Send all responses as sexp wire format with client-side rendering

- Server sends sexp source text, client (sexp.js) renders everything
- SexpExpr marker class for nested sexp composition in serialize()
- sexp_page() HTML shell with data-mount="body" for full page loads
- sexp_response() returns text/sexp for OOB/partial responses
- ~app-body layout component replaces ~app-layout (no raw!)
- ~rich-text is the only component using raw! (for CMS HTML content)
- Fragment endpoints return text/sexp, auto-wrapped in SexpExpr
- All _*_html() helpers converted to _*_sexp() returning sexp source
- Head auto-hoist: sexp.js moves meta/title/link/script[ld+json]
  from rendered body to document.head automatically
- Unknown components render warning box instead of crashing page
- Component kwargs preserve AST for lazy rendering (fixes <> in kwargs)
- Fix unterminated paren in events/sexp/tickets.sexpr

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

shared/infrastructure/ap_social.py

@@ -151,7 +151,7 @@ def create_ap_social_blueprint(app_name: str) -> Blueprint:
             await services.federation.send_follow(
                 g._ap_s, actor.preferred_username, remote_actor_url,
             )
-        if request.headers.get("HX-Request"):
+        if request.headers.get("SX-Request") or request.headers.get("HX-Request"):
             return await _actor_card_response(actor, remote_actor_url, is_followed=True)
         return redirect(request.referrer or url_for("ap_social.search"))
 
@@ -164,7 +164,7 @@ def create_ap_social_blueprint(app_name: str) -> Blueprint:
             await services.federation.unfollow(
                 g._ap_s, actor.preferred_username, remote_actor_url,
             )
-        if request.headers.get("HX-Request"):
+        if request.headers.get("SX-Request") or request.headers.get("HX-Request"):
             return await _actor_card_response(actor, remote_actor_url, is_followed=False)
         return redirect(request.referrer or url_for("ap_social.search"))
 

shared/infrastructure/context.py

@@ -69,7 +69,7 @@ async def base_context() -> dict:
     Does NOT include cart, calendar_cart_entries, total, calendar_total,
     or menu_items — those are added by each app's context_fn.
     """
-    is_htmx = request.headers.get("HX-Request") == "true"
+    is_htmx = request.headers.get("SX-Request") == "true" or request.headers.get("HX-Request") == "true"
     search = request.headers.get("X-Search", "")
     zap_filter = is_htmx and search == ""
 

shared/infrastructure/factory.py

@@ -241,7 +241,7 @@ def create_base_app(
 
             # Case 2: not logged in — prompt=none OAuth (GET, non-HTMX only)
             if not uid and request.method == "GET":
-                if request.headers.get("HX-Request"):
+                if request.headers.get("SX-Request") or request.headers.get("HX-Request"):
                     return
                 import time as _time
                 now = _time.time()
@@ -295,7 +295,7 @@ def create_base_app(
         if origin.endswith(".rose-ash.com") or origin.endswith(".localhost"):
             response.headers["Access-Control-Allow-Origin"] = origin
             response.headers["Access-Control-Allow-Credentials"] = "true"
-            response.headers["Access-Control-Allow-Headers"] = "HX-Request, HX-Target, HX-Current-URL, HX-Trigger, HX-Boosted, Content-Type"
+            response.headers["Access-Control-Allow-Headers"] = "SX-Request, SX-Target, SX-Current-URL, HX-Request, HX-Target, HX-Current-URL, HX-Trigger, Content-Type, X-CSRFToken"
         return response
 
     @app.after_request

shared/infrastructure/fragments.py

@@ -76,15 +76,18 @@ async def fetch_fragment(
     timeout: float = _DEFAULT_TIMEOUT,
     required: bool = True,
 ) -> str:
-    """Fetch an HTML fragment from another app.
+    """Fetch a fragment from another app.
 
-    Returns the raw HTML string.  When *required* is True (default),
-    raises ``FragmentError`` on network errors or non-200 responses.
+    Returns an HTML string or a ``SexpExpr`` (when the provider responds
+    with ``text/sexp``).  When *required* is True (default), raises
+    ``FragmentError`` on network errors or non-200 responses.
     When *required* is False, returns ``""`` on failure.
 
     Automatically returns ``""`` when called inside a fragment request
     to prevent circular dependencies between apps.
     """
+    from shared.sexp.parser import SexpExpr
+
     if _is_fragment_request():
         return ""
 
@@ -98,6 +101,9 @@ async def fetch_fragment(
             timeout=timeout,
         )
         if resp.status_code == 200:
+            ct = resp.headers.get("content-type", "")
+            if "text/sexp" in ct:
+                return SexpExpr(resp.text)
             return resp.text
         msg = f"Fragment {app_name}/{fragment_type} returned {resp.status_code}"
         if required:

shared/infrastructure/http_utils.py

@@ -14,12 +14,12 @@ from shared.utils import host_url
 
 def vary(resp):
     """
-    Ensure HX-Request and X-Origin are part of the Vary header
-    so caches distinguish HTMX from full-page requests.
+    Ensure SX-Request/HX-Request and X-Origin are part of the Vary header
+    so caches distinguish fragment from full-page requests.
     """
     v = resp.headers.get("Vary", "")
     parts = [p.strip() for p in v.split(",") if p.strip()]
-    for h in ("HX-Request", "X-Origin"):
+    for h in ("SX-Request", "HX-Request", "X-Origin"):
         if h not in parts:
             parts.append(h)
     if parts: