@geometra/mcp 1.36.0 → 1.37.0

package/dist/__tests__/session-isolation.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/session-isolation.test.js

@@ -0,0 +1,159 @@
+/**
+ * Integration test for `connectThroughProxy({ isolated: true })`.
+ *
+ * Setup: a tiny HTTP server serves an HTML page that, on first visit, writes
+ * a path-tagged marker to `localStorage` if one isn't already set, then
+ * renders the marker text into an `<h1>`. The marker is therefore set ONCE
+ * per browser instance, regardless of how many navigations happen.
+ *
+ * Two scenarios verify the isolated flag's behavior:
+ *
+ * 1. **Pooled (default)**: connect to `/page-a`, disconnect (the proxy
+ *    enters the reusable pool), then connect to `/page-b`. The second
+ *    connect attaches to the same pooled proxy, which navigates the
+ *    existing Chromium from /page-a to /page-b — but the browser's
+ *    localStorage still has `marker-from-/page-a`, so the second session
+ *    SEES THE FIRST SESSION'S MARKER. This documents the contamination
+ *    that breaks parallel form submission against real apply flows.
+ *
+ * 2. **Isolated**: same connect/disconnect/connect sequence, but with
+ *    `isolated: true`. Each connect spawns a brand-new Chromium with
+ *    empty storage, so the second session sees its own marker, not the
+ *    first's. This is the fix.
+ *
+ * The point of having both cases in one test file is so that future edits
+ * to the pool code can't quietly break the isolation guarantee — both
+ * paths run end-to-end against real Chromium and assert on the actual
+ * post-navigation a11y tree the MCP would expose to a tool call.
+ */
+import { afterEach, beforeAll, describe, expect, it } from 'vitest';
+import http from 'node:http';
+import { buildA11yTree, connectThroughProxy, disconnect } from '../session.js';
+const PAGE_HTML = `<!doctype html>
+<html>
+  <head><title>isolation-fixture</title></head>
+  <body>
+    <h1 id="marker"></h1>
+    <script>
+      const stored = localStorage.getItem('isolation-marker')
+      if (!stored) {
+        // First visit in this browser instance — set a path-tagged marker.
+        localStorage.setItem('isolation-marker', 'marker-from-' + location.pathname)
+      }
+      document.getElementById('marker').textContent =
+        localStorage.getItem('isolation-marker') || 'marker-missing'
+    </script>
+  </body>
+</html>`;
+let baseUrl;
+let server;
+function findHeadingText(node) {
+    if (!node)
+        return undefined;
+    if (node.role === 'heading') {
+        const name = (node.name ?? '').trim();
+        if (name)
+            return name;
+    }
+    for (const child of node.children ?? []) {
+        const found = findHeadingText(child);
+        if (found)
+            return found;
+    }
+    return undefined;
+}
+function currentA11y(session) {
+    if (!session.tree || !session.layout)
+        return null;
+    return buildA11yTree(session.tree, session.layout);
+}
+async function waitForMarkerText(session, expectedPrefix, timeoutMs = 6_000) {
+    const deadline = Date.now() + timeoutMs;
+    while (Date.now() < deadline) {
+        const text = findHeadingText(currentA11y(session));
+        if (text && text.startsWith(expectedPrefix))
+            return text;
+        await new Promise(r => setTimeout(r, 100));
+    }
+    throw new Error(`Timed out waiting for heading text starting with "${expectedPrefix}". ` +
+        `Last seen: ${JSON.stringify(findHeadingText(currentA11y(session)) ?? null)}`);
+}
+describe('connectThroughProxy({ isolated: true })', () => {
+    beforeAll(async () => {
+        server = http.createServer((req, res) => {
+            const url = req.url ?? '/';
+            if (url === '/page-a' || url === '/page-b') {
+                res.writeHead(200, { 'content-type': 'text/html; charset=utf-8' });
+                res.end(PAGE_HTML);
+                return;
+            }
+            res.writeHead(404);
+            res.end();
+        });
+        await new Promise((resolve, reject) => {
+            server.once('error', reject);
+            server.listen(0, '127.0.0.1', () => resolve());
+        });
+        const address = server.address();
+        baseUrl = `http://127.0.0.1:${address.port}`;
+    });
+    afterEach(() => {
+        // Force-close everything so the next test starts with no pooled proxies.
+        disconnect({ closeProxy: true });
+    });
+    it('isolated sessions get independent localStorage between connects', async () => {
+        // First isolated session against /page-a.
+        const sessionA = await connectThroughProxy({
+            pageUrl: `${baseUrl}/page-a`,
+            headless: true,
+            isolated: true,
+        });
+        expect(sessionA.isolated).toBe(true);
+        const markerA = await waitForMarkerText(sessionA, 'marker-from-');
+        expect(markerA).toBe('marker-from-/page-a');
+        // Disconnect — because the session is isolated, this MUST destroy the
+        // underlying Chromium. The next connect cannot attach to it.
+        disconnect({ sessionId: sessionA.id });
+        // Second isolated session against /page-b. Because each isolated
+        // session gets its own brand-new Chromium, /page-b's first-visit
+        // script runs against an empty localStorage and writes its own marker.
+        const sessionB = await connectThroughProxy({
+            pageUrl: `${baseUrl}/page-b`,
+            headless: true,
+            isolated: true,
+        });
+        expect(sessionB.isolated).toBe(true);
+        const markerB = await waitForMarkerText(sessionB, 'marker-from-');
+        // Critical assertion: sessionB does NOT see sessionA's marker.
+        expect(markerB).toBe('marker-from-/page-b');
+        expect(markerB).not.toBe(markerA);
+        disconnect({ sessionId: sessionB.id });
+    }, 30_000);
+    it('pooled (default) sessions DO leak localStorage — documents the bug isolated fixes', async () => {
+        // First pooled session against /page-a. The proxy will be eligible
+        // for reuse after disconnect.
+        const sessionA = await connectThroughProxy({
+            pageUrl: `${baseUrl}/page-a`,
+            headless: true,
+            // isolated: false (default)
+        });
+        expect(sessionA.isolated).toBeFalsy();
+        const markerA = await waitForMarkerText(sessionA, 'marker-from-');
+        expect(markerA).toBe('marker-from-/page-a');
+        // Disconnect WITHOUT closing the proxy — leaves it in the reusable pool.
+        disconnect({ sessionId: sessionA.id, closeProxy: false });
+        // Second pooled session against a *different* URL. The pool will
+        // attach the existing Chromium and navigate it to /page-b, but the
+        // browser still has /page-a's localStorage, so /page-b's first-visit
+        // script sees the existing marker and doesn't overwrite it.
+        const sessionB = await connectThroughProxy({
+            pageUrl: `${baseUrl}/page-b`,
+            headless: true,
+        });
+        const markerB = await waitForMarkerText(sessionB, 'marker-from-');
+        // Documents the contamination: the second session sees the first
+        // session's marker because they share a browser via the pool.
+        expect(markerB).toBe('marker-from-/page-a');
+        disconnect({ sessionId: sessionB.id, closeProxy: true });
+    }, 30_000);
+});

package/dist/server.js

@@ -296,7 +296,9 @@ export function createServer() {
 
 Use \`url\` (ws://…) only when a Geometra/native server or an already-running proxy is listening. If you accidentally pass \`https://…\` in \`url\`, MCP treats it like \`pageUrl\` and starts the proxy for you.
 
-Chromium opens **visible** by default unless \`headless: true\`. File upload / wheel / native \`<select>\` need the proxy path (\`pageUrl\` or ws to proxy). Set \`returnForms: true\` and/or \`returnPageModel: true\` when you want a lower-turn startup response. When connect first-response latency matters more than inlining the page model, pair \`returnPageModel: true\` with \`pageModelMode: "deferred"\` and call \`geometra_page_model\` next.`, {
+Chromium opens **visible** by default unless \`headless: true\`. File upload / wheel / native \`<select>\` need the proxy path (\`pageUrl\` or ws to proxy). Set \`returnForms: true\` and/or \`returnPageModel: true\` when you want a lower-turn startup response. When connect first-response latency matters more than inlining the page model, pair \`returnPageModel: true\` with \`pageModelMode: "deferred"\` and call \`geometra_page_model\` next.
+
+**Parallelism:** by default, geometra MCP pools and reuses Chromium instances across sessions for speed. That pooling is safe for read-only exploration, but it shares localStorage / cookies / page state across whichever sessions land on the same proxy — which means **two parallel form-submission flows can contaminate each other** (one job's email/autocomplete state leaks into another, or worse, two agents end up driving the same browser tab). For parallel apply / form submission, pass \`isolated: true\`. Each isolated session gets its own brand-new Chromium that is destroyed on disconnect, never enters the pool, and is guaranteed independent of every other session. The cost is ~1–2s of extra startup vs the ~50ms reusable-proxy attach.`, {
         url: z
             .string()
             .optional()
@@ -326,6 +328,11 @@ Chromium opens **visible** by default unless \`headless: true\`. File upload / w
             .nonnegative()
             .optional()
             .describe('Playwright slowMo (ms) on spawned proxy for easier visual following.'),
+        isolated: z
+            .boolean()
+            .optional()
+            .default(false)
+            .describe('When true, bypass the reusable proxy pool and spawn a brand-new Chromium for this session that is destroyed on disconnect. Required for safe parallel form submission — without this, two parallel sessions can land on the same pooled proxy and contaminate each other. Default false (use the pool for speed).'),
         returnForms: z
             .boolean()
             .optional()
@@ -380,6 +387,7 @@ Chromium opens **visible** by default unless \`headless: true\`. File upload / w
                     width: input.width,
                     height: input.height,
                     slowMo: input.slowMo,
+                    isolated: input.isolated,
                     awaitInitialFrame: deferInlinePageModel ? false : undefined,
                     eagerInitialExtract: deferInlinePageModel ? true : undefined,
                 });
@@ -837,9 +845,14 @@ Pass \`valuesById\` with field ids from \`geometra_form_schema\` for the most st
             .optional()
             .default(false)
             .describe('Skip fields that already contain a matching value. Avoids overwriting good data from resume parsing or previous fills.'),
+        isolated: z
+            .boolean()
+            .optional()
+            .default(false)
+            .describe('When auto-connecting via pageUrl/url, request an isolated proxy (own brand-new Chromium, destroyed on disconnect). Required for safe parallel form submission. See geometra_connect for details. Ignored when reusing an existing sessionId — set isolated on the original geometra_connect for that case.'),
         detail: detailInput(),
         sessionId: sessionIdInput,
-    }, async ({ url, pageUrl, port, headless, width, height, slowMo, formId, valuesById, valuesByLabel, stopOnError, failOnInvalid, includeSteps, resumeFromIndex, verifyFills, skipPreFilled, detail, sessionId }) => {
+    }, async ({ url, pageUrl, port, headless, width, height, slowMo, formId, valuesById, valuesByLabel, stopOnError, failOnInvalid, includeSteps, resumeFromIndex, verifyFills, skipPreFilled, isolated, detail, sessionId }) => {
         const directFields = !includeSteps && !formId && Object.keys(valuesById ?? {}).length === 0
             ? directLabelBatchFields(valuesByLabel)
             : null;
@@ -852,6 +865,7 @@ Pass \`valuesById\` with field ids from \`geometra_form_schema\` for the most st
             width,
             height,
             slowMo,
+            isolated,
             awaitInitialFrame: directFields ? false : undefined,
         }, 'Not connected. Call geometra_connect first, or pass pageUrl/url to geometra_fill_form.');
         if (!resolved.ok)
@@ -1103,6 +1117,11 @@ Supported step types: \`click\`, \`type\`, \`key\`, \`upload_files\`, \`pick_lis
         width: z.number().int().positive().optional().describe('Viewport width for auto-connected sessions.'),
         height: z.number().int().positive().optional().describe('Viewport height for auto-connected sessions.'),
         slowMo: z.number().int().nonnegative().optional().describe('Playwright slowMo (ms) when auto-spawning a proxy.'),
+        isolated: z
+            .boolean()
+            .optional()
+            .default(false)
+            .describe('When auto-connecting via pageUrl/url, request an isolated proxy. See geometra_connect for details.'),
         actions: z.array(batchActionSchema).min(1).max(80).describe('Ordered high-level action steps to run sequentially'),
         stopOnError: z.boolean().optional().default(true).describe('Stop at the first failing step (default true)'),
         includeSteps: z
@@ -1113,7 +1132,7 @@ Supported step types: \`click\`, \`type\`, \`key\`, \`upload_files\`, \`pick_lis
         output: z.enum(['full', 'final']).optional().default('full').describe('`full` (default) returns counts and optional step listings. `final` keeps only completion state plus final semantic signals.'),
         detail: detailInput(),
         sessionId: sessionIdInput,
-    }, async ({ url, pageUrl, port, headless, width, height, slowMo, actions, stopOnError, includeSteps, output, detail, sessionId }) => {
+    }, async ({ url, pageUrl, port, headless, width, height, slowMo, isolated, actions, stopOnError, includeSteps, output, detail, sessionId }) => {
         const resolved = await ensureToolSession({
             sessionId,
             url,
@@ -1123,6 +1142,7 @@ Supported step types: \`click\`, \`type\`, \`key\`, \`upload_files\`, \`pick_lis
             width,
             height,
             slowMo,
+            isolated,
             awaitInitialFrame: canDeferInitialFrameForRunActions(actions) ? false : undefined,
         }, 'Not connected. Call geometra_connect first, or pass pageUrl/url to geometra_run_actions.');
         if (!resolved.ok)
@@ -1262,6 +1282,11 @@ Unlike geometra_expand_section, this collapses repeated radio/button groups into
         width: z.number().int().positive().optional().describe('Viewport width for auto-connected sessions.'),
         height: z.number().int().positive().optional().describe('Viewport height for auto-connected sessions.'),
         slowMo: z.number().int().nonnegative().optional().describe('Playwright slowMo (ms) when auto-spawning a proxy.'),
+        isolated: z
+            .boolean()
+            .optional()
+            .default(false)
+            .describe('When auto-connecting via pageUrl/url, request an isolated proxy. See geometra_connect for details.'),
         formId: z.string().optional().describe('Optional form id from geometra_page_model. If omitted, returns every form schema on the page.'),
         maxFields: z.number().int().min(1).max(120).optional().default(80).describe('Cap returned fields per form'),
         onlyRequiredFields: z.boolean().optional().default(false).describe('Only include required fields'),
@@ -1271,8 +1296,8 @@ Unlike geometra_expand_section, this collapses repeated radio/button groups into
         sinceSchemaId: z.string().optional().describe('If the current schema matches this id, return changed=false without resending forms'),
         format: formSchemaFormatInput(),
         sessionId: sessionIdInput,
-    }, async ({ url, pageUrl, port, headless, width, height, slowMo, formId, maxFields, onlyRequiredFields, onlyInvalidFields, includeOptions, includeContext, sinceSchemaId, format, sessionId }) => {
-        const resolved = await ensureToolSession({ sessionId, url, pageUrl, port, headless, width, height, slowMo }, 'Not connected. Call geometra_connect first, or pass pageUrl/url to geometra_form_schema.');
+    }, async ({ url, pageUrl, port, headless, width, height, slowMo, isolated, formId, maxFields, onlyRequiredFields, onlyInvalidFields, includeOptions, includeContext, sinceSchemaId, format, sessionId }) => {
+        const resolved = await ensureToolSession({ sessionId, url, pageUrl, port, headless, width, height, slowMo, isolated }, 'Not connected. Call geometra_connect first, or pass pageUrl/url to geometra_form_schema.');
         if (!resolved.ok)
             return err(resolved.error);
         const session = resolved.session;
@@ -2235,6 +2260,7 @@ async function ensureToolSession(target, missingConnectionMessage = 'Not connect
                 height: target.height,
                 slowMo: target.slowMo,
                 awaitInitialFrame: target.awaitInitialFrame,
+                isolated: target.isolated,
             });
             return {
                 ok: true,

package/dist/session.d.ts

@@ -390,6 +390,15 @@ export interface Session {
     proxyChild?: ChildProcess;
     proxyRuntime?: EmbeddedProxyRuntime;
     proxyReusable?: boolean;
+    /**
+     * True when this session was started with `isolated: true`. Isolated sessions
+     * never enter the reusable proxy pool — they always spawn a fresh Chromium
+     * and the proxy is destroyed on disconnect rather than pooled. This gives
+     * each parallel agent its own independent localStorage / cookies / page
+     * state, which is the only safe configuration for parallel form submission
+     * (see the v1.37.0 release notes for the JobForge bug-report context).
+     */
+    isolated?: boolean;
     connectTrace?: SessionConnectTrace;
     cachedA11y?: A11yNode | null;
     cachedA11yRevision?: number;
@@ -493,6 +502,15 @@ export declare function connectThroughProxy(options: {
     slowMo?: number;
     awaitInitialFrame?: boolean;
     eagerInitialExtract?: boolean;
+    /**
+     * When true, bypass the reusable proxy pool entirely and always spawn a
+     * fresh Chromium for this session. The session is tagged isolated, never
+     * entered into the pool on disconnect, and its underlying browser is
+     * destroyed when the session disconnects. Use for parallel form
+     * submission so localStorage / cookies / page state from one job cannot
+     * leak into another. Default false preserves the existing pool behavior.
+     */
+    isolated?: boolean;
 }): Promise<Session>;
 export declare function getSession(id?: string): Session | null;
 export declare function listSessions(): Array<{

package/dist/session.js

@@ -212,8 +212,14 @@ function shutdownSession(id, opts) {
     catch {
         /* ignore */
     }
+    // Isolated sessions always destroy their proxy on disconnect — they
+    // never went into the reusable pool in the first place, and leaking
+    // the underlying browser would defeat the entire point of the
+    // isolation flag (the next non-isolated connect could attach to a
+    // proxy with stale storage from this session's job).
+    const forceCloseProxy = prev.isolated === true;
     if (prev.proxyChild) {
-        const shouldKeepProxy = prev.proxyReusable && opts?.closeProxy === false;
+        const shouldKeepProxy = !forceCloseProxy && prev.proxyReusable && opts?.closeProxy === false;
         rememberReusableProxyPageUrl(prev);
         if (shouldKeepProxy) {
             const entry = reusableProxyEntryForSession(prev);
@@ -235,7 +241,7 @@ function shutdownSession(id, opts) {
         return;
     }
     if (prev.proxyRuntime) {
-        const shouldKeepProxy = prev.proxyReusable && opts?.closeProxy === false;
+        const shouldKeepProxy = !forceCloseProxy && prev.proxyReusable && opts?.closeProxy === false;
         rememberReusableProxyPageUrl(prev);
         if (shouldKeepProxy) {
             const entry = reusableProxyEntryForSession(prev);
@@ -472,15 +478,20 @@ async function startFreshProxySession(options) {
             awaitInitialFrame: options.awaitInitialFrame,
         });
         session.proxyRuntime = runtime;
-        session.proxyReusable = true;
-        setReusableProxy({ runtime }, wsUrl, {
-            headless: options.headless,
-            slowMo: options.slowMo,
-            width: options.width,
-            height: options.height,
-            pageUrl: options.pageUrl,
-            snapshotReady: Boolean(session.tree && session.layout),
-        });
+        session.proxyReusable = !options.isolated;
+        if (options.isolated) {
+            session.isolated = true;
+        }
+        else {
+            setReusableProxy({ runtime }, wsUrl, {
+                headless: options.headless,
+                slowMo: options.slowMo,
+                width: options.width,
+                height: options.height,
+                pageUrl: options.pageUrl,
+                snapshotReady: Boolean(session.tree && session.layout),
+            });
+        }
         const baseConnectTrace = session.connectTrace;
         session.connectTrace = {
             mode: 'fresh-proxy',
@@ -515,15 +526,20 @@ async function startFreshProxySession(options) {
                 awaitInitialFrame: options.awaitInitialFrame,
             });
             session.proxyChild = child;
-            session.proxyReusable = true;
-            setReusableProxy({ child }, wsUrl, {
-                headless: options.headless,
-                slowMo: options.slowMo,
-                width: options.width,
-                height: options.height,
-                pageUrl: options.pageUrl,
-                snapshotReady: Boolean(session.tree && session.layout),
-            });
+            session.proxyReusable = !options.isolated;
+            if (options.isolated) {
+                session.isolated = true;
+            }
+            else {
+                setReusableProxy({ child }, wsUrl, {
+                    headless: options.headless,
+                    slowMo: options.slowMo,
+                    width: options.width,
+                    height: options.height,
+                    pageUrl: options.pageUrl,
+                    snapshotReady: Boolean(session.tree && session.layout),
+                });
+            }
             const baseConnectTrace = session.connectTrace;
             session.connectTrace = {
                 mode: 'fresh-proxy',
@@ -697,6 +713,13 @@ export function connect(url, opts) {
  */
 export async function connectThroughProxy(options) {
     clearReusableProxiesIfExited();
+    // Isolated sessions skip the pool entirely. They always get their own
+    // brand-new Chromium and never reuse a proxy from a prior call. The
+    // tag flows down so startFreshProxySession knows to keep this proxy out
+    // of the pool on success and so shutdownSession knows to force-close it.
+    if (options.isolated) {
+        return await startFreshProxySession({ ...options, isolated: true });
+    }
     let reuseFailure;
     const reusableProxy = findReusableProxy(options);
     if (reusableProxy) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@geometra/mcp",
-  "version": "1.36.0",
+  "version": "1.37.0",
   "description": "MCP server for Geometra — interact with running Geometra apps via the geometry protocol, no browser needed",
   "license": "MIT",
   "type": "module",