@darbotlabs/darbot-browser-mcp 0.1.1 → 1.3.0

package/lib/browserServer.js

@@ -1,5 +1,5 @@
 /**
- * Copyright (c) Microsoft Corporation.
+ * Copyright (c) DarbotLabs.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

package/lib/cdpRelay.js

@@ -1,5 +1,5 @@
 /**
- * Copyright (c) Microsoft Corporation.
+ * Copyright (c) DarbotLabs.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -161,7 +161,7 @@ export class CDPRelayServer extends EventEmitter {
                     result: {
                         protocolVersion: '1.3',
                         product: 'Browser/Extension-Bridge',
-                        userAgent: 'CDP-Bridge-Server/1.0.0',
+                        userAgent: 'CDP-Bridge-Server/1.3.0',
                     }
                 });
                 break;

package/lib/common.js

@@ -0,0 +1,68 @@
+/**
+ * Copyright (c) DarbotLabs.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import { z } from 'zod';
+import { defineTool } from './tools/tool.js';
+const close = defineTool({
+    capability: 'core',
+    schema: {
+        name: 'browser_close',
+        title: 'Autonomous browser closure',
+        description: 'Autonomously close the browser session and terminate all operations',
+        inputSchema: z.object({}),
+        type: 'readOnly',
+    },
+    handle: async (context) => {
+        await context.close();
+        return {
+            code: [`await page.close()`],
+            captureSnapshot: false,
+            waitForNetwork: false,
+        };
+    },
+});
+const resize = captureSnapshot => defineTool({
+    capability: 'core',
+    schema: {
+        name: 'browser_resize',
+        title: 'Autonomous window resizing',
+        description: 'Autonomously resize the browser window to specific dimensions for optimal viewing',
+        inputSchema: z.object({
+            width: z.number().describe('Width of the browser window'),
+            height: z.number().describe('Height of the browser window'),
+        }),
+        type: 'readOnly',
+    },
+    handle: async (context, params) => {
+        const tab = context.currentTabOrDie();
+        const code = [
+            `// Resize browser window to ${params.width}x${params.height}`,
+            `await page.setViewportSize({ width: ${params.width}, height: ${params.height} });`
+        ];
+        const action = async () => {
+            await tab.page.setViewportSize({ width: params.width, height: params.height });
+        };
+        return {
+            code,
+            action,
+            captureSnapshot,
+            waitForNetwork: true
+        };
+    },
+});
+export default (captureSnapshot) => [
+    close,
+    resize(captureSnapshot)
+];

package/lib/config.js

@@ -1,5 +1,5 @@
 /**
- * Copyright (c) Microsoft Corporation.
+ * Copyright (c) DarbotLabs.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -39,7 +39,36 @@ const defaultConfig = {
         allowedOrigins: undefined,
         blockedOrigins: undefined,
     },
-    server: {},
+    server: {
+        baseUrl: process.env.SERVER_BASE_URL,
+        https: {
+            enabled: false
+        },
+        rateLimit: {
+            enabled: false,
+            windowMs: 15 * 60 * 1000, // 15 minutes
+            maxRequests: 100
+        }
+    },
+    copilotStudio: {
+        enabled: process.env.COPILOT_STUDIO_ENABLED === 'true',
+        callbackUrl: process.env.COPILOT_STUDIO_CALLBACK_URL,
+        maxConcurrentSessions: parseInt(process.env.MAX_CONCURRENT_SESSIONS || '10', 10),
+        sessionTimeoutMs: parseInt(process.env.SESSION_TIMEOUT_MS || '1800000', 10), // 30 minutes
+        auditLogging: process.env.AUDIT_LOGGING_ENABLED === 'true'
+    },
+    auth: {
+        entraId: {
+            enabled: process.env.ENTRA_AUTH_ENABLED === 'true',
+            tenantId: process.env.AZURE_TENANT_ID,
+            clientId: process.env.AZURE_CLIENT_ID,
+            clientSecret: process.env.AZURE_CLIENT_SECRET
+        },
+        apiKey: {
+            enabled: process.env.API_KEY_AUTH_ENABLED === 'true',
+            keys: process.env.API_KEYS?.split(',') || []
+        }
+    },
     outputDir: path.join(os.tmpdir(), 'darbot-browser-mcp-output', sanitizeForFilePath(new Date().toISOString())),
 };
 export async function resolveConfig(config) {
@@ -124,6 +153,11 @@ export async function configFromCLIOptions(cliOptions) {
         contextOptions.ignoreHTTPSErrors = true;
     if (cliOptions.blockServiceWorkers)
         contextOptions.serviceWorkers = 'block';
+    // Set Edge profile environment variables for session state tracking
+    if (cliOptions.edgeProfile)
+        process.env.DARBOT_EDGE_PROFILE = cliOptions.edgeProfile;
+    if (cliOptions.edgeProfileEmail)
+        process.env.DARBOT_EDGE_PROFILE_EMAIL = cliOptions.edgeProfileEmail;
     const result = {
         browser: {
             browserAgent: cliOptions.browserAgent ?? process.env.PW_BROWSER_AGENT,
@@ -135,7 +169,8 @@ export async function configFromCLIOptions(cliOptions) {
             cdpEndpoint: cliOptions.cdpEndpoint,
         },
         server: {
-            port: cliOptions.port,
+            // Support PORT environment variable (common in cloud deployments like Azure)
+            port: cliOptions.port ?? (process.env.PORT ? parseInt(process.env.PORT, 10) : undefined),
             host: cliOptions.host,
         },
         capabilities: cliOptions.caps?.split(',').map((c) => c.trim()),
@@ -198,6 +233,30 @@ function mergeConfig(base, overrides) {
         server: {
             ...pickDefined(base.server),
             ...pickDefined(overrides.server),
+            https: {
+                ...pickDefined(base.server?.https),
+                ...pickDefined(overrides.server?.https),
+            },
+            rateLimit: {
+                ...pickDefined(base.server?.rateLimit),
+                ...pickDefined(overrides.server?.rateLimit),
+            }
         },
+        copilotStudio: {
+            ...pickDefined(base.copilotStudio),
+            ...pickDefined(overrides.copilotStudio),
+        },
+        auth: {
+            ...pickDefined(base.auth),
+            ...pickDefined(overrides.auth),
+            entraId: {
+                ...pickDefined(base.auth?.entraId),
+                ...pickDefined(overrides.auth?.entraId),
+            },
+            apiKey: {
+                ...pickDefined(base.auth?.apiKey),
+                ...pickDefined(overrides.auth?.apiKey),
+            }
+        }
     };
 }

package/lib/connection.js

@@ -1,5 +1,5 @@
 /**
- * Copyright (c) Microsoft Corporation.
+ * Copyright (c) DarbotLabs.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

package/lib/context.js

@@ -1,5 +1,5 @@
 /**
- * Copyright (c) Microsoft Corporation.
+ * Copyright (c) DarbotLabs.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

package/lib/fileUtils.js

@@ -1,5 +1,5 @@
 /**
- * Copyright (c) Microsoft Corporation.
+ * Copyright (c) DarbotLabs.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

package/lib/guardrails.js

@@ -0,0 +1,382 @@
+/**
+ * Copyright (c) DarbotLabs.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import debug from 'debug';
+const log = debug('darbot:guardrails');
+/**
+ * Guardrail system for safe autonomous operation
+ */
+export class GuardrailSystem {
+    config;
+    domainCounts = new Map();
+    actionHistory = [];
+    rateLimiter;
+    constructor(config = {}) {
+        this.config = {
+            maxPagesPerDomain: 50,
+            maxDepth: 5,
+            timeoutMs: 300000, // 5 minutes
+            allowedDomains: [],
+            blockedDomains: [
+                'facebook.com', 'twitter.com', 'linkedin.com', 'instagram.com',
+                'tiktok.com', 'youtube.com', 'gmail.com', 'outlook.com'
+            ],
+            blockedPatterns: [
+                /\/login\/?$/i,
+                /\/register\/?$/i,
+                /\/signup\/?$/i,
+                /\/logout\/?$/i,
+                /\/admin\/?/i,
+                /\/api\//i,
+                /\.exe$/i,
+                /\.dmg$/i,
+                /\.zip$/i,
+                /malware/i,
+                /virus/i,
+                /hack/i,
+                /illegal/i
+            ],
+            rateLimit: {
+                requestsPerSecond: 2,
+                burstSize: 5
+            },
+            safetyChecks: {
+                preventInfiniteLoops: true,
+                preventDestructiveActions: true,
+                requireUserConfirmation: false
+            },
+            ...config
+        };
+        this.rateLimiter = new RateLimiter(this.config.rateLimit.requestsPerSecond, this.config.rateLimit.burstSize);
+    }
+    /**
+     * Validate a crawl action before execution
+     */
+    async validateAction(action, context) {
+        log('Validating action:', action.type, action.target || action.url);
+        // Check rate limiting
+        if (!this.rateLimiter.allowRequest()) {
+            return {
+                allowed: false,
+                reason: 'Rate limit exceeded. Please slow down requests.'
+            };
+        }
+        // Check timeout
+        if (this.isSessionTimedOut(context.sessionStartTime)) {
+            return {
+                allowed: false,
+                reason: `Session timeout exceeded (${this.config.timeoutMs}ms)`
+            };
+        }
+        // Check depth limit
+        if (context.currentDepth > this.config.maxDepth) {
+            return {
+                allowed: false,
+                reason: `Maximum crawl depth exceeded (${this.config.maxDepth})`
+            };
+        }
+        // Validate specific action types
+        switch (action.type) {
+            case 'navigate':
+                return this.validateNavigation(action, context);
+            case 'click':
+                return this.validateClick(action, context);
+            case 'type':
+                return this.validateType(action, context);
+            case 'finish':
+                return { allowed: true };
+            default:
+                return { allowed: true };
+        }
+    }
+    /**
+     * Validate navigation actions
+     */
+    validateNavigation(action, context) {
+        if (!action.url)
+            return { allowed: false, reason: 'Navigation action missing URL' };
+        // URL safety checks
+        const urlCheck = this.validateUrl(action.url);
+        if (!urlCheck.allowed)
+            return urlCheck;
+        // Domain count check
+        const domain = this.extractDomain(action.url);
+        const domainCount = this.domainCounts.get(domain) || 0;
+        if (domainCount >= this.config.maxPagesPerDomain) {
+            return {
+                allowed: false,
+                reason: `Maximum pages per domain exceeded for ${domain} (${this.config.maxPagesPerDomain})`
+            };
+        }
+        // Infinite loop prevention
+        if (this.config.safetyChecks.preventInfiniteLoops) {
+            const loopCheck = this.detectInfiniteLoop(action, context);
+            if (!loopCheck.allowed)
+                return loopCheck;
+        }
+        // Update domain count
+        this.domainCounts.set(domain, domainCount + 1);
+        return { allowed: true };
+    }
+    /**
+     * Validate click actions
+     */
+    validateClick(action, context) {
+        if (!action.target)
+            return { allowed: false, reason: 'Click action missing target selector' };
+        // Check for potentially destructive actions
+        if (this.config.safetyChecks.preventDestructiveActions) {
+            const destructiveCheck = this.checkDestructiveClick(action);
+            if (!destructiveCheck.allowed)
+                return destructiveCheck;
+        }
+        return { allowed: true };
+    }
+    /**
+     * Validate type actions
+     */
+    validateType(action, context) {
+        if (!action.text)
+            return { allowed: false, reason: 'Type action missing text' };
+        // Prevent sensitive data input
+        const sensitivePatterns = [
+            /password/i,
+            /ssn/i,
+            /social.security/i,
+            /credit.card/i,
+            /bank.account/i,
+            /api.key/i,
+            /secret/i,
+            /token/i
+        ];
+        const containsSensitive = sensitivePatterns.some(pattern => pattern.test(action.text) || pattern.test(action.target || ''));
+        if (containsSensitive) {
+            return {
+                allowed: false,
+                reason: 'Type action appears to contain sensitive information'
+            };
+        }
+        return { allowed: true };
+    }
+    /**
+     * Validate URL safety
+     */
+    validateUrl(url) {
+        try {
+            const urlObj = new URL(url);
+            // Protocol check
+            if (!['http:', 'https:'].includes(urlObj.protocol)) {
+                return {
+                    allowed: false,
+                    reason: `Unsafe protocol: ${urlObj.protocol}`
+                };
+            }
+            // Domain whitelist check
+            if (this.config.allowedDomains && this.config.allowedDomains.length > 0) {
+                const isAllowed = this.config.allowedDomains.some(domain => urlObj.hostname === domain || urlObj.hostname.endsWith('.' + domain));
+                if (!isAllowed) {
+                    return {
+                        allowed: false,
+                        reason: `Domain not in allowlist: ${urlObj.hostname}`
+                    };
+                }
+            }
+            // Domain blocklist check
+            if (this.config.blockedDomains) {
+                const isBlocked = this.config.blockedDomains.some(domain => urlObj.hostname === domain || urlObj.hostname.endsWith('.' + domain));
+                if (isBlocked) {
+                    return {
+                        allowed: false,
+                        reason: `Domain is blocked: ${urlObj.hostname}`
+                    };
+                }
+            }
+            // Pattern check
+            if (this.config.blockedPatterns) {
+                const matchedPattern = this.config.blockedPatterns.find(pattern => pattern.test(url));
+                if (matchedPattern) {
+                    return {
+                        allowed: false,
+                        reason: `URL matches blocked pattern: ${matchedPattern.source}`
+                    };
+                }
+            }
+            return { allowed: true };
+        }
+        catch (error) {
+            return {
+                allowed: false,
+                reason: `Invalid URL: ${error}`
+            };
+        }
+    }
+    /**
+     * Detect infinite loop patterns
+     */
+    detectInfiniteLoop(action, context) {
+        if (action.type !== 'navigate' || !action.url)
+            return { allowed: true };
+        // Check if we've visited this URL recently
+        const recentActions = this.actionHistory
+            .filter(h => Date.now() - h.timestamp < 60000) // Last minute
+            .filter(h => h.action.type === 'navigate' && h.action.url === action.url);
+        if (recentActions.length >= 3) {
+            return {
+                allowed: false,
+                reason: `Potential infinite loop detected: visited ${action.url} ${recentActions.length} times in the last minute`
+            };
+        }
+        // Check for back-and-forth patterns
+        const lastFewActions = this.actionHistory.slice(-6)
+            .filter(h => h.action.type === 'navigate')
+            .map(h => h.action.url);
+        if (lastFewActions.length >= 4) {
+            const pattern = [lastFewActions[0], lastFewActions[1]];
+            let patternCount = 0;
+            for (let i = 0; i < lastFewActions.length - 1; i += 2) {
+                if (lastFewActions[i] === pattern[0] && lastFewActions[i + 1] === pattern[1])
+                    patternCount++;
+            }
+            if (patternCount >= 2) {
+                return {
+                    allowed: false,
+                    reason: 'Infinite navigation loop detected between two URLs'
+                };
+            }
+        }
+        return { allowed: true };
+    }
+    /**
+     * Check for potentially destructive click actions
+     */
+    checkDestructiveClick(action) {
+        if (!action.target)
+            return { allowed: true };
+        const destructivePatterns = [
+            /delete/i,
+            /remove/i,
+            /cancel/i,
+            /logout/i,
+            /sign.?out/i,
+            /unsubscribe/i,
+            /deactivate/i,
+            /close.account/i,
+            /purchase/i,
+            /buy.now/i,
+            /order.now/i,
+            /submit.payment/i
+        ];
+        const isDestructive = destructivePatterns.some(pattern => pattern.test(action.target) || pattern.test(action.reason || ''));
+        if (isDestructive) {
+            return {
+                allowed: false,
+                reason: 'Click action appears to be potentially destructive'
+            };
+        }
+        return { allowed: true };
+    }
+    /**
+     * Record an action in history
+     */
+    recordAction(action, url) {
+        this.actionHistory.push({
+            action,
+            timestamp: Date.now(),
+            url
+        });
+        // Keep only recent history
+        const cutoff = Date.now() - 3600000; // 1 hour
+        while (this.actionHistory.length > 0 && this.actionHistory[0].timestamp < cutoff)
+            this.actionHistory.shift();
+    }
+    /**
+     * Check if session has timed out
+     */
+    isSessionTimedOut(sessionStartTime) {
+        return Date.now() - sessionStartTime > this.config.timeoutMs;
+    }
+    /**
+     * Extract domain from URL
+     */
+    extractDomain(url) {
+        try {
+            return new URL(url).hostname;
+        }
+        catch {
+            return url;
+        }
+    }
+    /**
+     * Get guardrail statistics
+     */
+    getStats() {
+        return {
+            domainCounts: Object.fromEntries(this.domainCounts),
+            actionsRecorded: this.actionHistory.length,
+            rateLimiterStatus: this.rateLimiter.getStatus(),
+            config: this.config
+        };
+    }
+    /**
+     * Reset guardrail state
+     */
+    reset() {
+        this.domainCounts.clear();
+        this.actionHistory.length = 0;
+        this.rateLimiter.reset();
+    }
+}
+/**
+ * Simple rate limiter implementation
+ */
+class RateLimiter {
+    tokens;
+    lastRefill;
+    maxTokens;
+    refillRate; // tokens per second
+    constructor(tokensPerSecond, burstSize) {
+        this.maxTokens = burstSize;
+        this.refillRate = tokensPerSecond;
+        this.tokens = burstSize;
+        this.lastRefill = Date.now();
+    }
+    allowRequest() {
+        this.refillTokens();
+        if (this.tokens >= 1) {
+            this.tokens -= 1;
+            return true;
+        }
+        return false;
+    }
+    refillTokens() {
+        const now = Date.now();
+        const timePassed = (now - this.lastRefill) / 1000;
+        const tokensToAdd = timePassed * this.refillRate;
+        this.tokens = Math.min(this.maxTokens, this.tokens + tokensToAdd);
+        this.lastRefill = now;
+    }
+    getStatus() {
+        this.refillTokens();
+        return {
+            tokens: Math.floor(this.tokens),
+            maxTokens: this.maxTokens,
+            refillRate: this.refillRate
+        };
+    }
+    reset() {
+        this.tokens = this.maxTokens;
+        this.lastRefill = Date.now();
+    }
+}