phcode-dev · abose · Feb 5, 2026 · Feb 5, 2026
diff --git a/docs/appNotifications/readme.md b/docs/appNotifications/readme.md
@@ -50,5 +50,5 @@ A sample json is as follows:
 5. `PLATFORM`: A comma seperated list(no spaces) of all platforms in which the message will be shown.
     allowed values are: `mac,win,linux,allDesktop,firefox,chrome,safari,allBrowser,all`
 6. `USER_TYPE`: An array of all user types in which the message will be shown.
-    allowed values are: [`all`, `notLoggedIn`, `loggedIn`, `trial`, `paidSubscriber`]. This filter is only available
-    in versions > 5, else it is ignored in older versions. combine with `FOR_VERSIONS` to filter based on user type.
+    allowed values are: [`all`, `notLoggedIn`, `loggedIn`, `trial`, `paidSubscriber`, `notPaidsubscriber`]. This filter
+    is only available in versions > 5, else it is ignored in older versions. combine with `FOR_VERSIONS` to filter based on user type.
diff --git a/src-electron/main-cred-ipc.js b/src-electron/main-cred-ipc.js
@@ -17,7 +17,7 @@ try {
 const PHOENIX_CRED_PREFIX = 'phcode_electron_';
 
 function registerCredIpcHandlers() {
-    // Trust window AES key - can only be called once per window
+    // Trust window AES key - can only be called once per page load
     ipcMain.handle('trust-window-aes-key', (event, key, iv) => {
         assertTrusted(event);
         const webContentsId = event.sender.id;
@@ -140,4 +140,12 @@ function cleanupWindowTrust(webContentsId, windowLabel) {
     }
 }
 
-module.exports = { registerCredIpcHandlers, cleanupWindowTrust };
+// Clear trust on navigation (page reload) - allows fresh trust to be established after reload
+function clearTrustOnNavigation(webContentsId, windowLabel) {
+    if (windowTrustMap.has(webContentsId)) {
+        windowTrustMap.delete(webContentsId);
+        console.log(`AES trust cleared for navigation in window: ${windowLabel} (webContentsId: ${webContentsId})`);
+    }
+}
+
+module.exports = { registerCredIpcHandlers, cleanupWindowTrust, clearTrustOnNavigation };
diff --git a/src-electron/main-window-ipc.js b/src-electron/main-window-ipc.js
@@ -1,7 +1,7 @@
 const { ipcMain, BrowserWindow, shell, clipboard } = require('electron');
 const path = require('path');
 const { spawn } = require('child_process');
-const { cleanupWindowTrust } = require('./main-cred-ipc');
+const { cleanupWindowTrust, clearTrustOnNavigation } = require('./main-cred-ipc');
 const { isTrustedOrigin, updateTrustStatus, cleanupTrust, assertTrusted } = require('./ipc-security');
 const { DEFAULTS, trackWindowState } = require('./window-state');
 
@@ -39,6 +39,14 @@ function registerWindow(win, label) {
     // Initial trust evaluation
     updateTrustStatus(webContents);
 
+    // Clear AES trust before navigation starts (page reload/navigate)
+    // This allows the new page to establish fresh trust with its own keys
+    webContents.on('did-start-navigation', (event, url, isInPlace, isMainFrame) => {
+        if (isMainFrame) {
+            clearTrustOnNavigation(webContentsId, label);
+        }
+    });
+
     // Re-evaluate trust on navigation
     webContents.on('did-navigate', () => {
         updateTrustStatus(webContents);