@flrande/browserctl 0.5.0 → 0.6.0

package/apps/browserd/src/main.test.ts

@@ -1,1436 +0,0 @@
-import { beforeEach, describe, expect, it } from "vitest";
-import { PassThrough } from "node:stream";
-import { createConnection } from "node:net";
-
-import { createContainer, loadBrowserdConfig } from "./container";
-import { bootstrapBrowserd } from "./bootstrap";
-import { reserveLoopbackPort } from "./test-port";
-
-function waitForNextJsonLine(stream: PassThrough): Promise<Record<string, unknown>> {
-  return new Promise((resolve, reject) => {
-    let buffer = "";
-    const timeout = setTimeout(() => {
-      stream.off("data", onData);
-      reject(new Error("Timed out waiting for JSON line response."));
-    }, 1000);
-
-    const onData = (chunk: string | Buffer) => {
-      buffer += typeof chunk === "string" ? chunk : chunk.toString("utf8");
-      const newlineIndex = buffer.indexOf("\n");
-      if (newlineIndex < 0) {
-        return;
-      }
-
-      clearTimeout(timeout);
-      stream.off("data", onData);
-      const line = buffer.slice(0, newlineIndex);
-
-      resolve(JSON.parse(line) as Record<string, unknown>);
-    };
-
-    stream.on("data", onData);
-  });
-}
-
-function sendToolRequest(
-  input: PassThrough,
-  output: PassThrough,
-  request: Record<string, unknown>
-): Promise<Record<string, unknown>> {
-  const responsePromise = waitForNextJsonLine(output);
-  input.write(`${JSON.stringify(request)}\n`);
-  return responsePromise;
-}
-
-function sendTcpToolRequest(
-  port: number,
-  request: Record<string, unknown>
-): Promise<Record<string, unknown>> {
-  return new Promise((resolve, reject) => {
-    const socket = createConnection({ host: "127.0.0.1", port });
-    socket.setEncoding("utf8");
-
-    let buffer = "";
-    const timeout = setTimeout(() => {
-      socket.destroy();
-      reject(new Error("Timed out waiting for TCP response."));
-    }, 1000);
-
-    socket.on("error", (error) => {
-      clearTimeout(timeout);
-      reject(error);
-    });
-
-    socket.on("connect", () => {
-      socket.write(`${JSON.stringify(request)}\n`);
-    });
-
-    socket.on("data", (chunk: string) => {
-      buffer += chunk;
-      const lineBreakIndex = buffer.indexOf("\n");
-      if (lineBreakIndex < 0) {
-        return;
-      }
-
-      clearTimeout(timeout);
-      socket.end();
-      resolve(JSON.parse(buffer.slice(0, lineBreakIndex)) as Record<string, unknown>);
-    });
-  });
-}
-
-let testRelayPort = 0;
-let testTcpPort = 0;
-
-beforeEach(async () => {
-  testRelayPort = await reserveLoopbackPort();
-  testTcpPort = await reserveLoopbackPort();
-  while (testTcpPort === testRelayPort) {
-    testTcpPort = await reserveLoopbackPort();
-  }
-});
-
-function createTestEnv(
-  overrides: Record<string, string | undefined> = {}
-): Record<string, string | undefined> {
-  return {
-    BROWSERD_CHROME_RELAY_URL: `http://127.0.0.1:${testRelayPort}`,
-    ...overrides
-  };
-}
-
-describe("browserd container", () => {
-  it("uses secure defaults for new security config fields", () => {
-    const config = loadBrowserdConfig({});
-
-    expect(config.defaultDriver).toBe("chrome-relay");
-    expect(config.chromeRelayMode).toBe("extension");
-    expect(config.chromeRelayExtensionToken).toBe("browserctl-relay");
-    expect(config.managedLocalEnabled).toBe(true);
-    expect(config.uploadRoot).toBeUndefined();
-    expect(config.downloadRoot).toBeUndefined();
-    expect(config.authToken).toBeUndefined();
-    expect(config.authScopes).toEqual(["read", "act", "upload", "download"]);
-    expect(config.sessionTtlMs).toBe(30 * 60 * 1_000);
-    expect(config.sessionCleanupIntervalMs).toBe(60 * 1_000);
-    expect(config.domainAllowlistMode).toBe("off");
-    expect(config.domainAllowlist).toEqual([]);
-    expect(config.sessionMaxTotal).toBe(200);
-    expect(config.sessionMaxPerTenant).toBe(50);
-    expect(config.sessionRequireTenantPrefix).toBe(false);
-    expect(config.tenantAllowlist).toEqual([]);
-  });
-
-  it("registers managed-local, managed, chrome-relay, and remote-cdp drivers by default", () => {
-    const c = createContainer(loadBrowserdConfig(createTestEnv()));
-
-    expect(c.drivers.has("managed-local")).toBe(true);
-    expect(c.drivers.has("managed")).toBe(true);
-    expect(c.drivers.has("chrome-relay")).toBe(true);
-    expect(c.drivers.has("remote-cdp")).toBe(true);
-    c.close();
-  });
-
-  it("uses env override in loadBrowserdConfig", () => {
-    const config = loadBrowserdConfig({
-      BROWSERD_REMOTE_CDP_URL: "http://127.0.0.1:9333/devtools/browser/override",
-      BROWSERD_UPLOAD_ROOT: "C:\\safe\\uploads",
-      BROWSERD_DOWNLOAD_ROOT: "C:\\safe\\downloads",
-      BROWSERD_AUTH_TOKEN: "test-token",
-      BROWSERD_AUTH_SCOPES: " read, download ",
-      BROWSERD_SESSION_TTL_MS: "120000",
-      BROWSERD_SESSION_CLEANUP_INTERVAL_MS: "5000",
-      BROWSERD_DOMAIN_ALLOWLIST_MODE: "enforce",
-      BROWSERD_DOMAIN_ALLOWLIST: "example.com,*.corp.local",
-      BROWSERD_SESSION_MAX_TOTAL: "2",
-      BROWSERD_SESSION_MAX_PER_TENANT: "1",
-      BROWSERD_SESSION_REQUIRE_TENANT_PREFIX: "true",
-      BROWSERD_TENANT_ALLOWLIST: "finance,ops"
-    });
-
-    expect(config.remoteCdpUrl).toBe("http://127.0.0.1:9333/devtools/browser/override");
-    expect(config.chromeRelayUrl).toBe("http://127.0.0.1:9223");
-    expect(config.defaultDriver).toBe("chrome-relay");
-    expect(config.managedLocalEnabled).toBe(true);
-    expect(config.uploadRoot).toBe("C:\\safe\\uploads");
-    expect(config.downloadRoot).toBe("C:\\safe\\downloads");
-    expect(config.authToken).toBe("test-token");
-    expect(config.authScopes).toEqual(["read", "download"]);
-    expect(config.sessionTtlMs).toBe(120000);
-    expect(config.sessionCleanupIntervalMs).toBe(5000);
-    expect(config.domainAllowlistMode).toBe("enforce");
-    expect(config.domainAllowlist).toEqual(["example.com", "*.corp.local"]);
-    expect(config.sessionMaxTotal).toBe(2);
-    expect(config.sessionMaxPerTenant).toBe(1);
-    expect(config.sessionRequireTenantPrefix).toBe(true);
-    expect(config.tenantAllowlist).toEqual(["finance", "ops"]);
-  });
-
-  it("uses memory defaults in loadBrowserdConfig", () => {
-    const config = loadBrowserdConfig({});
-
-    expect(config.memoryEnabled).toBe(true);
-    expect(config.memoryMode).toBe("ask");
-    expect(config.memoryTtlDays).toBe(30);
-    expect(config.memoryPath).toBe(".browserctl-runtime/navigation-memory.json");
-  });
-
-  it("uses memory env overrides in loadBrowserdConfig", () => {
-    const config = loadBrowserdConfig({
-      BROWSERD_MEMORY_ENABLED: "false",
-      BROWSERD_MEMORY_MODE: "auto",
-      BROWSERD_MEMORY_TTL_DAYS: "7",
-      BROWSERD_MEMORY_PATH: ".browserctl-runtime/memory-custom.json"
-    });
-
-    expect(config.memoryEnabled).toBe(false);
-    expect(config.memoryMode).toBe("auto");
-    expect(config.memoryTtlDays).toBe(7);
-    expect(config.memoryPath).toBe(".browserctl-runtime/memory-custom.json");
-  });
-
-  it("parses chrome relay extension mode env values", () => {
-    const config = loadBrowserdConfig({
-      BROWSERD_CHROME_RELAY_MODE: "extension",
-      BROWSERD_CHROME_RELAY_URL: "http://127.0.0.1:9555",
-      BROWSERD_CHROME_RELAY_EXTENSION_TOKEN: "relay-secret",
-      BROWSERD_CHROME_RELAY_EXTENSION_REQUEST_TIMEOUT_MS: "7000"
-    });
-
-    expect(config.chromeRelayMode).toBe("extension");
-    expect(config.chromeRelayUrl).toBe("http://127.0.0.1:9555");
-    expect(config.chromeRelayExtensionToken).toBe("relay-secret");
-    expect(config.chromeRelayExtensionRequestTimeoutMs).toBe(7000);
-  });
-
-  it("respects explicit cdp relay mode override", () => {
-    const config = loadBrowserdConfig({
-      BROWSERD_CHROME_RELAY_MODE: "cdp"
-    });
-
-    expect(config.chromeRelayMode).toBe("cdp");
-  });
-
-  it("uses default extension relay token when extension mode is enabled", () => {
-    const config = loadBrowserdConfig({
-      BROWSERD_CHROME_RELAY_MODE: "extension"
-    });
-
-    expect(config.chromeRelayMode).toBe("extension");
-    expect(config.chromeRelayExtensionToken).toBe("browserctl-relay");
-  });
-
-  it("keeps chrome-relay as default when managed-local is explicitly disabled", () => {
-    const config = loadBrowserdConfig({
-      BROWSERD_MANAGED_LOCAL_ENABLED: "false"
-    });
-
-    expect(config.managedLocalEnabled).toBe(false);
-    expect(config.defaultDriver).toBe("chrome-relay");
-  });
-
-  it("does not register managed-local driver when explicitly disabled", () => {
-    const c = createContainer(
-      loadBrowserdConfig({
-        ...createTestEnv(),
-        BROWSERD_MANAGED_LOCAL_ENABLED: "false"
-      })
-    );
-
-    expect(c.drivers.has("managed-local")).toBe(false);
-    c.close();
-  });
-});
-
-describe("browserd bootstrap", () => {
-  it("starts mcp stdio runtime with container wiring", () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-
-    const runtime = bootstrapBrowserd({ env: createTestEnv(), input, output });
-
-    expect(runtime.mcpStdioStarted).toBe(true);
-    expect(runtime.container.drivers.has("managed")).toBe(true);
-    expect(runtime.container.drivers.has("chrome-relay")).toBe(true);
-    expect(runtime.container.drivers.has("remote-cdp")).toBe(true);
-    expect(runtime.container.drivers.has("managed-local")).toBe(true);
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("supports tcp transport mode for persistent daemon use", async () => {
-    const port = testTcpPort;
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_TRANSPORT: "tcp",
-        BROWSERD_PORT: String(port),
-        BROWSERD_AUTH_TOKEN: "tcp-token"
-      })
-    });
-
-    const response = await sendTcpToolRequest(port, {
-      id: "request-tcp-status",
-      name: "browser.status",
-      traceId: "trace:tcp",
-      arguments: {
-        sessionId: "session:tcp",
-        authToken: "tcp-token"
-      }
-    });
-
-    expect(response.ok).toBe(true);
-    expect(response.id).toBe("request-tcp-status");
-    expect(response.traceId).toBe("trace:tcp");
-    expect(response.sessionId).toBe("session:tcp");
-    expect(response.data).toMatchObject({
-      kind: "browserd",
-      ready: true
-    });
-
-    runtime.close();
-  });
-
-  it("rejects tcp transport mode when auth token is not configured", () => {
-    let runtime: ReturnType<typeof bootstrapBrowserd> | undefined;
-    try {
-      expect(() => {
-        runtime = bootstrapBrowserd({
-          env: createTestEnv({
-            BROWSERD_TRANSPORT: "tcp",
-            BROWSERD_PORT: String(testTcpPort)
-          })
-        });
-      }).toThrow("BROWSERD_AUTH_TOKEN");
-    } finally {
-      runtime?.close();
-    }
-  });
-
-  it("processes line-delimited requests and writes response with id", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({ env: createTestEnv(), input, output, stdioProtocol: "legacy" });
-
-    const response = await sendToolRequest(input, output, {
-      id: "request-1",
-      name: "browser.status",
-      traceId: "trace:test-1",
-      arguments: {
-        sessionId: "session:test-1"
-      }
-    });
-
-    expect(response.id).toBe("request-1");
-    expect(response.ok).toBe(true);
-    expect(response.traceId).toBe("trace:test-1");
-    expect(response.sessionId).toBe("session:test-1");
-    expect(response.data).toMatchObject({
-      kind: "browserd",
-      ready: true,
-      driver: "chrome-relay"
-    });
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("supports managed-local as default driver when enabled", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_MANAGED_LOCAL_ENABLED: "true",
-        BROWSERD_DEFAULT_DRIVER: "managed-local"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const response = await sendToolRequest(input, output, {
-      id: "request-local-default",
-      name: "browser.status",
-      traceId: "trace:local-default",
-      arguments: {
-        sessionId: "session:local-default"
-      }
-    });
-
-    expect(response.ok).toBe(true);
-    expect(response.data).toMatchObject({
-      kind: "browserd",
-      ready: true,
-      driver: "managed-local"
-    });
-    expect((response.data as { status: { kind: string; launched: boolean } }).status).toMatchObject({
-      kind: "managed-local",
-      launched: false
-    });
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("falls back to managed when configured default is unavailable", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_DEFAULT_DRIVER: "managed-local",
-        BROWSERD_MANAGED_LOCAL_ENABLED: "false"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const response = await sendToolRequest(input, output, {
-      id: "request-default-fallback",
-      name: "browser.status",
-      traceId: "trace:default-fallback",
-      arguments: {
-        sessionId: "session:default-fallback"
-      }
-    });
-
-    expect(response.ok).toBe(true);
-    expect(response.data).toMatchObject({
-      kind: "browserd",
-      ready: true,
-      driver: "managed"
-    });
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("requires auth token when configured", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_AUTH_TOKEN: "secret-token"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const response = await sendToolRequest(input, output, {
-      id: "request-auth-missing",
-      name: "browser.status",
-      traceId: "trace:auth-missing",
-      arguments: {
-        sessionId: "session:auth-missing"
-      }
-    });
-
-    expect(response.ok).toBe(false);
-    expect(response.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("rejects invalid auth token", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_AUTH_TOKEN: "secret-token"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const response = await sendToolRequest(input, output, {
-      id: "request-auth-invalid",
-      name: "browser.status",
-      traceId: "trace:auth-invalid",
-      arguments: {
-        sessionId: "session:auth-invalid",
-        authToken: "wrong-token"
-      }
-    });
-
-    expect(response.ok).toBe(false);
-    expect(response.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("denies calls when requested tool scope is not allowed", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_DEFAULT_DRIVER: "managed",
-        BROWSERD_AUTH_TOKEN: "secret-token",
-        BROWSERD_AUTH_SCOPES: "read"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const response = await sendToolRequest(input, output, {
-      id: "request-scope-deny",
-      name: "browser.tab.open",
-      traceId: "trace:scope-deny",
-      arguments: {
-        sessionId: "session:scope-deny",
-        authToken: "secret-token",
-        url: "https://example.com"
-      }
-    });
-
-    expect(response.ok).toBe(false);
-    expect(response.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("denies upload and download tools when scopes exclude them", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_DEFAULT_DRIVER: "managed",
-        BROWSERD_AUTH_TOKEN: "secret-token",
-        BROWSERD_AUTH_SCOPES: "read,act"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const openResponse = await sendToolRequest(input, output, {
-      id: "request-scope-open",
-      name: "browser.tab.open",
-      traceId: "trace:scope:open",
-      arguments: {
-        sessionId: "session:scope:file-transfer",
-        authToken: "secret-token",
-        url: "https://example.com/scopes"
-      }
-    });
-
-    const targetId = (openResponse.data as { targetId: string }).targetId;
-
-    const uploadResponse = await sendToolRequest(input, output, {
-      id: "request-scope-upload",
-      name: "browser.upload.arm",
-      traceId: "trace:scope:upload",
-      arguments: {
-        sessionId: "session:scope:file-transfer",
-        authToken: "secret-token",
-        targetId,
-        files: ["C:\\allowed\\uploads\\file.txt"]
-      }
-    });
-
-    expect(uploadResponse.ok).toBe(false);
-    expect(uploadResponse.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-
-    const downloadResponse = await sendToolRequest(input, output, {
-      id: "request-scope-download",
-      name: "browser.download.wait",
-      traceId: "trace:scope:download",
-      arguments: {
-        sessionId: "session:scope:file-transfer",
-        authToken: "secret-token",
-        targetId
-      }
-    });
-
-    expect(downloadResponse.ok).toBe(false);
-    expect(downloadResponse.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("rejects upload paths that escape configured upload root", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_DEFAULT_DRIVER: "managed",
-        BROWSERD_UPLOAD_ROOT: "C:\\allowed\\uploads"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const openResponse = await sendToolRequest(input, output, {
-      id: "request-upload-open",
-      name: "browser.tab.open",
-      traceId: "trace:upload:open",
-      arguments: {
-        sessionId: "session:upload-root",
-        url: "https://example.com/upload"
-      }
-    });
-
-    const targetId = (openResponse.data as { targetId: string }).targetId;
-    const uploadResponse = await sendToolRequest(input, output, {
-      id: "request-upload-arm",
-      name: "browser.upload.arm",
-      traceId: "trace:upload:arm",
-      arguments: {
-        sessionId: "session:upload-root",
-        targetId,
-        files: ["..\\..\\escape.txt"]
-      }
-    });
-
-    expect(uploadResponse.ok).toBe(false);
-    expect(uploadResponse.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("rejects upload-arm when upload root is not configured", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_DEFAULT_DRIVER: "managed"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const openResponse = await sendToolRequest(input, output, {
-      id: "request-upload-root-open",
-      name: "browser.tab.open",
-      traceId: "trace:upload-root:open",
-      arguments: {
-        sessionId: "session:upload-root:required",
-        url: "https://example.com/upload-root"
-      }
-    });
-
-    const targetId = (openResponse.data as { targetId: string }).targetId;
-    const uploadResponse = await sendToolRequest(input, output, {
-      id: "request-upload-root-required",
-      name: "browser.upload.arm",
-      traceId: "trace:upload-root:required",
-      arguments: {
-        sessionId: "session:upload-root:required",
-        targetId,
-        files: ["C:\\temp\\upload.txt"]
-      }
-    });
-
-    expect(uploadResponse.ok).toBe(false);
-    expect(uploadResponse.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-    expect(String(uploadResponse.error?.message ?? "")).toContain("BROWSERD_UPLOAD_ROOT");
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("rejects download paths outside configured download root", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_DEFAULT_DRIVER: "managed",
-        BROWSERD_DOWNLOAD_ROOT: "C:\\allowed\\downloads"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const openResponse = await sendToolRequest(input, output, {
-      id: "request-download-open",
-      name: "browser.tab.open",
-      traceId: "trace:download:open",
-      arguments: {
-        sessionId: "session:download-root",
-        url: "https://example.com/download"
-      }
-    });
-
-    const targetId = (openResponse.data as { targetId: string }).targetId;
-
-    const traversalResponse = await sendToolRequest(input, output, {
-      id: "request-download-wait-traversal",
-      name: "browser.download.wait",
-      traceId: "trace:download:wait:traversal",
-      arguments: {
-        sessionId: "session:download-root",
-        targetId,
-        path: "..\\escape.bin"
-      }
-    });
-
-    expect(traversalResponse.ok).toBe(false);
-    expect(traversalResponse.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-
-    const outsideResponse = await sendToolRequest(input, output, {
-      id: "request-download-wait-outside",
-      name: "browser.download.wait",
-      traceId: "trace:download:wait:outside",
-      arguments: {
-        sessionId: "session:download-root",
-        targetId,
-        path: "D:\\outside\\escape.bin"
-      }
-    });
-
-    expect(outsideResponse.ok).toBe(false);
-    expect(outsideResponse.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("supports POSIX-style upload/download allowlist roots", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_DEFAULT_DRIVER: "managed",
-        BROWSERD_UPLOAD_ROOT: "/allowed/uploads",
-        BROWSERD_DOWNLOAD_ROOT: "/allowed/downloads"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const openResponse = await sendToolRequest(input, output, {
-      id: "request-posix-open",
-      name: "browser.tab.open",
-      traceId: "trace:posix:open",
-      arguments: {
-        sessionId: "session:posix-root",
-        url: "https://example.com/posix"
-      }
-    });
-
-    const targetId = (openResponse.data as { targetId: string }).targetId;
-
-    const uploadResponse = await sendToolRequest(input, output, {
-      id: "request-posix-upload",
-      name: "browser.upload.arm",
-      traceId: "trace:posix:upload",
-      arguments: {
-        sessionId: "session:posix-root",
-        targetId,
-        files: ["reports/q1.csv"]
-      }
-    });
-
-    expect(uploadResponse.ok).toBe(true);
-    expect(uploadResponse.data).toMatchObject({
-      files: ["/allowed/uploads/reports/q1.csv"]
-    });
-
-    const downloadResponse = await sendToolRequest(input, output, {
-      id: "request-posix-download",
-      name: "browser.download.wait",
-      traceId: "trace:posix:download",
-      arguments: {
-        sessionId: "session:posix-root",
-        targetId,
-        path: "reports/out.bin"
-      }
-    });
-
-    expect(downloadResponse.ok).toBe(true);
-    expect(downloadResponse.data).toMatchObject({
-      download: {
-        path: "/allowed/downloads/reports/out.bin"
-      }
-    });
-
-    const traversalResponse = await sendToolRequest(input, output, {
-      id: "request-posix-download-traversal",
-      name: "browser.download.wait",
-      traceId: "trace:posix:download:traversal",
-      arguments: {
-        sessionId: "session:posix-root",
-        targetId,
-        path: "../escape.bin"
-      }
-    });
-
-    expect(traversalResponse.ok).toBe(false);
-    expect(traversalResponse.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("rejects download-wait when download root is not configured", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_DEFAULT_DRIVER: "managed"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const openResponse = await sendToolRequest(input, output, {
-      id: "request-download-root-open",
-      name: "browser.tab.open",
-      traceId: "trace:download-root:open",
-      arguments: {
-        sessionId: "session:download-root:required",
-        url: "https://example.com/download-root"
-      }
-    });
-
-    const targetId = (openResponse.data as { targetId: string }).targetId;
-    const downloadResponse = await sendToolRequest(input, output, {
-      id: "request-download-root-required",
-      name: "browser.download.wait",
-      traceId: "trace:download-root:required",
-      arguments: {
-        sessionId: "session:download-root:required",
-        targetId
-      }
-    });
-
-    expect(downloadResponse.ok).toBe(false);
-    expect(downloadResponse.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-    expect(String(downloadResponse.error?.message ?? "")).toContain("BROWSERD_DOWNLOAD_ROOT");
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("routes tab.open and tab.list through driver-backed tool handlers", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_DEFAULT_DRIVER: "managed"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const openResponse = await sendToolRequest(input, output, {
-      id: "request-open",
-      name: "browser.tab.open",
-      traceId: "trace:open",
-      arguments: {
-        sessionId: "session:flow",
-        url: "https://example.com"
-      }
-    });
-
-    expect(openResponse.ok).toBe(true);
-    expect(openResponse.data).toMatchObject({
-      driver: "managed"
-    });
-    const openedTargetId = (openResponse.data as Record<string, unknown>).targetId;
-    expect(typeof openedTargetId).toBe("string");
-
-    const listResponse = await sendToolRequest(input, output, {
-      id: "request-list",
-      name: "browser.tab.list",
-      traceId: "trace:list",
-      arguments: {
-        sessionId: "session:flow"
-      }
-    });
-
-    expect(listResponse.ok).toBe(true);
-    expect(listResponse.data).toMatchObject({
-      driver: "managed"
-    });
-    expect((listResponse.data as { tabs: string[] }).tabs).toContain(openedTargetId);
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("routes console and network tools for known targets", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_DEFAULT_DRIVER: "managed"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const openResponse = await sendToolRequest(input, output, {
-      id: "request-open-tools",
-      name: "browser.tab.open",
-      traceId: "trace:tools:open",
-      arguments: {
-        sessionId: "session:tools",
-        url: "https://example.com/tools"
-      }
-    });
-
-    const targetId = (openResponse.data as { targetId: string }).targetId;
-
-    const consoleResponse = await sendToolRequest(input, output, {
-      id: "request-console",
-      name: "browser.console.list",
-      traceId: "trace:tools:console",
-      arguments: {
-        sessionId: "session:tools",
-        targetId
-      }
-    });
-
-    expect(consoleResponse.ok).toBe(true);
-    expect(consoleResponse.data).toEqual({
-      driver: "managed",
-      targetId,
-      entries: []
-    });
-
-    const consoleFilteredResponse = await sendToolRequest(input, output, {
-      id: "request-console-filtered",
-      name: "browser.console.list",
-      traceId: "trace:tools:console:filtered",
-      arguments: {
-        sessionId: "session:tools",
-        targetId,
-        type: "error",
-        contains: "timeout",
-        since: "2026-01-01T00:00:00.000Z",
-        limit: 10
-      }
-    });
-
-    expect(consoleFilteredResponse.ok).toBe(true);
-    expect(consoleFilteredResponse.data).toEqual({
-      driver: "managed",
-      targetId,
-      entries: []
-    });
-
-    const networkListResponse = await sendToolRequest(input, output, {
-      id: "request-network-list",
-      name: "browser.network.list",
-      traceId: "trace:tools:network:list",
-      arguments: {
-        sessionId: "session:tools",
-        targetId,
-        limit: 20
-      }
-    });
-
-    expect(networkListResponse.ok).toBe(true);
-    expect(networkListResponse.data).toEqual({
-      driver: "managed",
-      targetId,
-      requests: []
-    });
-
-    const harExportResponse = await sendToolRequest(input, output, {
-      id: "request-network-har-export",
-      name: "browser.network.harExport",
-      traceId: "trace:tools:network:har",
-      arguments: {
-        sessionId: "session:tools",
-        targetId
-      }
-    });
-
-    expect(harExportResponse.ok).toBe(true);
-    expect(harExportResponse.data).toMatchObject({
-      driver: "managed",
-      targetId,
-      har: {
-        log: {
-          entries: []
-        }
-      }
-    });
-
-    const networkResponse = await sendToolRequest(input, output, {
-      id: "request-network",
-      name: "browser.network.responseBody",
-      traceId: "trace:tools:network",
-      arguments: {
-        sessionId: "session:tools",
-        targetId,
-        requestId: "request-42"
-      }
-    });
-
-    expect(networkResponse.ok).toBe(true);
-    expect(networkResponse.data).toEqual({
-      driver: "managed",
-      targetId,
-      requestId: "request-42",
-      body: "",
-      encoding: "utf8"
-    });
-
-    const traceResponse = await sendToolRequest(input, output, {
-      id: "request-trace-get",
-      name: "browser.trace.get",
-      traceId: "trace:tools:trace",
-      arguments: {
-        sessionId: "session:tools",
-        limit: 50
-      }
-    });
-
-    expect(traceResponse.ok).toBe(true);
-    expect(traceResponse.data).toMatchObject({
-      sessionId: "session:tools"
-    });
-    const tracePayload = traceResponse.data as {
-      steps?: Array<{ tool?: string }>;
-      keyResponses?: Array<{ kind?: string }>;
-    };
-    expect(Array.isArray(tracePayload.steps)).toBe(true);
-    expect(tracePayload.steps?.some((step) => step.tool === "browser.console.list")).toBe(true);
-    expect(Array.isArray(tracePayload.keyResponses)).toBe(true);
-    expect(tracePayload.keyResponses?.some((event) => event.kind === "network.list")).toBe(true);
-
-    const screenshotResponse = await sendToolRequest(input, output, {
-      id: "request-screenshot",
-      name: "browser.screenshot",
-      traceId: "trace:tools:screenshot",
-      arguments: {
-        sessionId: "session:tools",
-        targetId
-      }
-    });
-
-    expect(screenshotResponse.ok).toBe(false);
-    expect(screenshotResponse.error).toMatchObject({
-      code: "E_DRIVER_UNAVAILABLE"
-    });
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("enforces domain allowlist for tab.open", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_DEFAULT_DRIVER: "managed",
-        BROWSERD_DOMAIN_ALLOWLIST_MODE: "enforce",
-        BROWSERD_DOMAIN_ALLOWLIST: "example.com,*.corp.local"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const allowed = await sendToolRequest(input, output, {
-      id: "request-domain-allowed",
-      name: "browser.tab.open",
-      traceId: "trace:domain:allowed",
-      arguments: {
-        sessionId: "finance:domain-allowed",
-        url: "https://example.com/home"
-      }
-    });
-
-    expect(allowed.ok).toBe(true);
-
-    const blocked = await sendToolRequest(input, output, {
-      id: "request-domain-blocked",
-      name: "browser.tab.open",
-      traceId: "trace:domain:blocked",
-      arguments: {
-        sessionId: "finance:domain-blocked",
-        url: "https://evil.test/home"
-      }
-    });
-
-    expect(blocked.ok).toBe(false);
-    expect(blocked.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("enforces domain allowlist for act navigate/goto", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_DEFAULT_DRIVER: "managed",
-        BROWSERD_DOMAIN_ALLOWLIST_MODE: "enforce",
-        BROWSERD_DOMAIN_ALLOWLIST: "example.com"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const openResponse = await sendToolRequest(input, output, {
-      id: "request-domain-act-open",
-      name: "browser.tab.open",
-      traceId: "trace:domain:act:open",
-      arguments: {
-        sessionId: "finance:domain-act",
-        url: "https://example.com"
-      }
-    });
-    const targetId = (openResponse.data as { targetId: string }).targetId;
-
-    const actResponse = await sendToolRequest(input, output, {
-      id: "request-domain-act-blocked",
-      name: "browser.act",
-      traceId: "trace:domain:act:blocked",
-      arguments: {
-        sessionId: "finance:domain-act",
-        targetId,
-        action: {
-          type: "navigate",
-          payload: {
-            url: "https://unauthorized.example.net"
-          }
-        }
-      }
-    });
-
-    expect(actResponse.ok).toBe(false);
-    expect(actResponse.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("enforces max total session limit", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_DEFAULT_DRIVER: "managed",
-        BROWSERD_SESSION_MAX_TOTAL: "1"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const first = await sendToolRequest(input, output, {
-      id: "request-session-limit-first",
-      name: "browser.status",
-      traceId: "trace:session-limit:first",
-      arguments: {
-        sessionId: "team-a:first"
-      }
-    });
-    expect(first.ok).toBe(true);
-
-    const second = await sendToolRequest(input, output, {
-      id: "request-session-limit-second",
-      name: "browser.status",
-      traceId: "trace:session-limit:second",
-      arguments: {
-        sessionId: "team-b:second"
-      }
-    });
-    expect(second.ok).toBe(false);
-    expect(second.error).toMatchObject({
-      code: "E_CONFLICT"
-    });
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("enforces tenant prefix, allowlist, and per-tenant session limit", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_DEFAULT_DRIVER: "managed",
-        BROWSERD_SESSION_REQUIRE_TENANT_PREFIX: "true",
-        BROWSERD_TENANT_ALLOWLIST: "finance,ops",
-        BROWSERD_SESSION_MAX_TOTAL: "10",
-        BROWSERD_SESSION_MAX_PER_TENANT: "1"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const missingTenant = await sendToolRequest(input, output, {
-      id: "request-tenant-missing",
-      name: "browser.status",
-      traceId: "trace:tenant:missing",
-      arguments: {
-        sessionId: "missingTenant"
-      }
-    });
-    expect(missingTenant.ok).toBe(false);
-    expect(missingTenant.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-
-    const disallowedTenant = await sendToolRequest(input, output, {
-      id: "request-tenant-disallowed",
-      name: "browser.status",
-      traceId: "trace:tenant:disallowed",
-      arguments: {
-        sessionId: "personal:task-1"
-      }
-    });
-    expect(disallowedTenant.ok).toBe(false);
-    expect(disallowedTenant.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-
-    const financeFirst = await sendToolRequest(input, output, {
-      id: "request-tenant-finance-first",
-      name: "browser.status",
-      traceId: "trace:tenant:finance:first",
-      arguments: {
-        sessionId: "finance:task-1"
-      }
-    });
-    expect(financeFirst.ok).toBe(true);
-
-    const financeSecond = await sendToolRequest(input, output, {
-      id: "request-tenant-finance-second",
-      name: "browser.status",
-      traceId: "trace:tenant:finance:second",
-      arguments: {
-        sessionId: "finance:task-2"
-      }
-    });
-    expect(financeSecond.ok).toBe(false);
-    expect(financeSecond.error).toMatchObject({
-      code: "E_CONFLICT"
-    });
-
-    const opsFirst = await sendToolRequest(input, output, {
-      id: "request-tenant-ops-first",
-      name: "browser.status",
-      traceId: "trace:tenant:ops:first",
-      arguments: {
-        sessionId: "ops:task-1"
-      }
-    });
-    expect(opsFirst.ok).toBe(true);
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("supports session-list and session-drop governance tools", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({
-      env: createTestEnv({
-        BROWSERD_DEFAULT_DRIVER: "managed"
-      }),
-      input,
-      output,
-      stdioProtocol: "legacy"
-    });
-
-    const financeStatus = await sendToolRequest(input, output, {
-      id: "request-session-governance-finance",
-      name: "browser.status",
-      traceId: "trace:session-governance:finance",
-      arguments: {
-        sessionId: "finance:task-1"
-      }
-    });
-    expect(financeStatus.ok).toBe(true);
-
-    const opsStatus = await sendToolRequest(input, output, {
-      id: "request-session-governance-ops",
-      name: "browser.status",
-      traceId: "trace:session-governance:ops",
-      arguments: {
-        sessionId: "ops:task-1"
-      }
-    });
-    expect(opsStatus.ok).toBe(true);
-
-    const listBeforeDrop = await sendToolRequest(input, output, {
-      id: "request-session-list-before",
-      name: "browser.session.list",
-      traceId: "trace:session-governance:list:before",
-      arguments: {
-        sessionId: "finance:task-1",
-        limit: 20
-      }
-    });
-    expect(listBeforeDrop.ok).toBe(true);
-    const listPayloadBeforeDrop = listBeforeDrop.data as { sessions: Array<{ sessionId: string }> };
-    expect(Array.isArray(listPayloadBeforeDrop.sessions)).toBe(true);
-    expect(listPayloadBeforeDrop.sessions.some((entry) => entry.sessionId === "ops:task-1")).toBe(true);
-
-    const dropResponse = await sendToolRequest(input, output, {
-      id: "request-session-drop",
-      name: "browser.session.drop",
-      traceId: "trace:session-governance:drop",
-      arguments: {
-        sessionId: "finance:task-1",
-        sessionIdToDelete: "ops:task-1"
-      }
-    });
-    expect(dropResponse.ok).toBe(false);
-    expect(dropResponse.error).toMatchObject({
-      code: "E_PERMISSION"
-    });
-
-    const listAfterDrop = await sendToolRequest(input, output, {
-      id: "request-session-list-after",
-      name: "browser.session.list",
-      traceId: "trace:session-governance:list:after",
-      arguments: {
-        sessionId: "finance:task-1",
-        limit: 20
-      }
-    });
-    expect(listAfterDrop.ok).toBe(true);
-    const listPayloadAfterDrop = listAfterDrop.data as { sessions: Array<{ sessionId: string }> };
-    expect(listPayloadAfterDrop.sessions.some((entry) => entry.sessionId === "ops:task-1")).toBe(true);
-
-    const selfDropResponse = await sendToolRequest(input, output, {
-      id: "request-session-drop-self",
-      name: "browser.session.drop",
-      traceId: "trace:session-governance:drop:self",
-      arguments: {
-        sessionId: "finance:task-1",
-        sessionIdToDelete: "finance:task-1"
-      }
-    });
-    expect(selfDropResponse.ok).toBe(true);
-    expect(selfDropResponse.data).toMatchObject({
-      sessionIdToDelete: "finance:task-1",
-      dropped: true
-    });
-
-    const listAfterSelfDrop = await sendToolRequest(input, output, {
-      id: "request-session-list-after-self-drop",
-      name: "browser.session.list",
-      traceId: "trace:session-governance:list:after:self",
-      arguments: {
-        sessionId: "ops:task-1",
-        limit: 20
-      }
-    });
-    expect(listAfterSelfDrop.ok).toBe(true);
-    const listPayloadAfterSelfDrop = listAfterSelfDrop.data as {
-      sessions: Array<{ sessionId: string }>;
-    };
-    expect(listPayloadAfterSelfDrop.sessions.some((entry) => entry.sessionId === "finance:task-1")).toBe(false);
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-
-  it("preserves id and trace/session metadata when queue-level error handling runs", async () => {
-    const input = new PassThrough();
-    const output = new PassThrough();
-    const runtime = bootstrapBrowserd({ env: createTestEnv(), input, output, stdioProtocol: "legacy" });
-
-    const originalWrite = output.write.bind(output);
-    let shouldThrow = true;
-    (output as unknown as { write: (chunk: string | Buffer) => boolean }).write = (
-      chunk: string | Buffer
-    ) => {
-      if (shouldThrow) {
-        shouldThrow = false;
-        throw new Error("simulated output failure");
-      }
-
-      return originalWrite(chunk);
-    };
-
-    const responsePromise = waitForNextJsonLine(output);
-    input.write(
-      `${JSON.stringify({
-        id: "request-failure",
-        name: "browser.status",
-        traceId: "trace:failure",
-        arguments: {
-          sessionId: "session:failure"
-        }
-      })}\n`
-    );
-
-    const response = await responsePromise;
-
-    expect(response.id).toBe("request-failure");
-    expect(response.ok).toBe(false);
-    expect(response.traceId).toBe("trace:failure");
-    expect(response.sessionId).toBe("session:failure");
-    expect(response.error).toEqual({
-      code: "E_INVALID_ARG",
-      message: "simulated output failure"
-    });
-
-    runtime.close();
-    input.end();
-    output.end();
-  });
-});