fix: redact credentials in browser.cdpUrl config paths (#67679)

Merged via squash. Prepared head SHA: 77bc2c50ce Co-authored-by: Ziy1-Tan <49604965+Ziy1-Tan@users.noreply.github.com> Co-authored-by: hxy91819 <8814856+hxy91819@users.noreply.github.com> Reviewed-by: @hxy91819
2026-05-06 15:30:47 +00:00 · 2026-04-18 14:22:58 +08:00
parent c778562379
commit 4b5987829d
8 changed files with 171 additions and 3 deletions
--- a/extensions/browser/src/browser/server-context.availability.ts
+++ b/extensions/browser/src/browser/server-context.availability.ts
@@ -7,6 +7,7 @@ import {
  PROFILE_POST_RESTART_WS_TIMEOUT_MS,
  resolveCdpReachabilityTimeouts,
 } from "./cdp-timeouts.js";
+import { redactCdpUrl } from "./cdp.helpers.js";
 import {
  closeChromeMcpSession,
  ensureChromeMcpAvailable,
@@ -59,6 +60,7 @@ export function createProfileAvailability({
  getProfileState,
  setProfileRunning,
 }: AvailabilityDeps): AvailabilityOps {
+  const redactedProfileCdpUrl = redactCdpUrl(profile.cdpUrl) ?? profile.cdpUrl;
  const capabilities = getBrowserProfileCapabilities(profile);
  const resolveTimeouts = (timeoutMs: number | undefined) =>
    resolveCdpReachabilityTimeouts({
@@ -210,7 +212,7 @@ export function createProfileAvailability({
      if (attachOnly || remoteCdp) {
        throw new BrowserProfileUnavailableError(
          remoteCdp
-            ? `Remote CDP for profile "${profile.name}" is not reachable at ${profile.cdpUrl}.`
+            ? `Remote CDP for profile "${profile.name}" is not reachable at ${redactedProfileCdpUrl}.`
            : `Browser attachOnly is enabled and profile "${profile.name}" is not running.`,
        );
      }
--- a/extensions/browser/src/browser/server-context.ensure-browser-available.waits-for-cdp-ready.test.ts
+++ b/extensions/browser/src/browser/server-context.ensure-browser-available.waits-for-cdp-ready.test.ts
@@ -5,6 +5,7 @@ import {
  PROFILE_HTTP_REACHABILITY_TIMEOUT_MS,
 } from "./cdp-timeouts.js";
 import * as chromeModule from "./chrome.js";
+import { BrowserProfileUnavailableError } from "./errors.js";
 import { createBrowserRouteContext } from "./server-context.js";
 import { makeBrowserServerState, mockLaunchedChrome } from "./server-context.test-harness.js";

@@ -175,4 +176,39 @@ describe("browser server-context ensureBrowserAvailable", () => {
    expect(launchOpenClawChrome).not.toHaveBeenCalled();
    expect(stopOpenClawChrome).not.toHaveBeenCalled();
  });
+
+  it("redacts credentials in remote CDP availability errors", async () => {
+    const { launchOpenClawChrome, stopOpenClawChrome } = setupEnsureBrowserAvailableHarness();
+    const isChromeReachable = vi.mocked(chromeModule.isChromeReachable);
+
+    const state = makeBrowserServerState({
+      profile: {
+        name: "remote",
+        cdpUrl: "https://user:pass@browserless.example.com?token=supersecret123",
+        cdpHost: "browserless.example.com",
+        cdpIsLoopback: false,
+        cdpPort: 443,
+        color: "#00AA00",
+        driver: "openclaw",
+        attachOnly: false,
+      },
+      resolvedOverrides: {
+        defaultProfile: "remote",
+        ssrfPolicy: {},
+      },
+    });
+    const ctx = createBrowserRouteContext({ getState: () => state });
+    const profile = ctx.forProfile("remote");
+
+    isChromeReachable.mockResolvedValue(false);
+
+    const promise = profile.ensureBrowserAvailable();
+    await expect(promise).rejects.toThrow(BrowserProfileUnavailableError);
+    await expect(promise).rejects.toThrow(
+      'Remote CDP for profile "remote" is not reachable at https://browserless.example.com/?token=***.',
+    );
+
+    expect(launchOpenClawChrome).not.toHaveBeenCalled();
+    expect(stopOpenClawChrome).not.toHaveBeenCalled();
+  });
 });