['total'];
@@ -302,6 +351,7 @@ class AbModel {
       return true;
     } catch (err) {
       debugPrint('_getSharedAbProfiles err: ${err.toString()}');
+      _setListPullError(err, quiet: quiet, statusCode: statusCode);
     }
     return false;
   }

flutter/lib/models/group_model.dart

@@ -343,6 +343,7 @@ class GroupModel {
   }
 
   reset() async {
+    initialized = false;
     groupLoadError.value = '';
     deviceGroups.clear();
     users.clear();

flutter/lib/models/input_model.dart

@@ -2,6 +2,7 @@ import 'dart:async';
 import 'dart:convert';
 import 'dart:io';
 import 'dart:math';
+import 'package:flutter/foundation.dart';
 import 'dart:ui' as ui;
 
 import 'package:desktop_multi_window/desktop_multi_window.dart';
@@ -15,12 +16,13 @@ import 'package:get/get.dart';
 import '../../models/model.dart';
 import '../../models/platform_model.dart';
 import '../../models/state_model.dart';
+import 'input_modifier_utils.dart';
 import 'relative_mouse_model.dart';
 import '../common.dart';
 import '../consts.dart';
 
 /// Mouse button enum.
-enum MouseButtons { left, right, wheel, back }
+enum MouseButtons { left, right, wheel, back, forward }
 
 const _kMouseEventDown = 'mousedown';
 const _kMouseEventUp = 'mouseup';
@@ -157,6 +159,8 @@ extension ToString on MouseButtons {
         return 'wheel';
       case MouseButtons.back:
         return 'back';
+      case MouseButtons.forward:
+        return 'forward';
     }
   }
 }
@@ -327,6 +331,80 @@ class ToReleaseKeys {
 }
 
 class InputModel {
+  // Side mouse button support for Linux.
+  // Flutter's Linux embedder drops X11 button 8/9 events, so we capture them
+  // natively via GDK and forward through the platform channel.
+  static InputModel? _activeSideButtonModel;
+  // Tracks per-button which model received a side button down event, so the
+  // matching up event is routed there even if the pointer has left the view
+  // or a different button was pressed in between.
+  static final Map<MouseButtons, InputModel> _sideButtonDownModels = {};
+  static bool _sideButtonChannelInitialized = false;
+
+  /// Each Flutter engine (main window + sub-windows from desktop_multi_window)
+  /// runs its own Dart isolate with its own statics. Called from initEnv()
+  /// which runs per-engine, so each isolate registers its own handler tied
+  /// to its own set of InputModels.
+  static void initSideButtonChannel() {
+    if (!Platform.isLinux) return;
+    if (_sideButtonChannelInitialized) return;
+    _sideButtonChannelInitialized = true;
+
+    const channel = MethodChannel('org.rustdesk.rustdesk/side_buttons');
+    channel.setMethodCallHandler((call) async {
+      if (call.method == 'onSideMouseButton') {
+        final args = call.arguments as Map<dynamic, dynamic>;
+        final button = args['button'] as String;
+        final type = args['type'] as String;
+        final mb = button == 'back' ? MouseButtons.back : MouseButtons.forward;
+
+        if (type == 'down') {
+          final model = _activeSideButtonModel;
+          if (model != null &&
+              !(model.isViewOnly && !model.showMyCursor) &&
+              model.keyboardPerm &&
+              !model.isViewCamera) {
+            _sideButtonDownModels[mb] = model;
+            // Fire-and-forget to avoid blocking the platform channel handler.
+            unawaited(model._sendMouseUnchecked(type, mb).catchError((Object e) {
+              debugPrint('[InputModel] failed to send side button $type for $mb: $e');
+            }));
+          }
+        } else {
+          // Only route 'up' when we recorded the matching 'down';
+          // dropping avoids sending unpaired 'up' to an unrelated session.
+          // Use _sendMouseUnchecked to bypass permission checks so the
+          // release always goes through even if permissions changed.
+          final model = _sideButtonDownModels.remove(mb);
+          if (model != null) {
+            unawaited(model._sendMouseUnchecked(type, mb).catchError((Object e) {
+              debugPrint('[InputModel] failed to send side button $type for $mb: $e');
+            }));
+          }
+        }
+      }
+      return null;
+    });
+  }
+
+  /// Clear any static references to this model (prevents stale routing).
+  /// Releases any held side buttons on the peer so closing a session
+  /// mid-press does not leave a stuck button.
+  void disposeSideButtonTracking() {
+    if (_activeSideButtonModel == this) _activeSideButtonModel = null;
+    final held = _sideButtonDownModels.entries
+        .where((e) => e.value == this)
+        .map((e) => e.key)
+        .toList();
+    for (final mb in held) {
+      _sideButtonDownModels.remove(mb);
+      // Best-effort release; session may already be tearing down.
+      unawaited(_sendMouseUnchecked('up', mb).catchError((Object e) {
+        debugPrint('[InputModel] failed to release side button $mb: $e');
+      }));
+    }
+  }
+
   final WeakReference<FFI> parent;
   String keyboardMode = '';
 
@@ -348,6 +426,12 @@ class InputModel {
   final _trackpadAdjustPeerLinux = 0.06;
   // This is an experience value.
   final _trackpadAdjustMacToWin = 2.50;
+  // Ignore directional locking for very small deltas on both axes (including
+  // tiny single-axis movement) to avoid over-filtering near zero.
+  static const double _trackpadAxisNoiseThreshold = 0.2;
+  // Lock to dominant axis only when one axis is clearly stronger.
+  // 1.6 means the dominant axis must be >= 60% larger than the other.
+  static const double _trackpadAxisLockRatio = 1.6;
   int _trackpadSpeed = kDefaultTrackpadSpeed;
   double _trackpadSpeedInner = kDefaultTrackpadSpeed / 100.0;
   var _trackpadScrollUnsent = Offset.zero;
@@ -365,6 +449,16 @@ class InputModel {
   final isPhysicalMouse = false.obs;
   int _lastButtons = 0;
   Offset lastMousePos = Offset.zero;
+  int _lastWheelTsUs = 0;
+
+  // Wheel acceleration thresholds.
+  static const int _wheelAccelFastThresholdUs = 40000; // 40ms
+  static const int _wheelAccelMediumThresholdUs = 80000; // 80ms
+  static const double _wheelBurstVelocityThreshold =
+      0.002; // delta units per microsecond
+  // Wheel burst acceleration (empirical tuning).
+  // Applies only to fast, non-smooth bursts to preserve single-step scrolling.
+  // Flutter uses microseconds for dt, so velocity is in delta/us.
 
   // Relative mouse mode (for games/3D apps).
   final relativeMouseMode = false.obs;
@@ -396,6 +490,7 @@ class InputModel {
   bool get isRelativeMouseModeSupported => _relativeMouse.isSupported;
 
   InputModel(this.parent) {
+    initSideButtonChannel();
     sessionId = parent.target!.sessionId;
     _relativeMouse = RelativeMouseModel(
       sessionId: sessionId,
@@ -604,6 +699,39 @@ class InputModel {
     }
   }
 
+<<<<<<< HEAD
+  // Safe: this only re-dispatches synthesized Shift key-up events.
+  // The key-up path clears the tracked Shift state so this does not loop.
+  void _releaseTrackedShiftKeyEventIfNeeded() {
+    final leftShift = toReleaseKeys.lastLShiftKeyEvent;
+    final rightShift = toReleaseKeys.lastRShiftKeyEvent;
+    if (leftShift != null) {
+      handleKeyEvent(leftShift);
+    }
+    if (rightShift != null) {
+      handleKeyEvent(rightShift);
+    }
+  }
+
+  // Safe: this only re-dispatches synthesized Shift key-up events.
+  // The raw key-up path clears the tracked Shift state so this does not loop.
+  void _releaseTrackedRawShiftKeyEventIfNeeded() {
+    final leftShift = toReleaseRawKeys.lastLShiftKeyEvent;
+    final rightShift = toReleaseRawKeys.lastRShiftKeyEvent;
+    if (leftShift != null) {
+      handleRawKeyEvent(RawKeyUpEvent(
+        data: leftShift.data,
+        character: leftShift.character,
+      ));
+    }
+    if (rightShift != null) {
+      handleRawKeyEvent(RawKeyUpEvent(
+        data: rightShift.data,
+        character: rightShift.character,
+      ));
+    }
+  }
+
   KeyEventResult handleRawKeyEvent(RawKeyEvent e) {
     if (isViewOnly) return KeyEventResult.handled;
     if (isViewCamera) return KeyEventResult.handled;
@@ -658,6 +786,27 @@ class InputModel {
       toReleaseRawKeys.updateKeyUp(key, e);
     }
 
+    // On some mobile soft-keyboard paths, Flutter may leave cached Shift state
+    // set even though the current raw key event is not shifted anymore.
+    if (e is RawKeyDownEvent &&
+        shouldReleaseStaleMobileShift(
+          isMobile: isMobile,
+          cachedShiftPressed: shift,
+          actualShiftPressed: e.isShiftPressed,
+          logicalKey: e.logicalKey,
+          hasTrackedShiftKeyDown: toReleaseRawKeys.lastLShiftKeyEvent != null ||
+              toReleaseRawKeys.lastRShiftKeyEvent != null,
+        )) {
+      if (kDebugMode) {
+        debugPrint(
+          'input: releasing stale mobile Shift before replaying tracked raw '
+          'key-up (logicalKey=${e.logicalKey.keyLabel}, '
+          'actualShiftPressed=${e.isShiftPressed}, cachedShiftPressed=$shift)',
+        );
+      }
+      _releaseTrackedRawShiftKeyEventIfNeeded();
+    }
+
     // * Currently mobile does not enable map mode
     if ((isDesktop || isWebDesktop) && keyboardMode == kKeyMapMode) {
       mapKeyboardModeRaw(e, iosCapsLock);
@@ -678,6 +827,7 @@ class InputModel {
         return KeyEventResult.ignored;
       }
     }
+
     if (isWindows || isLinux) {
       // Ignore meta keys. Because flutter window will loose focus if meta key is pressed.
       if (e.physicalKey == PhysicalKeyboardKey.metaLeft ||
@@ -701,6 +851,8 @@ class InputModel {
       iosCapsLock = _getIosCapsFromCharacter(e);
     }
 
+    // Update cached modifier state before sending the event. The stale mobile
+    // Shift release check below relies on this cached state.
     if (e is KeyUpEvent) {
       handleKeyUpEventModifiers(e);
     } else if (e is KeyDownEvent) {
@@ -738,6 +890,21 @@ class InputModel {
         }
       }
     }
+
+    // On some mobile soft-keyboard paths, Flutter may leave cached Shift state
+    // set even though the current key event is not shifted anymore.
+    if (e is KeyDownEvent &&
+        shouldReleaseStaleMobileShift(
+          isMobile: isMobile,
+          cachedShiftPressed: shift,
+          actualShiftPressed: HardwareKeyboard.instance.isShiftPressed,
+          logicalKey: e.logicalKey,
+          hasTrackedShiftKeyDown: toReleaseKeys.lastLShiftKeyEvent != null ||
+              toReleaseKeys.lastRShiftKeyEvent != null,
+        )) {
+      _releaseTrackedShiftKeyEventIfNeeded();
+    }
+
     final isDesktopAndMapMode =
         isDesktop || (isWebDesktop && keyboardMode == kKeyMapMode);
     if (isMobileAndMapMode || isDesktopAndMapMode) {
@@ -950,13 +1117,20 @@ class InputModel {
     return evt;
   }
 
+  /// Send mouse event unconditionally (no permission checks).
+  /// Used for side button releases that must go through even if permissions
+  /// changed after the matching down was sent.
+  Future<void> _sendMouseUnchecked(String type, MouseButtons button) async {
+    await bind.sessionSendMouse(
+        sessionId: sessionId,
+        msg: json.encode(modify({'type': type, 'buttons': button.value})));
+  }
+
   /// Send mouse press event.
   Future<void> sendMouse(String type, MouseButtons button) async {
     if (!keyboardPerm) return;
     if (isViewCamera) return;
-    await bind.sessionSendMouse(
-        sessionId: sessionId,
-        msg: json.encode(modify({'type': type, 'buttons': button.value})));
+    await _sendMouseUnchecked(type, button);
   }
 
   void enterOrLeave(bool enter) {
@@ -964,6 +1138,14 @@ class InputModel {
     toReleaseRawKeys.release(handleRawKeyEvent);
     _pointerMovedAfterEnter = false;
     _pointerInsideImage = enter;
+    _lastWheelTsUs = 0;
+
+    // Track active model for side button events (Linux).
+    if (enter) {
+      _activeSideButtonModel = this;
+    } else if (_activeSideButtonModel == this) {
+      _activeSideButtonModel = null;
+    }
 
     // Fix status
     if (!enter) {
@@ -1161,6 +1343,7 @@ class InputModel {
     if (isMacOS && peerPlatform == kPeerPlatformWindows) {
       delta *= _trackpadAdjustMacToWin;
     }
+    delta = _filterTrackpadDeltaAxis(delta);
     _trackpadLastDelta = delta;
 
     var x = delta.dx.toInt();
@@ -1193,6 +1376,24 @@ class InputModel {
     }
   }
 
+  Offset _filterTrackpadDeltaAxis(Offset delta) {
+    final absDx = delta.dx.abs();
+    final absDy = delta.dy.abs();
+    // Keep diagonal intent when movement is tiny on both axes.
+    if (absDx < _trackpadAxisNoiseThreshold &&
+        absDy < _trackpadAxisNoiseThreshold) {
+      return delta;
+    }
+    // Dominant-axis lock to reduce accidental cross-axis scrolling noise.
+    if (absDy >= absDx * _trackpadAxisLockRatio) {
+      return Offset(0, delta.dy);
+    }
+    if (absDx >= absDy * _trackpadAxisLockRatio) {
+      return Offset(delta.dx, 0);
+    }
+    return delta;
+  }
+
   void _scheduleFling(double x, double y, int delay) {
     if (isViewCamera) return;
     if ((x == 0 && y == 0) || _stopFling) {
@@ -1296,6 +1497,16 @@ class InputModel {
     return false;
   }
 
+  /// iOS may emit a synthesized touch event after a real mouse click.
+  /// This helper ignores touch-down events that arrive shortly after a mouse down,
+  /// even when the position is far (e.g., near the top edge).
+  bool _shouldIgnoreTouchAfterMouse(int nowMs) {
+    if (!isIOS) return false;
+    const int kTouchAfterMouseWindowMs = 700;
+    final dt = nowMs - _lastMouseDownTimeMs;
+    return dt >= 0 && dt < kTouchAfterMouseWindowMs;
+  }
+
   void onPointDownImage(PointerDownEvent e) {
     debugPrint("onPointDownImage ${e.kind}");
     _stopFling = true;
@@ -1308,6 +1519,9 @@ class InputModel {
     // Track mouse down events for duplicate detection on iOS.
     final nowMs = DateTime.now().millisecondsSinceEpoch;
     if (e.kind == ui.PointerDeviceKind.mouse) {
+      if (!isPhysicalMouse.value) {
+        isPhysicalMouse.value = true;
+      }
       _lastMouseDownTimeMs = nowMs;
       _lastMouseDownPos = e.position;
     }
@@ -1317,6 +1531,10 @@ class InputModel {
     }
 
     if (e.kind != ui.PointerDeviceKind.mouse) {
+      // Ignore duplicate touch events that follow a recent mouse click (iOS Magic Mouse issue).
+      if (isPhysicalMouse.value && _shouldIgnoreTouchAfterMouse(nowMs)) {
+        return;
+      }
       if (isPhysicalMouse.value) {
         isPhysicalMouse.value = false;
       }
@@ -1407,17 +1625,44 @@ class InputModel {
     if (isViewOnly) return;
     if (isViewCamera) return;
     if (e is PointerScrollEvent) {
-      var dx = e.scrollDelta.dx.toInt();
-      var dy = e.scrollDelta.dy.toInt();
+      final rawDx = e.scrollDelta.dx;
+      final rawDy = e.scrollDelta.dy;
+      final dominantDelta = rawDx.abs() > rawDy.abs() ? rawDx.abs() : rawDy.abs();
+      final isSmooth = dominantDelta < 1;
+      final nowUs = DateTime.now().microsecondsSinceEpoch;
+      final dtUs = _lastWheelTsUs == 0 ? 0 : nowUs - _lastWheelTsUs;
+      _lastWheelTsUs = nowUs;
+      int accel = 1;
+      if (!isSmooth &&
+          dtUs > 0 &&
+          dtUs <= _wheelAccelMediumThresholdUs &&
+          (isWindows || isLinux) &&
+          peerPlatform == kPeerPlatformMacOS) {
+        final velocity = dominantDelta / dtUs;
+        if (velocity >= _wheelBurstVelocityThreshold) {
+          if (dtUs < _wheelAccelFastThresholdUs) {
+            accel = 3;
+          } else {
+            accel = 2;
+          }
+        }
+      }
+      var dx = rawDx.toInt();
+      var dy = rawDy.toInt();
+      if (rawDx.abs() > rawDy.abs()) {
+        dy = 0;
+      } else {
+        dx = 0;
+      }
       if (dx > 0) {
-        dx = -1;
+        dx = -accel;
       } else if (dx < 0) {
-        dx = 1;
+        dx = accel;
       }
       if (dy > 0) {
-        dy = -1;
+        dy = -accel;
       } else if (dy < 0) {
-        dy = 1;
+        dy = accel;
       }
       bind.sessionSendMouse(
           sessionId: sessionId,

flutter/lib/models/input_modifier_utils.dart

@@ -0,0 +1,38 @@
+import 'package:flutter/services.dart';
+
+/// Returns true when a stale mobile one-shot Shift state should be released
+/// by replaying a tracked Shift key-down as a synthesized key-up.
+///
+/// This is only valid on mobile when Flutter's cached Shift state is still on
+/// (`cachedShiftPressed == true`) but the current hardware/raw event reports
+/// Shift as off (`actualShiftPressed == false`).
+///
+/// A tracked Shift key-down is required so the caller can safely synthesize the
+/// matching key-up. Both `shiftLeft` and `shiftRight` are excluded because the
+/// Shift key event itself must be processed first; otherwise we could release
+/// the tracked key while still handling the original Shift press/release.
+/// Callers should evaluate this only after their cached modifier state has been
+/// updated for the current event.
+///
+/// When this returns true, the caller logs a line like:
+/// `input: releasing stale mobile Shift before replaying tracked raw key-up`
+/// immediately before calling `_releaseTrackedRawShiftKeyEventIfNeeded()`.
+bool shouldReleaseStaleMobileShift({
+  required bool isMobile,
+  required bool cachedShiftPressed,
+  required bool actualShiftPressed,
+  required LogicalKeyboardKey logicalKey,
+  required bool hasTrackedShiftKeyDown,
+}) {
+  if (!isMobile || !cachedShiftPressed || actualShiftPressed) {
+    return false;
+  }
+  if (!hasTrackedShiftKeyDown) {
+    return false;
+  }
+  if (logicalKey == LogicalKeyboardKey.shiftLeft ||
+      logicalKey == LogicalKeyboardKey.shiftRight) {
+    return false;
+  }
+  return true;
+}

flutter/lib/models/model.dart

@@ -21,6 +21,7 @@ import 'package:flutter_hbb/models/peer_model.dart';
 import 'package:flutter_hbb/models/peer_tab_model.dart';
 import 'package:flutter_hbb/models/printer_model.dart';
 import 'package:flutter_hbb/models/server_model.dart';
+import 'package:flutter_hbb/models/shortcut_model.dart';
 import 'package:flutter_hbb/models/user_model.dart';
 import 'package:flutter_hbb/models/state_model.dart';
 import 'package:flutter_hbb/models/desktop_render_texture.dart';
@@ -476,6 +477,11 @@ class FfiModel with ChangeNotifier {
       } else if (name == 'exit_relative_mouse_mode') {
         // Handle exit shortcut from rdev grab loop (Ctrl+Alt on Win/Linux, Cmd+G on macOS)
         parent.target?.inputModel.exitRelativeMouseModeWithKeyRelease();
+      } else if (name == kShortcutEventName) {
+        final action = evt['action'];
+        if (action is String) {
+          parent.target?.shortcutModel.onTriggered(action);
+        }
       } else {
         debugPrint('Event is not handled in the fixed branch: $name');
       }
@@ -1016,19 +1022,31 @@ class FfiModel with ChangeNotifier {
   showMsgBox(SessionID sessionId, String type, String title, String text,
       String link, bool hasRetry, OverlayDialogManager dialogManager,
       {bool? hasCancel}) async {
-    final showNoteEdit = parent.target != null &&
+    final noteAllowed = parent.target != null &&
         allowAskForNoteAtEndOfConnection(parent.target, false) &&
-        (title == "Connection Error" || type == "restarting") &&
-        !hasRetry;
+        (title == "Connection Error" || type == "restarting");
+    final showNoteEdit = noteAllowed && !hasRetry;
     if (showNoteEdit) {
       await showConnEndAuditDialogCloseCanceled(
           ffi: parent.target!, type: type, title: title, text: text);
       closeConnection();
     } else {
+      VoidCallback? onSubmit;
+      if (noteAllowed && hasRetry) {
+        final ffi = parent.target!;
+        onSubmit = () async {
+          _timer?.cancel();
+          _timer = null;
+          await showConnEndAuditDialogCloseCanceled(
+              ffi: ffi, type: type, title: title, text: text);
+          closeConnection();
+        };
+      }
       msgBox(sessionId, type, title, text, link, dialogManager,
           hasCancel: hasCancel,
           reconnect: hasRetry ? reconnect : null,
-          reconnectTimeout: hasRetry ? _reconnects : null);
+          reconnectTimeout: hasRetry ? _reconnects : null,
+          onSubmit: onSubmit);
     }
     _timer?.cancel();
     if (hasRetry) {
@@ -2152,6 +2170,9 @@ class CanvasModel with ChangeNotifier {
   ViewStyle _lastViewStyle = ViewStyle.defaultViewStyle();
 
   Timer? _timerMobileFocusCanvasCursor;
+  Timer? _timerMobileRestoreCanvasOffset;
+  Offset? _offsetBeforeMobileSoftKeyboard;
+  double? _scaleBeforeMobileSoftKeyboard;
 
   // `isMobileCanvasChanged` is used to avoid canvas reset when changing the input method
   // after showing the soft keyboard.
@@ -2215,10 +2236,32 @@ class CanvasModel with ChangeNotifier {
     double w = size.width - leftToEdge - rightToEdge;
     double h = size.height - topToEdge - bottomToEdge;
     if (isMobile) {
+      // Account for horizontal safe area insets on both orientations.
+      w = w - mediaData.padding.left - mediaData.padding.right;
+      // Vertically, subtract the bottom keyboard inset (viewInsets.bottom) and any
+      // bottom overlay (e.g. key-help tools) so the canvas is not covered.
       h = h -
           mediaData.viewInsets.bottom -
           (parent.target?.cursorModel.keyHelpToolsRectToAdjustCanvas?.bottom ??
               0);
+      // Orientation-specific handling:
+      //  - Portrait: additionally subtract top padding (e.g. status bar / notch)
+      //  - Landscape: does not subtract mediaData.padding.top/bottom (home indicator auto-hides)
+      final isPortrait = size.height > size.width;
+      if (isPortrait) {
+        // In portrait mode, subtract the top safe-area padding (e.g. status bar / notch)
+        // so the remote image is not truncated, while keeping the bottom inset to avoid
+        // introducing unnecessary blank space around the canvas.
+        //
+        // iOS -> Android, portrait, adjust mode:
+        // h = h (no padding subtracted): top and bottom are truncated
+        //   https://github.com/user-attachments/assets/30ed4559-c27e-432b-847f-8fec23c9f998
+        // h = h - top - bottom: extra blank spaces appear
+        //   https://github.com/user-attachments/assets/12a98817-3b4e-43aa-be0f-4b03cf364b7e
+        // h = h - top (current): works fine
+        //   https://github.com/user-attachments/assets/95f047f2-7f47-4a36-8113-5023989a0c81
+        h = h - mediaData.padding.top;
+      }
     }
     return Size(w < 0 ? 0 : w, h < 0 ? 0 : h);
   }
@@ -2617,6 +2660,9 @@ class CanvasModel with ChangeNotifier {
     _scale = 1.0;
     _lastViewStyle = ViewStyle.defaultViewStyle();
     _timerMobileFocusCanvasCursor?.cancel();
+    _timerMobileRestoreCanvasOffset?.cancel();
+    _offsetBeforeMobileSoftKeyboard = null;
+    _scaleBeforeMobileSoftKeyboard = null;
   }
 
   updateScrollPercent() {
@@ -2645,6 +2691,31 @@ class CanvasModel with ChangeNotifier {
     });
   }
 
+  void saveMobileOffsetBeforeSoftKeyboard() {
+    _timerMobileRestoreCanvasOffset?.cancel();
+    _offsetBeforeMobileSoftKeyboard = Offset(_x, _y);
+    _scaleBeforeMobileSoftKeyboard = _scale;
+  }
+
+  void restoreMobileOffsetAfterSoftKeyboard() {
+    _timerMobileRestoreCanvasOffset?.cancel();
+    _timerMobileFocusCanvasCursor?.cancel();
+    final targetOffset = _offsetBeforeMobileSoftKeyboard;
+    final targetScale = _scaleBeforeMobileSoftKeyboard;
+    if (targetOffset == null || targetScale == null) {
+      return;
+    }
+    _timerMobileRestoreCanvasOffset = Timer(Duration(milliseconds: 100), () {
+      updateSize();
+      _x = targetOffset.dx;
+      _y = targetOffset.dy;
+      _scale = targetScale;
+      _offsetBeforeMobileSoftKeyboard = null;
+      _scaleBeforeMobileSoftKeyboard = null;
+      notifyListeners();
+    });
+  }
+
   // mobile only
   // Move the canvas to make the cursor visible(center) on the screen.
   void _moveToCenterCursor() {
@@ -2897,8 +2968,13 @@ class CursorModel with ChangeNotifier {
       _lastIsBlocked = true;
     }
     if (isMobile && _lastKeyboardIsVisible != keyboardIsVisible) {
-      parent.target?.canvasModel.mobileFocusCanvasCursor();
-      parent.target?.canvasModel.isMobileCanvasChanged = false;
+      if (keyboardIsVisible) {
+        parent.target?.canvasModel.saveMobileOffsetBeforeSoftKeyboard();
+        parent.target?.canvasModel.mobileFocusCanvasCursor();
+        parent.target?.canvasModel.isMobileCanvasChanged = false;
+      } else {
+        parent.target?.canvasModel.restoreMobileOffsetAfterSoftKeyboard();
+      }
     }
     _lastKeyboardIsVisible = keyboardIsVisible;
   }
@@ -3553,6 +3629,7 @@ class FFI {
   late final ElevationModel elevationModel; // session
   late final CmFileModel cmFileModel; // cm
   late final TextureModel textureModel; //session
+  late final ShortcutModel shortcutModel; // session
   late final Peers recentPeersModel; // global
   late final Peers favoritePeersModel; // global
   late final Peers lanPeersModel; // global
@@ -3582,6 +3659,7 @@ class FFI {
     elevationModel = ElevationModel(WeakReference(this));
     cmFileModel = CmFileModel(WeakReference(this));
     textureModel = TextureModel(WeakReference(this));
+    shortcutModel = ShortcutModel(WeakReference(this));
     recentPeersModel = Peers(
         name: PeersModelName.recent,
         loadEvent: LoadEvent.recent,
@@ -3862,6 +3940,7 @@ class FFI {
     inputModel.resetModifiers();
     // Dispose relative mouse mode resources to ensure cursor is restored
     inputModel.disposeRelativeMouseMode();
+    inputModel.disposeSideButtonTracking();
     if (closeSession) {
       await bind.sessionClose(sessionId: sessionId);
     }

flutter/lib/models/server_model.dart

@@ -471,17 +471,6 @@ class ServerModel with ChangeNotifier {
     WakelockManager.disable(_wakelockKey);
   }
 
-  Future<bool> setPermanentPassword(String newPW) async {
-    await bind.mainSetPermanentPassword(password: newPW);
-    await Future.delayed(Duration(milliseconds: 500));
-    final pw = await bind.mainGetPermanentPassword();
-    if (newPW == pw) {
-      return true;
-    } else {
-      return false;
-    }
-  }
-
   fetchID() async {
     final id = await bind.mainGetMyId();
     if (id != _serverId.id) {
@@ -820,6 +809,7 @@ class Client {
   bool isTerminal = false;
   String portForward = "";
   String name = "";
+  String avatar = "";
   String peerId = ""; // peer user's id,show at app
   bool keyboard = false;
   bool clipboard = false;
@@ -847,6 +837,7 @@ class Client {
     isTerminal = json['is_terminal'] ?? false;
     portForward = json['port_forward'];
     name = json['name'];
+    avatar = json['avatar'] ?? '';
     peerId = json['peer_id'];
     keyboard = json['keyboard'];
     clipboard = json['clipboard'];
@@ -870,6 +861,7 @@ class Client {
     data['is_terminal'] = isTerminal;
     data['port_forward'] = portForward;
     data['name'] = name;
+    data['avatar'] = avatar;
     data['peer_id'] = peerId;
     data['keyboard'] = keyboard;
     data['clipboard'] = clipboard;

flutter/lib/models/shortcut_model.dart

@@ -0,0 +1,141 @@
+import 'dart:convert';
+
+import 'package:flutter/foundation.dart';
+
+import '../common.dart';
+import '../consts.dart';
+import '../desktop/widgets/tabbar_widget.dart' show DesktopTabController;
+import '../models/model.dart';
+import '../models/platform_model.dart';
+import '../models/state_model.dart';
+
+/// Per-session shortcut dispatcher. Attached to FFI when a session is created.
+///
+/// The Rust matcher (src/keyboard/shortcuts.rs) emits `shortcut_triggered`
+/// session events containing the matched `action` id. The session event
+/// listener in [FfiModel.startEventListener] forwards those to this model
+/// via [onTriggered], which runs whatever callback the toolbar / menu
+/// builders previously registered for that action id.
+class ShortcutModel {
+  final WeakReference<FFI> parent;
+  final Map<String, VoidCallback> _callbacks = {};
+
+  ShortcutModel(this.parent);
+
+  /// Called by toolbar / menu builders to register what to do when the
+  /// matched shortcut fires.
+  void register(String actionId, VoidCallback callback) {
+    _callbacks[actionId] = callback;
+  }
+
+  void unregister(String actionId) {
+    _callbacks.remove(actionId);
+  }
+
+  /// Called by the session event listener when a `shortcut_triggered` event
+  /// arrives for this session.
+  void onTriggered(String actionId) {
+    final cb = _callbacks[actionId];
+    if (cb != null) {
+      cb();
+    } else {
+      debugPrint('shortcut_triggered: no handler for $actionId');
+    }
+  }
+
+  /// Read the bindings JSON from LocalConfig.
+  static List<Map<String, dynamic>> readBindings() {
+    final raw = bind.mainGetLocalOption(key: kShortcutLocalConfigKey);
+    if (raw.isEmpty) return [];
+    try {
+      final parsed = jsonDecode(raw) as Map<String, dynamic>;
+      final list = (parsed['bindings'] as List?) ?? [];
+      return list.cast<Map<String, dynamic>>();
+    } catch (_) {
+      return [];
+    }
+  }
+
+  static bool isEnabled() {
+    final raw = bind.mainGetLocalOption(key: kShortcutLocalConfigKey);
+    if (raw.isEmpty) return false;
+    try {
+      final parsed = jsonDecode(raw) as Map<String, dynamic>;
+      return parsed['enabled'] == true;
+    } catch (_) {
+      return false;
+    }
+  }
+}
+
+/// Register the default-bound shortcut actions that aren't already wired by
+/// `toolbarControls(...)` (which handles things like Ctrl+Alt+Shift+Del and the
+/// screenshot action). Called once per session from the desktop / mobile
+/// remote page, after the toolbar registrations have run.
+///
+/// [tabController] is the desktop window's tab controller; `null` on mobile /
+/// web (where tab-switch shortcuts don't apply).
+///
+/// Each callback below is a no-op when the underlying state required to
+/// service the action isn't available (e.g. only one display, only one tab).
+void registerSessionShortcutActions(
+  FFI ffi, {
+  DesktopTabController? tabController,
+}) {
+  final sessionId = ffi.sessionId;
+
+  // Toggle Fullscreen — desktop & web-desktop only. `stateGlobal.setFullscreen`
+  // handles native window vs. browser fullscreen; on mobile fullscreen is the
+  // permanent default, so we leave the action unregistered (becomes a logged
+  // no-op if a mobile user binds it).
+  if (isDesktop || isWebDesktop) {
+    ffi.shortcutModel.register(kShortcutActionToggleFullscreen, () {
+      stateGlobal.setFullscreen(!stateGlobal.fullscreen.value);
+    });
+  }
+
+  // Switch Display Next / Prev — requires the peer to have at least 2
+  // displays. No-op when only one display is available or when the user has
+  // selected the "All displays" pseudo-display.
+  void switchDisplayBy(int delta) {
+    final pi = ffi.ffiModel.pi;
+    final count = pi.displays.length;
+    if (count <= 1) return;
+    final current = pi.currentDisplay;
+    if (current == kAllDisplayValue) return;
+    final next = ((current + delta) % count + count) % count;
+    bind.sessionSwitchDisplay(
+      isDesktop: isDesktop,
+      sessionId: sessionId,
+      value: Int32List.fromList([next]),
+    );
+    if (pi.isSupportMultiUiSession) {
+      // On multi-ui-session peers no switch-display message is sent back, so
+      // update the local state directly (mirrors `model.dart` handling).
+      ffi.ffiModel.switchToNewDisplay(next, sessionId, ffi.id);
+    }
+  }
+
+  ffi.shortcutModel.register(kShortcutActionSwitchDisplayNext, () {
+    switchDisplayBy(1);
+  });
+  ffi.shortcutModel.register(kShortcutActionSwitchDisplayPrev, () {
+    switchDisplayBy(-1);
+  });
+
+  // Switch Tab 1..9 — desktop only. The remote-screen tabs live in the
+  // window-scoped DesktopTabController, not on the FFI itself, so we need
+  // the controller from the page that owns this session. No-op on mobile /
+  // web (no controller passed) and when the requested tab index is out of
+  // range.
+  if (tabController != null) {
+    for (var n = 1; n <= 9; n++) {
+      final idx = n - 1;
+      ffi.shortcutModel.register(kShortcutActionSwitchTab(n), () {
+        if (tabController.state.value.tabs.length > idx) {
+          tabController.jumpTo(idx);
+        }
+      });
+    }
+  }
+}

flutter/lib/models/terminal_model.dart

@@ -24,6 +24,13 @@ class TerminalModel with ChangeNotifier {
   bool _disposed = false;
 
   final _inputBuffer = <String>[];
+  // Buffer for output data received before terminal view has valid dimensions.
+  // This prevents NaN errors when writing to terminal before layout is complete.
+  final _pendingOutputChunks = <String>[];
+  int _pendingOutputSize = 0;
+  static const int _kMaxOutputBufferChars = 8 * 1024;
+  // View ready state: true when terminal has valid dimensions, safe to write
+  bool _terminalViewReady = false;
 
   bool get isPeerWindows => parent.ffiModel.pi.platform == kPeerPlatformWindows;
 
@@ -74,6 +81,12 @@ class TerminalModel with ChangeNotifier {
         // This piece of code must be placed before the conditional check in order to initialize properly.
         onResizeExternal?.call(w, h, pw, ph);
 
+        // Mark terminal view as ready and flush any buffered output on first valid resize.
+        // Must be after onResizeExternal so the view layer has valid dimensions before flushing.
+        if (!_terminalViewReady) {
+          _markViewReady();
+        }
+
         if (_terminalOpened) {
           // Notify remote terminal of resize
           try {
@@ -141,7 +154,7 @@ class TerminalModel with ChangeNotifier {
       debugPrint('[TerminalModel] Error calling sessionOpenTerminal: $e');
       // Optionally show error to user
       if (e is TimeoutException) {
-        terminal.write('Failed to open terminal: Connection timeout\r\n');
+        _writeToTerminal('Failed to open terminal: Connection timeout\r\n');
       }
     }
   }
@@ -253,8 +266,8 @@ class TerminalModel with ChangeNotifier {
 
   void _handleTerminalOpened(Map<String, dynamic> evt) {
     final bool success = getSuccessFromEvt(evt);
-    final String message = evt['message'] ?? '';
-    final String? serviceId = evt['service_id'];
+    final String message = evt['message']?.toString() ?? '';
+    final String? serviceId = evt['service_id']?.toString();
 
     debugPrint(
         '[TerminalModel] Terminal opened response: success=$success, message=$message, service_id=$serviceId');
@@ -262,7 +275,18 @@ class TerminalModel with ChangeNotifier {
     if (success) {
       _terminalOpened = true;
 
-      // Service ID is now saved on the Rust side in handle_terminal_response
+      // On reconnect ("Reconnected to existing terminal"), server may replay recent output.
+      // If this TerminalView instance is reused (not rebuilt), duplicate lines can appear.
+      // We intentionally accept this tradeoff for now to keep logic simple.
+
+      // Fallback: if terminal view is not yet ready but already has valid
+      // dimensions (e.g. layout completed before open response arrived),
+      // mark view ready now to avoid output stuck in buffer indefinitely.
+      if (!_terminalViewReady &&
+          terminal.viewWidth > 0 &&
+          terminal.viewHeight > 0) {
+        _markViewReady();
+      }
 
       // Process any buffered input
       _processBufferedInputAsync().then((_) {
@@ -283,7 +307,7 @@ class TerminalModel with ChangeNotifier {
             }));
       }
     } else {
-      terminal.write('Failed to open terminal: $message\r\n');
+      _writeToTerminal('Failed to open terminal: $message\r\n');
     }
   }
 
@@ -327,29 +351,82 @@ class TerminalModel with ChangeNotifier {
           return;
         }
 
-        terminal.write(text);
+        _writeToTerminal(text);
       } catch (e) {
         debugPrint('[TerminalModel] Failed to process terminal data: $e');
       }
     }
   }
 
+  /// Write text to terminal, buffering if the view is not yet ready.
+  /// All terminal output should go through this method to avoid NaN errors
+  /// from writing before the terminal view has valid layout dimensions.
+  void _writeToTerminal(String text) {
+    if (!_terminalViewReady) {
+      // If a single chunk exceeds the cap, keep only its tail.
+      // Note: truncation may split a multi-byte ANSI escape sequence,
+      // which can cause a brief visual glitch on flush. This is acceptable
+      // because it only affects the pre-layout buffering window and the
+      // terminal will self-correct on subsequent output.
+      if (text.length >= _kMaxOutputBufferChars) {
+        final truncated = text.substring(text.length - _kMaxOutputBufferChars);
+        _pendingOutputChunks
+          ..clear()
+          ..add(truncated);
+        _pendingOutputSize = truncated.length;
+      } else {
+        _pendingOutputChunks.add(text);
+        _pendingOutputSize += text.length;
+        // Drop oldest chunks if exceeds limit (whole chunks to preserve ANSI sequences)
+        while (_pendingOutputSize > _kMaxOutputBufferChars &&
+            _pendingOutputChunks.length > 1) {
+          final removed = _pendingOutputChunks.removeAt(0);
+          _pendingOutputSize -= removed.length;
+        }
+      }
+      return;
+    }
+    terminal.write(text);
+  }
+
+  void _flushOutputBuffer() {
+    if (_pendingOutputChunks.isEmpty) return;
+    debugPrint(
+        '[TerminalModel] Flushing $_pendingOutputSize buffered chars (${_pendingOutputChunks.length} chunks)');
+    for (final chunk in _pendingOutputChunks) {
+      terminal.write(chunk);
+    }
+    _pendingOutputChunks.clear();
+    _pendingOutputSize = 0;
+  }
+
+  /// Mark terminal view as ready and flush buffered output.
+  void _markViewReady() {
+    if (_terminalViewReady) return;
+    _terminalViewReady = true;
+    _flushOutputBuffer();
+  }
+
   void _handleTerminalClosed(Map<String, dynamic> evt) {
     final int exitCode = evt['exit_code'] ?? 0;
-    terminal.write('\r\nTerminal closed with exit code: $exitCode\r\n');
+    _writeToTerminal('\r\nTerminal closed with exit code: $exitCode\r\n');
     _terminalOpened = false;
     notifyListeners();
   }
 
   void _handleTerminalError(Map<String, dynamic> evt) {
     final String message = evt['message'] ?? 'Unknown error';
-    terminal.write('\r\nTerminal error: $message\r\n');
+    _writeToTerminal('\r\nTerminal error: $message\r\n');
   }
 
   @override
   void dispose() {
     if (_disposed) return;
     _disposed = true;
+    // Clear buffers to free memory
+    _inputBuffer.clear();
+    _pendingOutputChunks.clear();
+    _pendingOutputSize = 0;
     // Terminal cleanup is handled server-side when service closes
     super.dispose();
   }

flutter/lib/models/user_model.dart

@@ -16,9 +16,25 @@ bool refreshingUser = false;
 
 class UserModel {
   final RxString userName = ''.obs;
+  final RxString displayName = ''.obs;
+  final RxString avatar = ''.obs;
   final RxBool isAdmin = false.obs;
   final RxString networkError = ''.obs;
   bool get isLogin => userName.isNotEmpty;
+  String get displayNameOrUserName =>
+      displayName.value.trim().isEmpty ? userName.value : displayName.value;
+  String get accountLabelWithHandle {
+    final username = userName.value.trim();
+    if (username.isEmpty) {
+      return '';
+    }
+    final preferred = displayName.value.trim();
+    if (preferred.isEmpty || preferred == username) {
+      return username;
+    }
+    return '$preferred (@$username)';
+  }
+
   WeakReference<FFI> parent;
 
   UserModel(this.parent) {
@@ -98,7 +114,9 @@ class UserModel {
   _updateLocalUserInfo() {
     final userInfo = getLocalUserInfo();
     if (userInfo != null) {
-      userName.value = userInfo['name'];
+      userName.value = (userInfo['name'] ?? '').toString();
+      displayName.value = (userInfo['display_name'] ?? '').toString();
+      avatar.value = (userInfo['avatar'] ?? '').toString();
     }
   }
 
@@ -110,10 +128,14 @@ class UserModel {
       await gFFI.groupModel.reset();
     }
     userName.value = '';
+    displayName.value = '';
+    avatar.value = '';
   }
 
   _parseAndUpdateUser(UserPayload user) {
     userName.value = user.name;
+    displayName.value = user.displayName;
+    avatar.value = user.avatar;
     isAdmin.value = user.isAdmin;
     bind.mainSetLocalOption(key: 'user_info', value: jsonEncode(user));
     if (isWeb) {

flutter/lib/web/bridge.dart

@@ -7,6 +7,7 @@ import 'package:uuid/uuid.dart';
 import 'dart:html' as html;
 
 import 'package:flutter_hbb/consts.dart';
+import 'package:flutter_hbb/common.dart' as common;
 
 final _privateConstructorUsedError = UnsupportedError(
     'It seems like you constructed your class using `MyClass._()`. This constructor is only meant to be used by freezed and you are not supposed to need it nor use it.\nPlease check the documentation here for more information: https://github.com/rrousselGit/freezed#adding-getters-and-methods-to-our-models');
@@ -930,6 +931,30 @@ class RustdeskImpl {
         ]));
   }
 
+  // Tell the JS-side matcher (flutter/web/js/src/shortcut_matcher.ts) to
+  // re-read its bindings from LocalStorage. Mirrors the native call which
+  // refreshes the Rust matcher's in-memory cache.
+  void mainReloadKeyboardShortcuts({dynamic hint}) {
+    js.context.callMethod('reloadShortcuts', []);
+  }
+
+  // Mirror of `default_bindings()` in `src/keyboard/shortcuts.rs`. Keep these
+  // two lists in sync — if you add or change a default binding on the Rust
+  // side, update the literal below to match.
+  String mainGetDefaultKeyboardShortcuts({dynamic hint}) {
+    const prefix = ['primary', 'alt', 'shift'];
+    final list = <Map<String, dynamic>>[
+      {'action': 'send_ctrl_alt_del', 'mods': prefix, 'key': 'delete'},
+      {'action': 'toggle_fullscreen', 'mods': prefix, 'key': 'enter'},
+      {'action': 'switch_display_next', 'mods': prefix, 'key': 'arrow_right'},
+      {'action': 'switch_display_prev', 'mods': prefix, 'key': 'arrow_left'},
+      {'action': 'screenshot', 'mods': prefix, 'key': 'p'},
+      for (var n = 1; n <= 9; n++)
+        {'action': 'switch_tab_$n', 'mods': prefix, 'key': 'digit$n'},
+    ];
+    return jsonEncode(list);
+  }
+
   String mainGetInputSource({dynamic hint}) {
     final inputSource =
         js.context.callMethod('getByName', ['option:local', 'input-source']);
@@ -1159,10 +1184,6 @@ class RustdeskImpl {
     return Future.value('');
   }
 
-  Future<String> mainGetPermanentPassword({dynamic hint}) {
-    return Future.value('');
-  }
-
   Future<String> mainGetFingerprint({dynamic hint}) {
     return Future.value('');
   }
@@ -1180,6 +1201,15 @@ class RustdeskImpl {
   }
 
   Future<void> mainInit({required String appDir, dynamic hint}) {
+    // JS -> Dart shortcut bridge. The matcher in flutter/web/js/src/
+    // shortcut_matcher.ts calls `window.onShortcutTriggered(actionId)` when a
+    // binding fires; route it to the active session's ShortcutModel.
+    // Web is single-window so `gFFI` is always the active session.
+    js.context['onShortcutTriggered'] = (dynamic action) {
+      if (action is String) {
+        common.gFFI.shortcutModel.onTriggered(action);
+      }
+    };
     return Future.value();
   }
 
@@ -1346,9 +1376,9 @@ class RustdeskImpl {
     throw UnimplementedError("mainUpdateTemporaryPassword");
   }
 
-  Future<void> mainSetPermanentPassword(
+  Future<bool> mainSetPermanentPasswordWithResult(
       {required String password, dynamic hint}) {
-    throw UnimplementedError("mainSetPermanentPassword");
+    throw UnimplementedError("mainSetPermanentPasswordWithResult");
   }
 
   Future<bool> mainCheckSuperUserPermission({dynamic hint}) {
@@ -1542,7 +1572,10 @@ class RustdeskImpl {
 
   Future<void> mainAccountAuth(
       {required String op, required bool rememberMe, dynamic hint}) {
-    return Future(() => js.context.callMethod('setByName', [
+    // Safari only allows auth popups while handling the original user gesture.
+    // Use Future.sync so the JS call runs synchronously (pre-opening the OIDC
+    // window) while any interop error still surfaces as a Future error.
+    return Future.sync(() => js.context.callMethod('setByName', [
           'account_auth',
           jsonEncode({'op': op, 'remember': rememberMe})
         ]));
@@ -2034,5 +2067,9 @@ class RustdeskImpl {
     return false;
   }
 
+  String mainResolveAvatarUrl({required String avatar, dynamic hint}) {
+    return js.context.callMethod('getByName', ['resolve_avatar_url', avatar])?.toString() ?? avatar;
+  }
+
   void dispose() {}
 }

flutter/linux/CMakeLists.txt

@@ -1,6 +1,6 @@
 # Project-level configuration.
 cmake_minimum_required(VERSION 3.10)
-project(runner LANGUAGES CXX)
+project(runner LANGUAGES C CXX)
 
 # The name of the executable created for the application. Change this to change
 # the on-disk name of your application.
@@ -54,6 +54,55 @@ add_subdirectory(${FLUTTER_MANAGED_DIR})
 find_package(PkgConfig REQUIRED)
 pkg_check_modules(GTK REQUIRED IMPORTED_TARGET gtk+-3.0)
 
+# Wayland protocol for keyboard shortcuts inhibit
+pkg_check_modules(WAYLAND_CLIENT IMPORTED_TARGET wayland-client)
+pkg_check_modules(WAYLAND_PROTOCOLS_PKG QUIET wayland-protocols)
+pkg_check_modules(WAYLAND_SCANNER_PKG QUIET wayland-scanner)
+
+if(WAYLAND_PROTOCOLS_PKG_FOUND)
+  pkg_get_variable(WAYLAND_PROTOCOLS_DIR wayland-protocols pkgdatadir)
+endif()
+if(WAYLAND_SCANNER_PKG_FOUND)
+  pkg_get_variable(WAYLAND_SCANNER wayland-scanner wayland_scanner)
+endif()
+
+if(WAYLAND_CLIENT_FOUND AND WAYLAND_PROTOCOLS_DIR AND WAYLAND_SCANNER)
+  set(KEYBOARD_SHORTCUTS_INHIBIT_PROTOCOL
+    "${WAYLAND_PROTOCOLS_DIR}/unstable/keyboard-shortcuts-inhibit/keyboard-shortcuts-inhibit-unstable-v1.xml")
+
+  if(EXISTS ${KEYBOARD_SHORTCUTS_INHIBIT_PROTOCOL})
+    set(WAYLAND_GENERATED_DIR "${CMAKE_CURRENT_BINARY_DIR}/wayland-protocols")
+    file(MAKE_DIRECTORY ${WAYLAND_GENERATED_DIR})
+
+    # Generate client header
+    add_custom_command(
+      OUTPUT "${WAYLAND_GENERATED_DIR}/keyboard-shortcuts-inhibit-unstable-v1-client-protocol.h"
+      COMMAND ${WAYLAND_SCANNER} client-header
+        ${KEYBOARD_SHORTCUTS_INHIBIT_PROTOCOL}
+        "${WAYLAND_GENERATED_DIR}/keyboard-shortcuts-inhibit-unstable-v1-client-protocol.h"
+      DEPENDS ${KEYBOARD_SHORTCUTS_INHIBIT_PROTOCOL}
+      VERBATIM
+    )
+
+    # Generate protocol code
+    add_custom_command(
+      OUTPUT "${WAYLAND_GENERATED_DIR}/keyboard-shortcuts-inhibit-unstable-v1-protocol.c"
+      COMMAND ${WAYLAND_SCANNER} private-code
+        ${KEYBOARD_SHORTCUTS_INHIBIT_PROTOCOL}
+        "${WAYLAND_GENERATED_DIR}/keyboard-shortcuts-inhibit-unstable-v1-protocol.c"
+      DEPENDS ${KEYBOARD_SHORTCUTS_INHIBIT_PROTOCOL}
+      VERBATIM
+    )
+
+    set(WAYLAND_PROTOCOL_SOURCES
+      "${WAYLAND_GENERATED_DIR}/keyboard-shortcuts-inhibit-unstable-v1-client-protocol.h"
+      "${WAYLAND_GENERATED_DIR}/keyboard-shortcuts-inhibit-unstable-v1-protocol.c"
+    )
+
+    set(HAS_KEYBOARD_SHORTCUTS_INHIBIT TRUE)
+  endif()
+endif()
+
 add_definitions(-DAPPLICATION_ID="${APPLICATION_ID}")
 
 # Define the application target. To change its name, change BINARY_NAME above,
@@ -63,9 +112,11 @@ add_definitions(-DAPPLICATION_ID="${APPLICATION_ID}")
 add_executable(${BINARY_NAME}
   "main.cc"
   "my_application.cc"
+  "wayland_shortcuts_inhibit.cc"
   "bump_mouse.cc"
   "bump_mouse_x11.cc"
   "${FLUTTER_MANAGED_DIR}/generated_plugin_registrant.cc"
+  ${WAYLAND_PROTOCOL_SOURCES}
 )
 
 # Apply the standard set of build settings. This can be removed for applications
@@ -78,6 +129,13 @@ target_link_libraries(${BINARY_NAME} PRIVATE PkgConfig::GTK)
 target_link_libraries(${BINARY_NAME} PRIVATE ${CMAKE_DL_LIBS})
 # target_link_libraries(${BINARY_NAME} PRIVATE librustdesk)
 
+# Wayland support for keyboard shortcuts inhibit
+if(HAS_KEYBOARD_SHORTCUTS_INHIBIT)
+  target_compile_definitions(${BINARY_NAME} PRIVATE HAS_KEYBOARD_SHORTCUTS_INHIBIT)
+  target_include_directories(${BINARY_NAME} PRIVATE ${WAYLAND_GENERATED_DIR})
+  target_link_libraries(${BINARY_NAME} PRIVATE PkgConfig::WAYLAND_CLIENT)
+endif()
+
 # Run the Flutter tool portions of the build. This must not be removed.
 add_dependencies(${BINARY_NAME} flutter_assemble)
 

flutter/linux/my_application.cc

@@ -6,6 +6,11 @@
 #ifdef GDK_WINDOWING_X11
 #include <gdk/gdkx.h>
 #endif
+#if defined(GDK_WINDOWING_WAYLAND) && defined(HAS_KEYBOARD_SHORTCUTS_INHIBIT)
+#include "wayland_shortcuts_inhibit.h"
+#endif
+
+#include <desktop_multi_window/desktop_multi_window_plugin.h>
 
 #include "flutter/generated_plugin_registrant.h"
 
@@ -24,6 +29,80 @@ void try_set_transparent(GtkWindow* window, GdkScreen* screen, FlView* view);
 
 extern bool gIsConnectionManager;
 
+// --- Side mouse button support (back/forward) ---
+// Flutter's Linux embedder doesn't deliver X11 button 8/9 events to Dart.
+// We intercept them via GDK and forward through a dedicated platform channel.
+
+static const char* kSideButtonChannelName = "org.rustdesk.rustdesk/side_buttons";
+
+static gboolean on_side_button_event(GtkWidget* widget, GdkEventButton* event, gpointer user_data) {
+  if (event->button != 8 && event->button != 9) {
+    return FALSE;
+  }
+  // Ignore GDK_2BUTTON_PRESS / GDK_3BUTTON_PRESS (double/triple-click synthetic
+  // events) - only handle real press and release.
+  if (event->type != GDK_BUTTON_PRESS && event->type != GDK_BUTTON_RELEASE) {
+    return FALSE;
+  }
+
+  FlMethodChannel* channel = FL_METHOD_CHANNEL(user_data);
+  if (channel == NULL) return FALSE;
+
+  g_autoptr(FlValue) args = fl_value_new_map();
+  fl_value_set_string_take(args, "button",
+    fl_value_new_string(event->button == 8 ? "back" : "forward"));
+  fl_value_set_string_take(args, "type",
+    fl_value_new_string(event->type == GDK_BUTTON_PRESS ? "down" : "up"));
+
+  fl_method_channel_invoke_method(channel, "onSideMouseButton", args,
+    NULL, NULL, NULL);
+
+  return TRUE;
+}
+
+static FlMethodChannel* side_buttons_create_channel(FlEngine* engine) {
+  g_autoptr(FlStandardMethodCodec) codec = fl_standard_method_codec_new();
+  return fl_method_channel_new(
+    fl_engine_get_binary_messenger(engine),
+    kSideButtonChannelName,
+    FL_METHOD_CODEC(codec));
+}
+
+static void side_buttons_channel_destroy(gpointer data) {
+  g_object_unref(data);
+}
+
+static void side_buttons_init_for_window(GtkWindow* window, FlMethodChannel* channel) {
+  // Guard against double-initialization (would leave dangling signal user_data).
+  if (g_object_get_data(G_OBJECT(window), "side-buttons-channel") != NULL) return;
+
+  gtk_widget_add_events(GTK_WIDGET(window),
+    GDK_BUTTON_PRESS_MASK | GDK_BUTTON_RELEASE_MASK);
+  // Store channel on the window so it stays alive and is freed with the window.
+  g_object_set_data_full(G_OBJECT(window), "side-buttons-channel",
+    g_object_ref(channel), side_buttons_channel_destroy);
+  g_signal_connect(window, "button-press-event",
+    G_CALLBACK(on_side_button_event), channel);
+  g_signal_connect(window, "button-release-event",
+    G_CALLBACK(on_side_button_event), channel);
+}
+
+static void on_subwindow_created(FlPluginRegistry* registry) {
+#if defined(GDK_WINDOWING_WAYLAND) && defined(HAS_KEYBOARD_SHORTCUTS_INHIBIT)
+  wayland_shortcuts_inhibit_init_for_subwindow(registry);
+#endif
+  // Set up side button forwarding for sub-windows.
+  if (registry == NULL || !FL_IS_VIEW(registry)) return;
+  FlView* view = FL_VIEW(registry);
+  GtkWidget* toplevel = gtk_widget_get_toplevel(GTK_WIDGET(view));
+  if (toplevel != NULL && GTK_IS_WINDOW(toplevel)) {
+    FlMethodChannel* channel = side_buttons_create_channel(fl_view_get_engine(view));
+    if (channel == NULL) return;
+    side_buttons_init_for_window(GTK_WINDOW(toplevel), channel);
+    g_object_unref(channel);  // window now owns a ref via g_object_set_data_full
+  }
+}
+
 GtkWidget *find_gl_area(GtkWidget *widget);
 
 // Implements GApplication::activate.
@@ -91,6 +170,13 @@ static void my_application_activate(GApplication* application) {
   gtk_widget_show(GTK_WIDGET(window));
   gtk_widget_show(GTK_WIDGET(view));
 
+  // Register callback for sub-windows created by desktop_multi_window plugin.
+  // Handles both Wayland shortcuts inhibition (guarded inside) and side button
+  // forwarding. Safe to call on X11-only builds - the plugin just stores the
+  // callback pointer regardless of windowing system.
+  desktop_multi_window_plugin_set_window_created_callback(
+      (WindowCreatedCallback)on_subwindow_created);
+
   fl_register_plugins(FL_PLUGIN_REGISTRY(view));
 
   g_autoptr(FlStandardMethodCodec) codec = fl_standard_method_codec_new();
@@ -104,6 +190,11 @@ static void my_application_activate(GApplication* application) {
     self,
     nullptr);
 
+  // Forward side mouse button events (back/forward) to Dart on the main window.
+  FlMethodChannel* side_channel = side_buttons_create_channel(fl_view_get_engine(view));
+  side_buttons_init_for_window(window, side_channel);
+  g_object_unref(side_channel);
+
   gtk_widget_grab_focus(GTK_WIDGET(view));
 }
 

flutter/linux/wayland_shortcuts_inhibit.cc

@@ -0,0 +1,244 @@
+// Wayland keyboard shortcuts inhibit implementation
+// Uses the zwp_keyboard_shortcuts_inhibit_manager_v1 protocol to request
+// the compositor to disable system shortcuts for specific windows.
+
+#include "wayland_shortcuts_inhibit.h"
+
+#if defined(GDK_WINDOWING_WAYLAND) && defined(HAS_KEYBOARD_SHORTCUTS_INHIBIT)
+
+#include <cstring>
+#include <gdk/gdkwayland.h>
+#include <wayland-client.h>
+#include "keyboard-shortcuts-inhibit-unstable-v1-client-protocol.h"
+
+// Data structure to hold inhibitor state for each window
+typedef struct {
+  struct zwp_keyboard_shortcuts_inhibit_manager_v1* manager;
+  struct zwp_keyboard_shortcuts_inhibitor_v1* inhibitor;
+} ShortcutsInhibitData;
+
+// Cleanup function for ShortcutsInhibitData
+static void shortcuts_inhibit_data_free(gpointer data) {
+  ShortcutsInhibitData* inhibit_data = static_cast<ShortcutsInhibitData*>(data);
+  if (inhibit_data->inhibitor != NULL) {
+    zwp_keyboard_shortcuts_inhibitor_v1_destroy(inhibit_data->inhibitor);
+  }
+  if (inhibit_data->manager != NULL) {
+    zwp_keyboard_shortcuts_inhibit_manager_v1_destroy(inhibit_data->manager);
+  }
+  g_free(inhibit_data);
+}
+
+// Wayland registry handler to find the shortcuts inhibit manager
+static void registry_handle_global(void* data, struct wl_registry* registry,
+                                   uint32_t name, const char* interface,
+                                   uint32_t /*version*/) {
+  ShortcutsInhibitData* inhibit_data = static_cast<ShortcutsInhibitData*>(data);
+  if (strcmp(interface,
+             zwp_keyboard_shortcuts_inhibit_manager_v1_interface.name) == 0) {
+    inhibit_data->manager =
+        static_cast<zwp_keyboard_shortcuts_inhibit_manager_v1*>(wl_registry_bind(
+            registry, name, &zwp_keyboard_shortcuts_inhibit_manager_v1_interface,
+            1));
+  }
+}
+
+static void registry_handle_global_remove(void* /*data*/, struct wl_registry* /*registry*/,
+                                          uint32_t /*name*/) {
+  // Not needed for this use case
+}
+
+static const struct wl_registry_listener registry_listener = {
+    registry_handle_global,
+    registry_handle_global_remove,
+};
+
+// Inhibitor event handlers
+static void inhibitor_active(void* /*data*/,
+                             struct zwp_keyboard_shortcuts_inhibitor_v1* /*inhibitor*/) {
+  // Inhibitor is now active, shortcuts are being captured
+}
+
+static void inhibitor_inactive(void* /*data*/,
+                               struct zwp_keyboard_shortcuts_inhibitor_v1* /*inhibitor*/) {
+  // Inhibitor is now inactive, shortcuts restored to compositor
+}
+
+static const struct zwp_keyboard_shortcuts_inhibitor_v1_listener inhibitor_listener = {
+    inhibitor_active,
+    inhibitor_inactive,
+};
+
+// Forward declaration
+static void uninhibit_keyboard_shortcuts(GtkWindow* window);
+
+// Inhibit keyboard shortcuts on Wayland for a specific window
+static void inhibit_keyboard_shortcuts(GtkWindow* window) {
+  GdkDisplay* display = gtk_widget_get_display(GTK_WIDGET(window));
+  if (!GDK_IS_WAYLAND_DISPLAY(display)) {
+    return;
+  }
+
+  // Check if already inhibited for this window
+  if (g_object_get_data(G_OBJECT(window), "shortcuts-inhibit-data") != NULL) {
+    return;
+  }
+
+  ShortcutsInhibitData* inhibit_data = g_new0(ShortcutsInhibitData, 1);
+
+  struct wl_display* wl_display = gdk_wayland_display_get_wl_display(display);
+  if (wl_display == NULL) {
+    shortcuts_inhibit_data_free(inhibit_data);
+    return;
+  }
+
+  struct wl_registry* registry = wl_display_get_registry(wl_display);
+  if (registry == NULL) {
+    shortcuts_inhibit_data_free(inhibit_data);
+    return;
+  }
+
+  wl_registry_add_listener(registry, &registry_listener, inhibit_data);
+  wl_display_roundtrip(wl_display);
+
+  if (inhibit_data->manager == NULL) {
+    wl_registry_destroy(registry);
+    shortcuts_inhibit_data_free(inhibit_data);
+    return;
+  }
+
+  GdkWindow* gdk_window = gtk_widget_get_window(GTK_WIDGET(window));
+  if (gdk_window == NULL) {
+    wl_registry_destroy(registry);
+    shortcuts_inhibit_data_free(inhibit_data);
+    return;
+  }
+
+  struct wl_surface* surface = gdk_wayland_window_get_wl_surface(gdk_window);
+  if (surface == NULL) {
+    wl_registry_destroy(registry);
+    shortcuts_inhibit_data_free(inhibit_data);
+    return;
+  }
+
+  GdkSeat* gdk_seat = gdk_display_get_default_seat(display);
+  if (gdk_seat == NULL) {
+    wl_registry_destroy(registry);
+    shortcuts_inhibit_data_free(inhibit_data);
+    return;
+  }
+
+  struct wl_seat* seat = gdk_wayland_seat_get_wl_seat(gdk_seat);
+  if (seat == NULL) {
+    wl_registry_destroy(registry);
+    shortcuts_inhibit_data_free(inhibit_data);
+    return;
+  }
+
+  inhibit_data->inhibitor =
+      zwp_keyboard_shortcuts_inhibit_manager_v1_inhibit_shortcuts(
+          inhibit_data->manager, surface, seat);
+
+  if (inhibit_data->inhibitor == NULL) {
+    wl_registry_destroy(registry);
+    shortcuts_inhibit_data_free(inhibit_data);
+    return;
+  }
+
+  // Add listener to monitor active/inactive state
+  zwp_keyboard_shortcuts_inhibitor_v1_add_listener(
+      inhibit_data->inhibitor, &inhibitor_listener, window);
+
+  wl_display_roundtrip(wl_display);
+  wl_registry_destroy(registry);
+
+  // Associate the inhibit data with the window for cleanup on destroy
+  g_object_set_data_full(G_OBJECT(window), "shortcuts-inhibit-data",
+                         inhibit_data, shortcuts_inhibit_data_free);
+}
+
+// Remove keyboard shortcuts inhibitor from a window
+static void uninhibit_keyboard_shortcuts(GtkWindow* window) {
+  ShortcutsInhibitData* inhibit_data = static_cast<ShortcutsInhibitData*>(
+      g_object_get_data(G_OBJECT(window), "shortcuts-inhibit-data"));
+
+  if (inhibit_data == NULL) {
+    return;
+  }
+
+  // This will trigger shortcuts_inhibit_data_free via g_object_set_data
+  g_object_set_data(G_OBJECT(window), "shortcuts-inhibit-data", NULL);
+}
+
+// Focus event handlers for dynamic inhibitor management
+static gboolean on_window_focus_in(GtkWidget* widget, GdkEventFocus* /*event*/, gpointer /*user_data*/) {
+  if (GTK_IS_WINDOW(widget)) {
+    inhibit_keyboard_shortcuts(GTK_WINDOW(widget));
+  }
+  return FALSE;  // Continue event propagation
+}
+
+static gboolean on_window_focus_out(GtkWidget* widget, GdkEventFocus* /*event*/, gpointer /*user_data*/) {
+  if (GTK_IS_WINDOW(widget)) {
+    uninhibit_keyboard_shortcuts(GTK_WINDOW(widget));
+  }
+  return FALSE;  // Continue event propagation
+}
+
+// Key for marking window as having focus handlers connected
+static const char* const kFocusHandlersConnectedKey = "shortcuts-inhibit-focus-handlers-connected";
+// Key for marking window as having a pending realize handler
+static const char* const kRealizeHandlerConnectedKey = "shortcuts-inhibit-realize-handler-connected";
+
+// Callback when window is realized (mapped to screen)
+// Sets up focus-based inhibitor management
+static void on_window_realize(GtkWidget* widget, gpointer /*user_data*/) {
+  if (GTK_IS_WINDOW(widget)) {
+    // Check if focus handlers are already connected to avoid duplicates
+    if (g_object_get_data(G_OBJECT(widget), kFocusHandlersConnectedKey) != NULL) {
+      return;
+    }
+
+    // Connect focus events for dynamic inhibitor management
+    g_signal_connect(widget, "focus-in-event",
+                     G_CALLBACK(on_window_focus_in), NULL);
+    g_signal_connect(widget, "focus-out-event",
+                     G_CALLBACK(on_window_focus_out), NULL);
+
+    // Mark as connected to prevent duplicate connections
+    g_object_set_data(G_OBJECT(widget), kFocusHandlersConnectedKey, GINT_TO_POINTER(1));
+
+    // If window already has focus, create inhibitor now
+    if (gtk_window_has_toplevel_focus(GTK_WINDOW(widget))) {
+      inhibit_keyboard_shortcuts(GTK_WINDOW(widget));
+    }
+  }
+}
+
+// Public API: Initialize shortcuts inhibit for a sub-window
+void wayland_shortcuts_inhibit_init_for_subwindow(void* view) {
+  GtkWidget* widget = GTK_WIDGET(view);
+  GtkWidget* toplevel = gtk_widget_get_toplevel(widget);
+
+  if (toplevel != NULL && GTK_IS_WINDOW(toplevel)) {
+    // Check if already initialized to avoid duplicate realize handlers
+    if (g_object_get_data(G_OBJECT(toplevel), kFocusHandlersConnectedKey) != NULL ||
+        g_object_get_data(G_OBJECT(toplevel), kRealizeHandlerConnectedKey) != NULL) {
+      return;
+    }
+
+    if (gtk_widget_get_realized(toplevel)) {
+      // Window is already realized, set up focus handlers now
+      on_window_realize(toplevel, NULL);
+    } else {
+      // Mark realize handler as connected to prevent duplicate connections
+      // if called again before window is realized
+      g_object_set_data(G_OBJECT(toplevel), kRealizeHandlerConnectedKey, GINT_TO_POINTER(1));
+      // Wait for window to be realized
+      g_signal_connect(toplevel, "realize",
+                       G_CALLBACK(on_window_realize), NULL);
+    }
+  }
+}
+
+#endif  // defined(GDK_WINDOWING_WAYLAND) && defined(HAS_KEYBOARD_SHORTCUTS_INHIBIT)

flutter/linux/wayland_shortcuts_inhibit.h

@@ -0,0 +1,22 @@
+// Wayland keyboard shortcuts inhibit support
+// This module provides functionality to inhibit system keyboard shortcuts
+// on Wayland compositors, allowing remote desktop windows to capture all
+// key events including Super, Alt+Tab, etc.
+
+#ifndef WAYLAND_SHORTCUTS_INHIBIT_H_
+#define WAYLAND_SHORTCUTS_INHIBIT_H_
+
+#include <gtk/gtk.h>
+
+#if defined(GDK_WINDOWING_WAYLAND) && defined(HAS_KEYBOARD_SHORTCUTS_INHIBIT)
+
+// Initialize shortcuts inhibit for a sub-window created by desktop_multi_window plugin.
+// This sets up focus-based inhibitor management: inhibitor is created when
+// the window gains focus and destroyed when it loses focus.
+//
+// @param view The FlView of the sub-window
+void wayland_shortcuts_inhibit_init_for_subwindow(void* view);
+
+#endif  // defined(GDK_WINDOWING_WAYLAND) && defined(HAS_KEYBOARD_SHORTCUTS_INHIBIT)
+
+#endif  // WAYLAND_SHORTCUTS_INHIBIT_H_

flutter/pubspec.yaml

@@ -16,7 +16,7 @@ publish_to: "none" # Remove this line if you wish to publish to pub.dev
 # Read more about iOS versioning at
 # https://developer.apple.com/library/archive/documentation/General/Reference/InfoPlistKeyReference/Articles/CoreFoundationKeys.html
 # 1.1.9-1 works for android, but for ios it becomes 1.1.91, need to set it to 1.1.9-a.1 for iOS, will get 1.1.9.1, but iOS store not allow 4 numbers
-version: 1.4.5+63
+version: 1.4.6+64
 
 environment:
   sdk: '^3.1.0'
@@ -113,8 +113,8 @@ dependencies:
 
 dev_dependencies:
   icons_launcher: ^2.0.4
-  #flutter_test:
-  #sdk: flutter
+  flutter_test:
+    sdk: flutter
   build_runner: ^2.4.6
   freezed: ^2.4.2
   flutter_lints: ^2.0.2

flutter/test/input_modifier_utils_test.dart

@@ -0,0 +1,125 @@
+import 'package:flutter/services.dart';
+import 'package:flutter_test/flutter_test.dart';
+import 'package:flutter_hbb/models/input_modifier_utils.dart';
+
+void main() {
+  group('shouldReleaseStaleMobileShift', () {
+    test('does not release when cached shift is already false', () {
+      expect(
+        shouldReleaseStaleMobileShift(
+          isMobile: true,
+          cachedShiftPressed: false,
+          actualShiftPressed: false,
+          logicalKey: LogicalKeyboardKey.keyD,
+          hasTrackedShiftKeyDown: true,
+        ),
+        isFalse,
+      );
+    });
+
+    test('releases one-shot mobile shift after a text key', () {
+      expect(
+        shouldReleaseStaleMobileShift(
+          isMobile: true,
+          cachedShiftPressed: true,
+          actualShiftPressed: false,
+          logicalKey: LogicalKeyboardKey.keyD,
+          hasTrackedShiftKeyDown: true,
+        ),
+        isTrue,
+      );
+    });
+
+    test('does not release manually toggled shift without tracked key down',
+        () {
+      expect(
+        shouldReleaseStaleMobileShift(
+          isMobile: true,
+          cachedShiftPressed: true,
+          actualShiftPressed: false,
+          logicalKey: LogicalKeyboardKey.keyD,
+          hasTrackedShiftKeyDown: false,
+        ),
+        isFalse,
+      );
+    });
+
+    test('does not release when shift is still physically pressed', () {
+      expect(
+        shouldReleaseStaleMobileShift(
+          isMobile: true,
+          cachedShiftPressed: true,
+          actualShiftPressed: true,
+          logicalKey: LogicalKeyboardKey.keyD,
+          hasTrackedShiftKeyDown: true,
+        ),
+        isFalse,
+      );
+    });
+
+    test('does not release on non-mobile platforms', () {
+      expect(
+        shouldReleaseStaleMobileShift(
+          isMobile: false,
+          cachedShiftPressed: true,
+          actualShiftPressed: false,
+          logicalKey: LogicalKeyboardKey.keyD,
+          hasTrackedShiftKeyDown: true,
+        ),
+        isFalse,
+      );
+    });
+
+    test('releases on enter key', () {
+      expect(
+        shouldReleaseStaleMobileShift(
+          isMobile: true,
+          cachedShiftPressed: true,
+          actualShiftPressed: false,
+          logicalKey: LogicalKeyboardKey.enter,
+          hasTrackedShiftKeyDown: true,
+        ),
+        isTrue,
+      );
+    });
+
+    test('releases on arrow key', () {
+      expect(
+        shouldReleaseStaleMobileShift(
+          isMobile: true,
+          cachedShiftPressed: true,
+          actualShiftPressed: false,
+          logicalKey: LogicalKeyboardKey.arrowLeft,
+          hasTrackedShiftKeyDown: true,
+        ),
+        isTrue,
+      );
+    });
+
+    test('does not release on modifier events', () {
+      expect(
+        shouldReleaseStaleMobileShift(
+          isMobile: true,
+          cachedShiftPressed: true,
+          actualShiftPressed: false,
+          logicalKey: LogicalKeyboardKey.shiftLeft,
+          hasTrackedShiftKeyDown: true,
+        ),
+        isFalse,
+      );
+    });
+
+    test('does not release on shiftRight modifier events', () {
+      expect(
+        shouldReleaseStaleMobileShift(
+          isMobile: true,
+          cachedShiftPressed: true,
+          actualShiftPressed: false,
+          logicalKey: LogicalKeyboardKey.shiftRight,
+          hasTrackedShiftKeyDown: true,
+        ),
+        isFalse,
+      );
+    });
+  });
+}

flutter/windows/runner/win32_window.cpp

@@ -7,6 +7,7 @@
 
 #include <cstdlib> // for getenv and _putenv
 #include <cstring> // for strcmp
+#include <string> // for std::wstring
 
 namespace {
 
@@ -15,6 +16,43 @@ constexpr const wchar_t kWindowClassName[] = L"FLUTTER_RUNNER_WIN32_WINDOW";
 // The number of Win32Window objects that currently exist.
 static int g_active_window_count = 0;
 
+// Static variable to hold the custom icon (needs cleanup on exit)
+static HICON g_custom_icon_ = nullptr;
+
+// Try to load icon from data\flutter_assets\assets\icon.ico if it exists.
+// Returns nullptr if the file doesn't exist or can't be loaded.
+HICON LoadCustomIcon() {
+  if (g_custom_icon_ != nullptr) {
+    return g_custom_icon_;
+  }
+  wchar_t exe_path[MAX_PATH];
+  if (!GetModuleFileNameW(nullptr, exe_path, MAX_PATH)) {
+    return nullptr;
+  }
+
+  std::wstring icon_path = exe_path;
+  size_t last_slash = icon_path.find_last_of(L"\\/");
+  if (last_slash == std::wstring::npos) {
+    return nullptr;
+  }
+
+  icon_path = icon_path.substr(0, last_slash + 1);
+  icon_path += L"data\\flutter_assets\\assets\\icon.ico";
+
+  // Check file attributes - reject if missing, directory, or reparse point (symlink/junction)
+  DWORD file_attr = GetFileAttributesW(icon_path.c_str());
+  if (file_attr == INVALID_FILE_ATTRIBUTES ||
+      (file_attr & FILE_ATTRIBUTE_DIRECTORY) ||
+      (file_attr & FILE_ATTRIBUTE_REPARSE_POINT)) {
+    return nullptr;
+  }
+
+  g_custom_icon_ = (HICON)LoadImageW(
+      nullptr, icon_path.c_str(), IMAGE_ICON, 0, 0,
+      LR_LOADFROMFILE | LR_DEFAULTSIZE);
+  return g_custom_icon_;
+}
+
 using EnableNonClientDpiScaling = BOOL __stdcall(HWND hwnd);
 
 // Scale helper to convert logical scaler values to physical using passed in
@@ -81,8 +119,16 @@ const wchar_t* WindowClassRegistrar::GetWindowClass() {
     window_class.cbClsExtra = 0;
     window_class.cbWndExtra = 0;
     window_class.hInstance = GetModuleHandle(nullptr);
-    window_class.hIcon =
-        LoadIcon(window_class.hInstance, MAKEINTRESOURCE(IDI_APP_ICON));
+    
+    // Try to load icon from data\flutter_assets\assets\icon.ico if it exists
+    HICON custom_icon = LoadCustomIcon();
+    if (custom_icon != nullptr) {
+      window_class.hIcon = custom_icon;
+    } else {
+      window_class.hIcon =
+          LoadIcon(window_class.hInstance, MAKEINTRESOURCE(IDI_APP_ICON));
+    }
+    
     window_class.hbrBackground = 0;
     window_class.lpszMenuName = nullptr;
     window_class.lpfnWndProc = Win32Window::WndProc;
@@ -95,6 +141,12 @@ const wchar_t* WindowClassRegistrar::GetWindowClass() {
 void WindowClassRegistrar::UnregisterWindowClass() {
   UnregisterClass(kWindowClassName, nullptr);
   class_registered_ = false;
+  
+  // Clean up the custom icon if it was loaded
+  if (g_custom_icon_ != nullptr) {
+    DestroyIcon(g_custom_icon_);
+    g_custom_icon_ = nullptr;
+  }
 }
 
 Win32Window::Win32Window() {

libs/clipboard/README.md

@@ -10,7 +10,7 @@ TODO: Move this lib to a separate project.
 
 ## How it works
 
-Terminalogies:
+Terminologies:
 
 - cliprdr: this module
 - local: the endpoint which initiates a file copy events
@@ -50,7 +50,7 @@ sequenceDiagram
         r ->> l: Format List Response (notified)
         r ->> l: Format Data Request (requests file list)
         activate l
-            note left of l: Retrive file list from system clipboard
+            note left of l: Retrieve file list from system clipboard
             l ->> r: Format Data Response (containing file list)
         deactivate l
         note over r: Update system clipboard with received file list
@@ -84,10 +84,10 @@ and copy files to remote.
 The protocol was originally designed as an extension of the Windows RDP,
 so the specific message packages fits windows well.
 
-When starting cliprdr, a thread is spawn to create a invisible window
+When starting cliprdr, a thread is spawned to create an invisible window
 and to subscribe to OLE clipboard events.
 The window's callback (see `cliprdr_proc` in `src/windows/wf_cliprdr.c`) was
-set to handle a variaty of events.
+set to handle a variety of events.
 
 Detailed implementation is shown in pictures above.
 
@@ -108,18 +108,18 @@ after filtering out those pointing to our FUSE directory or duplicated,
 send format list directly to remote.
 
 The cliprdr server also uses clipboard client for setting clipboard,
-or retrive paths from system.
+or retrieve paths from system.
 
 #### Local File List
 
-The local file list is a temperary list of file metadata.
+The local file list is a temporary list of file metadata.
 When receiving file contents PDU from peer, the server picks
 out the file requested and open it for reading if necessary.
 
 Also when receiving Format Data Request PDU from remote asking for file list,
 the local file list should be rebuilt from file list retrieved from Clipboard Client.
 
-Some caching and preloading could done on it since applications are likely to read
+Some caching and preloading could be done on it since applications are likely to read
 on the list sequentially.
 
 #### FUSE server

libs/clipboard/src/platform/unix/fuse/cs.rs

@@ -12,7 +12,7 @@
 //!
 //! For now, we transfer all file names with windows separators, UTF-16 encoded.
 //! *Need a way to transfer file names with '\' safely*.
-//! Maybe we can use URL encoded file names and '/' seperators as a new standard, while keep the support to old schemes.
+//! Maybe we can use URL encoded file names and '/' separators as a new standard, while keep the support to old schemes.
 //!
 //! # Note
 //! - all files on FS should be read only, and mark the owner to be the current user

libs/enigo/src/linux/nix_impl.rs

@@ -261,6 +261,8 @@ impl KeyboardControllable for Enigo {
         } else {
             if let Some(keyboard) = &mut self.custom_keyboard {
                 keyboard.key_sequence(sequence)
+            } else {
+                log::warn!("Enigo::key_sequence: no custom_keyboard set for Wayland!");
             }
         }
     }
@@ -277,6 +279,7 @@ impl KeyboardControllable for Enigo {
             if let Some(keyboard) = &mut self.custom_keyboard {
                 keyboard.key_down(key)
             } else {
+                log::warn!("Enigo::key_down: no custom_keyboard set for Wayland!");
                 Ok(())
             }
         }
@@ -290,13 +293,24 @@ impl KeyboardControllable for Enigo {
         } else {
             if let Some(keyboard) = &mut self.custom_keyboard {
                 keyboard.key_up(key)
+            } else {
+                log::warn!("Enigo::key_up: no custom_keyboard set for Wayland!");
             }
         }
     }
     fn key_click(&mut self, key: Key) {
-        if self.tfc_key_click(key).is_err() {
-            self.key_down(key).ok();
-            self.key_up(key);
+        if self.is_x11 {
+            // X11: try tfc first, then fallback to key_down/key_up
+            if self.tfc_key_click(key).is_err() {
+                self.key_down(key).ok();
+                self.key_up(key);
+            }
+        } else {
+            if let Some(keyboard) = &mut self.custom_keyboard {
+                keyboard.key_click(key);
+            } else {
+                log::warn!("Enigo::key_click: no custom_keyboard set for Wayland!");
+            }
         }
     }
 }

libs/enigo/src/linux/xdo.rs

@@ -8,6 +8,7 @@
 use crate::{Key, KeyboardControllable, MouseButton, MouseControllable};
 
 use hbb_common::libc::c_int;
+use hbb_common::x11::xlib::{Display, XCloseDisplay, XGetPointerMapping, XOpenDisplay};
 use libxdo_sys::{self, xdo_t, CURRENTWINDOW};
 use std::{borrow::Cow, ffi::CString};
 
@@ -32,6 +33,51 @@ fn mousebutton(button: MouseButton) -> c_int {
     }
 }
 
+/// Minimum number of buttons the X11 core pointer must support.
+/// Buttons 8 (Back) and 9 (Forward) are needed for mouse side buttons.
+const MIN_POINTER_BUTTONS: usize = 9;
+
+/// Check that the X11 core pointer's button map includes at least 9 buttons
+/// so that `XTestFakeButtonEvent` can simulate Back (8) and Forward (9).
+///
+/// RustDesk's uinput "Mouse passthrough" device normally provides enough
+/// buttons, but we log a warning if the map is too small so the issue is
+/// diagnosable. `XSetPointerMapping` cannot extend the button count (its
+/// length must match `XGetPointerMapping`), so we only diagnose here.
+fn check_x11_button_map() {
+    // Skip on non-X11 sessions to avoid noisy "XOpenDisplay failed" warnings
+    // on pure Wayland or headless environments without $DISPLAY.
+    if std::env::var_os("DISPLAY").is_none() {
+        return;
+    }
+
+    let display: *mut Display = unsafe { XOpenDisplay(std::ptr::null()) };
+    if display.is_null() {
+        log::warn!("XOpenDisplay failed, cannot check button map");
+        return;
+    }
+
+    let mut current_map = [0u8; 32];
+    let nbuttons =
+        unsafe { XGetPointerMapping(display, current_map.as_mut_ptr(), current_map.len() as i32) };
+    unsafe { XCloseDisplay(display) };
+
+    if nbuttons < 0 {
+        log::warn!("XGetPointerMapping failed (returned {nbuttons})");
+        return;
+    }
+
+    let nbuttons = nbuttons as usize;
+    if nbuttons >= MIN_POINTER_BUTTONS {
+        log::info!("X11 pointer has {nbuttons} buttons, side buttons supported");
+    } else {
+        log::warn!(
+            "X11 pointer has only {nbuttons} buttons (need {MIN_POINTER_BUTTONS}); \
+             back/forward side buttons may not work until a device with more buttons is added"
+        );
+    }
+}
+
 /// The main struct for handling the event emitting
 pub(super) struct EnigoXdo {
     xdo: *mut xdo_t,
@@ -52,6 +98,7 @@ impl Default for EnigoXdo {
             log::warn!("Failed to create xdo context, xdo functions will be disabled");
         } else {
             log::info!("xdo context created successfully");
+            check_x11_button_map();
         }
         Self {
             xdo,

libs/enigo/src/win/win_impl.rs

@@ -269,7 +269,7 @@ impl KeyboardControllable for Enigo {
                     for pos in 0..mod_len {
                         let rpos = mod_len - 1 - pos;
                         if flag & (0x0001 << rpos) != 0 {
-                            self.key_up(modifiers[pos]);
+                            self.key_up(modifiers[rpos]);
                         }
                     }
 
@@ -298,7 +298,18 @@ impl KeyboardControllable for Enigo {
     }
 
     fn key_up(&mut self, key: Key) {
-        keybd_event(KEYEVENTF_KEYUP, self.key_to_keycode(key), 0);
+        match key {
+            Key::Layout(c) => {
+                let code = self.get_layoutdependent_keycode(c);
+                if code as u16 != 0xFFFF {
+                    let vk = code & 0x00FF;
+                    keybd_event(KEYEVENTF_KEYUP, vk, 0);
+                }
+            }
+            _ => {
+                keybd_event(KEYEVENTF_KEYUP, self.key_to_keycode(key), 0);
+            }
+        }
     }
 
     fn get_key_state(&mut self, key: Key) -> bool {

libs/portable/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "rustdesk-portable-packer"
-version = "1.4.5"
+version = "1.4.6"
 edition = "2021"
 description = "RustDesk Remote Desktop"
 

libs/scrap/src/common/mediacodec.rs

@@ -151,7 +151,7 @@ fn create_media_codec(name: &str, direction: MediaCodecDirection) -> Option<Medi
         log::error!("Failed to start decoder: {:?}", e);
         return None;
     };
-    log::debug!("Init decoder successed!: {:?}", name);
+    log::debug!("Init decoder succeeded!: {:?}", name);
     return Some(MediaCodecDecoder {
         decoder: codec,
         name: name.to_owned(),

libs/scrap/src/wayland/capturable.rs

@@ -24,7 +24,7 @@ impl<'a> PixelProvider<'a> {
 }
 
 pub trait Recorder {
-    fn capture(&mut self, timeout_ms: u64) -> Result<PixelProvider, Box<dyn Error>>;
+    fn capture(&mut self, timeout_ms: u64) -> Result<PixelProvider<'_>, Box<dyn Error>>;
 }
 
 pub trait BoxCloneCapturable {

libs/scrap/src/wayland/pipewire.rs

@@ -346,7 +346,7 @@ impl PipeWireRecorder {
 }
 
 impl Recorder for PipeWireRecorder {
-    fn capture(&mut self, timeout_ms: u64) -> Result<PixelProvider, Box<dyn Error>> {
+    fn capture(&mut self, timeout_ms: u64) -> Result<PixelProvider<'_>, Box<dyn Error>> {
         if let Some(sample) = self
             .appsink
             .try_pull_sample(gst::ClockTime::from_mseconds(timeout_ms))

libs/scrap/src/x11/server.rs

@@ -98,7 +98,7 @@ unsafe fn check_x11_shm_available(c: *mut xcb_connection_t) -> Result<(), Error>
     let mut e: *mut xcb_generic_error_t = std::ptr::null_mut();
     let reply = xcb_shm_query_version_reply(c, cookie, &mut e as _);
     if reply.is_null() {
-        // TODO: Should seperate SHM disabled from SHM not supported?
+        // TODO: Should separate SHM disabled from SHM not supported?
         return Err(Error::UnsupportedExtension);
     } else {
         // https://github.com/FFmpeg/FFmpeg/blob/6229e4ac425b4566446edefb67d5c225eb397b58/libavdevice/xcbgrab.c#L229

libs/virtual_display/dylib/README.md

@@ -29,4 +29,4 @@ TODO
 
 ## X11
 
-## OSX
+## macOS

res/DEBIAN/postinst

@@ -6,15 +6,13 @@ if [ "$1" = configure ]; then
 
 	INITSYS=$(ls -al /proc/1/exe | awk -F' ' '{print $NF}' | awk -F'/' '{print $NF}')
 	ln -f -s /usr/share/rustdesk/rustdesk /usr/bin/rustdesk
-	
+
 	if [ "systemd" == "$INITSYS" ]; then
 
 		if [ -e /etc/systemd/system/rustdesk.service ]; then
 			rm /etc/systemd/system/rustdesk.service /usr/lib/systemd/system/rustdesk.service /usr/lib/systemd/user/rustdesk.service >/dev/null  2>&1
 		fi
-		version=$(python3 -V 2>&1 | grep -Po '(?<=Python )(.+)')
-		parsedVersion=$(echo "${version//./}")
-        mkdir -p /usr/lib/systemd/system/
+		mkdir -p /usr/lib/systemd/system/
 		cp /usr/share/rustdesk/files/systemd/rustdesk.service /usr/lib/systemd/system/rustdesk.service
 		# try fix error in Ubuntu 18.04
 		# Failed to reload rustdesk.service: Unit rustdesk.service is not loaded properly: Exec format error.

res/PKGBUILD

@@ -1,5 +1,5 @@
 pkgname=rustdesk
-pkgver=1.4.5
+pkgver=1.4.6
 pkgrel=0
 epoch=
 pkgdesc=""

res/audits.py

@@ -43,7 +43,7 @@ def get_connection_type_name(conn_type):
     """Convert connection type number to readable name"""
     type_map = {
         0: "Remote Desktop",
-        1: "File Transfer", 
+        1: "File Transfer",
         2: "Port Transfer",
         3: "View Camera",
         4: "Terminal"
@@ -55,7 +55,7 @@ def get_console_type_name(console_type):
     """Convert console audit type number to readable name"""
     type_map = {
         0: "Group Management",
-        1: "User Management", 
+        1: "User Management",
         2: "Device Management",
         3: "Address Book Management"
     }
@@ -67,7 +67,7 @@ def get_console_operation_name(operation_code):
     operation_map = {
         0: "User Login",
         1: "Add Group",
-        2: "Add User", 
+        2: "Add User",
         3: "Add Device",
         4: "Delete Groups",
         5: "Disconnect Device",
@@ -95,7 +95,7 @@ def get_console_operation_name(operation_code):
 def get_alarm_type_name(alarm_type):
     """Convert alarm type number to readable name"""
     type_map = {
-        0: "Access attempt outside the IP whiltelist",
+        0: "Access attempt outside the IP whitelist",
         1: "Over 30 consecutive access attempts",
         2: "Multiple access attempts within one minute",
         3: "Over 30 consecutive login attempts",
@@ -109,24 +109,24 @@ def enhance_audit_data(data, audit_type):
     """Enhance audit data with readable formats"""
     if not data:
         return data
-    
+
     enhanced_data = []
     for item in data:
         enhanced_item = item.copy()
-        
+
         # Convert timestamps - replace original values
         if 'created_at' in enhanced_item:
             enhanced_item['created_at'] = format_timestamp(enhanced_item['created_at'])
         if 'end_time' in enhanced_item:
             enhanced_item['end_time'] = format_timestamp(enhanced_item['end_time'])
-        
+
         # Add type-specific enhancements - replace original values
         if audit_type == 'conn':
             if 'conn_type' in enhanced_item:
                 enhanced_item['conn_type'] = get_connection_type_name(enhanced_item['conn_type'])
             else:
                 enhanced_item['conn_type'] = "Not Logged In"
-        
+
         elif audit_type == 'console':
             if 'typ' in enhanced_item:
                 # Replace typ field with type and convert to readable name
@@ -136,14 +136,14 @@ def enhance_audit_data(data, audit_type):
                 # Replace iop field with operation and convert to readable name
                 enhanced_item['operation'] = get_console_operation_name(enhanced_item['iop'])
                 del enhanced_item['iop']
-        
+
         elif audit_type == 'alarm' and 'typ' in enhanced_item:
             # Replace typ field with type and convert to readable name
             enhanced_item['type'] = get_alarm_type_name(enhanced_item['typ'])
             del enhanced_item['typ']
-        
+
         enhanced_data.append(enhanced_item)
-    
+
     return enhanced_data
 
 
@@ -152,7 +152,7 @@ def check_response(response):
     if response.status_code != 200:
         print(f"Error: HTTP {response.status_code} - {response.text}")
         exit(1)
-    
+
     try:
         response_json = response.json()
         if "error" in response_json:
@@ -163,28 +163,28 @@ def check_response(response):
         return response.text or "Success"
 
 
-def view_audits_common(url, token, endpoint, filters=None, page_size=None, current=None, 
+def view_audits_common(url, token, endpoint, filters=None, page_size=None, current=None,
                        created_at=None, days_ago=None, non_wildcard_fields=None):
     """Common function for viewing audits"""
     headers = {"Authorization": f"Bearer {token}"}
-    
+
     # Set default page size and current page
     if page_size is None:
         page_size = 10
     if current is None:
         current = 1
-    
+
     params = {
         "pageSize": page_size,
         "current": current
     }
-    
+
     # Add filter parameters if provided
     if filters:
         for key, value in filters.items():
             if value is not None:
                 params[key] = value
-    
+
     # Handle time filters
     if days_ago is not None:
         # Calculate datetime from days ago
@@ -205,10 +205,10 @@ def view_audits_common(url, token, endpoint, filters=None, page_size=None, curre
     # Apply wildcard patterns for string fields (excluding specific fields)
     if non_wildcard_fields is None:
         non_wildcard_fields = set()
-    
+
     # Always exclude these fields from wildcard treatment
     non_wildcard_fields.update(["created_at", "pageSize", "current"])
-    
+
     string_params = {}
     for k, v in params.items():
         if isinstance(v, str) and k not in non_wildcard_fields:
@@ -221,10 +221,10 @@ def view_audits_common(url, token, endpoint, filters=None, page_size=None, curre
 
     response = requests.get(f"{url}/api/audits/{endpoint}", headers=headers, params=string_params)
     response_json = check_response(response)
-    
+
     # Enhance the data with readable formats
     data = enhance_audit_data(response_json.get("data", []), endpoint)
-    
+
     return {
         "data": data,
         "total": response_json.get("total", 0),
@@ -233,7 +233,7 @@ def view_audits_common(url, token, endpoint, filters=None, page_size=None, curre
     }
 
 
-def view_conn_audits(url, token, remote=None, conn_type=None, 
+def view_conn_audits(url, token, remote=None, conn_type=None,
                      page_size=None, current=None, created_at=None, days_ago=None):
     """View connection audits"""
     filters = {
@@ -241,7 +241,7 @@ def view_conn_audits(url, token, remote=None, conn_type=None,
         "conn_type": conn_type
     }
     non_wildcard_fields = {"conn_type"}
-    
+
     return view_audits_common(
         url, token, "conn", filters, page_size, current, created_at, days_ago, non_wildcard_fields
     )
@@ -254,7 +254,7 @@ def view_file_audits(url, token, remote=None,
         "remote": remote
     }
     non_wildcard_fields = set()
-    
+
     return view_audits_common(
         url, token, "file", filters, page_size, current, created_at, days_ago, non_wildcard_fields
     )
@@ -267,7 +267,7 @@ def view_alarm_audits(url, token, device=None,
         "device": device
     }
     non_wildcard_fields = set()
-    
+
     return view_audits_common(
         url, token, "alarm", filters, page_size, current, created_at, days_ago, non_wildcard_fields
     )
@@ -280,7 +280,7 @@ def view_console_audits(url, token, operator=None,
         "operator": operator
     }
     non_wildcard_fields = set()
-    
+
     return view_audits_common(
         url, token, "console", filters, page_size, current, created_at, days_ago, non_wildcard_fields
     )
@@ -295,15 +295,15 @@ def main():
     )
     parser.add_argument("--url", required=True, help="URL of the API")
     parser.add_argument("--token", required=True, help="Bearer token for authentication")
-    
+
     # Pagination parameters
     parser.add_argument("--page-size", type=int, default=10, help="Number of records per page (default: 10)")
     parser.add_argument("--current", type=int, default=1, help="Current page number (default: 1)")
-    
+
     # Time filtering parameters
     parser.add_argument("--created-at", help="Filter by creation time in local time (format: 2025-09-16 14:15:57 or 2025-09-16 14:15:57.000)")
     parser.add_argument("--days-ago", type=int, help="Filter by days ago (e.g., 7 for last 7 days)")
-    
+
     # Audit filters (simplified)
     parser.add_argument("--remote", help="Remote peer ID filter (for conn/file audits)")
     parser.add_argument("--device", help="Device ID filter (for alarm audits)")
@@ -319,9 +319,9 @@ def main():
     if args.command == "view-conn":
         # View connection audits
         result = view_conn_audits(
-            args.url, 
-            args.token, 
-            args.remote, 
+            args.url,
+            args.token,
+            args.remote,
             args.conn_type,
             args.page_size,
             args.current,
@@ -329,12 +329,12 @@ def main():
             args.days_ago
         )
         print(json.dumps(result, indent=2))
-    
+
     elif args.command == "view-file":
         # View file audits
         result = view_file_audits(
-            args.url, 
-            args.token, 
+            args.url,
+            args.token,
             args.remote,
             args.page_size,
             args.current,
@@ -342,12 +342,12 @@ def main():
             args.days_ago
         )
         print(json.dumps(result, indent=2))
-    
+
     elif args.command == "view-alarm":
         # View alarm audits
         result = view_alarm_audits(
-            args.url, 
-            args.token, 
+            args.url,
+            args.token,
             args.device,
             args.page_size,
             args.current,
@@ -355,12 +355,12 @@ def main():
             args.days_ago
         )
         print(json.dumps(result, indent=2))
-    
+
     elif args.command == "view-console":
         # View console audits
         result = view_console_audits(
-            args.url, 
-            args.token, 
+            args.url,
+            args.token,
             args.operator,
             args.page_size,
             args.current,

res/msi/CustomActions/CustomActions.cpp

@@ -31,22 +31,168 @@ LExit:
     return WcaFinalize(er);
 }
 
-// CAUTION: We can't simply remove the install folder here, because silent repair/upgrade will fail.
-// `RemoveInstallFolder()` is a deferred custom action, it will be executed after the files are copied.
-// `msiexec /i package.msi /qn`
+// Helper function to safely delete a file or directory using handle-based deletion.
+// This avoids TOCTOU (Time-Of-Check-Time-Of-Use) race conditions.
+BOOL SafeDeleteItem(LPCWSTR fullPath)
+{
+    // Open the file/directory with DELETE access and FILE_FLAG_OPEN_REPARSE_POINT
+    // to prevent following symlinks.
+    // Use shared access to allow deletion even when other processes have the file open.
+    DWORD flags = FILE_FLAG_BACKUP_SEMANTICS | FILE_FLAG_OPEN_REPARSE_POINT;
+    HANDLE hFile = CreateFileW(
+        fullPath,
+        DELETE,
+        FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,  // Allow shared access
+        NULL,
+        OPEN_EXISTING,
+        flags,
+        NULL
+    );
+
+    if (hFile == INVALID_HANDLE_VALUE)
+    {
+        WcaLog(LOGMSG_STANDARD, "SafeDeleteItem: Failed to open '%ls'. Error: %lu", fullPath, GetLastError());
+        return FALSE;
+    }
+
+    // Use SetFileInformationByHandle to mark for deletion.
+    // The file will be deleted when the handle is closed.
+    FILE_DISPOSITION_INFO dispInfo;
+    dispInfo.DeleteFile = TRUE;
+
+    BOOL result = SetFileInformationByHandle(
+        hFile,
+        FileDispositionInfo,
+        &dispInfo,
+        sizeof(dispInfo)
+    );
+
+    if (!result)
+    {
+        DWORD error = GetLastError();
+        WcaLog(LOGMSG_STANDARD, "SafeDeleteItem: Failed to mark '%ls' for deletion. Error: %lu", fullPath, error);
+    }
+
+    CloseHandle(hFile);
+    return result;
+}
+
+// Helper function to recursively delete a directory's contents with detailed logging.
+void RecursiveDelete(LPCWSTR path)
+{
+    // Ensure the path is not empty or null.
+    if (path == NULL || path[0] == L'\0')
+    {
+        return;
+    }
+
+    // Extra safety: never operate directly on a root path.
+    if (PathIsRootW(path))
+    {
+        WcaLog(LOGMSG_STANDARD, "RecursiveDelete: refusing to operate on root path '%ls'.", path);
+        return;
+    }
+
+    // MAX_PATH is enough here since the installer should not be using longer paths.
+    // No need to handle extended-length paths (\\?\) in this context.
+    WCHAR searchPath[MAX_PATH];
+    HRESULT hr = StringCchPrintfW(searchPath, MAX_PATH, L"%s\\*", path);
+    if (FAILED(hr)) {
+        WcaLog(LOGMSG_STANDARD, "RecursiveDelete: Path too long to enumerate: %ls", path);
+        return;
+    }
+
+    WIN32_FIND_DATAW findData;
+    HANDLE hFind = FindFirstFileW(searchPath, &findData);
+
+    if (hFind == INVALID_HANDLE_VALUE)
+    {
+        // This can happen if the directory is empty or doesn't exist, which is not an error in our case.
+        WcaLog(LOGMSG_STANDARD, "RecursiveDelete: Failed to enumerate directory '%ls'. It may be missing or inaccessible. Error: %lu", path, GetLastError());
+        return;
+    }
+
+    do
+    {
+        // Skip '.' and '..' directories.
+        if (wcscmp(findData.cFileName, L".") == 0 || wcscmp(findData.cFileName, L"..") == 0)
+        {
+            continue;
+        }
+
+        // MAX_PATH is enough here since the installer should not be using longer paths.
+        // No need to handle extended-length paths (\\?\) in this context.
+        WCHAR fullPath[MAX_PATH];
+        hr = StringCchPrintfW(fullPath, MAX_PATH, L"%s\\%s", path, findData.cFileName);
+        if (FAILED(hr)) {
+            WcaLog(LOGMSG_STANDARD, "RecursiveDelete: Path too long for item '%ls' in '%ls', skipping.", findData.cFileName, path);
+            continue;
+        }
+
+        // Before acting, ensure the read-only attribute is not set.
+        if (findData.dwFileAttributes & FILE_ATTRIBUTE_READONLY)
+        {
+            if (FALSE == SetFileAttributesW(fullPath, findData.dwFileAttributes & ~FILE_ATTRIBUTE_READONLY))
+            {
+                WcaLog(LOGMSG_STANDARD, "RecursiveDelete: Failed to remove read-only attribute. Error: %lu", GetLastError());
+            }
+        }
+
+        if (findData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
+        {
+            // Check for reparse points (symlinks/junctions) to prevent directory traversal attacks.
+            // Do not follow reparse points, only remove the link itself.
+            if (findData.dwFileAttributes & FILE_ATTRIBUTE_REPARSE_POINT)
+            {
+                WcaLog(LOGMSG_STANDARD, "RecursiveDelete: Not recursing into reparse point (symlink/junction), deleting link itself: %ls", fullPath);
+                SafeDeleteItem(fullPath);
+            }
+            else
+            {
+                // Recursively delete directory contents first
+                RecursiveDelete(fullPath);
+                // Then delete the directory itself
+                SafeDeleteItem(fullPath);
+            }
+        }
+        else
+        {
+            // Delete file using safe handle-based deletion
+            SafeDeleteItem(fullPath);
+        }
+    } while (FindNextFileW(hFind, &findData) != 0);
+
+    DWORD lastError = GetLastError();
+    if (lastError != ERROR_NO_MORE_FILES)
+    {
+        WcaLog(LOGMSG_STANDARD, "RecursiveDelete: FindNextFileW failed with error %lu", lastError);
+    }
+
+    FindClose(hFind);
+}
+
+// See `Package.wxs` for the sequence of this custom action.
 //
-// So we need to delete the files separately in install folder.
+// Upgrade/uninstall sequence:
+//   1. InstallInitialize
+//   2. RemoveExistingProducts
+//      ├─ TerminateProcesses
+//      ├─ TryStopDeleteService
+//      ├─ RemoveInstallFolder - <-- Here
+//      └─ RemoveFiles
+//   3. InstallValidate
+//   4. InstallFiles
+//   5. InstallExecute
+//   6. InstallFinalize
 UINT __stdcall RemoveInstallFolder(
     __in MSIHANDLE hInstall)
 {
     HRESULT hr = S_OK;
     DWORD er = ERROR_SUCCESS;
 
-    int nResult = 0;
     LPWSTR installFolder = NULL;
     LPWSTR pwz = NULL;
     LPWSTR pwzData = NULL;
-    WCHAR runtimeBroker[1024] = { 0, };
 
     hr = WcaInitialize(hInstall, "RemoveInstallFolder");
     ExitOnFailure(hr, "Failed to initialize");
@@ -58,24 +204,23 @@ UINT __stdcall RemoveInstallFolder(
     hr = WcaReadStringFromCaData(&pwz, &installFolder);
     ExitOnFailure(hr, "failed to read database key from custom action data: %ls", pwz);
 
-    StringCchPrintfW(runtimeBroker, sizeof(runtimeBroker) / sizeof(runtimeBroker[0]), L"%ls\\RuntimeBroker_rustdesk.exe", installFolder);
-
-    SHFILEOPSTRUCTW fileOp;
-    ZeroMemory(&fileOp, sizeof(SHFILEOPSTRUCT));
-    fileOp.wFunc = FO_DELETE;
-    fileOp.pFrom = runtimeBroker;
-    fileOp.fFlags = FOF_NOCONFIRMATION | FOF_SILENT;
-
-    nResult = SHFileOperationW(&fileOp);
-    if (nResult == 0)
-    {
-        WcaLog(LOGMSG_STANDARD, "The external file \"%ls\" has been deleted.", runtimeBroker);
+    if (installFolder == NULL || installFolder[0] == L'\0') {
+        WcaLog(LOGMSG_STANDARD, "Install folder path is empty, skipping recursive delete.");
+        goto LExit;
     }
-    else
-    {
-        WcaLog(LOGMSG_STANDARD, "The external file \"%ls\" has not been deleted, error code: 0x%02X. Please refer to https://learn.microsoft.com/en-us/windows/win32/api/shellapi/nf-shellapi-shfileoperationa for the error codes.", runtimeBroker, nResult);
+
+    if (PathIsRootW(installFolder)) {
+        WcaLog(LOGMSG_STANDARD, "Refusing to recursively delete root folder '%ls'.", installFolder);
+        goto LExit;
     }
 
+    WcaLog(LOGMSG_STANDARD, "Attempting to recursively delete contents of install folder: %ls", installFolder);
+
+    RecursiveDelete(installFolder);
+
+    // The standard MSI 'RemoveFolders' action will take care of removing the (now empty) directories.
+    // We don't need to call RemoveDirectoryW on installFolder itself, as it might still be in use by the installer.
+
 LExit:
     ReleaseStr(pwzData);
 
@@ -109,9 +254,12 @@ bool TerminateProcessIfNotContainsParam(pfnNtQueryInformationProcess NtQueryInfo
             {
                 if (pebUpp.CommandLine.Length > 0)
                 {
-                    WCHAR *commandLine = (WCHAR *)malloc(pebUpp.CommandLine.Length);
+                    // Allocate extra space for null terminator
+                    WCHAR *commandLine = (WCHAR *)malloc(pebUpp.CommandLine.Length + sizeof(WCHAR));
                     if (commandLine != NULL)
                     {
+                        // Initialize all bytes to zero for safety
+                        memset(commandLine, 0, pebUpp.CommandLine.Length + sizeof(WCHAR));
                         if (ReadProcessMemory(process, pebUpp.CommandLine.Buffer,
                                               commandLine, pebUpp.CommandLine.Length, &dwBytesRead))
                         {
@@ -468,10 +616,10 @@ UINT __stdcall TryStopDeleteService(__in MSIHANDLE hInstall)
     }
 
     if (IsServiceRunningW(svcName)) {
-        WcaLog(LOGMSG_STANDARD, "Service \"%ls\" is not stoped after 1000 ms.", svcName);
+        WcaLog(LOGMSG_STANDARD, "Service \"%ls\" is not stopped after 1000 ms.", svcName);
     }
     else {
-        WcaLog(LOGMSG_STANDARD, "Service \"%ls\" is stoped.", svcName);
+        WcaLog(LOGMSG_STANDARD, "Service \"%ls\" is stopped.", svcName);
     }
 
     if (MyDeleteServiceW(svcName)) {
@@ -497,7 +645,7 @@ UINT __stdcall TryStopDeleteService(__in MSIHANDLE hInstall)
     }
 
     // It's really strange that we need sleep here.
-    // But the upgrading may be stucked at "copying new files" because the file is in using.
+    // But the upgrading may be stuck at "copying new files" because the file is in using.
     // Steps to reproduce: Install -> stop service in tray --> start service -> upgrade
     // Sleep(300);
 
@@ -610,7 +758,7 @@ UINT __stdcall AddRegSoftwareSASGeneration(__in MSIHANDLE hInstall)
     }
 
     // Why RegSetValueExW always return 998?
-    // 
+    //
     result = RegCreateKeyExW(HKEY_LOCAL_MACHINE, subKey, 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hKey, NULL);
     if (result != ERROR_SUCCESS) {
         WcaLog(LOGMSG_STANDARD, "Failed to create or open registry key: %d", result);
@@ -726,7 +874,7 @@ void TryCreateStartServiceByShell(LPWSTR svcName, LPWSTR svcBinary, LPWSTR szSvc
     i = 0;
     j = 0;
     // svcBinary is a string with double quotes, we need to escape it for shell arguments.
-    // It is orignal used for `CreateServiceW`.
+    // It is original used for `CreateServiceW`.
     // eg. "C:\Program Files\MyApp\MyApp.exe" --service -> \"C:\Program Files\MyApp\MyApp.exe\" --service
     while (true) {
         if (svcBinary[j] == L'"') {

res/msi/preprocess.py

@@ -336,7 +336,9 @@ def gen_custom_ARPSYSTEMCOMPONENT_True(args, dist_dir):
             f'{indent}<RegistryValue Type="integer" Name="Language" Value="[ProductLanguage]" />\n'
         )
 
-        estimated_size = get_folder_size(dist_dir)
+        # EstimatedSize in uninstall registry must be in KB.
+        estimated_size_bytes = get_folder_size(dist_dir)
+        estimated_size = max(1, (estimated_size_bytes + 1023) // 1024)
         lines_new.append(
             f'{indent}<RegistryValue Type="integer" Name="EstimatedSize" Value="{estimated_size}" />\n'
         )

res/rpm-flutter-suse.spec

@@ -1,5 +1,5 @@
 Name:       rustdesk
-Version:    1.4.5
+Version:    1.4.6
 Release:    0
 Summary:    RPM package
 License:    GPL-3.0

res/rpm-flutter.spec

@@ -1,5 +1,5 @@
 Name:       rustdesk
-Version:    1.4.5
+Version:    1.4.6
 Release:    0
 Summary:    RPM package
 License:    GPL-3.0

res/rpm.spec

@@ -1,5 +1,5 @@
 Name:       rustdesk
-Version:    1.4.5
+Version:    1.4.6
 Release:    0
 Summary:    RPM package
 License:    GPL-3.0

src/cli.rs

@@ -25,7 +25,13 @@ impl Session {
     pub fn new(id: &str, sender: mpsc::UnboundedSender<Data>) -> Self {
         let mut password = "".to_owned();
         if PeerConfig::load(id).password.is_empty() {
-            password = rpassword::prompt_password("Enter password: ").unwrap();
+            match rpassword::prompt_password("Enter password: ") {
+                Ok(p) => password = p,
+                Err(e) => {
+                    log::error!("Failed to read password: {:?}", e);
+                    password = "".to_owned();
+                }
+            }
         }
         let session = Self {
             id: id.to_owned(),

src/client.rs

@@ -33,7 +33,7 @@ use crate::{
     create_symmetric_key_msg, decode_id_pk, get_rs_pk, is_keyboard_mode_supported,
     kcp_stream::KcpStream,
     secure_tcp,
-    ui_interface::{get_builtin_option, use_texture_render},
+    ui_interface::{get_builtin_option, resolve_avatar_url, use_texture_render},
     ui_session_interface::{InvokeUiSession, Session},
 };
 #[cfg(feature = "unix-file-copy-paste")]
@@ -119,10 +119,13 @@ pub const LOGIN_MSG_NO_PASSWORD_ACCESS: &str = "No Password Access";
 pub const LOGIN_MSG_OFFLINE: &str = "Offline";
 pub const LOGIN_SCREEN_WAYLAND: &str = "Wayland login screen is not supported";
 #[cfg(target_os = "linux")]
-pub const SCRAP_UBUNTU_HIGHER_REQUIRED: &str = "Wayland requires Ubuntu 21.04 or higher version.";
+pub const SCRAP_UBUNTU_HIGHER_REQUIRED: &str = "ubuntu-21-04-required";
 #[cfg(target_os = "linux")]
 pub const SCRAP_OTHER_VERSION_OR_X11_REQUIRED: &str =
-    "Wayland requires higher version of linux distro. Please try X11 desktop or change your OS.";
+    "wayland-requires-higher-linux-version";
+#[cfg(target_os = "linux")]
+pub const SCRAP_XDP_PORTAL_UNAVAILABLE: &str =
+    "xdp-portal-unavailable";
 pub const SCRAP_X11_REQUIRED: &str = "x11 expected";
 pub const SCRAP_X11_REF_URL: &str = "https://rustdesk.com/docs/en/manual/linux/#x11-required";
 
@@ -2625,15 +2628,32 @@ impl LoginConfigHandler {
         } else {
             (my_id, self.id.clone())
         };
+        let mut avatar = get_builtin_option(keys::OPTION_AVATAR);
+        if avatar.is_empty() {
+            avatar = serde_json::from_str::<serde_json::Value>(&LocalConfig::get_option(
+                "user_info",
+            ))
+            .ok()
+            .and_then(|x| {
+                x.get("avatar")
+                    .and_then(|x| x.as_str())
+                    .map(|x| x.trim().to_owned())
+            })
+            .unwrap_or_default();
+        }
+        avatar = resolve_avatar_url(avatar);
         let mut display_name = get_builtin_option(keys::OPTION_DISPLAY_NAME);
         if display_name.is_empty() {
             display_name =
                 serde_json::from_str::<serde_json::Value>(&LocalConfig::get_option("user_info"))
                     .map(|x| {
-                        x.get("name")
-                            .map(|x| x.as_str().unwrap_or_default())
+                        x.get("display_name")
+                            .and_then(|x| x.as_str())
+                            .map(|x| x.trim())
+                            .filter(|x| !x.is_empty())
+                            .or_else(|| x.get("name").and_then(|x| x.as_str()))
+                            .map(|x| x.to_owned())
                             .unwrap_or_default()
-                            .to_owned()
                     })
                     .unwrap_or_default();
         }
@@ -2681,6 +2701,7 @@ impl LoginConfigHandler {
             })
             .into(),
             hwid,
+            avatar,
             ..Default::default()
         };
         match self.conn_type {
@@ -3849,6 +3870,7 @@ pub fn check_if_retry(msgtype: &str, title: &str, text: &str, retry_for_relay: b
                 && !text.to_lowercase().contains("resolve")
                 && !text.to_lowercase().contains("mismatch")
                 && !text.to_lowercase().contains("manually")
+                && !text.to_lowercase().contains("restricted")
                 && !text.to_lowercase().contains("not allowed")))
 }
 

src/client/io_loop.rs

@@ -586,7 +586,6 @@ impl<T: InvokeUiSession> Remote<T> {
                         file_num,
                         include_hidden,
                         is_remote,
-                        Vec::new(),
                         od,
                     ));
                     allow_err!(
@@ -659,7 +658,6 @@ impl<T: InvokeUiSession> Remote<T> {
                         file_num,
                         include_hidden,
                         is_remote,
-                        Vec::new(),
                         od,
                     );
                     job.is_last_job = true;
@@ -845,19 +843,7 @@ impl<T: InvokeUiSession> Remote<T> {
                 }
             }
             Data::CancelJob(id) => {
-                let mut msg_out = Message::new();
-                let mut file_action = FileAction::new();
-                file_action.set_cancel(FileTransferCancel {
-                    id: id,
-                    ..Default::default()
-                });
-                msg_out.set_file_action(file_action);
-                allow_err!(peer.send(&msg_out).await);
-                if let Some(job) = fs::remove_job(id, &mut self.write_jobs) {
-                    job.remove_download_file();
-                }
-                let _ = fs::remove_job(id, &mut self.read_jobs);
-                self.remove_jobs.remove(&id);
+                self.cancel_transfer_job(id, peer).await;
             }
             Data::RemoveDir((id, path)) => {
                 let mut msg_out = Message::new();
@@ -1053,6 +1039,22 @@ impl<T: InvokeUiSession> Remote<T> {
         }
     }
 
+    async fn cancel_transfer_job(&mut self, id: i32, peer: &mut Stream) {
+        let mut msg_out = Message::new();
+        let mut file_action = FileAction::new();
+        file_action.set_cancel(FileTransferCancel {
+            id,
+            ..Default::default()
+        });
+        msg_out.set_file_action(file_action);
+        allow_err!(peer.send(&msg_out).await);
+        if let Some(job) = fs::remove_job(id, &mut self.write_jobs) {
+            job.remove_download_file();
+        }
+        let _ = fs::remove_job(id, &mut self.read_jobs);
+        self.remove_jobs.remove(&id);
+    }
+
     pub async fn sync_jobs_status_to_local(&mut self) -> bool {
         if !self.is_connected {
             return false;
@@ -1446,6 +1448,23 @@ impl<T: InvokeUiSession> Remote<T> {
                     if !self.handler.lc.read().unwrap().disable_clipboard.v {
                         #[cfg(not(any(target_os = "android", target_os = "ios")))]
                         update_clipboard(_mcb.clipboards, ClipboardSide::Client);
+                        #[cfg(target_os = "ios")]
+                        {
+                            if let Some(cb) = _mcb
+                                .clipboards
+                                .iter()
+                                .find(|c| c.format.enum_value() == Ok(ClipboardFormat::Text))
+                            {
+                                let content = if cb.compress {
+                                    hbb_common::compress::decompress(&cb.content)
+                                } else {
+                                    cb.content.to_vec()
+                                };
+                                if let Ok(content) = String::from_utf8(content) {
+                                    self.handler.clipboard(content);
+                                }
+                            }
+                        }
                         #[cfg(target_os = "android")]
                         crate::clipboard::handle_msg_multi_clipboards(_mcb);
                     }
@@ -1470,14 +1489,43 @@ impl<T: InvokeUiSession> Remote<T> {
                                     fs::transform_windows_path(&mut entries);
                                 }
                             }
-                            self.handler
-                                .update_folder_files(fd.id, &entries, fd.path, false, false);
+                            // We cannot call cancel_transfer_job/handle_job_status while holding
+                            // a mutable borrow from fs::get_job(&mut self.write_jobs), so defer
+                            // the error handling until after the borrow scope ends.
+                            let mut set_files_err = None;
                             if let Some(job) = fs::get_job(fd.id, &mut self.write_jobs) {
                                 log::info!("job set_files: {:?}", entries);
-                                job.set_files(entries);
-                                job.set_finished_size_on_resume();
+                                if let Err(err) = job.set_files(entries) {
+                                    set_files_err = Some(err.to_string());
+                                } else {
+                                    job.set_finished_size_on_resume();
+                                    self.handler.update_folder_files(
+                                        fd.id,
+                                        job.files(),
+                                        fd.path,
+                                        false,
+                                        false,
+                                    );
+                                }
                             } else if let Some(job) = self.remove_jobs.get_mut(&fd.id) {
+                                // Intentionally keep raw entries here:
+                                // - remote remove flow executes deletions on peer side;
+                                // - local remove flow is populated from local get_recursive_files().
                                 job.files = entries;
+                                self.handler
+                                    .update_folder_files(fd.id, &job.files, fd.path, false, false);
+                            } else {
+                                self.handler
+                                    .update_folder_files(fd.id, &entries, fd.path, false, false);
+                            }
+                            if let Some(err) = set_files_err {
+                                log::warn!(
+                                    "Rejected unsafe file list from remote peer for job {}: {}",
+                                    fd.id,
+                                    err
+                                );
+                                self.cancel_transfer_job(fd.id, peer).await;
+                                self.handle_job_status(fd.id, -1, Some(err));
                             }
                         }
                         Some(file_response::Union::Digest(digest)) => {

src/clipboard.rs

@@ -197,7 +197,7 @@ pub fn check_clipboard_cm() -> ResultType<MultiClipboards> {
 
 #[cfg(not(target_os = "android"))]
 fn update_clipboard_(multi_clipboards: Vec<Clipboard>, side: ClipboardSide) {
-    let to_update_data = proto::from_multi_clipbards(multi_clipboards);
+    let to_update_data = proto::from_multi_clipboards(multi_clipboards);
     if to_update_data.is_empty() {
         return;
     }
@@ -432,7 +432,7 @@ impl ClipboardContext {
                 #[cfg(target_os = "macos")]
                 let is_kde_x11 = false;
                 let clear_holder_text = if is_kde_x11 {
-                    "RustDesk placeholder to clear the file clipbard"
+                    "RustDesk placeholder to clear the file clipboard"
                 } else {
                     ""
                 }
@@ -672,7 +672,7 @@ mod proto {
     }
 
     #[cfg(not(target_os = "android"))]
-    pub fn from_multi_clipbards(multi_clipboards: Vec<Clipboard>) -> Vec<ClipboardData> {
+    pub fn from_multi_clipboards(multi_clipboards: Vec<Clipboard>) -> Vec<ClipboardData> {
         multi_clipboards
             .into_iter()
             .filter_map(from_clipboard)
@@ -814,7 +814,7 @@ pub mod clipboard_listener {
                 subscribers: listener_lock.subscribers.clone(),
             };
             let (tx_start_res, rx_start_res) = channel();
-            let h = start_clipbard_master_thread(handler, tx_start_res);
+            let h = start_clipboard_master_thread(handler, tx_start_res);
             let shutdown = match rx_start_res.recv() {
                 Ok((Some(s), _)) => s,
                 Ok((None, err)) => {
@@ -854,7 +854,7 @@ pub mod clipboard_listener {
         log::info!("Clipboard listener unsubscribed: {}", name);
     }
 
-    fn start_clipbard_master_thread(
+    fn start_clipboard_master_thread(
         handler: impl ClipboardHandler + Send + 'static,
         tx_start_res: Sender<(Option<Shutdown>, String)>,
     ) -> JoinHandle<()> {

src/common.rs

@@ -39,7 +39,7 @@ use hbb_common::{
 
 use crate::{
     hbbs_http::{create_http_client_async, get_url_for_tls},
-    ui_interface::{get_option, set_option},
+    ui_interface::{get_api_server as ui_get_api_server, get_option, is_installed, set_option},
 };
 
 #[derive(Debug, Eq, PartialEq)]
@@ -1086,6 +1086,7 @@ fn get_api_server_(api: String, custom: String) -> String {
 
 #[inline]
 pub fn is_public(url: &str) -> bool {
+    let url = url.to_ascii_lowercase();
     url.contains("rustdesk.com/") || url.ends_with("rustdesk.com")
 }
 
@@ -1123,22 +1124,286 @@ pub fn get_audit_server(api: String, custom: String, typ: String) -> String {
     format!("{}/api/audit/{}", url, typ)
 }
 
-pub async fn post_request(url: String, body: String, header: &str) -> ResultType<String> {
+/// Check if we should use raw TCP proxy for API calls.
+/// Returns true if USE_RAW_TCP_FOR_API builtin option is "Y", WebSocket is off,
+/// and the target URL belongs to the configured non-public API host.
+#[inline]
+fn should_use_raw_tcp_for_api(url: &str) -> bool {
+    get_builtin_option(keys::OPTION_USE_RAW_TCP_FOR_API) == "Y"
+        && !use_ws()
+        && is_tcp_proxy_api_target(url)
+}
+
+/// Check if we can attempt raw TCP proxy fallback for this target URL.
+#[inline]
+fn can_fallback_to_raw_tcp(url: &str) -> bool {
+    !use_ws() && is_tcp_proxy_api_target(url)
+}
+
+#[inline]
+fn should_use_tcp_proxy_for_api_url(url: &str, api_url: &str) -> bool {
+    if api_url.is_empty() || is_public(api_url) {
+        return false;
+    }
+
+    let target_host = url::Url::parse(url)
+        .ok()
+        .and_then(|parsed| parsed.host_str().map(|host| host.to_ascii_lowercase()));
+    let api_host = url::Url::parse(api_url)
+        .ok()
+        .and_then(|parsed| parsed.host_str().map(|host| host.to_ascii_lowercase()));
+
+    matches!((target_host, api_host), (Some(target), Some(api)) if target == api)
+}
+
+#[inline]
+fn is_tcp_proxy_api_target(url: &str) -> bool {
+    should_use_tcp_proxy_for_api_url(url, &ui_get_api_server())
+}
+
+fn tcp_proxy_log_target(url: &str) -> String {
+    url::Url::parse(url)
+        .ok()
+        .map(|parsed| {
+            let mut redacted = format!("{}://", parsed.scheme());
+            let Some(host) = parsed.host() else {
+                return "<invalid-url>".to_owned();
+            };
+            redacted.push_str(&host.to_string());
+            if let Some(port) = parsed.port() {
+                redacted.push(':');
+                redacted.push_str(&port.to_string());
+            }
+            redacted.push_str(parsed.path());
+            redacted
+        })
+        .unwrap_or_else(|| "<invalid-url>".to_owned())
+}
+
+#[inline]
+fn get_tcp_proxy_addr() -> String {
+    check_port(Config::get_rendezvous_server(), RENDEZVOUS_PORT)
+}
+
+/// Send an HTTP request via the rendezvous server's TCP proxy using protobuf.
+/// Connects with `connect_tcp` + `secure_tcp`, sends `HttpProxyRequest`,
+/// receives `HttpProxyResponse`.
+///
+/// The entire operation (connect + handshake + send + receive) is wrapped in
+/// an overall timeout of `CONNECT_TIMEOUT + READ_TIMEOUT` so that a stall at
+/// any stage cannot block the caller indefinitely.
+async fn tcp_proxy_request(
+    method: &str,
+    url: &str,
+    body: &[u8],
+    headers: Vec<HeaderEntry>,
+) -> ResultType<HttpProxyResponse> {
+    let tcp_addr = get_tcp_proxy_addr();
+    if tcp_addr.is_empty() {
+        bail!("No rendezvous server configured for TCP proxy");
+    }
+
+    let parsed = url::Url::parse(url)?;
+    let path = if let Some(query) = parsed.query() {
+        format!("{}?{}", parsed.path(), query)
+    } else {
+        parsed.path().to_string()
+    };
+
+    log::debug!(
+        "Sending {} {} via TCP proxy to {}",
+        method,
+        parsed.path(),
+        tcp_addr
+    );
+
+    let overall_timeout = CONNECT_TIMEOUT + READ_TIMEOUT;
+    timeout(overall_timeout, async {
+        let mut conn = socket_client::connect_tcp(&*tcp_addr, CONNECT_TIMEOUT).await?;
+        let key = crate::get_key(true).await;
+        secure_tcp_silent(&mut conn, &key).await?;
+
+        let mut req = HttpProxyRequest::new();
+        req.method = method.to_uppercase();
+        req.path = path;
+        req.headers = headers.into();
+        req.body = Bytes::from(body.to_vec());
+
+        let mut msg_out = RendezvousMessage::new();
+        msg_out.set_http_proxy_request(req);
+        conn.send(&msg_out).await?;
+
+        match conn.next().await {
+            Some(Ok(bytes)) => {
+                let msg_in = RendezvousMessage::parse_from_bytes(&bytes)?;
+                match msg_in.union {
+                    Some(rendezvous_message::Union::HttpProxyResponse(resp)) => Ok(resp),
+                    _ => bail!("Unexpected response from TCP proxy"),
+                }
+            }
+            Some(Err(e)) => bail!("TCP proxy read error: {}", e),
+            None => bail!("TCP proxy connection closed without response"),
+        }
+    })
+    .await?
+}
+
+/// Build HeaderEntry list from "Key: Value" style header string (used by post_request).
+/// If the caller supplies a Content-Type header it overrides the default `application/json`.
+fn parse_simple_header(header: &str) -> Vec<HeaderEntry> {
+    let mut entries = Vec::new();
+    let mut has_content_type = false;
+    if !header.is_empty() {
+        let tmp: Vec<&str> = header.splitn(2, ": ").collect();
+        if tmp.len() == 2 {
+            if tmp[0].eq_ignore_ascii_case("Content-Type") {
+                has_content_type = true;
+            }
+            entries.push(HeaderEntry {
+                name: tmp[0].into(),
+                value: tmp[1].into(),
+                ..Default::default()
+            });
+        }
+    }
+    if !has_content_type {
+        entries.insert(
+            0,
+            HeaderEntry {
+                name: "Content-Type".into(),
+                value: "application/json".into(),
+                ..Default::default()
+            },
+        );
+    }
+    entries
+}
+
+/// POST request via TCP proxy.
+async fn post_request_via_tcp_proxy(url: &str, body: &str, header: &str) -> ResultType<String> {
+    let headers = parse_simple_header(header);
+    let resp = tcp_proxy_request("POST", url, body.as_bytes(), headers).await?;
+    if !resp.error.is_empty() {
+        bail!("TCP proxy error: {}", resp.error);
+    }
+    Ok(String::from_utf8_lossy(&resp.body).to_string())
+}
+
+fn http_proxy_response_to_json(resp: HttpProxyResponse) -> ResultType<String> {
+    if !resp.error.is_empty() {
+        bail!("TCP proxy error: {}", resp.error);
+    }
+
+    let mut response_headers = Map::new();
+    for entry in resp.headers.iter() {
+        response_headers.insert(entry.name.to_lowercase(), json!(entry.value));
+    }
+
+    let mut result = Map::new();
+    result.insert("status_code".to_string(), json!(resp.status));
+    result.insert("headers".to_string(), Value::Object(response_headers));
+    result.insert(
+        "body".to_string(),
+        json!(String::from_utf8_lossy(&resp.body)),
+    );
+
+    serde_json::to_string(&result).map_err(|e| anyhow!("Failed to serialize response: {}", e))
+}
+
+fn parse_json_header_entries(header: &str) -> ResultType<Vec<HeaderEntry>> {
+    let v: Value = serde_json::from_str(header)?;
+    if let Value::Object(obj) = v {
+        Ok(obj
+            .iter()
+            .map(|(key, value)| HeaderEntry {
+                name: key.clone(),
+                value: value.as_str().unwrap_or_default().into(),
+                ..Default::default()
+            })
+            .collect())
+    } else {
+        Err(anyhow!("HTTP header information parsing failed!"))
+    }
+}
+
+/// Returns (status_code, body_text). Separating status so the wrapper can decide on fallback.
+async fn post_request_http(url: &str, body: &str, header: &str) -> ResultType<(u16, String)> {
     let proxy_conf = Config::get_socks();
-    let tls_url = get_url_for_tls(&url, &proxy_conf);
+    let tls_url = get_url_for_tls(url, &proxy_conf);
     let tls_type = get_cached_tls_type(tls_url);
     let danger_accept_invalid_cert = get_cached_tls_accept_invalid_cert(tls_url);
     let response = post_request_(
-        &url,
+        url,
         tls_url,
-        body.clone(),
+        body.to_owned(),
         header,
         tls_type,
         danger_accept_invalid_cert,
         danger_accept_invalid_cert,
     )
     .await?;
-    Ok(response.text().await?)
+    let status = response.status().as_u16();
+    let text = response.text().await?;
+    Ok((status, text))
+}
+
+/// Try `http_fn` first; on connection failure or 5xx, fall back to `tcp_fn`
+/// if the URL is eligible. 4xx responses are returned as-is.
+async fn with_tcp_proxy_fallback<HttpFut, TcpFut>(
+    url: &str,
+    method: &str,
+    http_fn: HttpFut,
+    tcp_fn: TcpFut,
+) -> ResultType<String>
+where
+    HttpFut: Future<Output = ResultType<(u16, String)>>,
+    TcpFut: Future<Output = ResultType<String>>,
+{
+    if should_use_raw_tcp_for_api(url) {
+        return tcp_fn.await;
+    }
+
+    let http_result = http_fn.await;
+    let should_fallback = match &http_result {
+        Err(_) => true,
+        Ok((status, _)) => *status >= 500,
+    };
+
+    if should_fallback && can_fallback_to_raw_tcp(url) {
+        log::warn!(
+            "HTTP {} to {} failed or 5xx (result: {:?}), trying TCP proxy fallback",
+            method,
+            tcp_proxy_log_target(url),
+            http_result
+                .as_ref()
+                .map(|(s, _)| *s)
+                .map_err(|e| e.to_string()),
+        );
+        match tcp_fn.await {
+            Ok(resp) => return Ok(resp),
+            Err(tcp_err) => {
+                log::warn!("TCP proxy fallback also failed: {:?}", tcp_err);
+            }
+        }
+    }
+
+    http_result.map(|(_status, text)| text)
+}
+
+/// POST request with raw TCP proxy support.
+/// - If `USE_RAW_TCP_FOR_API` is "Y" and WS is off, goes directly through TCP proxy.
+/// - Otherwise tries HTTP first; on connection failure or 5xx status,
+///   falls back to TCP proxy if WS is off.
+/// - 4xx responses are returned as-is (server is reachable, business logic error).
+/// - If fallback also fails, returns the original HTTP result (text or error).
+pub async fn post_request(url: String, body: String, header: &str) -> ResultType<String> {
+    with_tcp_proxy_fallback(
+        &url,
+        "POST",
+        post_request_http(&url, &body, header),
+        post_request_via_tcp_proxy(&url, &body, header),
+    )
+    .await
 }
 
 #[async_recursion]
@@ -1246,21 +1511,16 @@ async fn get_http_response_async(
         tls_type.unwrap_or(TlsType::Rustls),
         danger_accept_invalid_cert.unwrap_or(false),
     );
-    let mut http_client = match method {
+    let normalized_method = method.to_ascii_lowercase();
+    let mut http_client = match normalized_method.as_str() {
         "get" => http_client.get(url),
         "post" => http_client.post(url),
         "put" => http_client.put(url),
         "delete" => http_client.delete(url),
         _ => return Err(anyhow!("The HTTP request method is not supported!")),
     };
-    let v = serde_json::from_str(header)?;
-
-    if let Value::Object(obj) = v {
-        for (key, value) in obj.iter() {
-            http_client = http_client.header(key, value.as_str().unwrap_or_default());
-        }
-    } else {
-        return Err(anyhow!("HTTP header information parsing failed!"));
+    for entry in parse_json_header_entries(header)? {
+        http_client = http_client.header(entry.name, entry.value);
     }
 
     if tls_type.is_some() && danger_accept_invalid_cert.is_some() {
@@ -1340,6 +1600,51 @@ async fn get_http_response_async(
     }
 }
 
+/// Returns (status_code, json_string) so the caller can inspect the status
+/// without re-parsing the serialized JSON.
+async fn http_request_http(
+    url: &str,
+    method: &str,
+    body: Option<String>,
+    header: &str,
+) -> ResultType<(u16, String)> {
+    let proxy_conf = Config::get_socks();
+    let tls_url = get_url_for_tls(url, &proxy_conf);
+    let tls_type = get_cached_tls_type(tls_url);
+    let danger_accept_invalid_cert = get_cached_tls_accept_invalid_cert(tls_url);
+    let response = get_http_response_async(
+        url,
+        tls_url,
+        method,
+        body,
+        header,
+        tls_type,
+        danger_accept_invalid_cert,
+        danger_accept_invalid_cert,
+    )
+    .await?;
+    // Serialize response headers
+    let mut response_headers = Map::new();
+    for (key, value) in response.headers() {
+        response_headers.insert(key.to_string(), json!(value.to_str().unwrap_or("")));
+    }
+
+    let status_code = response.status().as_u16();
+    let response_body = response.text().await?;
+
+    // Construct the JSON object
+    let mut result = Map::new();
+    result.insert("status_code".to_string(), json!(status_code));
+    result.insert("headers".to_string(), Value::Object(response_headers));
+    result.insert("body".to_string(), json!(response_body));
+
+    // Convert map to JSON string
+    let json_str = serde_json::to_string(&result)
+        .map_err(|e| anyhow!("Failed to serialize response: {}", e))?;
+    Ok((status_code, json_str))
+}
+
+/// HTTP request with raw TCP proxy support.
 #[tokio::main(flavor = "current_thread")]
 pub async fn http_request_sync(
     url: String,
@@ -1347,44 +1652,28 @@ pub async fn http_request_sync(
     body: Option<String>,
     header: String,
 ) -> ResultType<String> {
-    let proxy_conf = Config::get_socks();
-    let tls_url = get_url_for_tls(&url, &proxy_conf);
-    let tls_type = get_cached_tls_type(tls_url);
-    let danger_accept_invalid_cert = get_cached_tls_accept_invalid_cert(tls_url);
-    let response = get_http_response_async(
+    with_tcp_proxy_fallback(
         &url,
-        tls_url,
         &method,
-        body.clone(),
-        &header,
-        tls_type,
-        danger_accept_invalid_cert,
-        danger_accept_invalid_cert,
+        http_request_http(&url, &method, body.clone(), &header),
+        http_request_via_tcp_proxy(&url, &method, body.as_deref(), &header),
     )
-    .await?;
-    // Serialize response headers
-    let mut response_headers = serde_json::map::Map::new();
-    for (key, value) in response.headers() {
-        response_headers.insert(
-            key.to_string(),
-            serde_json::json!(value.to_str().unwrap_or("")),
-        );
-    }
+    .await
+}
 
-    let status_code = response.status().as_u16();
-    let response_body = response.text().await?;
+/// General HTTP request via TCP proxy. Header is a JSON string (used by http_request_sync).
+/// Returns a JSON string with status_code, headers, body (same format as http_request_sync).
+async fn http_request_via_tcp_proxy(
+    url: &str,
+    method: &str,
+    body: Option<&str>,
+    header: &str,
+) -> ResultType<String> {
+    let headers = parse_json_header_entries(header)?;
+    let body_bytes = body.unwrap_or("").as_bytes();
 
-    // Construct the JSON object
-    let mut result = serde_json::map::Map::new();
-    result.insert("status_code".to_string(), serde_json::json!(status_code));
-    result.insert(
-        "headers".to_string(),
-        serde_json::Value::Object(response_headers),
-    );
-    result.insert("body".to_string(), serde_json::json!(response_body));
-
-    // Convert map to JSON string
-    serde_json::to_string(&result).map_err(|e| anyhow!("Failed to serialize response: {}", e))
+    let resp = tcp_proxy_request(method, url, body_bytes, headers).await?;
+    http_proxy_response_to_json(resp)
 }
 
 #[inline]
@@ -1647,7 +1936,7 @@ pub fn check_process(arg: &str, mut same_uid: bool) -> bool {
     false
 }
 
-pub async fn secure_tcp(conn: &mut Stream, key: &str) -> ResultType<()> {
+async fn secure_tcp_impl(conn: &mut Stream, key: &str, log_on_success: bool) -> ResultType<()> {
     // Skip additional encryption when using WebSocket connections (wss://)
     // as WebSocket Secure (wss://) already provides transport layer encryption.
     // This doesn't affect the end-to-end encryption between clients,
@@ -1680,7 +1969,9 @@ pub async fn secure_tcp(conn: &mut Stream, key: &str) -> ResultType<()> {
                         });
                         timeout(CONNECT_TIMEOUT, conn.send(&msg_out)).await??;
                         conn.set_key(key);
-                        log::info!("Connection secured");
+                        if log_on_success {
+                            log::info!("Connection secured");
+                        }
                     }
                     _ => {}
                 }
@@ -1691,6 +1982,14 @@ pub async fn secure_tcp(conn: &mut Stream, key: &str) -> ResultType<()> {
     Ok(())
 }
 
+pub async fn secure_tcp(conn: &mut Stream, key: &str) -> ResultType<()> {
+    secure_tcp_impl(conn, key, true).await
+}
+
+async fn secure_tcp_silent(conn: &mut Stream, key: &str) -> ResultType<()> {
+    secure_tcp_impl(conn, key, false).await
+}
+
 #[inline]
 fn get_pk(pk: &[u8]) -> Option<[u8; 32]> {
     if pk.len() == 32 {
@@ -2468,11 +2767,13 @@ mod tests {
         assert!(is_public("https://rustdesk.com/"));
         assert!(is_public("https://www.rustdesk.com/"));
         assert!(is_public("https://api.rustdesk.com/v1"));
+        assert!(is_public("https://API.RUSTDESK.COM/v1"));
         assert!(is_public("https://rustdesk.com/path"));
 
         // Test URLs ending with "rustdesk.com"
         assert!(is_public("rustdesk.com"));
         assert!(is_public("https://rustdesk.com"));
+        assert!(is_public("https://RustDesk.com"));
         assert!(is_public("http://www.rustdesk.com"));
         assert!(is_public("https://api.rustdesk.com"));
 
@@ -2485,6 +2786,193 @@ mod tests {
         assert!(!is_public("rustdesk.comhello.com"));
     }
 
+    #[test]
+    fn test_should_use_tcp_proxy_for_api_url() {
+        assert!(should_use_tcp_proxy_for_api_url(
+            "https://admin.example.com/api/login",
+            "https://admin.example.com"
+        ));
+        assert!(should_use_tcp_proxy_for_api_url(
+            "https://admin.example.com:21114/api/login",
+            "https://admin.example.com"
+        ));
+        assert!(!should_use_tcp_proxy_for_api_url(
+            "https://api.telegram.org/bot123/sendMessage",
+            "https://admin.example.com"
+        ));
+        assert!(!should_use_tcp_proxy_for_api_url(
+            "https://admin.rustdesk.com/api/login",
+            "https://admin.rustdesk.com"
+        ));
+        assert!(!should_use_tcp_proxy_for_api_url(
+            "https://admin.example.com/api/login",
+            "not a url"
+        ));
+        assert!(!should_use_tcp_proxy_for_api_url(
+            "not a url",
+            "https://admin.example.com"
+        ));
+    }
+
+    #[test]
+    fn test_get_tcp_proxy_addr_normalizes_bare_ipv6_host() {
+        struct RestoreCustomRendezvousServer(String);
+
+        impl Drop for RestoreCustomRendezvousServer {
+            fn drop(&mut self) {
+                Config::set_option(
+                    keys::OPTION_CUSTOM_RENDEZVOUS_SERVER.to_string(),
+                    self.0.clone(),
+                );
+            }
+        }
+
+        let _restore = RestoreCustomRendezvousServer(Config::get_option(
+            keys::OPTION_CUSTOM_RENDEZVOUS_SERVER,
+        ));
+        Config::set_option(
+            keys::OPTION_CUSTOM_RENDEZVOUS_SERVER.to_string(),
+            "1:2".to_string(),
+        );
+
+        assert_eq!(get_tcp_proxy_addr(), format!("[1:2]:{RENDEZVOUS_PORT}"));
+    }
+
+    #[tokio::test]
+    async fn test_http_request_via_tcp_proxy_rejects_invalid_header_json() {
+        let result = http_request_via_tcp_proxy("not a url", "get", None, "{").await;
+        assert!(result.is_err());
+    }
+
+    #[tokio::test]
+    async fn test_http_request_via_tcp_proxy_rejects_non_object_header_json() {
+        let err = http_request_via_tcp_proxy("not a url", "get", None, "[]")
+            .await
+            .unwrap_err()
+            .to_string();
+        assert!(err.contains("HTTP header information parsing failed!"));
+    }
+
+    #[test]
+    fn test_parse_json_header_entries_preserves_single_content_type() {
+        let headers = parse_json_header_entries(
+            r#"{"Content-Type":"text/plain","Authorization":"Bearer token"}"#,
+        )
+        .unwrap();
+
+        assert_eq!(
+            headers
+                .iter()
+                .filter(|entry| entry.name.eq_ignore_ascii_case("Content-Type"))
+                .count(),
+            1
+        );
+        assert_eq!(
+            headers
+                .iter()
+                .find(|entry| entry.name.eq_ignore_ascii_case("Content-Type"))
+                .map(|entry| entry.value.as_str()),
+            Some("text/plain")
+        );
+    }
+
+    #[test]
+    fn test_parse_json_header_entries_does_not_add_default_content_type() {
+        let headers = parse_json_header_entries(r#"{"Authorization":"Bearer token"}"#).unwrap();
+
+        assert!(!headers
+            .iter()
+            .any(|entry| entry.name.eq_ignore_ascii_case("Content-Type")));
+    }
+
+    #[test]
+    fn test_parse_simple_header_respects_custom_content_type() {
+        let headers = parse_simple_header("Content-Type: text/plain");
+
+        assert_eq!(
+            headers
+                .iter()
+                .filter(|entry| entry.name.eq_ignore_ascii_case("Content-Type"))
+                .count(),
+            1
+        );
+        assert_eq!(
+            headers
+                .iter()
+                .find(|entry| entry.name.eq_ignore_ascii_case("Content-Type"))
+                .map(|entry| entry.value.as_str()),
+            Some("text/plain")
+        );
+    }
+
+    #[test]
+    fn test_parse_simple_header_preserves_non_content_type_header() {
+        let headers = parse_simple_header("Authorization: Bearer token");
+
+        assert!(headers.iter().any(|entry| {
+            entry.name.eq_ignore_ascii_case("Authorization")
+                && entry.value.as_str() == "Bearer token"
+        }));
+        assert_eq!(
+            headers
+                .iter()
+                .filter(|entry| entry.name.eq_ignore_ascii_case("Content-Type"))
+                .count(),
+            1
+        );
+        assert_eq!(
+            headers
+                .iter()
+                .find(|entry| entry.name.eq_ignore_ascii_case("Content-Type"))
+                .map(|entry| entry.value.as_str()),
+            Some("application/json")
+        );
+    }
+
+    #[test]
+    fn test_tcp_proxy_log_target_redacts_query_only() {
+        assert_eq!(
+            tcp_proxy_log_target("https://example.com/api/heartbeat?token=secret"),
+            "https://example.com/api/heartbeat"
+        );
+    }
+
+    #[test]
+    fn test_tcp_proxy_log_target_brackets_ipv6_host_with_port() {
+        assert_eq!(
+            tcp_proxy_log_target("https://[2001:db8::1]:21114/api/heartbeat?token=secret"),
+            "https://[2001:db8::1]:21114/api/heartbeat"
+        );
+    }
+
+    #[test]
+    fn test_http_proxy_response_to_json() {
+        let mut resp = HttpProxyResponse {
+            status: 200,
+            body: br#"{"ok":true}"#.to_vec().into(),
+            ..Default::default()
+        };
+        resp.headers.push(HeaderEntry {
+            name: "Content-Type".into(),
+            value: "application/json".into(),
+            ..Default::default()
+        });
+
+        let json = http_proxy_response_to_json(resp).unwrap();
+        let value: Value = serde_json::from_str(&json).unwrap();
+        assert_eq!(value["status_code"], 200);
+        assert_eq!(value["headers"]["content-type"], "application/json");
+        assert_eq!(value["body"], r#"{"ok":true}"#);
+
+        let err = http_proxy_response_to_json(HttpProxyResponse {
+            error: "dial failed".into(),
+            ..Default::default()
+        })
+        .unwrap_err()
+        .to_string();
+        assert!(err.contains("TCP proxy error: dial failed"));
+    }
+
     #[test]
     fn test_mouse_event_constants_and_mask_layout() {
         use super::input::*;

src/core_main.rs

@@ -187,7 +187,10 @@ pub fn core_main() -> Option<Vec<String>> {
         }
 
         #[cfg(windows)]
-        hbb_common::config::PeerConfig::preload_peers();
+        {
+            crate::platform::try_remove_temp_update_files();
+            hbb_common::config::PeerConfig::preload_peers();
+        }
         std::thread::spawn(move || crate::start_server(false, no_server));
     } else {
         #[cfg(windows)]
@@ -202,17 +205,24 @@ pub fn core_main() -> Option<Vec<String>> {
                 if config::is_disable_installation() {
                     return None;
                 }
-                let res = platform::update_me(false);
-                let text = match res {
-                    Ok(_) => translate("Update successfully!".to_string()),
-                    Err(err) => {
-                        log::error!("Failed with error: {err}");
-                        translate("Update failed!".to_string())
+
+                let text = match crate::platform::prepare_custom_client_update() {
+                    Err(e) => {
+                        log::error!("Error preparing custom client update: {}", e);
+                        "Update failed!".to_string()
                     }
+                    Ok(false) => "Update failed!".to_string(),
+                    Ok(true) => match platform::update_me(false) {
+                        Ok(_) => "Updated successfully!".to_string(),
+                        Err(err) => {
+                            log::error!("Failed with error: {err}");
+                            "Update failed!".to_string()
+                        }
+                    },
                 };
                 Toast::new(Toast::POWERSHELL_APP_ID)
                     .title(&config::APP_NAME.read().unwrap())
-                    .text1(&text)
+                    .text1(&translate(text))
                     .sound(Some(Sound::Default))
                     .duration(Duration::Short)
                     .show()
@@ -325,8 +335,8 @@ pub fn core_main() -> Option<Vec<String>> {
                     log::info!("Starting update process...");
                     let _text = match platform::update_me() {
                         Ok(_) => {
-                            println!("{}", translate("Update successfully!".to_string()));
-                            log::info!("Update successfully!");
+                            println!("{}", translate("Updated successfully!".to_string()));
+                            log::info!("Updated successfully!");
                         }
                         Err(err) => {
                             eprintln!("Update failed with error: {}", err);

src/flutter_ffi.rs

@@ -575,6 +575,7 @@ pub fn session_handle_flutter_key_event(
     if let Some(session) = sessions::get_session_by_session_id(&session_id) {
         let keyboard_mode = session.get_keyboard_mode();
         session.handle_flutter_key_event(
+            session_id,
             &keyboard_mode,
             &character,
             usb_hid,
@@ -595,6 +596,7 @@ pub fn session_handle_flutter_raw_key_event(
     if let Some(session) = sessions::get_session_by_session_id(&session_id) {
         let keyboard_mode = session.get_keyboard_mode();
         session.handle_flutter_raw_key_event(
+            session_id,
             &keyboard_mode,
             &name,
             platform_code,
@@ -605,21 +607,30 @@ pub fn session_handle_flutter_raw_key_event(
     }
 }
 
-// SyncReturn<()> is used to make sure enter() and leave() are executed in the sequence this function is called.
-//
 // If the cursor jumps between remote page of two connections, leave view and enter view will be called.
 // session_enter_or_leave() will be called then.
-// As rust is multi-thread, it is possible that enter() is called before leave().
-// This will cause the keyboard input to take no effect.
+// As Rust is multi-threaded, enter() can be called before leave().
+// The Rust-side grab ownership state filters stale transitions.
 pub fn session_enter_or_leave(_session_id: SessionID, _enter: bool) -> SyncReturn<()> {
     #[cfg(not(any(target_os = "android", target_os = "ios")))]
     if let Some(session) = sessions::get_session_by_session_id(&_session_id) {
         let keyboard_mode = session.get_keyboard_mode();
+        // Use the full per-window UUID (not lc.session_id which is per-connection)
+        // so that two windows viewing the same peer get distinct grab owners.
+        let window_id = _session_id.as_u128();
         if _enter {
             set_cur_session_id_(_session_id, &keyboard_mode);
-            session.enter(keyboard_mode);
+            crate::keyboard::client::change_grab_status(
+                crate::common::GrabState::Run,
+                &keyboard_mode,
+                window_id,
+            );
         } else {
-            session.leave(keyboard_mode);
+            crate::keyboard::client::change_grab_status(
+                crate::common::GrabState::Wait,
+                &keyboard_mode,
+                window_id,
+            );
         }
     }
     SyncReturn(())
@@ -1101,6 +1112,10 @@ pub fn main_get_api_server() -> String {
     get_api_server()
 }
 
+pub fn main_resolve_avatar_url(avatar: String) -> SyncReturn<String> {
+    SyncReturn(resolve_avatar_url(avatar))
+}
+
 pub fn main_http_request(url: String, method: String, body: Option<String>, header: String) {
     http_request(url, method, body, header)
 }
@@ -1689,8 +1704,8 @@ pub fn main_get_temporary_password() -> String {
     ui_interface::temporary_password()
 }
 
-pub fn main_get_permanent_password() -> String {
-    ui_interface::permanent_password()
+pub fn main_set_permanent_password_with_result(password: String) -> bool {
+    ui_interface::set_permanent_password_with_result(password)
 }
 
 pub fn main_get_fingerprint() -> String {
@@ -1715,6 +1730,7 @@ pub fn cm_get_clients_length() -> usize {
 
 pub fn main_init(app_dir: String, custom_client_config: String) {
     initialize(&app_dir, &custom_client_config);
+    crate::keyboard::shortcuts::reload_from_config();
 }
 
 pub fn main_device_id(id: String) {
@@ -2068,10 +2084,6 @@ pub fn main_update_temporary_password() {
     update_temporary_password();
 }
 
-pub fn main_set_permanent_password(password: String) {
-    set_permanent_password(password);
-}
-
 pub fn main_check_super_user_permission() -> bool {
     check_super_user_permission()
 }
@@ -2238,6 +2250,17 @@ pub fn main_init_input_source() -> SyncReturn<()> {
     SyncReturn(())
 }
 
+pub fn main_reload_keyboard_shortcuts() -> SyncReturn<()> {
+    crate::keyboard::shortcuts::reload_from_config();
+    SyncReturn(())
+}
+
+pub fn main_get_default_keyboard_shortcuts() -> SyncReturn<String> {
+    let bindings = crate::keyboard::shortcuts::default_bindings();
+    let json = serde_json::to_string(&bindings).unwrap_or_default();
+    SyncReturn(json)
+}
+
 pub fn main_is_installed_lower_version() -> SyncReturn<bool> {
     SyncReturn(is_installed_lower_version())
 }
@@ -2419,16 +2442,23 @@ pub fn is_disable_installation() -> SyncReturn<bool> {
 }
 
 pub fn is_preset_password() -> bool {
-    config::HARD_SETTINGS
+    let hard = config::HARD_SETTINGS
         .read()
         .unwrap()
         .get("password")
-        .map_or(false, |p| {
-            #[cfg(not(any(target_os = "android", target_os = "ios")))]
-            return p == &crate::ipc::get_permanent_password();
-            #[cfg(any(target_os = "android", target_os = "ios"))]
-            return p == &config::Config::get_permanent_password();
-        })
+        .cloned()
+        .unwrap_or_default();
+    if hard.is_empty() {
+        return false;
+    }
+
+    // On desktop, service owns the authoritative config; query it via IPC and return only a boolean.
+    #[cfg(not(any(target_os = "android", target_os = "ios")))]
+    return crate::ipc::is_permanent_password_preset();
+
+    // On mobile, we have no service IPC; verify against local storage.
+    #[cfg(any(target_os = "android", target_os = "ios"))]
+    return config::Config::matches_permanent_password_plain(&hard);
 }
 
 // Don't call this function for desktop version.
@@ -2759,6 +2789,15 @@ pub fn main_get_common(key: String) -> String {
             None => "",
         }
         .to_string();
+    } else if key == "has-gnome-shortcuts-inhibitor-permission" {
+        #[cfg(target_os = "linux")]
+        return crate::platform::linux::has_gnome_shortcuts_inhibitor_permission().to_string();
+        #[cfg(not(target_os = "linux"))]
+        return false.to_string();
+    } else if key == "permanent-password-set" {
+        return ui_interface::is_permanent_password_set().to_string();
+    } else if key == "local-permanent-password-set" {
+        return ui_interface::is_local_permanent_password_set().to_string();
     } else {
         if key.starts_with("download-data-") {
             let id = key.replace("download-data-", "");
@@ -2771,10 +2810,13 @@ pub fn main_get_common(key: String) -> String {
         } else if key.starts_with("download-file-") {
             let _version = key.replace("download-file-", "");
             #[cfg(target_os = "windows")]
-            return match crate::platform::windows::is_msi_installed() {
-                Ok(true) => format!("rustdesk-{_version}-x86_64.msi"),
-                Ok(false) => format!("rustdesk-{_version}-x86_64.exe"),
-                Err(e) => {
+            return match (
+                crate::platform::windows::is_msi_installed(),
+                crate::common::is_custom_client(),
+            ) {
+                (Ok(true), false) => format!("rustdesk-{_version}-x86_64.msi"),
+                (Ok(true), true) | (Ok(false), _) => format!("rustdesk-{_version}-x86_64.exe"),
+                (Err(e), _) => {
                     log::error!("Failed to check if is msi: {}", e);
                     format!("error:update-failed-check-msi-tip")
                 }
@@ -2865,36 +2907,23 @@ pub fn main_set_common(_key: String, _value: String) {
         } else if _key == "update-me" {
             if let Some(new_version_file) = get_download_file_from_url(&_value) {
                 log::debug!(
-                    "New version file is downloaed, update begin, {:?}",
+                    "New version file is downloaded, update begin, {:?}",
                     new_version_file.to_str()
                 );
                 if let Some(f) = new_version_file.to_str() {
                     // 1.4.0 does not support "--update"
                     // But we can assume that the new version supports it.
-                    #[cfg(target_os = "windows")]
-                    if f.ends_with(".exe") {
-                        if let Err(e) =
-                            crate::platform::run_exe_in_cur_session(f, vec!["--update"], false)
-                        {
-                            log::error!("Failed to run the update exe: {}", e);
-                        }
-                    } else if f.ends_with(".msi") {
-                        if let Err(e) = crate::platform::update_me_msi(f, false) {
-                            log::error!("Failed to run the update msi: {}", e);
-                        }
-                    } else {
-                        // unreachable!()
-                    }
-                    #[cfg(target_os = "macos")]
+
+                    #[cfg(any(target_os = "windows", target_os = "macos"))]
                     match crate::platform::update_to(f) {
                         Ok(_) => {
-                            log::info!("Update successfully!");
+                            log::info!("Update process is launched successfully!");
                         }
                         Err(e) => {
                             log::error!("Failed to update to new version, {}", e);
+                            fs::remove_file(f).ok();
                         }
                     }
-                    fs::remove_file(f).ok();
                 }
             }
         } else if _key == "extract-update-dmg" {
@@ -2920,6 +2949,29 @@ pub fn main_set_common(_key: String, _value: String) {
     } else if _key == "cancel-downloader" {
         crate::hbbs_http::downloader::cancel(&_value);
     }
+
+    #[cfg(target_os = "linux")]
+    if _key == "clear-gnome-shortcuts-inhibitor-permission" {
+        std::thread::spawn(move || {
+            let (success, msg) =
+                match crate::platform::linux::clear_gnome_shortcuts_inhibitor_permission() {
+                    Ok(_) => (true, "".to_owned()),
+                    Err(e) => (false, e.to_string()),
+                };
+            let data = HashMap::from([
+                (
+                    "name",
+                    serde_json::json!("clear-gnome-shortcuts-inhibitor-permission-res"),
+                ),
+                ("success", serde_json::json!(success)),
+                ("msg", serde_json::json!(msg)),
+            ]);
+            let _res = flutter::push_global_event(
+                flutter::APP_TYPE_MAIN,
+                serde_json::ser::to_string(&data).unwrap_or("".to_owned()),
+            );
+        });
+    }
 }
 
 pub fn session_get_common_sync(
@@ -3027,6 +3079,22 @@ pub mod server_side {
         return env.new_string(res).unwrap_or_default().into_raw();
     }
 
+    #[no_mangle]
+    pub unsafe extern "system" fn Java_ffi_FFI_getBuildinOption(
+        env: JNIEnv,
+        _class: JClass,
+        key: JString,
+    ) -> jstring {
+        let mut env = env;
+        let res = if let Ok(key) = env.get_string(&key) {
+            let key: String = key.into();
+            super::get_builtin_option(&key)
+        } else {
+            "".into()
+        };
+        return env.new_string(res).unwrap_or_default().into_raw();
+    }
+
     #[no_mangle]
     pub unsafe extern "system" fn Java_ffi_FFI_isServiceClipboardEnabled(
         env: JNIEnv,

src/hbbs_http.rs

@@ -1,4 +1,4 @@
-use reqwest::blocking::Response;
+use hbb_common::ResultType;
 use serde::de::DeserializeOwned;
 use serde_json::{Map, Value};
 
@@ -21,11 +21,9 @@ pub enum HbbHttpResponse<T> {
     Data(T),
 }
 
-impl<T: DeserializeOwned> TryFrom<Response> for HbbHttpResponse<T> {
-    type Error = reqwest::Error;
-
-    fn try_from(resp: Response) -> Result<Self, <Self as TryFrom<Response>>::Error> {
-        let map = resp.json::<Map<String, Value>>()?;
+impl<T: DeserializeOwned> HbbHttpResponse<T> {
+    pub fn parse(body: &str) -> ResultType<Self> {
+        let map = serde_json::from_str::<Map<String, Value>>(body)?;
         if let Some(error) = map.get("error") {
             if let Some(err) = error.as_str() {
                 Ok(Self::Error(err.to_owned()))

src/hbbs_http/account.rs

@@ -1,7 +1,6 @@
 use super::HbbHttpResponse;
 use crate::hbbs_http::create_http_client_with_url;
 use hbb_common::{config::LocalConfig, log, ResultType};
-use reqwest::blocking::Client;
 use serde_derive::{Deserialize, Serialize};
 use serde_repr::{Deserialize_repr, Serialize_repr};
 use std::{
@@ -17,6 +16,7 @@ lazy_static::lazy_static! {
 
 const QUERY_INTERVAL_SECS: f32 = 1.0;
 const QUERY_TIMEOUT_SECS: u64 = 60 * 3;
+
 const REQUESTING_ACCOUNT_AUTH: &str = "Requesting account auth";
 const WAITING_ACCOUNT_AUTH: &str = "Waiting account auth";
 const LOGIN_ACCOUNT_AUTH: &str = "Login account auth";
@@ -80,6 +80,10 @@ pub enum UserStatus {
 pub struct UserPayload {
     pub name: String,
     #[serde(default)]
+    pub display_name: Option<String>,
+    #[serde(default)]
+    pub avatar: Option<String>,
+    #[serde(default)]
     pub email: Option<String>,
     #[serde(default)]
     pub note: Option<String>,
@@ -104,7 +108,7 @@ pub struct AuthBody {
 }
 
 pub struct OidcSession {
-    client: Option<Client>,
+    warmed_api_server: Option<String>,
     state_msg: &'static str,
     failed_msg: String,
     code_url: Option<OidcAuthUrl>,
@@ -131,7 +135,7 @@ impl Default for UserStatus {
 impl OidcSession {
     fn new() -> Self {
         Self {
-            client: None,
+            warmed_api_server: None,
             state_msg: REQUESTING_ACCOUNT_AUTH,
             failed_msg: "".to_owned(),
             code_url: None,
@@ -144,12 +148,13 @@ impl OidcSession {
 
     fn ensure_client(api_server: &str) {
         let mut write_guard = OIDC_SESSION.write().unwrap();
-        if write_guard.client.is_none() {
-            // This URL is used to detect the appropriate TLS implementation for the server.
-            let login_option_url = format!("{}/api/login-options", &api_server);
-            let client = create_http_client_with_url(&login_option_url);
-            write_guard.client = Some(client);
+        if write_guard.warmed_api_server.as_deref() == Some(api_server) {
+            return;
         }
+        // This URL is used to detect the appropriate TLS implementation for the server.
+        let login_option_url = format!("{}/api/login-options", api_server);
+        let _ = create_http_client_with_url(&login_option_url);
+        write_guard.warmed_api_server = Some(api_server.to_owned());
     }
 
     fn auth(
@@ -159,26 +164,15 @@ impl OidcSession {
         uuid: &str,
     ) -> ResultType<HbbHttpResponse<OidcAuthUrl>> {
         Self::ensure_client(api_server);
-        let resp = if let Some(client) = &OIDC_SESSION.read().unwrap().client {
-            client
-                .post(format!("{}/api/oidc/auth", api_server))
-                .json(&serde_json::json!({
-                    "op": op,
-                    "id": id,
-                    "uuid": uuid,
-                    "deviceInfo": crate::ui_interface::get_login_device_info(),
-                }))
-                .send()?
-        } else {
-            hbb_common::bail!("http client not initialized");
-        };
-        let status = resp.status();
-        match resp.try_into() {
-            Ok(v) => Ok(v),
-            Err(err) => {
-                hbb_common::bail!("Http status: {}, err: {}", status, err);
-            }
-        }
+        let body = serde_json::json!({
+            "op": op,
+            "id": id,
+            "uuid": uuid,
+            "deviceInfo": crate::ui_interface::get_login_device_info(),
+        })
+        .to_string();
+        let resp = crate::post_request_sync(format!("{}/api/oidc/auth", api_server), body, "")?;
+        HbbHttpResponse::parse(&resp)
     }
 
     fn query(
@@ -192,11 +186,19 @@ impl OidcSession {
             &[("code", code), ("id", id), ("uuid", uuid)],
         )?;
         Self::ensure_client(api_server);
-        if let Some(client) = &OIDC_SESSION.read().unwrap().client {
-            Ok(client.get(url).send()?.try_into()?)
-        } else {
-            hbb_common::bail!("http client not initialized")
+        #[derive(Deserialize)]
+        struct HttpResponseBody {
+            body: String,
         }
+
+        let resp = crate::http_request_sync(
+            url.to_string(),
+            "GET".to_owned(),
+            None,
+            "{}".to_owned(),
+        )?;
+        let resp = serde_json::from_str::<HttpResponseBody>(&resp)?;
+        HbbHttpResponse::parse(&resp.body)
     }
 
     fn reset(&mut self) {
@@ -268,7 +270,13 @@ impl OidcSession {
                             );
                             LocalConfig::set_option(
                                 "user_info".to_owned(),
-                                serde_json::json!({ "name": auth_body.user.name, "status": auth_body.user.status }).to_string(),
+                                serde_json::json!({
+                                    "name": auth_body.user.name,
+                                    "display_name": auth_body.user.display_name,
+                                    "avatar": auth_body.user.avatar,
+                                    "status": auth_body.user.status
+                                })
+                                .to_string(),
                             );
                         }
                     }

src/hbbs_http/downloader.rs

@@ -53,8 +53,25 @@ pub fn download_file(
     auto_del_dur: Option<Duration>,
 ) -> ResultType<String> {
     let id = url.clone();
-    if DOWNLOADERS.lock().unwrap().contains_key(&id) {
-        return Ok(id);
+    // First pass: if a non-error downloader exists for this URL, reuse it.
+    // If an errored downloader exists, remove it so this call can retry.
+    let mut stale_path = None;
+    {
+        let mut downloaders = DOWNLOADERS.lock().unwrap();
+        if let Some(downloader) = downloaders.get(&id) {
+            if downloader.error.is_none() {
+                return Ok(id);
+            }
+            stale_path = downloader.path.clone();
+            downloaders.remove(&id);
+        }
+    }
+    if let Some(p) = stale_path {
+        if p.exists() {
+            if let Err(e) = std::fs::remove_file(&p) {
+                log::warn!("Failed to remove stale download file {}: {}", p.display(), e);
+            }
+        }
     }
 
     if let Some(path) = path.as_ref() {
@@ -75,8 +92,26 @@ pub fn download_file(
         tx_cancel: tx,
         finished: false,
     };
-    let mut downloaders = DOWNLOADERS.lock().unwrap();
-    downloaders.insert(id.clone(), downloader);
+    // Second pass (atomic with insert) to avoid race with another concurrent caller.
+    let mut stale_path_after_check = None;
+    {
+        let mut downloaders = DOWNLOADERS.lock().unwrap();
+        if let Some(existing) = downloaders.get(&id) {
+            if existing.error.is_none() {
+                return Ok(id);
+            }
+            stale_path_after_check = existing.path.clone();
+            downloaders.remove(&id);
+        }
+        downloaders.insert(id.clone(), downloader);
+    }
+    if let Some(p) = stale_path_after_check {
+        if p.exists() {
+            if let Err(e) = std::fs::remove_file(&p) {
+                log::warn!("Failed to remove stale download file {}: {}", p.display(), e);
+            }
+        }
+    }
 
     let id2 = id.clone();
     std::thread::spawn(

src/hbbs_http/sync.rs

@@ -286,10 +286,14 @@ fn heartbeat_url() -> String {
 
 fn handle_config_options(config_options: HashMap<String, String>) {
     let mut options = Config::get_options();
+    let default_settings = config::DEFAULT_SETTINGS.read().unwrap().clone();
     config_options
         .iter()
         .map(|(k, v)| {
-            if v.is_empty() {
+            // Priority: user config > default advanced options.
+            // Only when default advanced options are also empty, remove user option (fallback to built-in default);
+            // otherwise insert an empty value so user config remains present.
+            if v.is_empty() && default_settings.get(k).map_or("", |v| v).is_empty() {
                 options.remove(k);
             } else {
                 options.insert(k.to_string(), v.to_string());