@jackwener/opencli 0.5.1 → 0.6.0

package/dist/synthesize.js

@@ -5,11 +5,11 @@
 import * as fs from 'node:fs';
 import * as path from 'node:path';
 import yaml from 'js-yaml';
-/** Volatile params to strip from generated URLs */
-const VOLATILE_PARAMS = new Set(['w_rid', 'wts', 'callback', '_', 'timestamp', 't', 'nonce', 'sign']);
-const SEARCH_PARAM_NAMES = new Set(['q', 'query', 'keyword', 'search', 'wd', 'kw', 'w', 'search_query']);
-const LIMIT_PARAM_NAMES = new Set(['ps', 'page_size', 'limit', 'count', 'per_page', 'size', 'num']);
-const PAGE_PARAM_NAMES = new Set(['pn', 'page', 'page_num', 'offset', 'cursor']);
+import { VOLATILE_PARAMS, SEARCH_PARAMS, LIMIT_PARAMS, PAGINATION_PARAMS } from './constants.js';
+/** Renamed aliases for backward compatibility with local references */
+const SEARCH_PARAM_NAMES = SEARCH_PARAMS;
+const LIMIT_PARAM_NAMES = LIMIT_PARAMS;
+const PAGE_PARAM_NAMES = PAGINATION_PARAMS;
 export function synthesizeFromExplore(target, opts = {}) {
     const exploreDir = resolveExploreDir(target);
     const bundle = loadExploreBundle(exploreDir);

package/dist/tui.d.ts

@@ -0,0 +1,22 @@
+export interface CheckboxItem {
+    label: string;
+    value: string;
+    checked: boolean;
+    /** Optional status to display after the label */
+    status?: string;
+    statusColor?: 'green' | 'yellow' | 'red' | 'dim';
+}
+/**
+ * Interactive multi-select checkbox prompt.
+ *
+ * Controls:
+ *   ↑/↓ or j/k  — navigate
+ *   Space        — toggle selection
+ *   a            — toggle all
+ *   Enter        — confirm
+ *   q/Esc        — cancel (returns empty)
+ */
+export declare function checkboxPrompt(items: CheckboxItem[], opts?: {
+    title?: string;
+    hint?: string;
+}): Promise<string[]>;

package/dist/tui.js

@@ -0,0 +1,139 @@
+/**
+ * tui.ts — Zero-dependency interactive TUI components
+ *
+ * Uses raw stdin mode + ANSI escape codes for interactive prompts.
+ */
+import chalk from 'chalk';
+/**
+ * Interactive multi-select checkbox prompt.
+ *
+ * Controls:
+ *   ↑/↓ or j/k  — navigate
+ *   Space        — toggle selection
+ *   a            — toggle all
+ *   Enter        — confirm
+ *   q/Esc        — cancel (returns empty)
+ */
+export async function checkboxPrompt(items, opts = {}) {
+    if (items.length === 0)
+        return [];
+    const { stdin, stdout } = process;
+    if (!stdin.isTTY) {
+        // Non-interactive: return all checked items
+        return items.filter(i => i.checked).map(i => i.value);
+    }
+    let cursor = 0;
+    const state = items.map(i => ({ ...i }));
+    function colorStatus(status, color) {
+        if (!status)
+            return '';
+        switch (color) {
+            case 'green': return chalk.green(status);
+            case 'yellow': return chalk.yellow(status);
+            case 'red': return chalk.red(status);
+            case 'dim': return chalk.dim(status);
+            default: return chalk.dim(status);
+        }
+    }
+    function render() {
+        // Move cursor to start and clear
+        let out = '';
+        if (opts.title) {
+            out += `\n${chalk.bold(opts.title)}\n\n`;
+        }
+        for (let i = 0; i < state.length; i++) {
+            const item = state[i];
+            const pointer = i === cursor ? chalk.cyan('❯') : ' ';
+            const checkbox = item.checked ? chalk.green('◉') : chalk.dim('○');
+            const label = i === cursor ? chalk.bold(item.label) : item.label;
+            const status = colorStatus(item.status, item.statusColor);
+            out += `  ${pointer} ${checkbox} ${label}${status ? `  ${status}` : ''}\n`;
+        }
+        out += `\n  ${chalk.dim('↑↓ navigate  ·  Space toggle  ·  a all  ·  Enter confirm  ·  q cancel')}\n`;
+        return out;
+    }
+    return new Promise((resolve) => {
+        const wasRaw = stdin.isRaw;
+        stdin.setRawMode(true);
+        stdin.resume();
+        stdout.write('\x1b[?25l'); // Hide cursor
+        let firstDraw = true;
+        function draw() {
+            // Clear previous render (skip on first draw)
+            if (!firstDraw) {
+                const lines = render().split('\n').length;
+                stdout.write(`\x1b[${lines}A\x1b[J`);
+            }
+            firstDraw = false;
+            stdout.write(render());
+        }
+        function cleanup() {
+            stdin.setRawMode(wasRaw ?? false);
+            stdin.pause();
+            stdin.removeListener('data', onData);
+            // Clear the TUI and restore cursor
+            const lines = render().split('\n').length;
+            stdout.write(`\x1b[${lines}A\x1b[J`);
+            stdout.write('\x1b[?25h'); // Show cursor
+        }
+        function onData(data) {
+            const key = data.toString();
+            // Arrow up / k
+            if (key === '\x1b[A' || key === 'k') {
+                cursor = (cursor - 1 + state.length) % state.length;
+                draw();
+                return;
+            }
+            // Arrow down / j
+            if (key === '\x1b[B' || key === 'j') {
+                cursor = (cursor + 1) % state.length;
+                draw();
+                return;
+            }
+            // Space — toggle
+            if (key === ' ') {
+                state[cursor].checked = !state[cursor].checked;
+                draw();
+                return;
+            }
+            // Tab — toggle and move down
+            if (key === '\t') {
+                state[cursor].checked = !state[cursor].checked;
+                cursor = (cursor + 1) % state.length;
+                draw();
+                return;
+            }
+            // 'a' — toggle all
+            if (key === 'a') {
+                const allChecked = state.every(i => i.checked);
+                for (const item of state)
+                    item.checked = !allChecked;
+                draw();
+                return;
+            }
+            // Enter — confirm
+            if (key === '\r' || key === '\n') {
+                cleanup();
+                const selected = state.filter(i => i.checked).map(i => i.value);
+                // Show summary
+                stdout.write(`  ${chalk.green('✓')} ${chalk.bold(`${selected.length} file(s) selected`)}\n\n`);
+                resolve(selected);
+                return;
+            }
+            // q / Esc — cancel
+            if (key === 'q' || key === '\x1b') {
+                cleanup();
+                stdout.write(`  ${chalk.yellow('✗')} ${chalk.dim('Cancelled')}\n\n`);
+                resolve([]);
+                return;
+            }
+            // Ctrl+C — exit process
+            if (key === '\x03') {
+                cleanup();
+                process.exit(130);
+            }
+        }
+        stdin.on('data', onData);
+        draw();
+    });
+}

package/dist/validate.js

@@ -2,6 +2,13 @@
 import * as fs from 'node:fs';
 import * as path from 'node:path';
 import yaml from 'js-yaml';
+/** All recognized pipeline step names */
+const KNOWN_STEP_NAMES = new Set([
+    'navigate', 'click', 'type', 'wait', 'press', 'snapshot', 'scroll',
+    'fetch', 'evaluate',
+    'select', 'map', 'filter', 'sort', 'limit',
+    'intercept', 'tap',
+]);
 export function validateClisWithTarget(dirs, target) {
     const results = [];
     let errors = 0;
@@ -52,6 +59,20 @@ function validateYamlFile(filePath) {
             errors.push('"columns" must be an array');
         if (def.args && typeof def.args !== 'object')
             errors.push('"args" must be an object');
+        // Validate pipeline step names (catch typos like 'navaigate')
+        if (Array.isArray(def.pipeline)) {
+            for (let i = 0; i < def.pipeline.length; i++) {
+                const step = def.pipeline[i];
+                if (step && typeof step === 'object') {
+                    const stepKeys = Object.keys(step);
+                    for (const key of stepKeys) {
+                        if (!KNOWN_STEP_NAMES.has(key)) {
+                            warnings.push(`Pipeline step ${i}: unknown step name "${key}" (did you mean one of: ${[...KNOWN_STEP_NAMES].join(', ')}?)`);
+                        }
+                    }
+                }
+            }
+        }
     }
     catch (e) {
         errors.push(`YAML parse error: ${e.message}`);

package/dist/verify.d.ts

@@ -1,2 +1,9 @@
+/**
+ * Verification: runs validation and optional smoke test.
+ *
+ * The smoke test is intentionally kept as a stub — full browser-based
+ * smoke testing requires a running browser session and is better suited
+ * to the `opencli test` command or CI pipelines.
+ */
 export declare function verifyClis(opts: any): Promise<any>;
 export declare function renderVerifyReport(report: any): string;

package/dist/verify.js

@@ -1,4 +1,10 @@
-/** Verification: validate + smoke. */
+/**
+ * Verification: runs validation and optional smoke test.
+ *
+ * The smoke test is intentionally kept as a stub — full browser-based
+ * smoke testing requires a running browser session and is better suited
+ * to the `opencli test` command or CI pipelines.
+ */
 import { validateClisWithTarget, renderValidationReport } from './validate.js';
 export async function verifyClis(opts) {
     const report = validateClisWithTarget([opts.builtinClis, opts.userClis], opts.target);

package/dist/version.d.ts

@@ -0,0 +1,4 @@
+/**
+ * Single source of truth for package version.
+ */
+export declare const PKG_VERSION: string;

package/dist/version.js

@@ -0,0 +1,16 @@
+/**
+ * Single source of truth for package version.
+ */
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import { fileURLToPath } from 'node:url';
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const pkgJsonPath = path.resolve(__dirname, '..', 'package.json');
+export const PKG_VERSION = (() => {
+    try {
+        return JSON.parse(fs.readFileSync(pkgJsonPath, 'utf-8')).version;
+    }
+    catch {
+        return '0.0.0';
+    }
+})();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jackwener/opencli",
-  "version": "0.5.1",
+  "version": "0.6.0",
   "publishConfig": {
     "access": "public"
   },

package/src/browser.test.ts

@@ -49,8 +49,27 @@ describe('browser helpers', () => {
     expect(__test__.appendLimited('12345', '67890', 8)).toBe('34567890');
   });
 
+  it('builds Playwright MCP args with kebab-case executable path', () => {
+    expect(__test__.buildMcpArgs({
+      mcpPath: '/tmp/cli.js',
+      executablePath: '/mnt/c/Program Files/Google/Chrome/Application/chrome.exe',
+    })).toEqual([
+      '/tmp/cli.js',
+      '--extension',
+      '--executable-path',
+      '/mnt/c/Program Files/Google/Chrome/Application/chrome.exe',
+    ]);
+
+    expect(__test__.buildMcpArgs({
+      mcpPath: '/tmp/cli.js',
+    })).toEqual([
+      '/tmp/cli.js',
+      '--extension',
+    ]);
+  });
+
   it('times out slow promises', async () => {
-    await expect(__test__.withTimeout(new Promise(() => {}), 10, 'timeout')).rejects.toThrow('timeout');
+    await expect(__test__.withTimeoutMs(new Promise(() => {}), 10, 'timeout')).rejects.toThrow('timeout');
   });
 });
 

package/src/browser.ts

@@ -10,10 +10,10 @@ import * as fs from 'node:fs';
 import * as os from 'node:os';
 import * as path from 'node:path';
 import { formatSnapshot } from './snapshotFormatter.js';
-
-// Read version from package.json (single source of truth)
-const __browser_dirname = path.dirname(fileURLToPath(import.meta.url));
-const PKG_VERSION = (() => { try { return JSON.parse(fs.readFileSync(path.resolve(__browser_dirname, '..', 'package.json'), 'utf-8')).version; } catch { return '0.0.0'; } })();
+import { PKG_VERSION } from './version.js';
+import { normalizeEvaluateSource } from './pipeline/template.js';
+import { generateInterceptorJs, generateReadInterceptedJs } from './interceptor.js';
+import { withTimeoutMs } from './runtime.js';
 
 const CONNECT_TIMEOUT = parseInt(process.env.OPENCLI_BROWSER_CONNECT_TIMEOUT ?? '30', 10);
 const STDERR_BUFFER_LIMIT = 16 * 1024;
@@ -158,23 +158,10 @@ export class Page implements IPage {
 
   async evaluate(js: string): Promise<any> {
     // Normalize IIFE format to function format expected by MCP browser_evaluate
-    const normalized = this.normalizeEval(js);
+    const normalized = normalizeEvaluateSource(js);
     return this.call('tools/call', { name: 'browser_evaluate', arguments: { function: normalized } });
   }
 
-  private normalizeEval(source: string): string {
-    const s = source.trim();
-    if (!s) return '() => undefined';
-    // IIFE: (async () => {...})()  →  wrap as () => (...)
-    if (s.startsWith('(') && s.endsWith(')()')) return `() => (${s})`;
-    // Already a function/arrow
-    if (/^(async\s+)?\([^)]*\)\s*=>/.test(s)) return s;
-    if (/^(async\s+)?[A-Za-z_][A-Za-z0-9_]*\s*=>/.test(s)) return s;
-    if (s.startsWith('function ') || s.startsWith('async function ')) return s;
-    // Raw expression → wrap
-    return `() => (${s})`;
-  }
-
   async snapshot(opts: { interactive?: boolean; compact?: boolean; maxDepth?: number; raw?: boolean } = {}): Promise<any> {
     const raw = await this.call('tools/call', { name: 'browser_snapshot', arguments: {} });
     if (opts.raw) return raw;
@@ -263,57 +250,15 @@ export class Page implements IPage {
   }
 
   async installInterceptor(pattern: string): Promise<void> {
-    const js = `
-      () => {
-        window.__opencli_xhr = window.__opencli_xhr || [];
-        window.__opencli_patterns = window.__opencli_patterns || [];
-        if (!window.__opencli_patterns.includes('${pattern}')) {
-          window.__opencli_patterns.push('${pattern}');
-        }
-        
-        if (!window.__patched_xhr) {
-          const checkMatch = (url) => window.__opencli_patterns.some(p => url.includes(p));
-
-          const XHR = XMLHttpRequest.prototype;
-          const open = XHR.open;
-          const send = XHR.send;
-          XHR.open = function(method, url) {
-            this._url = url;
-            return open.call(this, method, url, ...Array.prototype.slice.call(arguments, 2));
-          };
-          XHR.send = function() {
-            this.addEventListener('load', function() {
-              if (checkMatch(this._url)) {
-                try { window.__opencli_xhr.push({url: this._url, data: JSON.parse(this.responseText)}); } catch(e){}
-              }
-            });
-            return send.apply(this, arguments);
-          };
-
-          const origFetch = window.fetch;
-          window.fetch = async function(...args) {
-            let u = typeof args[0] === 'string' ? args[0] : (args[0] && args[0].url) || '';
-            const res = await origFetch.apply(this, args);
-            setTimeout(async () => {
-              try {
-                if (checkMatch(u)) {
-                  const clone = res.clone();
-                  const j = await clone.json();
-                  window.__opencli_xhr.push({url: u, data: j});
-                }
-              } catch(e) {}
-            }, 0);
-            return res;
-          };
-          window.__patched_xhr = true;
-        }
-      }
-    `;
-    await this.evaluate(js);
+    await this.evaluate(generateInterceptorJs(JSON.stringify(pattern), {
+      arrayName: '__opencli_xhr',
+      patchGuard: '__opencli_interceptor_patched',
+    }));
   }
 
   async getInterceptedRequests(): Promise<any[]> {
-    return (await this.evaluate('() => window.__opencli_xhr')) || [];
+    const result = await this.evaluate(generateReadInterceptedJs('__opencli_xhr'));
+    return result || [];
   }
 }
 
@@ -442,13 +387,13 @@ export class PlaywrightMCP {
         }));
       }, timeout * 1000);
 
-      const mcpArgs: string[] = [mcpPath, '--extension'];
+      const mcpArgs = buildMcpArgs({
+        mcpPath,
+        executablePath: process.env.OPENCLI_BROWSER_EXECUTABLE_PATH,
+      });
       if (process.env.OPENCLI_VERBOSE) {
         console.error(`[opencli] Extension token: ${extensionToken ? `configured (fingerprint ${tokenFingerprint})` : 'missing'}`);
       }
-      if (process.env.OPENCLI_BROWSER_EXECUTABLE_PATH) {
-        mcpArgs.push('--executablePath', process.env.OPENCLI_BROWSER_EXECUTABLE_PATH);
-      }
       debugLog(`Spawning node ${mcpArgs.join(' ')}`);
 
       this._proc = spawn('node', mcpArgs, {
@@ -530,7 +475,7 @@ export class PlaywrightMCP {
 
         // Use tabs as a readiness probe and for tab cleanup bookkeeping.
         debugLog('Fetching initial tabs count...');
-        withTimeout(page.tabs(), INITIAL_TABS_TIMEOUT_MS, 'Timed out fetching initial tabs').then((tabs: any) => {
+        withTimeoutMs(page.tabs(), INITIAL_TABS_TIMEOUT_MS, 'Timed out fetching initial tabs').then((tabs: any) => {
           debugLog(`Tabs response: ${typeof tabs === 'string' ? tabs : JSON.stringify(tabs)}`);
           this._initialTabIdentities = extractTabIdentities(tabs);
           settleSuccess(page);
@@ -555,7 +500,7 @@ export class PlaywrightMCP {
         // Extension mode opens bridge/session tabs that we can clean up best-effort.
         if (this._page && this._proc && !this._proc.killed) {
           try {
-            const tabs = await withTimeout(this._page.tabs(), TAB_CLEANUP_TIMEOUT_MS, 'Timed out fetching tabs during cleanup');
+            const tabs = await withTimeoutMs(this._page.tabs(), TAB_CLEANUP_TIMEOUT_MS, 'Timed out fetching tabs during cleanup');
             const tabEntries = extractTabEntries(tabs);
             const tabsToClose = diffTabIndexes(this._initialTabIdentities, tabEntries);
             for (const index of tabsToClose) {
@@ -664,20 +609,12 @@ function appendLimited(current: string, chunk: string, limit: number): string {
   return next.slice(-limit);
 }
 
-function withTimeout<T>(promise: Promise<T>, timeoutMs: number, message: string): Promise<T> {
-  return new Promise<T>((resolve, reject) => {
-    const timer = setTimeout(() => reject(new Error(message)), timeoutMs);
-    promise.then(
-      (value) => {
-        clearTimeout(timer);
-        resolve(value);
-      },
-      (error) => {
-        clearTimeout(timer);
-        reject(error);
-      },
-    );
-  });
+function buildMcpArgs(input: { mcpPath: string; executablePath?: string | null }): string[] {
+  const args = [input.mcpPath, '--extension'];
+  if (input.executablePath) {
+    args.push('--executable-path', input.executablePath);
+  }
+  return args;
 }
 
 export const __test__ = {
@@ -685,7 +622,8 @@ export const __test__ = {
   extractTabEntries,
   diffTabIndexes,
   appendLimited,
-  withTimeout,
+  buildMcpArgs,
+  withTimeoutMs,
 };
 
 function findMcpServerPath(): string | null {

package/src/cascade.ts

@@ -37,6 +37,49 @@ interface CascadeResult {
   confidence: number;
 }
 
+/**
+ * Build the JavaScript source for a fetch probe.
+ * Shared logic for PUBLIC, COOKIE, and HEADER strategies.
+ */
+function buildFetchProbeJs(url: string, opts: {
+  credentials?: boolean;
+  extractCsrf?: boolean;
+}): string {
+  const credentialsLine = opts.credentials ? `credentials: 'include',` : '';
+  const headerSetup = opts.extractCsrf
+    ? `
+      const cookies = document.cookie.split(';').map(c => c.trim());
+      const csrf = cookies.find(c => c.startsWith('ct0=') || c.startsWith('csrf_token=') || c.startsWith('_csrf='))?.split('=').slice(1).join('=');
+      const headers = {};
+      if (csrf) { headers['X-Csrf-Token'] = csrf; headers['X-XSRF-Token'] = csrf; }
+    `
+    : 'const headers = {};';
+
+  return `
+    async () => {
+      try {
+        ${headerSetup}
+        const resp = await fetch(${JSON.stringify(url)}, {
+          ${credentialsLine}
+          headers
+        });
+        const status = resp.status;
+        if (!resp.ok) return { status, ok: false };
+        const text = await resp.text();
+        let hasData = false;
+        try {
+          const json = JSON.parse(text);
+          hasData = !!json && (Array.isArray(json) ? json.length > 0 :
+            typeof json === 'object' && Object.keys(json).length > 0);
+          // Check for API-level error codes (common in Chinese sites)
+          if (json.code !== undefined && json.code !== 0) hasData = false;
+        } catch {}
+        return { status, ok: true, hasData, preview: text.slice(0, 200) };
+      } catch (e) { return { ok: false, error: e.message }; }
+    }
+  `;
+}
+
 /**
  * Probe an endpoint with a specific strategy.
  * Returns whether the probe succeeded and basic response info.
@@ -45,32 +88,14 @@ export async function probeEndpoint(
   page: IPage,
   url: string,
   strategy: Strategy,
-  opts: { timeout?: number } = {},
+  _opts: { timeout?: number } = {},
 ): Promise<ProbeResult> {
   const result: ProbeResult = { strategy, success: false };
 
   try {
     switch (strategy) {
       case Strategy.PUBLIC: {
-        // Try direct fetch without browser (no credentials)
-        const js = `
-          async () => {
-            try {
-              const resp = await fetch(${JSON.stringify(url)});
-              const status = resp.status;
-              if (!resp.ok) return { status, ok: false };
-              const text = await resp.text();
-              let hasData = false;
-              try {
-                const json = JSON.parse(text);
-                hasData = !!json && (Array.isArray(json) ? json.length > 0 :
-                  typeof json === 'object' && Object.keys(json).length > 0);
-              } catch {}
-              return { status, ok: true, hasData, preview: text.slice(0, 200) };
-            } catch (e) { return { ok: false, error: e.message }; }
-          }
-        `;
-        const resp = await page.evaluate(js);
+        const resp = await page.evaluate(buildFetchProbeJs(url, {}));
         result.statusCode = resp?.status;
         result.success = resp?.ok && resp?.hasData;
         result.hasData = resp?.hasData;
@@ -79,27 +104,7 @@ export async function probeEndpoint(
       }
 
       case Strategy.COOKIE: {
-        // Fetch with credentials: 'include' (uses browser cookies)
-        const js = `
-          async () => {
-            try {
-              const resp = await fetch(${JSON.stringify(url)}, { credentials: 'include' });
-              const status = resp.status;
-              if (!resp.ok) return { status, ok: false };
-              const text = await resp.text();
-              let hasData = false;
-              try {
-                const json = JSON.parse(text);
-                hasData = !!json && (Array.isArray(json) ? json.length > 0 :
-                  typeof json === 'object' && Object.keys(json).length > 0);
-                // Check for API-level error codes (common in Chinese sites)
-                if (json.code !== undefined && json.code !== 0) hasData = false;
-              } catch {}
-              return { status, ok: true, hasData, preview: text.slice(0, 200) };
-            } catch (e) { return { ok: false, error: e.message }; }
-          }
-        `;
-        const resp = await page.evaluate(js);
+        const resp = await page.evaluate(buildFetchProbeJs(url, { credentials: true }));
         result.statusCode = resp?.status;
         result.success = resp?.ok && resp?.hasData;
         result.hasData = resp?.hasData;
@@ -108,39 +113,7 @@ export async function probeEndpoint(
       }
 
       case Strategy.HEADER: {
-        // Fetch with credentials + try to extract common auth headers
-        const js = `
-          async () => {
-            try {
-              // Try to extract CSRF tokens from cookies
-              const cookies = document.cookie.split(';').map(c => c.trim());
-              const csrf = cookies.find(c => c.startsWith('ct0=') || c.startsWith('csrf_token=') || c.startsWith('_csrf='))?.split('=').slice(1).join('=');
-              
-              const headers = {};
-              if (csrf) {
-                headers['X-Csrf-Token'] = csrf;
-                headers['X-XSRF-Token'] = csrf;
-              }
-              
-              const resp = await fetch(${JSON.stringify(url)}, {
-                credentials: 'include',
-                headers
-              });
-              const status = resp.status;
-              if (!resp.ok) return { status, ok: false };
-              const text = await resp.text();
-              let hasData = false;
-              try {
-                const json = JSON.parse(text);
-                hasData = !!json && (Array.isArray(json) ? json.length > 0 :
-                  typeof json === 'object' && Object.keys(json).length > 0);
-                if (json.code !== undefined && json.code !== 0) hasData = false;
-              } catch {}
-              return { status, ok: true, hasData, preview: text.slice(0, 200) };
-            } catch (e) { return { ok: false, error: e.message }; }
-          }
-        `;
-        const resp = await page.evaluate(js);
+        const resp = await page.evaluate(buildFetchProbeJs(url, { credentials: true, extractCsrf: true }));
         result.statusCode = resp?.status;
         result.success = resp?.ok && resp?.hasData;
         result.hasData = resp?.hasData;
@@ -151,7 +124,6 @@ export async function probeEndpoint(
       case Strategy.INTERCEPT:
       case Strategy.UI:
         // These require specific implementation per-site
-        // Mark as needing manual implementation
         result.success = false;
         result.error = `Strategy ${strategy} requires site-specific implementation`;
         break;