@vibebrowser/chrome-devtools-mcp 0.26.0

package/build/src/telemetry/transformation.js

@@ -0,0 +1,134 @@
+/**
+ * @license
+ * Copyright 2026 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+const LATENCY_BUCKETS = [50, 100, 250, 500, 1000, 2500, 5000, 10000];
+export function bucketizeLatency(latencyMs) {
+    for (const bucket of LATENCY_BUCKETS) {
+        if (latencyMs <= bucket) {
+            return bucket;
+        }
+    }
+    return LATENCY_BUCKETS[LATENCY_BUCKETS.length - 1];
+}
+export const PARAM_BLOCKLIST = new Set(['uid', 'reqid', 'msgid']);
+const SUPPORTED_ZOD_TYPES = [
+    'ZodString',
+    'ZodNumber',
+    'ZodBoolean',
+    'ZodArray',
+    'ZodEnum',
+];
+function isZodType(type) {
+    return SUPPORTED_ZOD_TYPES.includes(type);
+}
+export function getZodType(zodType) {
+    const def = zodType._def;
+    const typeName = def.typeName;
+    if (typeName === 'ZodOptional' ||
+        typeName === 'ZodDefault' ||
+        typeName === 'ZodNullable') {
+        return getZodType(def.innerType);
+    }
+    if (typeName === 'ZodEffects') {
+        return getZodType(def.schema);
+    }
+    if (isZodType(typeName)) {
+        return typeName;
+    }
+    throw new Error(`Unsupported zod type for tool parameter: ${typeName}`);
+}
+export function stripUnderscoreBeforeNumber(name) {
+    return name.replace(/_([0-9])/g, '$1');
+}
+export function transformArgName(zodType, name) {
+    const snakeCaseName = name.replace(/[A-Z]/g, letter => `_${letter.toLowerCase()}`);
+    let transformed;
+    if (zodType === 'ZodString') {
+        transformed = `${snakeCaseName}_length`;
+    }
+    else if (zodType === 'ZodArray') {
+        transformed = `${snakeCaseName}_count`;
+    }
+    else {
+        transformed = snakeCaseName;
+    }
+    return stripUnderscoreBeforeNumber(transformed);
+}
+export function transformArgType(zodType) {
+    if (zodType === 'ZodString' || zodType === 'ZodArray') {
+        return 'number';
+    }
+    switch (zodType) {
+        case 'ZodNumber':
+            return 'number';
+        case 'ZodBoolean':
+            return 'boolean';
+        case 'ZodEnum':
+            return 'enum';
+        default:
+            throw new Error(`Unsupported zod type for tool parameter: ${zodType}`);
+    }
+}
+const BUCKETS = [
+    0, 1, 2, 5, 10, 20, 50, 100, 200, 500, 1000, 2000, 5000, 10000,
+];
+function bucketize(value) {
+    for (const bucket of BUCKETS) {
+        if (bucket >= value) {
+            return bucket;
+        }
+    }
+    return BUCKETS[BUCKETS.length - 1];
+}
+function transformValue(zodType, value) {
+    if (zodType === 'ZodString') {
+        return bucketize(value.length);
+    }
+    else if (zodType === 'ZodArray') {
+        return value.length;
+    }
+    else {
+        return value;
+    }
+}
+function hasEquivalentType(zodType, value) {
+    if (zodType === 'ZodString') {
+        return typeof value === 'string';
+    }
+    else if (zodType === 'ZodArray') {
+        return Array.isArray(value);
+    }
+    else if (zodType === 'ZodNumber') {
+        return typeof value === 'number';
+    }
+    else if (zodType === 'ZodBoolean') {
+        return typeof value === 'boolean';
+    }
+    else if (zodType === 'ZodEnum') {
+        return (typeof value === 'string' ||
+            typeof value === 'number' ||
+            typeof value === 'boolean');
+    }
+    else {
+        return false;
+    }
+}
+export function sanitizeParams(params, schema) {
+    const transformed = {};
+    for (const [name, value] of Object.entries(params)) {
+        if (PARAM_BLOCKLIST.has(name)) {
+            continue;
+        }
+        const zodType = getZodType(schema[name]);
+        if (!hasEquivalentType(zodType, value)) {
+            throw new Error(`parameter ${name} has type ${zodType} but value ${value} is not of equivalent type`);
+        }
+        const transformedName = transformArgName(zodType, name);
+        const transformedValue = transformValue(zodType, value);
+        transformed[transformedName] = transformedValue;
+    }
+    return transformed;
+}
+//# sourceMappingURL=transformation.js.map

package/build/src/telemetry/types.js

@@ -0,0 +1,31 @@
+/**
+ * @license
+ * Copyright 2026 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+// Enums
+export var OsType;
+(function (OsType) {
+    OsType[OsType["OS_TYPE_UNSPECIFIED"] = 0] = "OS_TYPE_UNSPECIFIED";
+    OsType[OsType["OS_TYPE_WINDOWS"] = 1] = "OS_TYPE_WINDOWS";
+    OsType[OsType["OS_TYPE_MACOS"] = 2] = "OS_TYPE_MACOS";
+    OsType[OsType["OS_TYPE_LINUX"] = 3] = "OS_TYPE_LINUX";
+})(OsType || (OsType = {}));
+export var McpClient;
+(function (McpClient) {
+    McpClient[McpClient["MCP_CLIENT_UNSPECIFIED"] = 0] = "MCP_CLIENT_UNSPECIFIED";
+    McpClient[McpClient["MCP_CLIENT_CLAUDE_CODE"] = 1] = "MCP_CLIENT_CLAUDE_CODE";
+    McpClient[McpClient["MCP_CLIENT_GEMINI_CLI"] = 2] = "MCP_CLIENT_GEMINI_CLI";
+    McpClient[McpClient["MCP_CLIENT_DT_MCP_CLI"] = 4] = "MCP_CLIENT_DT_MCP_CLI";
+    McpClient[McpClient["MCP_CLIENT_OPENCLAW"] = 5] = "MCP_CLIENT_OPENCLAW";
+    McpClient[McpClient["MCP_CLIENT_CODEX"] = 6] = "MCP_CLIENT_CODEX";
+    McpClient[McpClient["MCP_CLIENT_ANTIGRAVITY"] = 7] = "MCP_CLIENT_ANTIGRAVITY";
+    McpClient[McpClient["MCP_CLIENT_OTHER"] = 3] = "MCP_CLIENT_OTHER";
+})(McpClient || (McpClient = {}));
+// IPC types for messages between the main process and the
+// telemetry watchdog process.
+export var WatchdogMessageType;
+(function (WatchdogMessageType) {
+    WatchdogMessageType["LOG_EVENT"] = "log-event";
+})(WatchdogMessageType || (WatchdogMessageType = {}));
+//# sourceMappingURL=types.js.map

package/build/src/telemetry/watchdog/ClearcutSender.js

@@ -0,0 +1,205 @@
+/**
+ * @license
+ * Copyright 2026 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import crypto from 'node:crypto';
+import { logger } from '../../logger.js';
+const MAX_BUFFER_SIZE = 1000;
+const DEFAULT_CLEARCUT_ENDPOINT = 'https://play.googleapis.com/log?format=json_proto';
+const DEFAULT_FLUSH_INTERVAL_MS = 15 * 60 * 1000;
+const LOG_SOURCE = 2839;
+const CLIENT_TYPE = 47;
+const MIN_RATE_LIMIT_WAIT_MS = 30_000;
+const REQUEST_TIMEOUT_MS = 30_000;
+const SHUTDOWN_TIMEOUT_MS = 5_000;
+const SESSION_ROTATION_INTERVAL_MS = 24 * 60 * 60 * 1000;
+export class ClearcutSender {
+    #appVersion;
+    #osType;
+    #clearcutEndpoint;
+    #flushIntervalMs;
+    #includePidHeader;
+    #sessionId;
+    #sessionCreated;
+    #buffer = [];
+    #flushTimer = null;
+    #isFlushing = false;
+    #timerStarted = false;
+    constructor(config) {
+        this.#appVersion = config.appVersion;
+        this.#osType = config.osType;
+        this.#clearcutEndpoint =
+            config.clearcutEndpoint ?? DEFAULT_CLEARCUT_ENDPOINT;
+        this.#flushIntervalMs =
+            config.forceFlushIntervalMs ?? DEFAULT_FLUSH_INTERVAL_MS;
+        this.#includePidHeader = config.includePidHeader ?? false;
+        this.#sessionId = crypto.randomUUID();
+        this.#sessionCreated = Date.now();
+    }
+    enqueueEvent(event) {
+        if (Date.now() - this.#sessionCreated > SESSION_ROTATION_INTERVAL_MS) {
+            this.#sessionId = crypto.randomUUID();
+            this.#sessionCreated = Date.now();
+        }
+        const eventToSend = {
+            ...event,
+            session_id: this.#sessionId,
+            app_version: this.#appVersion,
+            os_type: this.#osType,
+        };
+        logger('Enqueing telemetry event', JSON.stringify(eventToSend, null, 2));
+        this.#addToBuffer(eventToSend);
+        if (!this.#timerStarted) {
+            this.#timerStarted = true;
+            this.#scheduleFlush(this.#flushIntervalMs);
+        }
+    }
+    async sendShutdownEvent() {
+        if (this.#flushTimer) {
+            clearTimeout(this.#flushTimer);
+            this.#flushTimer = null;
+        }
+        const shutdownEvent = {
+            server_shutdown: {},
+        };
+        this.enqueueEvent(shutdownEvent);
+        try {
+            await Promise.race([
+                this.#finalFlush(),
+                new Promise(resolve => setTimeout(resolve, SHUTDOWN_TIMEOUT_MS)),
+            ]);
+            logger('Final flush completed');
+        }
+        catch (error) {
+            logger('Final flush failed:', error);
+        }
+    }
+    async #flush() {
+        if (this.#isFlushing) {
+            return;
+        }
+        if (this.#buffer.length === 0) {
+            this.#scheduleFlush(this.#flushIntervalMs);
+            return;
+        }
+        this.#isFlushing = true;
+        let nextDelayMs = this.#flushIntervalMs;
+        // Optimistically remove events from buffer before sending.
+        // This prevents race conditions where a simultaneous #finalFlush would include these same events.
+        const eventsToSend = [...this.#buffer];
+        this.#buffer = [];
+        try {
+            const result = await this.#sendBatch(eventsToSend);
+            if (result.success) {
+                if (result.nextRequestWaitMs !== undefined) {
+                    nextDelayMs = Math.max(result.nextRequestWaitMs, MIN_RATE_LIMIT_WAIT_MS);
+                }
+            }
+            else if (result.isPermanentError) {
+                logger('Permanent error, dropped batch of', eventsToSend.length, 'events');
+            }
+            else {
+                // Transient error: Requeue events at the front of the buffer
+                // to maintain order and retry them later.
+                this.#buffer = [...eventsToSend, ...this.#buffer];
+            }
+        }
+        catch (error) {
+            // Safety catch for unexpected errors, requeue events
+            this.#buffer = [...eventsToSend, ...this.#buffer];
+            logger('Flush failed unexpectedly:', error);
+        }
+        finally {
+            this.#isFlushing = false;
+            this.#scheduleFlush(nextDelayMs);
+        }
+    }
+    #addToBuffer(event) {
+        if (this.#buffer.length >= MAX_BUFFER_SIZE) {
+            this.#buffer.shift();
+            logger('Telemetry buffer overflow: dropped oldest event');
+        }
+        this.#buffer.push({
+            event,
+            timestamp: Date.now(),
+        });
+    }
+    #scheduleFlush(delayMs) {
+        logger(`Scheduling flush in ${delayMs}`);
+        if (this.#flushTimer) {
+            clearTimeout(this.#flushTimer);
+        }
+        this.#flushTimer = setTimeout(() => {
+            this.#flush().catch(err => {
+                logger('Flush error:', err);
+            });
+        }, delayMs);
+    }
+    async #sendBatch(events) {
+        logger(`Sending batch of ${events.length}`);
+        const requestBody = {
+            log_source: LOG_SOURCE,
+            request_time_ms: Date.now().toString(),
+            client_info: {
+                client_type: CLIENT_TYPE,
+            },
+            log_event: events.map(({ event, timestamp }) => ({
+                event_time_ms: timestamp.toString(),
+                source_extension_json: JSON.stringify(event),
+            })),
+        };
+        const controller = new AbortController();
+        const timeoutId = setTimeout(() => controller.abort(), REQUEST_TIMEOUT_MS);
+        try {
+            const response = await fetch(this.#clearcutEndpoint, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                    // Used in E2E tests to confirm that the watchdog process is killed
+                    ...(this.#includePidHeader
+                        ? { 'X-Watchdog-Pid': process.pid.toString() }
+                        : {}),
+                },
+                body: JSON.stringify(requestBody),
+                signal: controller.signal,
+            });
+            clearTimeout(timeoutId);
+            if (response.ok) {
+                const data = (await response.json());
+                return {
+                    success: true,
+                    nextRequestWaitMs: data.next_request_wait_millis,
+                };
+            }
+            const status = response.status;
+            if (status >= 500 || status === 429) {
+                return { success: false };
+            }
+            logger('Telemetry permanent error:', status);
+            return { success: false, isPermanentError: true };
+        }
+        catch {
+            clearTimeout(timeoutId);
+            return { success: false };
+        }
+    }
+    async #finalFlush() {
+        if (this.#buffer.length === 0) {
+            return;
+        }
+        const eventsToSend = [...this.#buffer];
+        await this.#sendBatch(eventsToSend);
+    }
+    stopForTesting() {
+        if (this.#flushTimer) {
+            clearTimeout(this.#flushTimer);
+            this.#flushTimer = null;
+        }
+        this.#timerStarted = false;
+    }
+    get bufferSizeForTesting() {
+        return this.#buffer.length;
+    }
+}
+//# sourceMappingURL=ClearcutSender.js.map

package/build/src/telemetry/watchdog/main.js

@@ -0,0 +1,128 @@
+/**
+ * @license
+ * Copyright 2026 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import process from 'node:process';
+import readline from 'node:readline';
+import { parseArgs } from 'node:util';
+import { logger, flushLogs, saveLogsToFile } from '../../logger.js';
+import { WatchdogMessageType } from '../types.js';
+import { ClearcutSender } from './ClearcutSender.js';
+function parseWatchdogArgs() {
+    const { values } = parseArgs({
+        options: {
+            'parent-pid': { type: 'string' },
+            'app-version': { type: 'string' },
+            'os-type': { type: 'string' },
+            'log-file': { type: 'string' },
+            'clearcut-endpoint': { type: 'string' },
+            'clearcut-force-flush-interval-ms': { type: 'string' },
+            'clearcut-include-pid-header': { type: 'boolean' },
+        },
+        strict: true,
+    });
+    // Verify required arguments
+    const parentPid = parseInt(values['parent-pid'] ?? '', 10);
+    const appVersion = values['app-version'];
+    const osType = parseInt(values['os-type'] ?? '', 10);
+    if (isNaN(parentPid) || !appVersion || isNaN(osType)) {
+        console.error('Invalid arguments provided for watchdog process: ', JSON.stringify({ parentPid, appVersion, osType }));
+        process.exit(1);
+    }
+    // Parse Optional Arguments
+    const logFile = values['log-file'];
+    const clearcutEndpoint = values['clearcut-endpoint'];
+    const clearcutIncludePidHeader = values['clearcut-include-pid-header'];
+    let clearcutForceFlushIntervalMs;
+    if (values['clearcut-force-flush-interval-ms']) {
+        const parsed = parseInt(values['clearcut-force-flush-interval-ms'], 10);
+        if (!isNaN(parsed)) {
+            clearcutForceFlushIntervalMs = parsed;
+        }
+    }
+    return {
+        parentPid,
+        appVersion,
+        osType,
+        logFile,
+        clearcutEndpoint,
+        clearcutForceFlushIntervalMs,
+        clearcutIncludePidHeader,
+    };
+}
+function main() {
+    const { parentPid, appVersion, osType, logFile, clearcutEndpoint, clearcutForceFlushIntervalMs, clearcutIncludePidHeader, } = parseWatchdogArgs();
+    let logStream;
+    if (logFile) {
+        logStream = saveLogsToFile(logFile);
+    }
+    const exit = (code) => {
+        if (!logStream) {
+            process.exit(code);
+        }
+        void flushLogs(logStream).finally(() => {
+            process.exit(code);
+        });
+    };
+    logger('Watchdog started', JSON.stringify({
+        pid: process.pid,
+        parentPid,
+        version: appVersion,
+        osType,
+    }, null, 2));
+    const sender = new ClearcutSender({
+        appVersion,
+        osType: osType,
+        clearcutEndpoint,
+        forceFlushIntervalMs: clearcutForceFlushIntervalMs,
+        includePidHeader: clearcutIncludePidHeader,
+    });
+    let isShuttingDown = false;
+    function onParentDeath(reason) {
+        if (isShuttingDown) {
+            return;
+        }
+        isShuttingDown = true;
+        logger(`Parent death detected (${reason}). Sending shutdown event...`);
+        sender
+            .sendShutdownEvent()
+            .then(() => {
+            logger('Shutdown event sent. Exiting.');
+            exit(0);
+        })
+            .catch(err => {
+            logger('Failed to send shutdown event', err);
+            exit(1);
+        });
+    }
+    process.stdin.on('end', () => onParentDeath('stdin end'));
+    process.stdin.on('close', () => onParentDeath('stdin close'));
+    process.on('disconnect', () => onParentDeath('ipc disconnect'));
+    const rl = readline.createInterface({
+        input: process.stdin,
+        terminal: false,
+    });
+    rl.on('line', line => {
+        try {
+            if (!line.trim()) {
+                return;
+            }
+            const msg = JSON.parse(line);
+            if (msg.type === WatchdogMessageType.LOG_EVENT && msg.payload) {
+                sender.enqueueEvent(msg.payload);
+            }
+        }
+        catch (err) {
+            logger('Failed to parse IPC message', err);
+        }
+    });
+}
+try {
+    main();
+}
+catch (err) {
+    console.error('Watchdog fatal error:', err);
+    process.exit(1);
+}
+//# sourceMappingURL=main.js.map

package/build/src/third_party/devtools-formatter-worker.js

@@ -0,0 +1,8 @@
+/**
+ * @license
+ * Copyright 2026 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+// eslint-disable-next-line no-restricted-imports
+import '../../node_modules/chrome-devtools-frontend/front_end/entrypoints/formatter_worker/formatter_worker-entrypoint.js';
+//# sourceMappingURL=devtools-formatter-worker.js.map

package/build/src/third_party/devtools-heap-snapshot-worker.js

@@ -0,0 +1,8 @@
+/**
+ * @license
+ * Copyright 2026 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+// eslint-disable-next-line no-restricted-imports
+import '../../node_modules/chrome-devtools-frontend/front_end/entrypoints/heap_snapshot_worker/heap_snapshot_worker-entrypoint.js';
+//# sourceMappingURL=devtools-heap-snapshot-worker.js.map

package/build/src/third_party/index.js

@@ -0,0 +1,32 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import 'urlpattern-polyfill';
+import 'core-js/modules/es.promise.with-resolvers.js';
+import 'core-js/modules/es.set.union.v2.js';
+import 'core-js/proposals/iterator-helpers.js';
+export { default as yargs } from 'yargs';
+export { hideBin } from 'yargs/helpers';
+export { default as semver } from 'semver';
+export { default as debug } from 'debug';
+export { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+export { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+export { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';
+export { StdioClientTransport } from '@modelcontextprotocol/sdk/client/stdio.js';
+export { Client } from '@modelcontextprotocol/sdk/client/index.js';
+export { SetLevelRequestSchema, ListRootsRequestSchema, RootsListChangedNotificationSchema, ListRootsResultSchema, } from '@modelcontextprotocol/sdk/types.js';
+export { z as zod } from 'zod';
+export { default as ajv } from 'ajv';
+export { Locator, PredefinedNetworkConditions, KnownDevices, CDPSessionEvent, } from 'puppeteer-core';
+export { default as puppeteer } from 'puppeteer-core';
+export { PipeTransport } from 'puppeteer-core/internal/node/PipeTransport.js';
+export { resolveDefaultUserDataDir, detectBrowserPlatform, Browser as BrowserEnum, } from '@puppeteer/browsers';
+import { snapshot as snapshotImpl, navigation as navigationImpl, generateReport as generateReportImpl, } from './lighthouse-devtools-mcp-bundle.js';
+export const snapshot = snapshotImpl;
+export const navigation = navigationImpl;
+export const generateReport = generateReportImpl;
+import * as DevTools_1 from '../../node_modules/chrome-devtools-frontend/mcp/mcp.js';
+export { DevTools_1 as DevTools };
+//# sourceMappingURL=index.js.map

package/build/src/third_party/issue-descriptions/CoepCoopSandboxedIframeCannotNavigateToCoopPage.md

@@ -0,0 +1,4 @@
+# An iframe navigation to a document with a Cross-Origin Opener Policy was blocked
+
+A document with a Cross-Origin Opener Policy (COOP) was blocked from loading in an iframe, because the iframe specifies a sandbox attribute.
+This protects COOP-enabled documents from inheriting properties from its opener.

package/build/src/third_party/issue-descriptions/CoepCorpNotSameOrigin.md

@@ -0,0 +1,8 @@
+# Specify a more permissive Cross-Origin Resource Policy to prevent a resource from being blocked
+
+Your site tries to access an external resource that only allows same-origin usage.
+This behavior prevents a document from loading any non-same-origin resources which don’t explicitly grant permission to be loaded.
+
+To solve this, add the following to the resource’s HTML response header:
+* `Cross-Origin-Resource-Policy: same-site` if the resource and your site are served from the same site.
+* `Cross-Origin-Resource-Policy: cross-origin` if the resource is served from another location than your website. ⚠️If you set this header, any website can embed this resource.

package/build/src/third_party/issue-descriptions/CoepCorpNotSameOriginAfterDefaultedToSameOriginByCoep.md

@@ -0,0 +1,18 @@
+# Specify a Cross-Origin Resource Policy to prevent a resource from being blocked
+
+Because your site has the Cross-Origin Embedder Policy (COEP) enabled, each
+resource must specify a suitable Cross-Origin Resource Policy (CORP). This
+behavior prevents a document from loading cross-origin resources which don’t
+explicitly grant permission to be loaded.
+
+To solve this, add the following to the resource’ response header:
+* `Cross-Origin-Resource-Policy: same-site` if the resource and your site are
+  served from the same site.
+* `Cross-Origin-Resource-Policy: cross-origin` if the resource is served from
+  another location than your website. ⚠️If you set this header, any website can
+  embed this resource.
+
+Alternatively, the document can use the variant: `Cross-Origin-Embedder-Policy:
+credentialless` instead of `require-corp`. It allows loading the resource,
+despite the missing CORP header, at the cost of requesting it without
+credentials like Cookies.

package/build/src/third_party/issue-descriptions/CoepCorpNotSameSite.md

@@ -0,0 +1,7 @@
+# Specify a more permissive Cross-Origin Resource Policy to prevent a resource from being blocked
+
+Your site tries to access an external resource that only allows same-site usage.
+This behavior prevents a document from loading any non-same-site resources which don’t explicitly grant permission to be loaded.
+
+To solve this, add the following to the resource’s HTML response header: `Cross-Origin-Resource-Policy: cross-origin`
+⚠️If you set this header, any website can embed this resource.

package/build/src/third_party/issue-descriptions/CoepFrameResourceNeedsCoepHeader.md

@@ -0,0 +1,10 @@
+# Specify a Cross-Origin Embedder Policy to prevent this frame from being blocked
+
+Because your site has the Cross-Origin Embedder Policy (COEP) enabled, each
+embedded iframe must also specify this policy. This behavior protects private
+data from being exposed to untrusted third party sites.
+
+To solve this, add one of following to the embedded frame’s HTML response
+header:
+* `Cross-Origin-Embedder-Policy: require-corp`
+* `Cross-Origin-Embedder-Policy: credentialless` (Chrome > 96)

package/build/src/third_party/issue-descriptions/CompatibilityModeQuirks.md

@@ -0,0 +1,5 @@
+# Page layout may be unexpected due to Quirks Mode
+
+One or more documents in this page is in Quirks Mode, which will render the affected document(s) with quirks incompatible with the current HTML and CSS specifications.
+
+Quirks Mode exists mostly due to historical reasons. If this is not intentional, you can [add or modify the DOCTYPE to be `<!DOCTYPE html>`](issueQuirksModeDoctype) to render the page in No Quirks Mode.

package/build/src/third_party/issue-descriptions/CookieAttributeValueExceedsMaxSize.md

@@ -0,0 +1,5 @@
+# Ensure cookie attribute values don’t exceed 1024 characters
+
+Cookie attribute values exceeding 1024 characters in size will result in the attribute being ignored. This could lead to unexpected behavior since the cookie will be processed as if the offending attribute / attribute value pair were not present.
+
+Resolve this issue by ensuring that cookie attribute values don’t exceed 1024 characters.

package/build/src/third_party/issue-descriptions/LowTextContrast.md

@@ -0,0 +1,5 @@
+# Users may have difficulties reading text content due to insufficient color contrast
+
+Low-contrast text is difficult or impossible for users to read. A [minimum contrast ratio (AA) of 4.5](issuesContrastWCAG21AA) is recommended for all text. Since font size and weight affect color perception, an exception is made for very large or bold text — in this case, a contrast ratio of 3.0 is allowed. The [enhanced conformance level (AAA)](issuesContrastWCAG21AAA) requires the contrast ratio to be above 7.0 for regular text and 4.5 for large text.
+
+Update colors or change the font size or weight to achieve sufficient contrast. You can use the [“Suggest color” feature](issuesContrastSuggestColor) in the DevTools color picker to automatically select a better text color.

package/build/src/third_party/issue-descriptions/SameSiteExcludeContextDowngradeRead.md

@@ -0,0 +1,8 @@
+# Migrate entirely to HTTPS to have cookies sent to same-site subresources
+
+A cookie was not sent to {PLACEHOLDER_destination} origin from {PLACEHOLDER_origin} context.
+Because this cookie would have been sent across schemes on the same site, it was not sent.
+This behavior enhances the `SameSite` attribute’s protection of user data from request forgery by network attackers.
+
+Resolve this issue by migrating your site (as defined by the eTLD+1) entirely to HTTPS.
+It is also recommended to mark the cookie with the `Secure` attribute if that is not already the case.

package/build/src/third_party/issue-descriptions/SameSiteExcludeContextDowngradeSet.md

@@ -0,0 +1,8 @@
+# Migrate entirely to HTTPS to allow cookies to be set by same-site subresources
+
+A cookie was not set by {PLACEHOLDER_origin} origin in {PLACEHOLDER_destination} context.
+Because this cookie would have been set across schemes on the same site, it was blocked.
+This behavior enhances the `SameSite` attribute’s protection of user data from request forgery by network attackers.
+
+Resolve this issue by migrating your site (as defined by the eTLD+1) entirely to HTTPS.
+It is also recommended to mark the cookie with the `Secure` attribute if that is not already the case.

package/build/src/third_party/issue-descriptions/SameSiteExcludeNavigationContextDowngrade.md

@@ -0,0 +1,8 @@
+# Migrate entirely to HTTPS to have cookies sent on same-site requests
+
+A cookie was not sent to {PLACEHOLDER_destination} origin from {PLACEHOLDER_origin} context on a navigation.
+Because this cookie would have been sent across schemes on the same site, it was not sent.
+This behavior enhances the `SameSite` attribute’s protection of user data from request forgery by network attackers.
+
+Resolve this issue by migrating your site (as defined by the eTLD+1) entirely to HTTPS.
+It is also recommended to mark the cookie with the `Secure` attribute if that is not already the case.

package/build/src/third_party/issue-descriptions/SameSiteNoneInsecureErrorRead.md

@@ -0,0 +1,8 @@
+# Mark cross-site cookies as Secure to allow them to be sent in cross-site requests
+
+Cookies marked with `SameSite=None` must also be marked with `Secure` to get sent in cross-site requests.
+This behavior protects user data from being sent over an insecure connection.
+
+Resolve this issue by updating the attributes of the cookie:
+* Specify `SameSite=None` and `Secure` if the cookie should be sent in cross-site requests. This enables third-party use.
+* Specify `SameSite=Strict` or `SameSite=Lax` if the cookie should not be sent in cross-site requests.