Commit Graph

811 Commits

Author SHA1 Message Date
dwc1997
87261fd0b1 fix(browser): keep Chrome stderr hint tail UTF-16 safe (#104603)
* fix(browser): keep Chrome stderr hint tail UTF-16 safe

* test(browser): simplify Chrome stderr failure coverage

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 12:10:22 -07:00
Peter Steinberger
1a8d9d5f15 fix(browser): allow host-local profile administration (#104616) 2026-07-11 11:28:58 -07:00
Peter Steinberger
ea2b558e5e fix(browser): prevent stale profile resurrection (#104601)
* fix(browser): serialize profile lifecycle

* refactor(browser): tighten lifecycle cleanup

* chore(browser): keep release note in PR

* test(browser): keep temp fixtures inside plugin

* test(browser): use preferred temp root
2026-07-11 11:06:07 -07:00
qingminlong
834c146958 fix(browser): reject hex click coordinates in act route (#104440)
* fix(browser): reject hex click coordinates in act route

* refactor(browser): use route parser for click coordinates

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-11 09:56:09 -07:00
Peter Steinberger
4271b82fd1 test: align plugin prerelease expectations (#104542)
* test: align plugin prerelease expectations

* style: format browser doctor test
2026-07-11 09:00:56 -07:00
Peter Steinberger
2d319961d5 fix(browser): block interaction-triggered navigation SSRF (#104254)
* fix(browser): guard interaction navigation requests

* fix(browser): preserve pages on blocked navigation

* fix(browser): enforce interaction navigation policy

* test(browser): type navigation guard fixtures

* fix(browser): execute guarded wait predicates

* style(browser): satisfy interaction lint

* fix(browser): guard hover drag and scroll navigation

* fix(browser): type policy check outcomes

* test(browser): type navigation guard mocks

* fix(browser): preserve proxy policy for guarded interactions

* fix(browser): carry navigation policy through actions

* fix(browser): retain policy for existing-session guards

* fix(browser): guard existing-session waits

* test(browser): avoid shadowed guard pages

* fix(browser): expose scroll action to agents

* fix(browser): disable speculative managed preconnects

* docs(browser): bound managed preconnect hardening

* fix(browser): keep wait behavior outside interaction guards

* chore(browser): leave release notes to release automation

* fix(browser): guard all interaction navigations
2026-07-11 04:30:33 -07:00
Peter Steinberger
7bf80dc2c6 chore(tooling): enforce formatting and refresh TypeScript checks (#104239)
* chore(tooling): enforce current formatter and refresh checks

* chore(tooling): keep release changelog formatter-owned

* chore(tooling): retain compatible Node type surface

* ci: enforce formatting for docs-only changes

* ci: isolate docs formatter check

* chore(tooling): apply updated lint and format rules

* chore(tooling): satisfy updated switch lint

* style(ui): apply Linux formatter layout

* test(doctor): match quiet local audio contribution

* test(doctor): assert quiet output only

* test(doctor): follow restored information contract
2026-07-11 01:09:51 -07:00
Vincent Koc
597888680c feat(browser): expose managed graphics diagnostics (#104291)
* feat(browser): expose managed Chrome graphics diagnostics

* feat(browser): surface graphics facts in doctor

* docs(browser): explain managed graphics diagnostics

* fix(browser): remove unused graphics type import

* fix(browser): keep graphics facts sorting immutable

* fix(browser): bind graphics facts to owned process

* fix(browser): classify disabled graphics as software

* fix(browser): detect Windows software renderers

* fix(browser): classify disabled renderer sentinel
2026-07-11 15:41:16 +08:00
Peter Steinberger
9f53f8a256 feat(macos): import local browser login (#104177)
* feat(macos): import local browser login

* chore: leave release notes to release workflow

* chore(macos): refresh native i18n inventory

* chore(macos): refresh native i18n inventory

* chore(macos): refresh native i18n inventory

* chore: sync release summary executable bit

* chore(macos): refresh native i18n inventory

* style(macos): wrap browser import result

* chore(macos): refresh native i18n inventory

* chore(macos): refresh native i18n inventory
2026-07-10 22:14:36 -07:00
Peter Steinberger
dba64d574f chore(release): set version to 2026.7.2 2026-07-11 04:00:49 +01:00
Peter Steinberger
2a12c9916a feat(browser): import Chrome-family system-profile cookies into managed profiles (#104057)
* feat(browser): import Chrome-family system-profile cookies into managed profiles

Import cookies from a real Chrome/Brave/Edge/Chromium system profile (macOS)
into a fresh OpenClaw-managed browser profile so the agent can browse as the
signed-in user. Reads the source Cookies DB via a coherent VACUUM INTO snapshot,
decrypts v10 AES-128-CBC values with the Safe Storage Keychain key (one Touch ID
consent), maps rows to Playwright cookies (FILETIME expiry, SameSite, M124+
domain-hash prefix strip, CHIPS skipped), and best-effort injects them via
addCookies into a mock-keychain profile so they persist without further prompts.
Decrypted values are never logged or returned.

Exposed as agent tool action=importprofile, CLI system-profiles/import-profile,
and POST /profiles/import; action=profiles surfaces importable systemProfiles.
Listing and import are pinned host-local at every surface (gateway, browser
tool, node proxy) since they read the local Keychain and Chrome profiles.
Malformed domain filters fail closed via a shared validator. Gated by
browser.allowSystemProfileImport (default on). Imports cookies only.

* fix(browser): satisfy CI lint (OpenClaw temp dir, Unicode control-char class)

Use resolvePreferredOpenClawTmpDir() instead of os.tmpdir() for the cookie DB
snapshot (messaging/channel runtime tmpdir guard), and match control characters
via the Unicode \p{Cc} class instead of a literal control-char range so the
CLI table sanitizer passes the no-control-regex lint.
2026-07-10 19:15:52 -07:00
llagy007
a1571f2118 fix(browser): normalize local dispatch request paths (#103727)
* fix(browser): normalize local dispatch request paths

* refactor(browser): inline request path normalization

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 18:10:26 -07:00
qingminlong
4f1f7c6fb0 fix(nodes): resolve Unicode browser node names when configured by display name (#103548)
* fix-nodes-unicode-browser-node-names

* fix(nodes): preserve compact browser node selectors

* fix(nodes): normalize unicode node names canonically

* fix(nodes): scope compact browser selectors

* fix(nodes): preserve meaningful unicode marks

* chore: leave changelog updates to release automation

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 23:32:28 +01:00
Peter Steinberger
e1934d968e fix(nodes): stop advertising a disabled browser proxy (#103894)
* fix(nodes): hide disabled browser proxy capability

* chore: defer node fix changelog to release

* chore: ratchet plugin SDK surface budget
2026-07-10 20:06:53 +01:00
Peter Steinberger
845311cf97 fix(browser): prevent stale handles from switching duplicate-URL tabs (#103816)
* fix(browser): reject ambiguous tab replacements

* fix(browser): guide stale tab recovery
2026-07-10 17:40:14 +01:00
Peter Steinberger
911f8ec68f fix(browser): avoid duplicate upload events (#103777) 2026-07-10 16:50:36 +01:00
Peter Steinberger
dc476a7e7c fix(browser): stale Chrome MCP handles survive reconnect (#103576)
* fix(browser): expire Chrome MCP handles after reconnect

* chore(browser): satisfy Chrome MCP static checks
2026-07-10 10:10:20 +01:00
Peter Steinberger
a2d5f32cef fix(browser): make node action downloads usable (#103328)
* fix(browser): transfer plural node downloads

* test(browser): avoid proxy test path shadowing
2026-07-10 05:11:22 +01:00
Peter Steinberger
8d892e8dab fix(browser): handle Chrome spawn errors (#103243) 2026-07-10 03:32:36 +01:00
Peter Steinberger
aef945f847 fix(browser): require exact Playwright target identity (#103177) 2026-07-10 02:12:53 +01:00
Peter Steinberger
8b300e57f0 fix(browser): keep remote CDP credentials out of responses (#103139)
* fix(browser): contain remote CDP credentials

* fix(browser): probe authenticated discovery before attach

* chore: keep release note in PR metadata
2026-07-10 01:12:51 +01:00
llagy007
823c153577 fix(browser): reject ambiguous tab references (#103119)
* fix(browser): reject ambiguous tab references

Co-authored-by: llagy007 <0668001470@xydigit.com>

* fix(browser): close tracked tabs by raw target id

* fix(browser): harden raw tab cleanup routing

* test(browser): type raw close request mock

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 00:51:18 +01:00
llagy007
910886814d fix(browser): filter non-page CDP targets (#103115)
* fix(browser): filter non-page CDP targets

* fix(browser): require page CDP targets

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-10 00:18:04 +01:00
Peter Steinberger
3c048ef052 fix(browser): preserve no-display launch diagnostics (#102946)
* fix(browser): preserve no-display launch diagnostics

* chore: keep changelog release-owned
2026-07-09 16:26:18 +01:00
Peter Steinberger
d5fb4903f1 fix(browser): reject credentialed page URLs safely (#102952)
Co-authored-by: bitkyc08 <bitkyc08@gmail.com>
2026-07-09 16:23:17 +01:00
Gary
981d67a703 fix(browser): remove hardcoded profile="user" suggestion from tool description (#102582)
* fix(browser): remove hardcoded profile="user" suggestion from browser tool description

The browser tool description hardcoded a suggestion to use profile="user"
for logged-in sessions, even when the operator has configured a different
default profile (e.g. browser.defaultProfile: "openclaw").

Replace with profile-agnostic guidance that references the configured
browser.defaultProfile setting instead of prescribing a specific value.

Fixes #102566

* test: update browser tool description assertion for profile-agnostic wording

* refactor(browser): unify tool profile guidance

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:32:56 +01:00
Masato Hoshino
c9ec548e6f fix(browser): preserve strict CDP discovery policy on target-list lookup (#102328)
* fix(browser): preserve strict CDP discovery policy on target-list lookup

findPageByTargetIdViaTargetList fetched the CDP /json/list endpoint without
passing an ssrfPolicy argument, so the caller's discovery policy was dropped at
the fetch layer while the sibling tryTerminateExecutionViaCdp scoped it. Build
the scoped control policy with scopeCdpPolicyToConfiguredEndpoint and pass it to
fetchJson, matching the sibling lookup path.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

* test(browser): tighten target-list CDP policy test comment

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

* test(browser): consolidate target-list SSRF coverage

---------

Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:04:39 +01:00
qingminlong
56096eb859 fix(browser): report malformed relay CDP frames (#102070)
* fix(browser): report malformed relay CDP frames

* refactor(browser): streamline relay frame validation

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 12:00:38 +01:00
qingminlong
c86fe21cad fix(browser): keep UTF-8 stderr tails valid (#102543) 2026-07-09 10:51:52 +01:00
mikasa
a522e4309c fix(browser): bound Chrome launch stderr diagnostics (#101506)
* fix(browser): bound Chrome launch stderr diagnostics

* fix(browser): preserve chrome launch recovery diagnostics

* refactor(browser): share bounded UTF-8 stderr tails

* fix(browser): own bounded stderr storage

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-09 08:30:27 +01:00
Vincent Koc
c0d99ed26e fix(browser): preserve request lifetime on Node 24 2026-07-08 16:53:15 -07:00
Vincent Koc
7d0f9de907 fix(browser): preserve strict CDP discovery policy 2026-07-08 14:22:21 -07:00
mushuiyu886
5bdea31c94 fix(browser): keep Playwright truncation UTF-16 safe (#101761)
* fix(browser): keep Playwright truncation UTF-16 safe

* fix(browser): cover Chrome MCP snapshot truncation
2026-07-07 19:55:52 -07:00
Vincent Koc
4969c44226 refactor(deadcode): localize browser plugin declarations (#101898) 2026-07-07 15:47:05 -07:00
Vincent Koc
c8d95da14c refactor: localize file-private exports (#101701) 2026-07-07 06:57:19 -07:00
Vincent Koc
407443264c refactor: localize internal reply and plugin types (#101666) 2026-07-07 05:51:47 -07:00
Peter Steinberger
bd7da9decd fix(browser): keep upload errors specific (#101465) 2026-07-07 12:35:27 +01:00
Peter Steinberger
3901094ace fix(browser): cancel Chrome MCP requests on crash (#101454)
* fix(browser): cancel Chrome MCP requests on crash

* test(browser): cover request budget options
2026-07-07 12:22:31 +01:00
Peter Steinberger
454fccd784 fix(browser): keep screenshots private by default (#101434)
* fix(browser): keep screenshots private by default

* fix(browser): preserve screenshot share handles

* fix(browser): stage explicit screenshot shares

* test(browser): avoid screenshot share temp files
2026-07-07 11:56:49 +01:00
ml12580
c1f9087e8e fix(cli): accept parent options placed after lazy subcommands (#55563 regression 1) [AI-assisted] (#94431)
* fix(cli): restore lazy parent option ordering

Co-authored-by: ml12580 <long.xinyuan3@xydigit.com>

* chore: defer release-owned changelog entry

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 09:45:04 +01:00
Peter Steinberger
01d6ea1f0e feat(browser): expose agent download actions (#101369)
* feat(browser): expose agent download actions

Co-authored-by: changcy <742592895@qq.com>

* chore: keep release notes in PR context

---------

Co-authored-by: changcy <742592895@qq.com>
2026-07-07 06:17:52 +01:00
Vincent Koc
a7031832ec fix(browser): refresh extension relay token rotation 2026-07-07 06:12:50 +02:00
Peter Steinberger
654029892d feat(browser): pair the Chrome extension directly to a remote gateway (#101127)
* feat(browser): direct extension→gateway relay path for remote Chrome (#53599)

Let the OpenClaw Chrome extension pair directly to a remote gateway over
wss:// with no OpenClaw node host on the browser machine — the managed-hosting
path from #53599 (extension is the only thing installed on the laptop).

- Gateway route /browser/extension registered by the browser plugin with
  auth:"plugin" + no nodeCapability, so the gateway does not pre-enforce token
  auth (browser WebSockets cannot send an Authorization header). The upgrade
  handler self-validates the host-local relay secret from ?token=, origin-checks
  chrome-extension://, resolves the extension profile, then attaches the socket
  to the same ExtensionRelayBridge the loopback relay uses. All CDP synthesis,
  tab-group scoping, and the in-process Playwright /cdp client are unchanged.
- `openclaw browser extension pair --gateway-url wss://host` prints a
  wss://host/browser/extension#<secret> string; the path ends in /extension so
  the extension's existing pairing parser accepts it with zero extension code
  changes.
- relay-server: extract attachExtensionWebSocket + export requestToken /
  isAllowedExtensionOrigin / EXTENSION_RELAY_MAX_PAYLOAD_BYTES so loopback and
  gateway paths share one bind + one frame cap.
- runtime-lifecycle: dispose the shared gateway WebSocketServer on shutdown.
- docs: three remote topologies (same host / direct-to-gateway / via node host).

Coverage: 6 unit tests for the handler's path/503/403/404/401/attach branches.
The full extension→bridge→CDP→Chrome loop over /browser/extension was live-proven
with a real Chrome + the built extension. The real gateway upgrade→handleUpgrade
dispatch for an auth:"plugin" unprotected route is verified against core
(server-http.ts, plugins-http.ts, route-auth.ts).

* fix(browser): harden remote extension pairing
2026-07-07 04:31:52 +01:00
Vincent Koc
775ef966c3 refactor(deadcode): localize internal type aliases (#101243) 2026-07-06 17:57:32 -07:00
huangjianxiong
c3c4d03f90 fix(browser): bound response text decoding (#98940)
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-07 01:25:49 +01:00
Peter Steinberger
5a7c67682f fix(browser): isolate CDP control host policy (#101171) 2026-07-06 23:14:48 +01:00
lsr911
e924f30bf5 fix(browser): guard readFields JSON.parse against malformed CLI input (#98861)
* fix(browser): guard readFields JSON.parse against malformed user input

Wraps JSON.parse(payload) in readFields() with try/catch, throwing a
descriptive Error when CLI --fields or --fields-file input contains
malformed JSON instead of raw SyntaxError.

8/8 proof assertions pass using standalone script that imports and
calls the real exported readFields() with malformed field strings.

Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: lsr911 <liao.shirong@xydigit.com>

* fix(browser): add vitest malformed JSON tests, remove standalone proof

ClawSweeper feedback: added 2 vitest tests (malformed JSON, empty fields)
to the existing shared.test.ts, removed standalone proof script.

Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: lsr911 <liao.shirong@xydigit.com>

* fix(browser): cover malformed fields at CLI boundary

---------

Signed-off-by: lsr911 <liao.shirong@xydigit.com>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-06 23:14:00 +01:00
ANIRUDDHA ADAK
1d375c31da test(browser): replace broad win32 skip with dynamic directory symlink check (#90365)
* test(browser): replace broad win32 skip with dynamic directory symlink check

* fix(browser): refine directory symlink probe to ensure cleanup and remove random string usage

* test(browser): scope symlink capability checks to the case

---------

Co-authored-by: Aniruddha Adak <aniruddhaadak80@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-06 20:52:02 +01:00
mushuiyu886
8f7d0a36f9 fix(browser): bound client fetch success JSON reads (#100889)
* fix(browser): bound client fetch success JSON reads

* fix(browser): preserve supported response body sizes

* docs(changelog): note browser response bounds

* chore: keep release changelog owner-only

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-06 20:48:07 +01:00
NianJiu
06efc2ae41 fix(browser): navigate works with CDP hostname allowlist (#100986)
* fix(browser): allow CDP host through hostname allowlist

* test(browser): prove CDP grants stay control-only

* docs(changelog): note remote browser CDP policy fix

* fix(browser): honor restrictive CDP host policy

* chore: keep release changelog owner-only

* fix(browser): align profile CDP creation policy

* fix(browser): keep remote CDP policy explicit

* test(browser): prove Playwright control allowlist isolation

---------

Co-authored-by: NianJiuZst <180004567+NianJiuZst@users.noreply.github.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-07-06 20:11:52 +01:00