npm - @phi-code-admin/camofox-browser - Versions diffs - 1.0.1 → 1.0.3 - Mend

@phi-code-admin/camofox-browser 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/lib/auth.js CHANGED Viewed

@@ -13,7 +13,9 @@
  * Policy (accessKeyMiddleware / global):
  *   - If CAMOFOX_ACCESS_KEY is set, require Bearer match on all routes except
  *     /health, cookie import (when CAMOFOX_API_KEY set), and /stop (when CAMOFOX_ADMIN_KEY set).
- *   - If not set, pass through (backward-compatible).
+ *   - If no key (access nor api) is set AND NODE_ENV === production, fail closed:
+ *     reject every non-/health request with 503 instead of fail-open passthrough.
+ *   - Otherwise (non-production, no key), pass through (backward-compatible).
  */
 import crypto from 'crypto';
@@ -101,18 +103,31 @@ export function requireAuth(config, options = {}) {
  * When a route's dedicated key is NOT configured, the access-key middleware
  * does NOT exempt it -- defense-in-depth prevents unprotected endpoints.
  *
- * When CAMOFOX_ACCESS_KEY is not set, passes through (backward-compatible).
+ * When no key is configured: in production this fails closed (503 for every
+ * non-/health request) so a network-exposed deployment is never an open,
+ * unauthenticated browser-control service; outside production it passes through
+ * (backward-compatible for local development).
  *
- * @param {object} config - Must have { accessKey }; optionally { apiKey, adminKey }
+ * @param {object} config - Must have { accessKey }; optionally { apiKey, adminKey, nodeEnv }
  * @returns {function} Express middleware (req, res, next)
  */
 export function accessKeyMiddleware(config) {
   return function accessKeyCheck(req, res, next) {
-    if (!config.accessKey) return next();
-    // Exempt healthcheck
+    // Exempt healthcheck unconditionally so liveness probes always work.
     if (req.path === '/health') return next();
+    if (!config.accessKey) {
+      // Fail closed in production when no credential at all is configured.
+      // Without this, an exposed deployment would serve the entire
+      // browser-driving surface with zero authentication.
+      if (config.nodeEnv === 'production' && !config.apiKey) {
+        return res.status(503).json({
+          error: 'Server is not configured for authenticated access. Set CAMOFOX_ACCESS_KEY (or CAMOFOX_API_KEY) before serving in production.',
+        });
+      }
+      return next();
+    }
     // Exempt routes with their own dedicated auth -- but only when their key is configured.
     // If the dedicated key is NOT set, the access key gates the route (defense-in-depth).
     if (config.apiKey && req.method === 'POST' && /^\/sessions\/[^/]+\/cookies$/.test(req.path)) return next();

package/lib/plugins.js CHANGED Viewed

@@ -60,7 +60,7 @@
 import { EventEmitter } from 'events';
 import fs from 'fs';
 import path from 'path';
-import { fileURLToPath } from 'url';
+import { fileURLToPath, pathToFileURL } from 'url';
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
 const ROOT_DIR = path.join(__dirname, '..');
@@ -155,7 +155,10 @@ export async function loadPlugins(app, ctx) {
     }
     try {
-      const mod = await import(indexPath);
+      // PHI-VENDOR: on Windows, Node's ESM loader refuses raw absolute paths
+      // (e.g. "C:\foo\plugin.js") and demands a file:// URL. Convert before
+      // calling dynamic import so plugin loading works cross-platform.
+      const mod = await import(pathToFileURL(indexPath).href);
       const register = mod.default || mod.register;
       if (typeof register !== 'function') {
         ctx.log('warn', `plugin "${name}" does not export a register function, skipping`);

package/openclaw.plugin.json CHANGED Viewed

@@ -2,7 +2,7 @@
   "id": "@skyfallsin/camofox-browser",
   "name": "Camofox Browser",
   "description": "Anti-detection browser automation for AI agents using Camoufox (Firefox-based)",
-  "version": "1.10.1",
+  "version": "1.0.3",
   "envVars": {
     "CAMOFOX_API_KEY": {
       "description": "Secret key for the cookie-import endpoint. Cookie import is disabled when unset. Only set this if you need to import browser cookies and the server is local or access-controlled.",

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@phi-code-admin/camofox-browser",
-  "version": "1.0.1",
+  "version": "1.0.3",
   "description": "Phi-code vendored headless browser automation library (snapshot of jo-inc/camofox-browser@c9a90daf, MIT). 10 OpenClaw browser tools exposed as ES module functions; legacy Express server kept opt-in.",
   "type": "module",
   "main": "server.js",
@@ -133,7 +133,7 @@
     "fetch-bin": "node -e \"console.warn('@phi-code-admin/camofox-browser bundles the binary via @phi-code-admin/camoufox-bin-*; no fetch needed. Reinstall if missing.')\""
   },
   "dependencies": {
-    "@phi-code-admin/camoufox-js": "1.0.0",
+    "@phi-code-admin/camoufox-js": "1.0.1",
     "express": "^4.18.2",
     "playwright-core": "^1.58.0",
     "prom-client": "^15.1.3",

package/server.js CHANGED Viewed

@@ -6,6 +6,7 @@ import { VirtualDisplay } from '@phi-code-admin/camoufox-js/dist/virtdisplay.js'
 import { firefox } from 'playwright-core';
 import express from 'express';
 import crypto from 'crypto';
+import net from 'net';
 import fs from 'fs';
 import os from 'os';
 import { expandMacro } from './lib/macros.js';
@@ -210,12 +211,56 @@ function sendError(res, err, extraFields = {}) {
   res.status(status).json(body);
 }
+// SSRF guard: returns true when an IPv4/IPv6 address belongs to a range that
+// must never be reachable from the browser agent (loopback, link-local, the
+// cloud-metadata endpoint, RFC1918, CGNAT, ULA, unspecified/multicast).
+// Kept self-contained (no external dep) and best-effort: it blocks IP literals
+// and obviously-internal hostnames before navigation. DNS-rebinding still needs
+// proxy-level egress control, but this closes the trivial SSRF-via-literal vector.
+function isBlockedIp(address) {
+  const family = net.isIP(address);
+  if (family === 4) {
+    const parts = address.split('.').map(n => parseInt(n, 10));
+    if (parts.length !== 4 || parts.some(n => Number.isNaN(n) || n < 0 || n > 255)) return true;
+    const [a, b] = parts;
+    if (a === 0) return true;                      // 0.0.0.0/8 (unspecified)
+    if (a === 127) return true;                    // loopback
+    if (a === 10) return true;                     // RFC1918
+    if (a === 172 && b >= 16 && b <= 31) return true; // RFC1918
+    if (a === 192 && b === 168) return true;       // RFC1918
+    if (a === 169 && b === 254) return true;       // link-local + metadata (169.254.169.254)
+    if (a === 100 && b >= 64 && b <= 127) return true; // CGNAT 100.64/10
+    if (a >= 224) return true;                     // multicast/reserved (224.0.0.0+)
+    return false;
+  }
+  if (family === 6) {
+    const norm = address.toLowerCase().replace(/^\[|\]$/g, '');
+    // IPv4-mapped (::ffff:a.b.c.d) -> re-check the embedded IPv4
+    const mapped = norm.match(/^::ffff:(\d+\.\d+\.\d+\.\d+)$/);
+    if (mapped) return isBlockedIp(mapped[1]);
+    if (norm === '::1' || norm === '::') return true; // loopback / unspecified
+    if (norm.startsWith('fe80')) return true;         // link-local
+    if (norm.startsWith('fc') || norm.startsWith('fd')) return true; // ULA fc00::/7
+    if (norm.startsWith('ff')) return true;           // multicast
+    if (norm.startsWith('fd00:ec2')) return true;     // AWS IPv6 metadata
+    return false;
+  }
+  return false;
+}
 function validateUrl(url) {
   try {
     const parsed = new URL(url);
     if (!ALLOWED_URL_SCHEMES.includes(parsed.protocol)) {
       return `Blocked URL scheme: ${parsed.protocol} (only http/https allowed)`;
     }
+    const hostname = parsed.hostname.toLowerCase().replace(/^\[|\]$/g, '');
+    if (hostname === 'localhost' || hostname.endsWith('.localhost')) {
+      return `Blocked host: ${parsed.hostname} (internal/metadata addresses are not allowed)`;
+    }
+    if (net.isIP(hostname) && isBlockedIp(hostname)) {
+      return `Blocked host: ${parsed.hostname} (internal/metadata addresses are not allowed)`;
+    }
     return null;
   } catch {
     return `Invalid URL: ${url}`;
@@ -4340,7 +4385,7 @@ app.get('/tabs/:tabId/stats', async (req, res) => {
  *             schema:
  *               $ref: '#/components/schemas/Error'
  */
-app.post('/tabs/:tabId/evaluate', express.json({ limit: '1mb' }), async (req, res) => {
+app.post('/tabs/:tabId/evaluate', authMiddleware(), express.json({ limit: '1mb' }), async (req, res) => {
   try {
     const { userId, expression } = req.body;
     if (!userId) return res.status(400).json({ error: 'userId is required' });
@@ -5963,7 +6008,16 @@ process.on('SIGINT', () => gracefulShutdown('SIGINT'));
 // Fly's auto_stop_machines=false + min_machines_running=2 handles scaling.
 const PORT = CONFIG.port;
-pluginEvents.emit('server:starting', { port: PORT });
+// Bind host: default to loopback so the browser-control API is not exposed on
+// the LAN/container network out of the box. Container/cloud deploys must set
+// CAMOFOX_HOST=0.0.0.0 explicitly (the platform controls ingress there).
+const HOST = (process.env.CAMOFOX_HOST || '127.0.0.1').trim();
+// Loud warning when binding to a non-loopback interface without any auth key.
+if (HOST !== '127.0.0.1' && HOST !== '::1' && HOST !== 'localhost'
+  && !CONFIG.accessKey && !CONFIG.apiKey) {
+  log('warn', 'binding to non-loopback host without CAMOFOX_ACCESS_KEY/CAMOFOX_API_KEY -- browser-control API is exposed unauthenticated', { host: HOST });
+}
+pluginEvents.emit('server:starting', { port: PORT, host: HOST });
 // Load plugins before starting the server
 const pluginCtx = {
@@ -5996,15 +6050,15 @@ const loadedPlugins = await loadPlugins(app, pluginCtx);
 // --- OpenAPI docs (after all routes are registered) ---
 mountDocs(app);
-const server = app.listen(PORT, async () => {
+const server = app.listen(PORT, HOST, async () => {
   startMemoryReporter();
   refreshActiveTabsGauge();
   refreshTabLockQueueDepth();
   pluginEvents.emit('server:started', { port: PORT, pid: process.pid, plugins: loadedPlugins });
   if (FLY_MACHINE_ID) {
-    log('info', 'server started (fly)', { port: PORT, pid: process.pid, machineId: FLY_MACHINE_ID, nodeVersion: process.version });
+    log('info', 'server started (fly)', { port: PORT, host: HOST, pid: process.pid, machineId: FLY_MACHINE_ID, nodeVersion: process.version });
   } else {
-    log('info', 'server started', { port: PORT, pid: process.pid, nodeVersion: process.version });
+    log('info', 'server started', { port: PORT, host: HOST, pid: process.pid, nodeVersion: process.version });
   }
   const tmpCleanup = cleanupOrphanedTempFiles({ tmpDir: os.tmpdir() });
   if (tmpCleanup.removed > 0) {