fix(browser): validate initial cdp endpoints

2026-04-27 00:52:05 +00:00 · 2026-04-03 18:43:01 +00:00
parent 80720b4994
commit c3f8427973
2 changed files with 14 additions and 0 deletions
--- a/extensions/browser/src/browser/cdp.test.ts
+++ b/extensions/browser/src/browser/cdp.test.ts
@@ -244,6 +244,19 @@ describe("cdp", () => {
    ).rejects.toBeInstanceOf(SsrFBlockedError);
  });

+  it("blocks the initial /json/version fetch when the cdpUrl host is outside strict SSRF policy", async () => {
+    await expect(
+      createTargetViaCdp({
+        cdpUrl: "http://169.254.169.254:9222",
+        url: "https://example.com",
+        ssrfPolicy: {
+          dangerouslyAllowPrivateNetwork: false,
+          allowedHostnames: ["127.0.0.1"],
+        },
+      }),
+    ).rejects.toBeInstanceOf(SsrFBlockedError);
+  });
+
  it("evaluates javascript via CDP", async () => {
    const wsPort = await startWsServerWithMessages((msg, socket) => {
      if (msg.method === "Runtime.enable") {
--- a/extensions/browser/src/browser/cdp.ts
+++ b/extensions/browser/src/browser/cdp.ts
@@ -186,6 +186,7 @@ export async function createTargetViaCdp(opts: {
    wsUrl = opts.cdpUrl;
  } else {
    // Standard HTTP(S) CDP endpoint — discover WebSocket URL via /json/version.
+    await assertCdpEndpointAllowed(opts.cdpUrl, opts.ssrfPolicy);
    const version = await fetchJson<{ webSocketDebuggerUrl?: string }>(
      appendCdpPath(opts.cdpUrl, "/json/version"),
      1500,