@xbrowser/cli 0.16.0 → 1.0.2

package/dist/chunk-CAFNSGYM.js

@@ -0,0 +1,4834 @@
+import {
+  connectToCDP,
+  launchChrome
+} from "./chunk-BBMRDUYQ.js";
+import {
+  __require
+} from "./chunk-KFQGP6VL.js";
+
+// src/browser.ts
+import { randomUUID } from "crypto";
+import { existsSync, mkdirSync, readFileSync, readdirSync, unlinkSync, writeFileSync } from "fs";
+import { join } from "path";
+import { homedir } from "os";
+
+// src/cdp-driver/browser.ts
+import { EventEmitter as EventEmitter3 } from "events";
+
+// src/cdp-driver/context.ts
+import { EventEmitter as EventEmitter2 } from "events";
+
+// src/cdp-driver/page.ts
+import { EventEmitter } from "events";
+
+// src/cdp-driver/mouse.ts
+var XBMouseImpl = class {
+  conn;
+  sessionId;
+  _x = 0;
+  _y = 0;
+  _button = "none";
+  constructor(conn, sessionId) {
+    this.conn = conn;
+    this.sessionId = sessionId;
+  }
+  /** Current cursor X position */
+  get x() {
+    return this._x;
+  }
+  /** Current cursor Y position */
+  get y() {
+    return this._y;
+  }
+  async click(x, y, opts = {}) {
+    const button = opts.button ?? "left";
+    const clickCount = opts.clickCount ?? 1;
+    const delay = opts.delay ?? 0;
+    await this.move(x, y);
+    await this.down({ button });
+    if (delay > 0) {
+      await sleep(delay);
+    }
+    await this.up({ button });
+    for (let i = 1; i < clickCount; i++) {
+      if (delay > 0) await sleep(delay);
+      await this.down({ button });
+      if (delay > 0) await sleep(delay);
+      await this.up({ button });
+    }
+  }
+  async dblclick(x, y, opts = {}) {
+    await this.click(x, y, { clickCount: 2, button: opts.button });
+  }
+  async down(opts = {}) {
+    const button = opts.button ?? "left";
+    this._button = button;
+    await this.send("Input.dispatchMouseEvent", {
+      type: "mousePressed",
+      x: this._x,
+      y: this._y,
+      button,
+      clickCount: 1
+    });
+  }
+  async up(opts = {}) {
+    const button = opts.button ?? "left";
+    this._button = "none";
+    await this.send("Input.dispatchMouseEvent", {
+      type: "mouseReleased",
+      x: this._x,
+      y: this._y,
+      button,
+      clickCount: 1
+    });
+  }
+  async move(x, y, opts = {}) {
+    const steps = Math.max(1, opts.steps ?? 1);
+    const fromX = this._x;
+    const fromY = this._y;
+    const dx = x - fromX;
+    const dy = y - fromY;
+    for (let i = 1; i <= steps; i++) {
+      const t = i / steps;
+      this._x = fromX + dx * t;
+      this._y = fromY + dy * t;
+      await this.send("Input.dispatchMouseEvent", {
+        type: "mouseMoved",
+        x: this._x,
+        y: this._y,
+        button: this._button
+      });
+    }
+    this._x = x;
+    this._y = y;
+  }
+  async wheel(deltaX, deltaY) {
+    await this.send("Input.dispatchMouseEvent", {
+      type: "mouseWheel",
+      x: this._x,
+      y: this._y,
+      deltaX,
+      deltaY
+    });
+  }
+  async send(method, params) {
+    await this.conn.send(method, params, this.sessionId);
+  }
+};
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+
+// src/cdp-driver/keyboard.ts
+var XBKeyboardImpl = class {
+  conn;
+  sessionId;
+  constructor(conn, sessionId) {
+    this.conn = conn;
+    this.sessionId = sessionId;
+  }
+  async press(key, opts = {}) {
+    const delay = opts.delay ?? 0;
+    const mapping = resolveKeyMapping(key);
+    const downParams = {
+      type: "rawKeyDown",
+      key: mapping.key,
+      code: mapping.code
+    };
+    if (mapping.text) {
+      downParams.text = mapping.text;
+      downParams.unmodifiedText = mapping.text;
+    }
+    if (mapping.keyCode) {
+      downParams.windowsVirtualKeyCode = mapping.keyCode;
+    }
+    await this.dispatchKeyEvent(downParams);
+    if (mapping.text) {
+      await this.dispatchKeyEvent({
+        type: "char",
+        text: mapping.text
+      });
+    }
+    if (delay > 0) await sleep2(delay);
+    const upParams = {
+      type: "keyUp",
+      key: mapping.key,
+      code: mapping.code
+    };
+    if (mapping.keyCode) {
+      upParams.windowsVirtualKeyCode = mapping.keyCode;
+    }
+    await this.dispatchKeyEvent(upParams);
+  }
+  async down(key) {
+    const mapping = resolveKeyMapping(key);
+    const params = {
+      type: "rawKeyDown",
+      key: mapping.key,
+      code: mapping.code
+    };
+    if (mapping.text) {
+      params.text = mapping.text;
+      params.unmodifiedText = mapping.text;
+    }
+    if (mapping.keyCode) {
+      params.windowsVirtualKeyCode = mapping.keyCode;
+    }
+    await this.dispatchKeyEvent(params);
+  }
+  async up(key) {
+    const mapping = resolveKeyMapping(key);
+    const params = {
+      type: "keyUp",
+      key: mapping.key,
+      code: mapping.code
+    };
+    if (mapping.keyCode) {
+      params.windowsVirtualKeyCode = mapping.keyCode;
+    }
+    await this.dispatchKeyEvent(params);
+  }
+  async type(text, opts = {}) {
+    const delay = opts.delay ?? 0;
+    for (const char of text) {
+      if (delay > 0) await sleep2(delay);
+      const mapping = resolveKeyMapping(char);
+      const downParams = {
+        type: "rawKeyDown",
+        key: mapping.key,
+        code: mapping.code
+      };
+      if (mapping.text) {
+        downParams.text = mapping.text;
+        downParams.unmodifiedText = mapping.text;
+      }
+      if (mapping.keyCode) {
+        downParams.windowsVirtualKeyCode = mapping.keyCode;
+      }
+      await this.dispatchKeyEvent(downParams);
+      if (mapping.text) {
+        await this.dispatchKeyEvent({
+          type: "char",
+          text: mapping.text
+        });
+      }
+      await this.dispatchKeyEvent({
+        type: "keyUp",
+        key: mapping.key,
+        code: mapping.code,
+        ...mapping.keyCode ? { windowsVirtualKeyCode: mapping.keyCode } : {}
+      });
+    }
+  }
+  async insertText(text) {
+    await this.conn.send(
+      "Input.insertText",
+      { text },
+      this.sessionId
+    );
+  }
+  async dispatchKeyEvent(params) {
+    await this.conn.send("Input.dispatchKeyEvent", params, this.sessionId);
+  }
+};
+function resolveKeyMapping(key) {
+  if (KEY_MAP[key]) return KEY_MAP[key];
+  if (key.length === 1) {
+    const lower = key.toLowerCase();
+    if (lower >= "a" && lower <= "z") {
+      const code = `Key${lower.toUpperCase()}`;
+      const keyCode = lower.charCodeAt(0) - 32;
+      return { key, code, text: key, keyCode };
+    }
+    if (key >= "0" && key <= "9") {
+      const code = `Digit${key}`;
+      const keyCode = key.charCodeAt(0);
+      return { key, code, text: key, keyCode };
+    }
+    return { key, code: key, text: key };
+  }
+  return { key, code: key };
+}
+var KEY_MAP = {
+  Enter: { key: "Enter", code: "Enter", text: "\r", keyCode: 13 },
+  Tab: { key: "Tab", code: "Tab", text: "	", keyCode: 9 },
+  Escape: { key: "Escape", code: "Escape", keyCode: 27 },
+  Backspace: { key: "Backspace", code: "Backspace", keyCode: 8 },
+  Delete: { key: "Delete", code: "Delete", keyCode: 46 },
+  Space: { key: " ", code: "Space", text: " ", keyCode: 32 },
+  ArrowUp: { key: "ArrowUp", code: "ArrowUp", keyCode: 38 },
+  ArrowDown: { key: "ArrowDown", code: "ArrowDown", keyCode: 40 },
+  ArrowLeft: { key: "ArrowLeft", code: "ArrowLeft", keyCode: 37 },
+  ArrowRight: { key: "ArrowRight", code: "ArrowRight", keyCode: 39 },
+  Home: { key: "Home", code: "Home", keyCode: 36 },
+  End: { key: "End", code: "End", keyCode: 35 },
+  PageUp: { key: "PageUp", code: "PageUp", keyCode: 33 },
+  PageDown: { key: "PageDown", code: "PageDown", keyCode: 34 },
+  Control: { key: "Control", code: "ControlLeft", keyCode: 17 },
+  Shift: { key: "Shift", code: "ShiftLeft", keyCode: 16 },
+  Alt: { key: "Alt", code: "AltLeft", keyCode: 18 },
+  Meta: { key: "Meta", code: "MetaLeft", keyCode: 91 },
+  F1: { key: "F1", code: "F1", keyCode: 112 },
+  F2: { key: "F2", code: "F2", keyCode: 113 },
+  F3: { key: "F3", code: "F3", keyCode: 114 },
+  F4: { key: "F4", code: "F4", keyCode: 115 },
+  F5: { key: "F5", code: "F5", keyCode: 116 },
+  F6: { key: "F6", code: "F6", keyCode: 117 },
+  F7: { key: "F7", code: "F7", keyCode: 118 },
+  F8: { key: "F8", code: "F8", keyCode: 119 },
+  F9: { key: "F9", code: "F9", keyCode: 120 },
+  F10: { key: "F10", code: "F10", keyCode: 121 },
+  F11: { key: "F11", code: "F11", keyCode: 122 },
+  F12: { key: "F12", code: "F12", keyCode: 123 }
+};
+function sleep2(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+
+// src/cdp-driver/actionability.ts
+async function waitForActionable(page, selector, opts = {}) {
+  const timeout = opts.timeout ?? 3e4;
+  if (opts.force) {
+    const nodeId = await page.querySelector(selector);
+    if (!nodeId) throw new Error(`Element not found: ${selector}`);
+    const rect = await page.getBoxModel(nodeId);
+    if (!rect) throw new Error(`Element has no box: ${selector}`);
+    return { nodeId, rect };
+  }
+  const deadline = Date.now() + timeout;
+  while (Date.now() < deadline) {
+    const result = await checkActionable(page, selector);
+    if (result.ok && result.rect) {
+      const nodeId = await page.querySelector(selector);
+      if (nodeId) return { nodeId, rect: result.rect };
+    }
+    await page.waitForTimeout(50);
+  }
+  throw new Error(`Actionability timeout: element '${selector}' not ready after ${timeout}ms`);
+}
+async function checkActionable(page, selector) {
+  const result = await page.evaluate(`
+    (function() {
+      const el = document.querySelector(${JSON.stringify(selector)});
+      if (!el) return { ok: false, reason: 'not_found' };
+
+      // Check attached to DOM
+      if (!el.isConnected) return { ok: false, reason: 'detached' };
+
+      // Check visibility
+      const style = window.getComputedStyle(el);
+      if (style.display === 'none' || style.visibility === 'hidden' || style.opacity === '0') {
+        return { ok: false, reason: 'invisible' };
+      }
+
+      // Check non-zero size
+      const rect = el.getBoundingClientRect();
+      if (rect.width === 0 || rect.height === 0) {
+        return { ok: false, reason: 'zero_size' };
+      }
+
+      // Check enabled (for form elements)
+      if (el.disabled) return { ok: false, reason: 'disabled' };
+      if (el.tagName === 'OPTION' && el.closest('select')?.disabled) {
+        return { ok: false, reason: 'parent_disabled' };
+      }
+
+      // Check not covered by another element at center
+      const cx = rect.x + rect.width / 2;
+      const cy = rect.y + rect.height / 2;
+      const topEl = document.elementFromPoint(cx, cy);
+      if (topEl && topEl !== el && !el.contains(topEl) && !topEl.contains(el)) {
+        return { ok: false, reason: 'covered', rect: { x: rect.x, y: rect.y, width: rect.width, height: rect.height } };
+      }
+
+      return {
+        ok: true,
+        rect: { x: rect.x, y: rect.y, width: rect.width, height: rect.height },
+      };
+    })()
+  `);
+  return result;
+}
+async function scrollIntoView(page, selector) {
+  await page.evaluate(`
+    (function() {
+      const el = document.querySelector(${JSON.stringify(selector)});
+      if (el) el.scrollIntoView({ block: 'center', inline: 'center', behavior: 'instant' });
+    })()
+  `);
+}
+
+// src/cdp-driver/locator.ts
+var XBLocatorImpl = class _XBLocatorImpl {
+  page;
+  selector;
+  constructor(page, selector) {
+    this.page = page;
+    this.selector = selector;
+  }
+  // ── Actions ─────────────────────────────────────────────────
+  async click(opts = {}) {
+    const { rect } = await waitForActionable(this.page, this.selector, opts);
+    await scrollIntoView(this.page, this.selector);
+    const updatedRect = await this.page.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(this.selector)});
+        if (!el) return null;
+        const rect = el.getBoundingClientRect();
+        return { x: rect.x, y: rect.y, width: rect.width, height: rect.height };
+      })()
+    `);
+    const finalRect = updatedRect ?? rect;
+    const cx = finalRect.x + finalRect.width / 2;
+    const cy = finalRect.y + finalRect.height / 2;
+    await this.page.mouse.click(cx, cy, {
+      button: opts.button ?? "left",
+      clickCount: opts.clickCount ?? 1,
+      delay: opts.delay
+    });
+  }
+  async fill(value, opts = {}) {
+    await waitForActionable(this.page, this.selector, opts);
+    await scrollIntoView(this.page, this.selector);
+    await this.page.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(this.selector)});
+        if (!el) throw new Error('Element not found: ${this.selector.replace(/'/g, "\\'")}');
+        el.focus();
+        el.value = '';
+        el.dispatchEvent(new Event('input', { bubbles: true }));
+      })()
+    `);
+    await this.page.keyboard.insertText(value);
+    await this.page.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(this.selector)});
+        if (el) {
+          el.dispatchEvent(new Event('input', { bubbles: true }));
+          el.dispatchEvent(new Event('change', { bubbles: true }));
+        }
+      })()
+    `);
+  }
+  async press(key, opts = {}) {
+    await waitForActionable(this.page, this.selector, { timeout: opts.timeout });
+    await scrollIntoView(this.page, this.selector);
+    await this.page.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(this.selector)});
+        if (el) el.focus();
+      })()
+    `);
+    await this.page.keyboard.press(key);
+  }
+  async pressSequentially(text, opts = {}) {
+    await waitForActionable(this.page, this.selector, { timeout: opts.timeout });
+    await scrollIntoView(this.page, this.selector);
+    await this.page.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(this.selector)});
+        if (el) el.focus();
+      })()
+    `);
+    await this.page.keyboard.type(text, { delay: opts.delay });
+  }
+  async hover(opts = {}) {
+    if (!opts.force) {
+      const { rect } = await waitForActionable(this.page, this.selector, { timeout: opts.timeout });
+      await scrollIntoView(this.page, this.selector);
+      const cx = rect.x + rect.width / 2;
+      const cy = rect.y + rect.height / 2;
+      await this.page.mouse.move(cx, cy);
+    } else {
+      await scrollIntoView(this.page, this.selector);
+      const rect = await this.page.evaluate(`
+        (function() {
+          const el = document.querySelector(${JSON.stringify(this.selector)});
+          if (!el) return { x: 0, y: 0, width: 0, height: 0 };
+          const r = el.getBoundingClientRect();
+          return { x: r.x, y: r.y, width: r.width, height: r.height };
+        })()
+      `);
+      const cx = rect.x + rect.width / 2;
+      const cy = rect.y + rect.height / 2;
+      await this.page.mouse.move(cx, cy);
+    }
+  }
+  async type(text, opts = {}) {
+    await this.pressSequentially(text, opts);
+  }
+  async check(opts = {}) {
+    await waitForActionable(this.page, this.selector, { timeout: opts.timeout });
+    const isChecked = await this.page.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(this.selector)});
+        return el?.checked === true;
+      })()
+    `);
+    if (!isChecked) {
+      await this.click({ timeout: opts.timeout });
+    }
+  }
+  async uncheck(opts = {}) {
+    await waitForActionable(this.page, this.selector, { timeout: opts.timeout });
+    const isChecked = await this.page.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(this.selector)});
+        return el?.checked === true;
+      })()
+    `);
+    if (isChecked) {
+      await this.click({ timeout: opts.timeout });
+    }
+  }
+  async selectOption(value) {
+    await waitForActionable(this.page, this.selector);
+    const values = Array.isArray(value) ? value : [value];
+    const selected = await this.page.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(this.selector)});
+        if (!el || el.tagName !== 'SELECT') throw new Error('Not a select element');
+
+        const values = ${JSON.stringify(values)};
+        const selectedValues = [];
+
+        for (const opt of el.options) {
+          for (const v of values) {
+            if (typeof v === 'object') {
+              if (v.label && opt.label === v.label) { opt.selected = true; selectedValues.push(opt.value); }
+              else if (v.value && opt.value === v.value) { opt.selected = true; selectedValues.push(opt.value); }
+              else if (v.index !== undefined && opt.index === v.index) { opt.selected = true; selectedValues.push(opt.value); }
+            } else if (opt.value === v || opt.label === v) {
+              opt.selected = true;
+              selectedValues.push(opt.value);
+            }
+          }
+        }
+
+        el.dispatchEvent(new Event('input', { bubbles: true }));
+        el.dispatchEvent(new Event('change', { bubbles: true }));
+        return selectedValues;
+      })()
+    `);
+    return selected;
+  }
+  async screenshot(opts = {}) {
+    await waitForActionable(this.page, this.selector);
+    const nodeId = await this.page.querySelector(this.selector);
+    if (!nodeId) throw new Error(`Element not found: ${this.selector}`);
+    const box = await this.page.getBoxModel(nodeId);
+    if (!box) throw new Error("Element has no box");
+    return this.page.screenshot({
+      ...opts,
+      clip: { x: box.x, y: box.y, width: box.width, height: box.height }
+    });
+  }
+  // ── State checks ────────────────────────────────────────────
+  async waitFor(opts = {}) {
+    await this.page.waitForSelector(this.selector, opts);
+  }
+  async count() {
+    return this.page.evaluate(`
+      document.querySelectorAll(${JSON.stringify(this.selector)}).length
+    `);
+  }
+  async isVisible() {
+    try {
+      const result = await this.page.evaluate(`
+        (function() {
+          const el = document.querySelector(${JSON.stringify(this.selector)});
+          if (!el) return false;
+          if (!el.isConnected) return false;
+          const style = window.getComputedStyle(el);
+          if (style.display === 'none' || style.visibility === 'hidden') return false;
+          const rect = el.getBoundingClientRect();
+          return rect.width > 0 && rect.height > 0;
+        })()
+      `);
+      return Boolean(result);
+    } catch {
+      return false;
+    }
+  }
+  async isHidden() {
+    return !await this.isVisible();
+  }
+  async isEnabled() {
+    return this.page.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(this.selector)});
+        if (!el) return false;
+        return !el.disabled;
+      })()
+    `);
+  }
+  async isDisabled() {
+    return !await this.isEnabled();
+  }
+  async boundingBox() {
+    const nodeId = await this.page.querySelector(this.selector);
+    if (!nodeId) return null;
+    return this.page.getBoxModel(nodeId);
+  }
+  // ── Text/HTML ───────────────────────────────────────────────
+  async textContent() {
+    return this.page.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(this.selector)});
+        return el?.textContent ?? null;
+      })()
+    `);
+  }
+  async innerText() {
+    return this.page.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(this.selector)});
+        if (!el) throw new Error('Element not found');
+        return el.innerText;
+      })()
+    `);
+  }
+  async innerHTML() {
+    return this.page.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(this.selector)});
+        if (!el) throw new Error('Element not found');
+        return el.innerHTML;
+      })()
+    `);
+  }
+  async getAttribute(name) {
+    return this.page.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(this.selector)});
+        return el?.getAttribute(${JSON.stringify(name)}) ?? null;
+      })()
+    `);
+  }
+  // ── Evaluate ────────────────────────────────────────────────
+  async evaluate(fn, ...args) {
+    const fnBody = typeof fn === "function" ? fn.toString() : fn;
+    return this.page.evaluate(
+      `(function(sel, fnStr, ...evalArgs) {
+        const el = document.querySelector(sel);
+        if (!el) throw new Error('No element found for selector: ' + sel);
+        const fn = new Function('return ' + fnStr)();
+        return fn(el, ...evalArgs);
+      })(${JSON.stringify(this.selector)}, ${JSON.stringify(fnBody)}${args.length > 0 ? ", " + args.map((a) => JSON.stringify(a)).join(", ") : ""})`
+    );
+  }
+  async ariaSnapshot() {
+    const result = await this.page._cdpSend(
+      "Accessibility.getFullAXTree"
+    );
+    return result.nodes.map((n) => `${n.role?.value}: ${n.name?.value ?? ""}`).join("\n");
+  }
+  // ── Filtering ───────────────────────────────────────────────
+  first() {
+    return new FilteredLocator(this.page, this.selector, 0);
+  }
+  last() {
+    return new FilteredLocator(this.page, this.selector, -1);
+  }
+  nth(index) {
+    return new FilteredLocator(this.page, this.selector, index);
+  }
+  filter(opts) {
+    if (opts.visible) {
+      return new VisibleFilteredLocator(this.page, this.selector);
+    }
+    return new _XBLocatorImpl(this.page, this.selector);
+  }
+  async all() {
+    const n = await this.page.evaluate(`
+      document.querySelectorAll(${JSON.stringify(this.selector)}).length
+    `);
+    const locators = [];
+    for (let i = 0; i < n; i++) {
+      locators.push(new FilteredLocator(this.page, this.selector, i));
+    }
+    return locators;
+  }
+  async focus() {
+    await this.page.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(this.selector)});
+        if (el) el.focus();
+      })()
+    `);
+  }
+};
+var FilteredLocator = class extends XBLocatorImpl {
+  constructor(page, selector, index) {
+    const indexedSelector = index === -1 ? `${selector}:last-of-type` : `${selector}:nth-of-type(${index + 1})`;
+    super(page, indexedSelector);
+  }
+};
+var VisibleFilteredLocator = class extends XBLocatorImpl {
+  async _withVisibleTag(fn) {
+    const tag = `data-xb-vt-${Date.now()}-${Math.floor(Math.random() * 1e6)}`;
+    const found = await this.page.evaluate(`
+      (function() {
+        const els = document.querySelectorAll(${JSON.stringify(this.selector)});
+        for (const el of els) {
+          if (!el.isConnected) continue;
+          const style = window.getComputedStyle(el);
+          if (style.display === 'none' || style.visibility === 'hidden' || style.opacity === '0') continue;
+          const rect = el.getBoundingClientRect();
+          if (rect.width === 0 || rect.height === 0) continue;
+          el.setAttribute(${JSON.stringify(tag)}, '');
+          return true;
+        }
+        return false;
+      })()
+    `);
+    if (!found) throw new Error(`No visible element found for: ${this.selector}`);
+    try {
+      return await fn(`[${tag}]`);
+    } finally {
+      await this.page.evaluate(`
+        document.querySelectorAll(${JSON.stringify(`[${tag}]`)}).forEach(el => el.removeAttribute(${JSON.stringify(tag)}))
+      `);
+    }
+  }
+  async click(opts) {
+    return this._withVisibleTag((tagSel) => new XBLocatorImpl(this.page, tagSel).click(opts));
+  }
+  async fill(value, opts) {
+    return this._withVisibleTag((tagSel) => new XBLocatorImpl(this.page, tagSel).fill(value, opts));
+  }
+  async press(key, opts) {
+    return this._withVisibleTag((tagSel) => new XBLocatorImpl(this.page, tagSel).press(key, opts));
+  }
+  async hover(opts) {
+    return this._withVisibleTag((tagSel) => new XBLocatorImpl(this.page, tagSel).hover(opts));
+  }
+  async count() {
+    return this.page.evaluate(`
+      (function() {
+        let count = 0;
+        const els = document.querySelectorAll(${JSON.stringify(this.selector)});
+        for (const el of els) {
+          if (!el.isConnected) continue;
+          const style = window.getComputedStyle(el);
+          if (style.display === 'none' || style.visibility === 'hidden') continue;
+          const rect = el.getBoundingClientRect();
+          if (rect.width === 0 || rect.height === 0) continue;
+          count++;
+        }
+        return count;
+      })()
+    `);
+  }
+  async isVisible() {
+    try {
+      const result = await this.page.evaluate(`
+        (function() {
+          const els = document.querySelectorAll(${JSON.stringify(this.selector)});
+          for (const el of els) {
+            if (!el.isConnected) continue;
+            const style = window.getComputedStyle(el);
+            if (style.display === 'none' || style.visibility === 'hidden') continue;
+            const rect = el.getBoundingClientRect();
+            if (rect.width > 0 && rect.height > 0) return true;
+          }
+          return false;
+        })()
+      `);
+      return result;
+    } catch {
+      return false;
+    }
+  }
+  async textContent() {
+    return this._withVisibleTag((tagSel) => new XBLocatorImpl(this.page, tagSel).textContent());
+  }
+  async innerText() {
+    return this._withVisibleTag((tagSel) => new XBLocatorImpl(this.page, tagSel).innerText());
+  }
+  async waitFor(opts) {
+    const deadline = Date.now() + (opts?.timeout ?? 3e4);
+    while (Date.now() < deadline) {
+      if (await this.isVisible()) return;
+      await this.page.waitForTimeout(50);
+    }
+    throw new Error(`Timeout waiting for visible element: ${this.selector}`);
+  }
+};
+
+// src/cdp-driver/element-handle.ts
+var XBElementHandleImpl = class {
+  page;
+  nodeId;
+  disposed = false;
+  constructor(page, nodeId) {
+    this.page = page;
+    this.nodeId = nodeId;
+  }
+  get _nodeId() {
+    return this.nodeId;
+  }
+  async click(opts = {}) {
+    if (this.disposed) throw new Error("Element handle disposed");
+    const box = await this.boundingBox();
+    if (!box) throw new Error("Element has no box");
+    await this.scrollIntoViewIfNeeded();
+    const cx = box.x + box.width / 2;
+    const cy = box.y + box.height / 2;
+    await this.page.mouse.click(cx, cy, {
+      button: opts.button ?? "left",
+      clickCount: opts.clickCount ?? 1,
+      delay: opts.delay
+    });
+  }
+  async fill(value, _opts = {}) {
+    if (this.disposed) throw new Error("Element handle disposed");
+    const objectId = await this.page.resolveNode(this.nodeId);
+    await this.page.callFunctionOn(
+      objectId,
+      `function(value) {
+        this.focus();
+        this.value = '';
+        this.dispatchEvent(new Event('input', { bubbles: true }));
+      }`,
+      [value]
+    );
+    await this.page.keyboard.insertText(value);
+    await this.page.callFunctionOn(
+      objectId,
+      `function() {
+        this.dispatchEvent(new Event('input', { bubbles: true }));
+        this.dispatchEvent(new Event('change', { bubbles: true }));
+      }`
+    );
+  }
+  async hover() {
+    const box = await this.boundingBox();
+    if (!box) throw new Error("Element has no box");
+    await this.scrollIntoViewIfNeeded();
+    await this.page.mouse.move(box.x + box.width / 2, box.y + box.height / 2);
+  }
+  async press(key) {
+    const objectId = await this.page.resolveNode(this.nodeId);
+    await this.page.callFunctionOn(objectId, "function() { this.focus(); }");
+    await this.page.keyboard.press(key);
+  }
+  async screenshot(opts = {}) {
+    const box = await this.boundingBox();
+    if (!box) throw new Error("Element has no box");
+    return this.page.screenshot({
+      ...opts,
+      clip: box
+    });
+  }
+  async boundingBox() {
+    return this.page.getBoxModel(this.nodeId);
+  }
+  async isVisible() {
+    try {
+      const objectId = await this.page.resolveNode(this.nodeId);
+      const result = await this.page.callFunctionOn(
+        objectId,
+        `function() {
+          if (!this.isConnected) return false;
+          const style = window.getComputedStyle(this);
+          if (style.display === 'none' || style.visibility === 'hidden') return false;
+          const rect = this.getBoundingClientRect();
+          return rect.width > 0 && rect.height > 0;
+        }`
+      );
+      return Boolean(result);
+    } catch {
+      return false;
+    }
+  }
+  async isEnabled() {
+    const objectId = await this.page.resolveNode(this.nodeId);
+    return this.page.callFunctionOn(objectId, "function() { return !this.disabled; }");
+  }
+  async textContent() {
+    const objectId = await this.page.resolveNode(this.nodeId);
+    return this.page.callFunctionOn(objectId, "function() { return this.textContent; }");
+  }
+  async innerText() {
+    const objectId = await this.page.resolveNode(this.nodeId);
+    return this.page.callFunctionOn(objectId, "function() { return this.innerText; }");
+  }
+  async innerHTML() {
+    const objectId = await this.page.resolveNode(this.nodeId);
+    return this.page.callFunctionOn(objectId, "function() { return this.innerHTML; }");
+  }
+  async getAttribute(name) {
+    const objectId = await this.page.resolveNode(this.nodeId);
+    return this.page.callFunctionOn(objectId, `function() { return this.getAttribute(${JSON.stringify(name)}); }`);
+  }
+  async scrollIntoViewIfNeeded() {
+    if (this.disposed) return;
+    const objectId = await this.page.resolveNode(this.nodeId);
+    await this.page.callFunctionOn(
+      objectId,
+      'function() { this.scrollIntoView({ block: "center", inline: "center", behavior: "instant" }); }'
+    );
+  }
+  dispose() {
+    this.disposed = true;
+  }
+};
+
+// src/cdp-driver/page-helpers.ts
+function globToRegex(glob) {
+  let pattern = glob.replace(/[\\^${}()|[\]+]/g, "\\$&").replace(/\./g, "\\.").replace(/\*\*/g, "{{DOUBLESTAR}}").replace(/\*/g, "[^/]*").replace(/{{DOUBLESTAR}}/g, ".*").replace(/\?/g, ".");
+  if (!pattern.startsWith("http") && !pattern.startsWith("\\.")) {
+    pattern = ".*" + pattern;
+  }
+  return new RegExp("^" + pattern + "$", "i");
+}
+function matchGlob(pattern, url) {
+  return globToRegex(pattern).test(url);
+}
+function createResponsePredicate(urlOrPredicate) {
+  if (typeof urlOrPredicate === "function") {
+    return urlOrPredicate;
+  }
+  if (urlOrPredicate instanceof RegExp) {
+    return (resp) => urlOrPredicate.test(resp.url());
+  }
+  const regex = globToRegex(urlOrPredicate);
+  return (resp) => regex.test(resp.url());
+}
+function createRequestPredicate(urlOrPredicate) {
+  if (typeof urlOrPredicate === "function") {
+    return urlOrPredicate;
+  }
+  if (urlOrPredicate instanceof RegExp) {
+    return (req) => urlOrPredicate.test(req.url());
+  }
+  const regex = globToRegex(urlOrPredicate);
+  return (req) => regex.test(req.url());
+}
+function createXBResponse(data, conn, sessionId, requestData) {
+  const request = requestData ? createXBRequest(null, requestData) : createXBRequest(null, { requestId: data.requestId, url: data.url, method: "GET", headers: {}, postData: null, resourceType: "other" });
+  return {
+    status: () => data.status,
+    statusText: () => "",
+    url: () => data.url,
+    headers: () => data.headers,
+    ok: () => data.status >= 200 && data.status < 300,
+    body: async () => {
+      if (!conn) throw new Error("Response body not available");
+      try {
+        const resp = await conn.send(
+          "Network.getResponseBody",
+          { requestId: data.requestId },
+          sessionId
+        );
+        return Buffer.from(resp.body, resp.base64Encoded ? "base64" : "utf8");
+      } catch {
+        throw new Error("Response body not available");
+      }
+    },
+    text: async () => {
+      if (!conn) throw new Error("Response body not available");
+      try {
+        const resp = await conn.send(
+          "Network.getResponseBody",
+          { requestId: data.requestId },
+          sessionId
+        );
+        return resp.base64Encoded ? Buffer.from(resp.body, "base64").toString("utf8") : resp.body;
+      } catch {
+        throw new Error("Response body not available");
+      }
+    },
+    json: async () => {
+      const text = await (async () => {
+        if (!conn) throw new Error("Response body not available");
+        try {
+          const resp = await conn.send(
+            "Network.getResponseBody",
+            { requestId: data.requestId },
+            sessionId
+          );
+          return resp.base64Encoded ? Buffer.from(resp.body, "base64").toString("utf8") : resp.body;
+        } catch {
+          throw new Error("Response body not available");
+        }
+      })();
+      return JSON.parse(text);
+    },
+    request: () => request
+  };
+}
+function createXBRequest(page, data) {
+  return {
+    url: () => data.url,
+    method: () => data.method,
+    headers: () => data.headers,
+    postData: () => data.postData,
+    resourceType: () => data.resourceType,
+    response: async () => {
+      if (!page?._networkResponses) return null;
+      const resp = page._networkResponses.get(data.requestId);
+      if (!resp) return null;
+      return createXBResponse(resp, page._connection, page.sessionId, data);
+    }
+  };
+}
+function createXBRouteFetch(conn, sessionId, params, emitter) {
+  const request = createXBRequest(null, {
+    requestId: params.requestId,
+    url: params.request.url,
+    method: params.request.method,
+    headers: params.request.headers,
+    postData: params.request.postData ?? null,
+    resourceType: params.resourceType
+  });
+  return {
+    request: () => request,
+    abort: async (errorCode) => {
+      await conn.send("Fetch.failRequest", {
+        requestId: params.requestId,
+        errorReason: errorCode || "Failed"
+      }, sessionId);
+    },
+    continue: async (opts) => {
+      await conn.send("Fetch.continueRequest", {
+        requestId: params.requestId,
+        url: opts?.url,
+        method: opts?.method,
+        headers: opts?.headers ? Object.entries(opts.headers).map(([k, v]) => ({ name: k, value: v })) : void 0,
+        postData: opts?.postData ? Buffer.from(opts.postData).toString("base64") : void 0
+      }, sessionId);
+    },
+    fulfill: async (opts) => {
+      const bodyStr = typeof opts.body === "string" ? opts.body : opts.body ? opts.body.toString("utf8") : "";
+      const bodyBytes = Buffer.from(bodyStr, "utf8");
+      const headers = { ...opts.headers };
+      if (opts.contentType) headers["content-type"] = opts.contentType;
+      headers["access-control-allow-origin"] = "*";
+      await conn.send("Fetch.fulfillRequest", {
+        requestId: params.requestId,
+        responseCode: opts.status ?? 200,
+        responseHeaders: Object.entries(headers).map(([k, v]) => ({ name: k, value: v })),
+        body: bodyBytes.toString("base64")
+      }, sessionId);
+      if (emitter) {
+        const responseData = {
+          requestId: params.requestId,
+          status: opts.status ?? 200,
+          url: params.request.url,
+          headers
+        };
+        const response = createXBResponse(responseData, conn, sessionId);
+        emitter.emit("response", response);
+      }
+    }
+  };
+}
+
+// src/cdp-driver/page.ts
+var XBPageImpl = class _XBPageImpl {
+  conn;
+  _emitter = new EventEmitter();
+  _subscriptions = [];
+  sessionId;
+  _targetId;
+  _contextImpl;
+  _browserImpl;
+  _closed = false;
+  _url = "about:blank";
+  _title = "";
+  _viewportSize = null;
+  _loadState = {
+    loadFired: true,
+    domContentFired: true,
+    networkIdle: true
+  };
+  mouse;
+  keyboard;
+  // Network tracking for waitForLoadState('networkidle')
+  inflightRequests = /* @__PURE__ */ new Set();
+  networkIdleResolve = null;
+  networkIdleTimer = null;
+  static NETWORK_IDLE_MS = 500;
+  constructor(conn, sessionId, targetId, context, browser) {
+    this.conn = conn;
+    this.sessionId = sessionId;
+    this._targetId = targetId;
+    this._contextImpl = context;
+    this._browserImpl = browser;
+    this.mouse = new XBMouseImpl(conn, sessionId);
+    this.keyboard = new XBKeyboardImpl(conn, sessionId);
+  }
+  _emit(event, ...args) {
+    this._emitter.emit(event, ...args);
+  }
+  /** Internal initialization — must be called after construction */
+  async _init() {
+    await this.conn.send("Page.enable", void 0, this.sessionId);
+    await this.conn.send("Runtime.enable", void 0, this.sessionId);
+    await this.conn.send("Network.enable", void 0, this.sessionId);
+    this.setupPageEvents();
+    this.setupNetworkEvents();
+    this.setupConsoleEvents();
+    await this.conn.send("Runtime.runIfWaitingForDebugger", void 0, this.sessionId).catch(() => {
+    });
+    try {
+      const info = await this.conn.send(
+        "Target.getTargetInfo",
+        { targetId: this._targetId }
+      );
+      this._url = info.url;
+      this._title = info.title;
+    } catch {
+    }
+  }
+  get _connection() {
+    return this.conn;
+  }
+  // ── Navigation ──────────────────────────────────────────────
+  async goto(url, opts = {}) {
+    if (this._closed) throw new Error("Page is closed");
+    const waitUntil = opts.waitUntil ?? "load";
+    const timeout = opts.timeout ?? 3e4;
+    this._loadState = { loadFired: false, domContentFired: false, networkIdle: false };
+    const result = await this.conn.send(
+      "Page.navigate",
+      { url, referrer: opts.referer },
+      this.sessionId
+    );
+    if (result.errorText) {
+      throw new Error(`Navigation failed: ${result.errorText}`);
+    }
+    await this.waitForLoadState(waitUntil, timeout);
+    this._url = url;
+    const statusCode = 200;
+    const finalUrl = url;
+    const headers = {};
+    return {
+      status: () => statusCode,
+      ok: () => statusCode >= 200 && statusCode < 300,
+      url: () => finalUrl,
+      headers: () => headers
+    };
+  }
+  async goBack(opts = {}) {
+    await this.evaluate("() => history.back()");
+    await this.waitForLoadState(opts.waitUntil ?? "load", opts.timeout);
+  }
+  async goForward(opts = {}) {
+    await this.evaluate("() => history.forward()");
+    await this.waitForLoadState(opts.waitUntil ?? "load", opts.timeout);
+  }
+  async reload(opts = {}) {
+    this._loadState = { loadFired: false, domContentFired: false, networkIdle: false };
+    await this.conn.send("Page.reload", void 0, this.sessionId);
+    await this.waitForLoadState(opts.waitUntil ?? "load", opts.timeout);
+  }
+  async waitForLoadState(state = "load", timeout = 3e4) {
+    if (this._closed) throw new Error("Page is closed");
+    const checkState = () => {
+      switch (state) {
+        case "domcontentloaded":
+          return this._loadState.domContentFired;
+        case "load":
+          return this._loadState.loadFired;
+        case "networkidle":
+          return this._loadState.networkIdle;
+        case "commit":
+          return this._loadState.domContentFired;
+        default:
+          return true;
+      }
+    };
+    if (checkState()) return;
+    return new Promise((resolve, reject) => {
+      const timer = setTimeout(() => {
+        reject(new Error(`waitForLoadState('${state}') timeout after ${timeout}ms`));
+      }, timeout);
+      const check = () => {
+        if (checkState()) {
+          clearTimeout(timer);
+          resolve();
+        } else {
+          setTimeout(check, 50);
+        }
+      };
+      check();
+    });
+  }
+  async waitForTimeout(ms) {
+    await new Promise((resolve) => {
+      const timer = setTimeout(resolve, ms);
+      if (typeof timer.unref === "function") timer.unref();
+    });
+  }
+  async waitForSelector(selector, opts = {}) {
+    const state = opts.state ?? "visible";
+    const timeout = opts.timeout ?? 3e4;
+    const deadline = Date.now() + timeout;
+    while (Date.now() < deadline) {
+      const exists = await this.evaluate(
+        `(function() { const el = document.querySelector(${JSON.stringify(selector)}); return !!el; })()`
+      );
+      if (state === "attached" && exists) return;
+      if (state === "detached" && !exists) return;
+      if (state === "visible" && exists) {
+        const visible = await this.evaluate(
+          `(function() { const el = document.querySelector(${JSON.stringify(selector)}); if (!el) return false; const rect = el.getBoundingClientRect(); const style = window.getComputedStyle(el); return rect.width > 0 && rect.height > 0 && style.visibility !== 'hidden' && style.display !== 'none'; })()`
+        );
+        if (visible) return;
+      }
+      if (state === "hidden") {
+        if (!exists) return;
+        const visible = await this.evaluate(
+          `(function() { const el = document.querySelector(${JSON.stringify(selector)}); if (!el) return false; const rect = el.getBoundingClientRect(); const style = window.getComputedStyle(el); return rect.width > 0 && rect.height > 0 && style.visibility !== 'hidden' && style.display !== 'none'; })()`
+        );
+        if (!visible) return;
+      }
+      await this.waitForTimeout(100);
+    }
+    throw new Error(`waitForSelector('${selector}', state='${state}') timeout after ${timeout}ms`);
+  }
+  async waitForFunction(fn, opts = {}, ...args) {
+    const timeout = opts.timeout ?? 3e4;
+    const polling = opts.polling ?? 100;
+    const deadline = Date.now() + timeout;
+    const fnBody = typeof fn === "function" ? fn.toString() : fn;
+    let lastError = null;
+    while (Date.now() < deadline) {
+      try {
+        const result = await this.evaluate(
+          `(function(fnStr, ...evalArgs) { const fn = new Function('return ' + fnStr); return fn(...evalArgs); })(${JSON.stringify(fnBody)}${args.length > 0 ? ", " + args.map((a) => JSON.stringify(a)).join(", ") : ""})`
+        );
+        if (result) return result;
+      } catch (err) {
+        lastError = err;
+      }
+      const pollMs = typeof polling === "number" ? polling : 16;
+      await this.waitForTimeout(pollMs);
+    }
+    const detail = lastError ? `
+Last error: ${lastError.message}` : "";
+    throw new Error(`waitForFunction timeout after ${timeout}ms${detail}`);
+  }
+  url() {
+    return this._url;
+  }
+  async title() {
+    this._title = await this.evaluate("document.title");
+    return this._title;
+  }
+  async content() {
+    return this.evaluate("document.documentElement.outerHTML");
+  }
+  // ── Evaluation ──────────────────────────────────────────────
+  async evaluate(fn, ...args) {
+    if (this._closed) throw new Error("Page is closed");
+    let expression;
+    if (typeof fn === "string") {
+      expression = fn;
+    } else {
+      const argStr = args.length > 0 ? `...${JSON.stringify(args)}` : "";
+      expression = `(()=>{const __fn=(${fn.toString()});return __fn(${argStr});})()`;
+    }
+    const result = await this.conn.send("Runtime.evaluate", {
+      expression,
+      returnByValue: true,
+      awaitPromise: true
+    }, this.sessionId);
+    if (result.exceptionDetails) {
+      const detail = result.exceptionDetails.exception?.description ?? result.exceptionDetails.exception?.value ?? result.exceptionDetails.text;
+      throw new Error(`${detail}`);
+    }
+    return result.result?.value;
+  }
+  /** evaluateHandle — evaluates fn and returns a handle for element bounding box */
+  async evaluateHandle(fn, ...args) {
+    let expression;
+    if (typeof fn === "string") {
+      expression = fn;
+    } else {
+      const argStr = args.length > 0 ? `...${JSON.stringify(args)}` : "";
+      expression = `(()=>{const __fn=(${fn.toString()});const __el=__fn(${argStr});if(__el&&typeof __el.getBoundingClientRect==='function'){const r=__el.getBoundingClientRect();return JSON.parse(JSON.stringify({x:r.x,y:r.y,w:r.width,h:r.height}));}return null;})()`;
+    }
+    const result = await this.conn.send("Runtime.evaluate", { expression, returnByValue: true }).catch(() => ({ result: { value: null } }));
+    let box = null;
+    try {
+      box = JSON.parse(result.result?.value);
+    } catch {
+    }
+    return {
+      asElement: () => box ? { boundingBox: async () => box } : null
+    };
+  }
+  async $eval(selector, fn, ...args) {
+    const fnBody = typeof fn === "function" ? fn.toString() : fn;
+    return this.evaluate(
+      `(function(sel, fnStr, ...evalArgs) {
+        const el = document.querySelector(sel);
+        if (!el) throw new Error('No element found for selector: ' + sel);
+        const fn = new Function('return ' + fnStr)();
+        return fn(el, ...evalArgs);
+      })(${JSON.stringify(selector)}, ${JSON.stringify(fnBody)}${args.length > 0 ? ", " + args.map((a) => JSON.stringify(a)).join(", ") : ""})`
+    );
+  }
+  async $$eval(selector, fn, ...args) {
+    const fnBody = typeof fn === "function" ? fn.toString() : fn;
+    return this.evaluate(
+      `(function(sel, fnStr, ...evalArgs) {
+        const els = Array.from(document.querySelectorAll(sel));
+        const fn = new Function('return ' + fnStr)();
+        return fn(els, ...evalArgs);
+      })(${JSON.stringify(selector)}, ${JSON.stringify(fnBody)}${args.length > 0 ? ", " + args.map((a) => JSON.stringify(a)).join(", ") : ""})`
+    );
+  }
+  // ── Locator ─────────────────────────────────────────────────
+  locator(selector) {
+    return new XBLocatorImpl(this, selector);
+  }
+  getByText(text, opts) {
+    const escaped = text.replace(/'/g, "\\'");
+    if (opts?.exact) {
+      return this.locator(`xpath=//*[normalize-space(text())='${escaped}']`);
+    }
+    return this.locator(`xpath=//*[contains(text(),'${escaped}')]`);
+  }
+  getByRole(role, opts) {
+    let sel = `[role="${role}"]`;
+    if (opts?.name) {
+      sel += opts.exact ? `[aria-label="${opts.name}"]` : `[aria-label*="${opts.name}"]`;
+    }
+    return this.locator(sel);
+  }
+  getByLabel(label, opts) {
+    const escaped = label.replace(/'/g, "\\'");
+    const sel = opts?.exact ? `xpath=//*[@aria-label='${escaped}' or @id=//label[normalize-space(text())='${escaped}']/@for]` : `xpath=//*[contains(@aria-label,'${escaped}') or @id=//label[contains(text(),'${escaped}')]/@for]`;
+    return this.locator(sel);
+  }
+  getByPlaceholder(text, opts) {
+    return this.locator(
+      opts?.exact ? `[placeholder="${text}"]` : `[placeholder*="${text}"]`
+    );
+  }
+  getByTestId(id) {
+    return this.locator(`[data-testid="${id}"]`);
+  }
+  getByAltText(text, opts) {
+    return this.locator(opts?.exact ? `[alt="${text}"]` : `[alt*="${text}"]`);
+  }
+  getByTitle(title, opts) {
+    return this.locator(
+      opts?.exact ? `[title="${title}"]` : `[title*="${title}"]`
+    );
+  }
+  // ── Interaction shortcuts ───────────────────────────────────
+  async click(selector, opts = {}) {
+    await this.locator(selector).click(opts);
+  }
+  async dblclick(selector, opts = {}) {
+    await this.locator(selector).click({ ...opts, clickCount: 2 });
+  }
+  async fill(selector, value, opts = {}) {
+    await this.locator(selector).fill(value, opts);
+  }
+  async press(selector, key, opts) {
+    await this.locator(selector).press(key, opts);
+  }
+  async hover(selector, opts) {
+    await this.locator(selector).hover(opts);
+  }
+  async type(selector, text, opts = {}) {
+    await this.locator(selector).type(text, opts);
+  }
+  async check(selector, opts) {
+    await this.locator(selector).check(opts);
+  }
+  async uncheck(selector, opts) {
+    await this.locator(selector).uncheck(opts);
+  }
+  async selectOption(selector, value) {
+    return this.locator(selector).selectOption(value);
+  }
+  // ── Convenience selectors ───────────────────────────────────
+  async textContent(selector) {
+    return this.evaluate(
+      `(function() { const el = document.querySelector(${JSON.stringify(selector)}); return el?.textContent ?? null; })()`
+    );
+  }
+  async innerText(selector) {
+    return this.evaluate(
+      `(function() { const el = document.querySelector(${JSON.stringify(selector)}); if (!el) throw new Error('Element not found'); return el.innerText; })()`
+    );
+  }
+  async innerHTML(selector) {
+    return this.evaluate(
+      `(function() { const el = document.querySelector(${JSON.stringify(selector)}); if (!el) throw new Error('Element not found'); return el.innerHTML; })()`
+    );
+  }
+  async getAttribute(selector, name) {
+    return this.evaluate(
+      `(function() { const el = document.querySelector(${JSON.stringify(selector)}); return el?.getAttribute(${JSON.stringify(name)}) ?? null; })()`
+    );
+  }
+  // ── Query ───────────────────────────────────────────────────
+  async $(selector) {
+    const nodeId = await this.querySelector(selector);
+    if (!nodeId) return null;
+    return new XBElementHandleImpl(this, nodeId);
+  }
+  async $$(selector) {
+    const nodeIds = await this.querySelectorAll(selector);
+    return nodeIds.map((id) => new XBElementHandleImpl(this, id));
+  }
+  // ── Screen ──────────────────────────────────────────────────
+  async screenshot(opts = {}) {
+    const params = {
+      format: opts.type ?? "png"
+    };
+    if (opts.quality !== void 0 && (opts.type === "jpeg" || !opts.type && opts.quality)) {
+      params.quality = opts.quality;
+    }
+    if (opts.fullPage) {
+      params.captureBeyondViewport = true;
+    }
+    if (opts.clip) {
+      const clip = {
+        x: Math.round(opts.clip.x),
+        y: Math.round(opts.clip.y),
+        width: Math.round(Math.max(1, opts.clip.width)),
+        height: Math.round(Math.max(1, opts.clip.height)),
+        scale: 1
+      };
+      params.clip = clip;
+    }
+    if (opts.omitBackground) {
+      params.omitBackground = true;
+    }
+    const result = await this.conn.send(
+      "Page.captureScreenshot",
+      params,
+      this.sessionId
+    );
+    return Buffer.from(result.data, "base64");
+  }
+  async pdf(opts = {}) {
+    const params = {};
+    if (opts.landscape !== void 0) params.landscape = opts.landscape;
+    if (opts.printBackground !== void 0) params.printBackground = opts.printBackground;
+    if (opts.scale !== void 0) params.scale = opts.scale;
+    if (opts.format) params.paperFormat = opts.format;
+    if (opts.preferCSSPageSize !== void 0) params.preferCSSPageSize = opts.preferCSSPageSize;
+    if (opts.margin) {
+      if (opts.margin.top) params.marginTop = parseFloat(opts.margin.top);
+      if (opts.margin.bottom) params.marginBottom = parseFloat(opts.margin.bottom);
+      if (opts.margin.left) params.marginLeft = parseFloat(opts.margin.left);
+      if (opts.margin.right) params.marginRight = parseFloat(opts.margin.right);
+    }
+    const result = await this.conn.send("Page.printToPDF", params, this.sessionId);
+    return Buffer.from(result.data, "base64");
+  }
+  viewportSize() {
+    return this._viewportSize ?? null;
+  }
+  async setViewportSize(size) {
+    await this.conn.send(
+      "Emulation.setDeviceMetricsOverride",
+      {
+        width: size.width,
+        height: size.height,
+        deviceScaleFactor: 1,
+        mobile: false
+      },
+      this.sessionId
+    );
+    this._viewportSize = size;
+  }
+  // ── Scripts ─────────────────────────────────────────────────
+  async addInitScript(script) {
+    await this.conn.send(
+      "Page.addScriptToEvaluateOnNewDocument",
+      { source: script },
+      this.sessionId
+    );
+  }
+  /** Internal: set user agent */
+  async _setUserAgent(userAgent) {
+    await this.conn.send(
+      "Network.setUserAgentOverride",
+      { userAgent },
+      this.sessionId
+    );
+  }
+  /** Internal: set extra HTTP headers */
+  async _setExtraHTTPHeaders(headers) {
+    await this.setExtraHTTPHeaders(headers);
+  }
+  async bringToFront() {
+    await this.conn.send("Page.bringToFront", void 0, this.sessionId);
+  }
+  async setExtraHTTPHeaders(headers) {
+    await this.conn.send("Network.setExtraHTTPHeaders", { headers }, this.sessionId);
+  }
+  // ── Events ──────────────────────────────────────────────────
+  on(event, handler) {
+    this._emitter.on(event, handler);
+  }
+  off(event, handler) {
+    this._emitter.off(event, handler);
+  }
+  /**
+   * Wait for a one-shot event (Playwright-compatible subset).
+   * Used to listen for 'filechooser', 'dialog', 'popup', 'framenavigated', etc.
+   */
+  async waitForEvent(event, opts = {}) {
+    const timeout = opts.timeout ?? 3e4;
+    return new Promise((resolve, reject) => {
+      const timer = setTimeout(() => {
+        this._emitter.off(event, handler);
+        reject(new Error(`waitForEvent('${event}') timeout after ${timeout}ms`));
+      }, timeout);
+      const handler = (...args) => {
+        if (opts.predicate && !opts.predicate(...args)) return;
+        clearTimeout(timer);
+        this._emitter.off(event, handler);
+        resolve(args.length === 1 ? args[0] : args);
+      };
+      this._emitter.on(event, handler);
+    });
+  }
+  // ── Lifecycle ───────────────────────────────────────────────
+  async close() {
+    if (this._closed) return;
+    this._closed = true;
+    if (this.networkIdleTimer) {
+      clearTimeout(this.networkIdleTimer);
+      this.networkIdleTimer = null;
+    }
+    for (const unsub of this._subscriptions) {
+      unsub();
+    }
+    this._subscriptions = [];
+    await this._browserImpl._closeTarget(this._targetId).catch(() => {
+    });
+    await this._browserImpl._detachFromTarget(this.sessionId).catch(() => {
+    });
+    this._emitter.emit("close");
+  }
+  isClosed() {
+    return this._closed;
+  }
+  context() {
+    return this._contextImpl;
+  }
+  browser() {
+    return this._browserImpl;
+  }
+  mainFrame() {
+    return {
+      url: () => this._url,
+      name: () => "",
+      isDetached: () => this._closed,
+      page: () => this,
+      evaluate: (fn, ...args) => this.evaluate(fn, ...args),
+      $: (sel) => this.$(sel),
+      $$: (sel) => this.$$(sel)
+    };
+  }
+  frames() {
+    return [this.mainFrame()];
+  }
+  // ── CDP helpers exposed for locator/element ─────────────────
+  /** Query a single element, returns CDP nodeId or 0 if not found */
+  async querySelector(selector) {
+    const doc = await this.conn.send(
+      "DOM.getDocument",
+      { depth: 0 },
+      this.sessionId
+    );
+    const result = await this.conn.send(
+      "DOM.querySelector",
+      { nodeId: doc.root.nodeId, selector },
+      this.sessionId
+    );
+    return result.nodeId;
+  }
+  /** Query all matching elements, returns array of CDP nodeIds */
+  async querySelectorAll(selector) {
+    const doc = await this.conn.send(
+      "DOM.getDocument",
+      { depth: 0 },
+      this.sessionId
+    );
+    const result = await this.conn.send(
+      "DOM.querySelectorAll",
+      { nodeId: doc.root.nodeId, selector },
+      this.sessionId
+    );
+    return result.nodeIds ?? [];
+  }
+  /** Resolve a CDP nodeId to a RemoteObject for evaluate */
+  async resolveNode(nodeId) {
+    const result = await this.conn.send(
+      "DOM.resolveNode",
+      { nodeId },
+      this.sessionId
+    );
+    return result.object.objectId;
+  }
+  /** Get the box model for a nodeId */
+  async getBoxModel(nodeId) {
+    try {
+      const result = await this.conn.send("DOM.getBoxModel", { nodeId }, this.sessionId);
+      const c = result.model?.content;
+      if (!c || c.length < 8) return null;
+      const x1 = c[0];
+      const y1 = c[1];
+      const x2 = c[4];
+      const y2 = c[5];
+      return {
+        x: Math.min(x1, x2),
+        y: Math.min(y1, y2),
+        width: Math.abs(x2 - x1),
+        height: Math.abs(y2 - y1)
+      };
+    } catch {
+      return null;
+    }
+  }
+  /** Call a function on a RemoteObject */
+  async callFunctionOn(objectId, functionDeclaration, args = []) {
+    const result = await this.conn.send("Runtime.callFunctionOn", {
+      objectId,
+      functionDeclaration,
+      arguments: args.map((a) => ({ value: a })),
+      returnByValue: true
+    }, this.sessionId);
+    if (result.exceptionDetails) {
+      throw new Error(`CallFunctionOn error: ${result.exceptionDetails.text}`);
+    }
+    return result.result?.value;
+  }
+  /** Send a CDP command scoped to this page's session */
+  async _cdpSend(method, params) {
+    return this.conn.send(method, params, this.sessionId);
+  }
+  /** Subscribe to a CDP event on this page's session. Returns unsubscribe function. */
+  _subscribe(event, handler) {
+    return this.conn.subscribe(event, this.sessionId, handler);
+  }
+  // ── Private: Event Setup ────────────────────────────────────
+  setupPageEvents() {
+    this._subscriptions.push(
+      this.conn.subscribe("Page.frameNavigated", this.sessionId, (params) => {
+        const p = params;
+        if (p.frame) {
+          this._url = p.frame.url;
+        }
+        this._emit("framenavigated", this.mainFrame());
+      })
+    );
+    this._subscriptions.push(
+      this.conn.subscribe("Page.loadEventFired", this.sessionId, () => {
+        this._loadState.loadFired = true;
+      })
+    );
+    this._subscriptions.push(
+      this.conn.subscribe("Page.domContentEventFired", this.sessionId, () => {
+        this._loadState.domContentFired = true;
+      })
+    );
+    this._subscriptions.push(
+      this.conn.subscribe("Page.javascriptDialogOpening", this.sessionId, (params) => {
+        const p = params;
+        const dialog = {
+          type: p.type,
+          message: () => p.message,
+          defaultValue: () => p.defaultValue,
+          accept: async (text) => {
+            await this.conn.send("Page.handleJavaScriptDialog", {
+              accept: true,
+              promptText: text
+            }, this.sessionId);
+          },
+          dismiss: async () => {
+            await this.conn.send("Page.handleJavaScriptDialog", {
+              accept: false
+            }, this.sessionId);
+          }
+        };
+        this._emit("dialog", dialog);
+      })
+    );
+    this._subscriptions.push(
+      this.conn.subscribe("Page.fileChooserOpened", this.sessionId, async (params) => {
+        const p = params;
+        let selector = "";
+        try {
+          const result = await this.conn.send("DOM.describeNode", { backendNodeId: p.backendNodeId }, this.sessionId);
+          const attrs = result.node?.attributes || [];
+          const idIdx = attrs.indexOf("id");
+          if (idIdx >= 0) selector = "#" + attrs[idIdx + 1];
+        } catch {
+        }
+        if (!selector) {
+          try {
+            const result = await this.conn.send("DOM.resolveNode", { backendNodeId: p.backendNodeId }, this.sessionId);
+            const evalResult = await this.conn.send("Runtime.callFunctionOn", {
+              objectId: result.objectId,
+              functionDeclaration: 'function() { return this.id || this.name || "" }',
+              returnByValue: true
+            }, this.sessionId);
+            if (evalResult.result?.value) selector = "#" + evalResult.result.value;
+          } catch {
+          }
+        }
+        const fileChooser = {
+          selector,
+          isMultiple: p.mode === "selectMultiple",
+          setFiles: async (files) => {
+            const fileArray = Array.isArray(files) ? files : [files];
+            await this.setInputFiles(selector || 'input[type="file"]', fileArray);
+          }
+        };
+        this._emit("filechooser", fileChooser);
+      })
+    );
+  }
+  setupNetworkEvents() {
+    this._subscriptions.push(
+      this.conn.subscribe("Network.requestWillBeSent", this.sessionId, (params) => {
+        const p = params;
+        this.inflightRequests.add(p.requestId);
+        this._storeNetworkRequest(p.requestId, {
+          url: p.request.url,
+          method: p.request.method,
+          headers: p.request.headers,
+          postData: p.request.postData ?? null,
+          resourceType: p.type
+        });
+        this._emit("request", createXBRequest(
+          null,
+          {
+            requestId: p.requestId,
+            url: p.request.url,
+            method: p.request.method,
+            headers: p.request.headers,
+            postData: p.request.postData ?? null,
+            resourceType: p.type
+          }
+        ));
+        this.checkNetworkIdle();
+      })
+    );
+    this._subscriptions.push(
+      this.conn.subscribe("Network.responseReceived", this.sessionId, (params) => {
+        const p = params;
+        this._storeNetworkResponse(p.requestId, {
+          status: p.response.status,
+          url: p.response.url,
+          headers: p.response.headers
+        });
+        this._emit("response", createXBResponse(
+          { requestId: p.requestId, status: p.response.status, url: p.response.url, headers: p.response.headers },
+          this.conn,
+          this.sessionId
+        ));
+      })
+    );
+    this._subscriptions.push(
+      this.conn.subscribe("Network.loadingFinished", this.sessionId, (params) => {
+        const p = params;
+        this.inflightRequests.delete(p.requestId);
+        this._emit("requestfinished", p);
+        this.checkNetworkIdle();
+      })
+    );
+    this._subscriptions.push(
+      this.conn.subscribe("Network.loadingFailed", this.sessionId, (params) => {
+        const p = params;
+        this.inflightRequests.delete(p.requestId);
+        this.checkNetworkIdle();
+      })
+    );
+  }
+  setupConsoleEvents() {
+    this._subscriptions.push(
+      this.conn.subscribe("Runtime.consoleAPICalled", this.sessionId, (params) => {
+        const p = params;
+        const text = p.args.map((a) => {
+          if (a.value !== void 0) return String(a.value);
+          return a.description ?? "";
+        }).join(" ");
+        const location = p.stackTrace?.callFrames?.[0] ? {
+          url: p.stackTrace.callFrames[0].url,
+          lineNumber: p.stackTrace.callFrames[0].lineNumber,
+          columnNumber: p.stackTrace.callFrames[0].columnNumber
+        } : { url: "", lineNumber: 0, columnNumber: 0 };
+        const msg = {
+          type: () => p.type,
+          text: () => text,
+          location: () => location
+        };
+        this._emit("console", msg);
+      })
+    );
+  }
+  checkNetworkIdle() {
+    if (this.inflightRequests.size === 0) {
+      if (this.networkIdleTimer) clearTimeout(this.networkIdleTimer);
+      this.networkIdleTimer = setTimeout(() => {
+        if (this.inflightRequests.size === 0) {
+          this._loadState.networkIdle = true;
+          if (this.networkIdleResolve) {
+            this.networkIdleResolve();
+            this.networkIdleResolve = null;
+          }
+        }
+      }, _XBPageImpl.NETWORK_IDLE_MS);
+    } else {
+      if (this.networkIdleTimer) {
+        clearTimeout(this.networkIdleTimer);
+        this.networkIdleTimer = null;
+      }
+    }
+  }
+  // ── Network Data Store (for waitForResponse/waitForRequest) ──
+  _networkResponses = /* @__PURE__ */ new Map();
+  _networkRequests = /* @__PURE__ */ new Map();
+  _routeHandlers = [];
+  _interceptionEnabled = false;
+  /** Store network data — called by browser.ts installNetworkCapture or internal event handlers */
+  _storeNetworkRequest(requestId, data) {
+    this._networkRequests.set(requestId, { requestId, ...data });
+  }
+  _storeNetworkResponse(requestId, data) {
+    this._networkResponses.set(requestId, { requestId, ...data });
+  }
+  // ── waitForResponse ─────────────────────────────────────────
+  async waitForResponse(urlOrPredicate, opts = {}) {
+    const timeout = opts.timeout ?? 3e4;
+    const predicate = createResponsePredicate(urlOrPredicate);
+    for (const [, data] of this._networkResponses) {
+      const response = createXBResponse(data, this.conn, this.sessionId);
+      if (predicate(response)) return response;
+    }
+    return new Promise((resolve, reject) => {
+      const timer = setTimeout(() => {
+        this._emitter.removeListener("response", handler);
+        reject(new Error(`waitForResponse timed out after ${timeout}ms`));
+      }, timeout);
+      const handler = (params) => {
+        let response;
+        const respObj = params;
+        if (respObj.response) {
+          const data = {
+            requestId: respObj.requestId || "",
+            status: respObj.response.status || 0,
+            url: respObj.response.url || "",
+            headers: respObj.response.headers || {}
+          };
+          response = createXBResponse(data, this.conn, this.sessionId);
+        } else if (typeof params.status === "function") {
+          response = params;
+        } else {
+          return;
+        }
+        if (predicate(response)) {
+          clearTimeout(timer);
+          this._emitter.removeListener("response", handler);
+          resolve(response);
+        }
+      };
+      this._emitter.on("response", handler);
+    });
+  }
+  // ── waitForRequest ──────────────────────────────────────────
+  async waitForRequest(urlOrPredicate, opts = {}) {
+    const timeout = opts.timeout ?? 3e4;
+    const predicate = createRequestPredicate(urlOrPredicate);
+    for (const [, data] of this._networkRequests) {
+      const request = createXBRequest(this, data);
+      if (predicate(request)) return request;
+    }
+    return new Promise((resolve, reject) => {
+      const timer = setTimeout(() => {
+        this._emitter.removeListener("request", handler);
+        reject(new Error(`waitForRequest timed out after ${timeout}ms`));
+      }, timeout);
+      const handler = (params) => {
+        let request;
+        const reqObj = params;
+        if (reqObj.request) {
+          request = createXBRequest(this, {
+            requestId: reqObj.requestId || "",
+            url: reqObj.request.url || "",
+            method: reqObj.request.method || "",
+            headers: reqObj.request.headers || {},
+            postData: reqObj.request.postData ?? null,
+            resourceType: reqObj.type || ""
+          });
+        } else if (typeof params.url === "function") {
+          request = params;
+        } else {
+          return;
+        }
+        if (predicate(request)) {
+          clearTimeout(timer);
+          this._emitter.removeListener("request", handler);
+          resolve(request);
+        }
+      };
+      this._emitter.on("request", handler);
+    });
+  }
+  // ── waitForURL ──────────────────────────────────────────────
+  async waitForURL(url, opts = {}) {
+    const timeout = opts.timeout ?? 3e4;
+    const checkFn = typeof url === "function" ? url : typeof url === "string" ? (current) => matchGlob(url, current) : (current) => url.test(current);
+    if (checkFn(this._url)) return;
+    return new Promise((resolve, reject) => {
+      const timer = setTimeout(() => {
+        this._emitter.removeListener("framenavigated", handler);
+        reject(new Error(`waitForURL timed out after ${timeout}ms`));
+      }, timeout);
+      const handler = () => {
+        if (checkFn(this._url)) {
+          clearTimeout(timer);
+          this._emitter.removeListener("framenavigated", handler);
+          resolve();
+        }
+      };
+      this._emitter.on("framenavigated", handler);
+    });
+  }
+  // ── route / unroute ─────────────────────────────────────────
+  async route(url, handler) {
+    const regex = typeof url === "string" ? globToRegex(url) : url;
+    this._routeHandlers.push({ pattern: String(url), regex, handler });
+    if (!this._interceptionEnabled) {
+      this._interceptionEnabled = true;
+      await this.conn.send("Fetch.enable", {
+        patterns: [{ urlPattern: "*", requestStage: "Request" }]
+      }, this.sessionId);
+      this._subscriptions.push(
+        this.conn.subscribe("Fetch.requestPaused", this.sessionId, (params) => {
+          this._handleRequestPaused(params);
+        })
+      );
+    }
+  }
+  async unroute(url, handler) {
+    const regex = typeof url === "string" ? globToRegex(url) : url;
+    this._routeHandlers = this._routeHandlers.filter(
+      (h) => !(regex.source === h.regex.source && (!handler || h.handler === handler))
+    );
+    if (this._routeHandlers.length === 0 && this._interceptionEnabled) {
+      this._interceptionEnabled = false;
+      await this.conn.send("Fetch.disable", void 0, this.sessionId).catch(() => {
+      });
+    }
+  }
+  async _handleRequestPaused(params) {
+    const requestUrl = params.request.url;
+    for (const { regex, handler } of this._routeHandlers) {
+      if (regex.test(requestUrl)) {
+        this._emit("request", createXBRequest(
+          null,
+          {
+            requestId: params.requestId,
+            url: params.request.url,
+            method: params.request.method,
+            headers: params.request.headers,
+            postData: params.request.postData ?? null,
+            resourceType: params.resourceType
+          }
+        ));
+        const route = createXBRouteFetch(this.conn, this.sessionId, params, this._emitter);
+        try {
+          await handler(route);
+        } catch {
+          await this.conn.send("Fetch.continueRequest", {
+            requestId: params.requestId
+          }, this.sessionId).catch(() => {
+          });
+        }
+        return;
+      }
+    }
+    await this.conn.send("Fetch.continueRequest", {
+      requestId: params.requestId
+    }, this.sessionId).catch(() => {
+    });
+  }
+  // ── setInputFiles ───────────────────────────────────────────
+  async setInputFiles(selector, files) {
+    const fileArr = Array.isArray(files) ? files : [files];
+    const fileList = fileArr.map((f) => ({
+      name: f.name,
+      type: f.mimeType,
+      dataBase64: f.buffer.toString("base64")
+    }));
+    await this.evaluate(`
+      (function() {
+        var selector = ${JSON.stringify(selector)};
+        var input = document.querySelector(selector);
+        if (!input) throw new Error('Element not found: ' + selector);
+
+        var fileList = ${JSON.stringify(fileList)};
+        var dt = new DataTransfer();
+
+        fileList.forEach(function(f) {
+          var binary = atob(f.dataBase64);
+          var bytes = new Uint8Array(binary.length);
+          for (var i = 0; i < binary.length; i++) bytes[i] = binary.charCodeAt(i);
+          var blob = new Blob([bytes], { type: f.type });
+          var file = new File([blob], f.name, { type: f.type });
+          dt.items.add(file);
+        });
+
+        input.files = dt.files;
+        input.dispatchEvent(new Event('input', { bubbles: true }));
+        input.dispatchEvent(new Event('change', { bubbles: true }));
+      })()
+    `);
+  }
+  // ── dragAndDrop ─────────────────────────────────────────────
+  async dragAndDrop(source, target) {
+    const sourceRect = await this.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(source)});
+        if (!el) throw new Error('Source not found: ${source}');
+        el.scrollIntoView({ behavior: 'instant', block: 'center' });
+        const r = el.getBoundingClientRect();
+        return { x: r.x, y: r.y, width: r.width, height: r.height };
+      })()
+    `);
+    const targetRect = await this.evaluate(`
+      (function() {
+        const el = document.querySelector(${JSON.stringify(target)});
+        if (!el) throw new Error('Target not found: ${target}');
+        el.scrollIntoView({ behavior: 'instant', block: 'center' });
+        const r = el.getBoundingClientRect();
+        return { x: r.x, y: r.y, width: r.width, height: r.height };
+      })()
+    `);
+    const sx = sourceRect.x + sourceRect.width / 2;
+    const sy = sourceRect.y + sourceRect.height / 2;
+    const tx = targetRect.x + targetRect.width / 2;
+    const ty = targetRect.y + targetRect.height / 2;
+    try {
+      await this.conn.send("Input.dispatchDragEvent", {
+        type: "dragStart",
+        x: sx,
+        y: sy,
+        data: { items: [], dragOperations: ["copy", "move", "link"] }
+      }, this.sessionId);
+      await this.conn.send("Input.dispatchDragEvent", {
+        type: "dragOver",
+        x: tx,
+        y: ty,
+        data: { items: [], dragOperations: ["copy", "move", "link"] }
+      }, this.sessionId);
+      await this.conn.send("Input.dispatchDragEvent", {
+        type: "drop",
+        x: tx,
+        y: ty,
+        data: { items: [], dragOperations: ["copy", "move", "link"] }
+      }, this.sessionId);
+      await this.conn.send("Input.dispatchDragEvent", {
+        type: "dragCancel",
+        x: sx,
+        y: sy,
+        data: { items: [], dragOperations: ["copy", "move", "link"] }
+      }, this.sessionId);
+    } catch {
+      await this.mouse.move(sx, sy);
+      await this.mouse.down();
+      await this.mouse.move(tx, ty, { steps: 10 });
+      await this.mouse.up();
+    }
+  }
+  // ── setOfflineMode ──────────────────────────────────────────
+  async setOfflineMode(offline) {
+    await this.conn.send("Network.emulateNetworkConditions", {
+      offline,
+      latency: 0,
+      downloadThroughput: offline ? 0 : -1,
+      uploadThroughput: offline ? 0 : -1
+    }, this.sessionId);
+  }
+};
+
+// src/cdp-driver/cdp-session.ts
+var XBCDPSessionImpl = class {
+  conn;
+  sessionId;
+  constructor(conn, sessionId) {
+    this.conn = conn;
+    this.sessionId = sessionId;
+  }
+  async send(method, params) {
+    return this.conn.send(method, params, this.sessionId);
+  }
+  on(event, handler) {
+    this.conn.on(event, (params, sid) => {
+      if (sid === this.sessionId || !this.sessionId && !sid) {
+        handler(params);
+      }
+    });
+  }
+  off(event, handler) {
+    this.conn.off(event, handler);
+  }
+  async detach() {
+    if (!this.sessionId) return;
+  }
+};
+
+// src/cdp-driver/context.ts
+var XBContextImpl = class {
+  conn;
+  _emitter = new EventEmitter2();
+  _browser;
+  contextId;
+  _pages = [];
+  closed = false;
+  options;
+  targetAttachedHandler = null;
+  _initScripts = [];
+  constructor(conn, contextId, browser, opts) {
+    this.conn = conn;
+    this.contextId = contextId;
+    this._browser = browser;
+    this.options = opts;
+    this.setupAutoAttach();
+  }
+  async newPage() {
+    if (this.closed) throw new Error("Context is closed");
+    const { targetId } = await this._browser._createTarget(this.contextId);
+    const sessionId = await this._browser._attachToTarget(targetId);
+    const page = new XBPageImpl(this.conn, sessionId, targetId, this, this._browser);
+    await page._init();
+    this._pages.push(page);
+    this.forwardPageEvents(page);
+    if (this.options.viewport) {
+      await page.setViewportSize(this.options.viewport).catch(() => {
+      });
+    }
+    if (this.options.userAgent) {
+      await page._setUserAgent(this.options.userAgent);
+    }
+    if (this.options.extraHTTPHeaders) {
+      await page._setExtraHTTPHeaders(this.options.extraHTTPHeaders);
+    }
+    for (const script of this._initScripts) {
+      await page.addInitScript(script);
+    }
+    return page;
+  }
+  pages() {
+    return [...this._pages];
+  }
+  browser() {
+    return this._browser;
+  }
+  async close() {
+    if (this.closed) return;
+    this.closed = true;
+    for (const page of this._pages) {
+      await page.close().catch(() => {
+      });
+    }
+    this._pages = [];
+    if (this.targetAttachedHandler) {
+      this.conn.off("Target.attachedToTarget", this.targetAttachedHandler);
+      this.targetAttachedHandler = null;
+    }
+    if (this.contextId && this.contextId !== "default") {
+      await this.conn.send("Target.disposeBrowserContext", {
+        browserContextId: this.contextId
+      }).catch(() => {
+      });
+    }
+    this._browser._removeContext(this.contextId);
+  }
+  async newCDPSession(page) {
+    if (page instanceof XBPageImpl) {
+      return new XBCDPSessionImpl(this.conn, page.sessionId);
+    }
+    return new XBCDPSessionImpl(this.conn);
+  }
+  async addInitScript(script) {
+    this._initScripts.push(script);
+    for (const page of this._pages) {
+      await page.addInitScript(script);
+    }
+  }
+  // ── Cookies ─────────────────────────────────────────────────
+  async cookies(urls) {
+    const urlList = typeof urls === "string" ? [urls] : urls;
+    const result = await this.conn.send("Network.getCookies", urlList ? { urls: urlList } : void 0);
+    return result.cookies;
+  }
+  async addCookies(cookies) {
+    const cdpCookies = cookies.map((c) => ({
+      name: c.name,
+      value: c.value,
+      domain: c.domain,
+      path: c.path || "/",
+      expires: c.expires,
+      httpOnly: c.httpOnly,
+      secure: c.secure,
+      sameSite: c.sameSite
+    }));
+    await this.conn.send("Network.setCookies", { cookies: cdpCookies });
+  }
+  async clearCookies() {
+    await this.conn.send("Network.clearBrowserCookies");
+  }
+  on(event, handler) {
+    this._emitter.on(event, handler);
+  }
+  off(event, handler) {
+    this._emitter.off(event, handler);
+  }
+  /**
+   * Register a page that was attached to an existing target (discovered via
+   * Target.getTargets). Used by XBBrowserImpl.discoverContexts() to wire up
+   * pages from the user's existing browser session into the context wrapper
+   * so they appear in `context.pages()` and can be reused by plugins.
+   */
+  _addDiscoveredPage(page) {
+    const exists = this._pages.some((p) => p._targetId === page._targetId);
+    if (exists) return;
+    this._pages.push(page);
+    this.forwardPageEvents(page);
+  }
+  // ── Private ─────────────────────────────────────────────────
+  /** Forward page-level events (request, response, etc.) to context listeners */
+  forwardPageEvents(page) {
+    const forward = (event) => {
+      page.on(event, (...args) => {
+        this._emitter.emit(event, ...args);
+      });
+    };
+    forward("request");
+    forward("response");
+    forward("requestfailed");
+    forward("requestfinished");
+  }
+  setupAutoAttach() {
+    this.targetAttachedHandler = (paramsRaw) => {
+      const params = paramsRaw;
+      if (this.contextId !== "default" && params.targetInfo.browserContextId !== this.contextId) return;
+      if (params.targetInfo.type !== "page") return;
+      const exists = this._pages.some(
+        (p) => p._targetId === params.targetInfo.targetId
+      );
+      if (exists) return;
+      const page = new XBPageImpl(
+        this.conn,
+        params.sessionId,
+        params.targetInfo.targetId,
+        this,
+        this._browser
+      );
+      this.conn.send("Runtime.runIfWaitingForDebugger", void 0, params.sessionId).catch(() => {
+      });
+      page._init().then(async () => {
+        for (const script of this._initScripts) {
+          await page.addInitScript(script).catch(() => {
+          });
+        }
+        this._pages.push(page);
+        this.forwardPageEvents(page);
+        this._emitter.emit("page", page);
+      });
+    };
+    this.conn.on("Target.attachedToTarget", this.targetAttachedHandler);
+  }
+};
+
+// src/cdp-driver/browser.ts
+var XBBrowserImpl = class {
+  conn;
+  _emitter = new EventEmitter3();
+  _contexts = /* @__PURE__ */ new Map();
+  _disconnected = false;
+  childProcess = null;
+  tmpDir;
+  _exitHandler = null;
+  /**
+   * Original CDP endpoint (HTTP or ws URL) used to construct this browser.
+   * Used by discoverContexts() as a fallback to HTTP /json/list when
+   * Target.getTargets doesn't return page-type targets (e.g. cdp-tunnel proxy).
+   */
+  cdpEndpoint;
+  constructor(conn, childProcess, tmpDir, cdpEndpoint) {
+    this.conn = conn;
+    this.childProcess = childProcess ?? null;
+    this.tmpDir = tmpDir;
+    this.cdpEndpoint = cdpEndpoint;
+    conn.on("disconnect", () => {
+      this._disconnected = true;
+      this._emitter.emit("disconnected");
+    });
+    if (this.childProcess) {
+      this._exitHandler = () => {
+        try {
+          if (this.childProcess?.exitCode === null) {
+            this.childProcess.kill("SIGKILL");
+          }
+        } catch {
+        }
+        if (this.tmpDir) {
+          try {
+            const { rmSync } = __require("fs");
+            rmSync(this.tmpDir, { recursive: true, force: true });
+          } catch {
+          }
+        }
+      };
+      process.on("exit", this._exitHandler);
+    }
+  }
+  get disconnected() {
+    return this._disconnected;
+  }
+  /** The underlying CDP connection (for advanced use) */
+  get connection() {
+    return this.conn;
+  }
+  async close() {
+    if (this._disconnected) return;
+    this._disconnected = true;
+    for (const [, info] of this._contexts) {
+      await info.context.close().catch(() => {
+      });
+    }
+    this._contexts.clear();
+    if (this._exitHandler) {
+      process.removeListener("exit", this._exitHandler);
+      this._exitHandler = null;
+    }
+    if (this.childProcess) {
+      const { killChrome: killChrome2 } = await import("./launcher-QUJ4M2VS.js");
+      await killChrome2(this.childProcess, this.tmpDir);
+    }
+    await this.conn.close();
+    this._emitter.emit("disconnected");
+  }
+  async newContext(opts = {}) {
+    if (this._disconnected) {
+      throw new Error("Browser is disconnected");
+    }
+    let contextId = "default";
+    try {
+      const result = await this.conn.send(
+        "Target.createBrowserContext",
+        { disposeOnDetach: true },
+        void 0,
+        1e4
+        // 10s timeout instead of default 30s
+      );
+      contextId = result.browserContextId;
+    } catch {
+    }
+    const context = new XBContextImpl(this.conn, contextId, this, opts);
+    context.on("page", (page) => {
+      this._emitter.emit("page", page);
+    });
+    this._contexts.set(contextId, {
+      contextId,
+      context
+    });
+    if (this.childProcess) {
+      this._enableAutoAttach().catch(() => {
+      });
+    }
+    return context;
+  }
+  contexts() {
+    return Array.from(this._contexts.values()).map((info) => info.context);
+  }
+  on(event, handler) {
+    this._emitter.on(event, handler);
+  }
+  off(event, handler) {
+    this._emitter.off(event, handler);
+  }
+  /** Called by context.close() to remove from registry */
+  _removeContext(contextId) {
+    this._contexts.delete(contextId);
+  }
+  // ── CDP helpers exposed for context/page ────────────────────
+  /** Attach to a target and get a session ID for flat protocol */
+  async _attachToTarget(targetId) {
+    const result = await this.conn.send(
+      "Target.attachToTarget",
+      { targetId, flatten: true }
+    );
+    return result.sessionId;
+  }
+  /** Detach from a target session */
+  async _detachFromTarget(sessionId) {
+    await this.conn.send("Target.detachFromTarget", { sessionId });
+  }
+  /**
+   * Derive the HTTP /json base URL from the original cdpEndpoint for use
+   * as a fallback when Target.getTargets doesn't return page targets.
+   * Supports both http:// and ws:// input formats.
+   */
+  _httpFallbackURL() {
+    if (!this.cdpEndpoint) return void 0;
+    if (this.cdpEndpoint.startsWith("http://") || this.cdpEndpoint.startsWith("https://")) {
+      return this.cdpEndpoint;
+    }
+    if (this.cdpEndpoint.startsWith("ws://") || this.cdpEndpoint.startsWith("wss://")) {
+      const url = this.cdpEndpoint.replace(/^ws/, "http");
+      const slashIdx = url.indexOf("/", url.indexOf("//") + 2);
+      return slashIdx >= 0 ? url.substring(0, slashIdx) : url;
+    }
+    return void 0;
+  }
+  /** Create a new page target within a browser context */
+  async _createTarget(contextId, url = "about:blank") {
+    const params = { url };
+    if (contextId && contextId !== "default") {
+      params.browserContextId = contextId;
+    }
+    return this.conn.send("Target.createTarget", params);
+  }
+  /** Close a target */
+  async _closeTarget(targetId) {
+    await this.conn.send("Target.closeTarget", { targetId });
+  }
+  /** Enable auto-attach for new targets */
+  async _enableAutoAttach() {
+    await this.conn.send("Target.setAutoAttach", {
+      autoAttach: true,
+      waitForDebuggerOnStart: false,
+      flatten: true
+    });
+  }
+  /**
+   * Discover existing browser contexts and pages via Target.getTargets.
+   *
+   * For CDP tunnel connections (cdp-tunnel, attach scenarios), the
+   * Target.attachedToTarget auto-attach flow is unreliable. Without this
+   * call, `b.contexts()` would return [] and callers would fall back to
+   * `b.newContext()` — which creates an isolated context with NO cookies
+   * shared with the user's existing browser session (causing login failures).
+   *
+   * This method:
+   *  1. Queries Target.getTargets to enumerate all page targets
+   *  2. Groups them by browserContextId
+   *  3. Attaches to each existing page via Target.attachToTarget
+   *  4. Wraps the discovered pages in a XBContextImpl and registers it in
+   *     this._contexts so `contexts()` returns the user's actual contexts
+   *  5. Enables Target.setAutoAttach for future pages
+   *
+   * No-op for self-launched browsers (they already populated contexts via
+   * newContext() + childProcess-gated auto-attach).
+   */
+  async discoverContexts() {
+    if (this._disconnected) return;
+    let targetInfos = [];
+    try {
+      const result = await this.conn.send(
+        "Target.getTargets"
+      );
+      targetInfos = result.targetInfos ?? [];
+    } catch {
+      return;
+    }
+    const pageTargets = targetInfos.filter((t) => t.type === "page");
+    const httpFallbackUrl = this._httpFallbackURL();
+    if (pageTargets.length === 0 && httpFallbackUrl) {
+      console.log(`[discoverContexts] Target.getTargets returned ${targetInfos.length} targets (0 page type). Falling back to HTTP /json/list at ${httpFallbackUrl}`);
+      try {
+        const { getCDPTargets: getCDPTargets3 } = await import("./launcher-QUJ4M2VS.js");
+        const httpPages = await getCDPTargets3(httpFallbackUrl);
+        console.log(`[discoverContexts] HTTP /json/list returned ${httpPages.length} pages`);
+        for (const p of httpPages) {
+          if (p.type !== "page") continue;
+          if (!p.url || p.url.startsWith("chrome://") || p.url.startsWith("devtools://")) continue;
+          targetInfos.push({
+            targetId: p.id,
+            type: "page",
+            url: p.url,
+            title: p.title
+          });
+        }
+        console.log(`[discoverContexts] After HTTP fallback: ${targetInfos.length} total targets, ${targetInfos.filter((t) => t.type === "page").length} pages`);
+      } catch (err) {
+        console.log(`[discoverContexts] HTTP fallback failed: ${err.message}`);
+      }
+    }
+    const pagesByContext = /* @__PURE__ */ new Map();
+    for (const t of targetInfos) {
+      if (t.type !== "page") continue;
+      if (!t.url || t.url.startsWith("chrome://") || t.url.startsWith("devtools://")) {
+        continue;
+      }
+      const ctxId = t.browserContextId || "default";
+      if (!pagesByContext.has(ctxId)) pagesByContext.set(ctxId, []);
+      pagesByContext.get(ctxId).push(t);
+    }
+    for (const [ctxId, pages] of pagesByContext) {
+      if (this._contexts.has(ctxId)) continue;
+      const context = new XBContextImpl(this.conn, ctxId, this, {});
+      for (const p of pages) {
+        try {
+          const sessionId = await this._attachToTarget(p.targetId);
+          const page = new XBPageImpl(this.conn, sessionId, p.targetId, context, this);
+          await page._init();
+          context._addDiscoveredPage(page);
+        } catch {
+        }
+      }
+      this._contexts.set(ctxId, { contextId: ctxId, context });
+    }
+    try {
+      await this.conn.send("Target.setAutoAttach", {
+        autoAttach: true,
+        waitForDebuggerOnStart: false,
+        flatten: true
+      });
+    } catch {
+    }
+  }
+};
+
+// src/cdp-driver/connection.ts
+import { EventEmitter as EventEmitter4 } from "events";
+import { WebSocket } from "ws";
+var CDPConnection = class extends EventEmitter4 {
+  ws;
+  nextId = 1;
+  pending = /* @__PURE__ */ new Map();
+  closed = false;
+  closeReason = null;
+  /** Default session ID for flat session protocol (Target.attachToTarget) */
+  defaultSessionId;
+  constructor(wsOrUrl, sessionId) {
+    super();
+    this.defaultSessionId = sessionId;
+    if (typeof wsOrUrl === "string") {
+      this.ws = new WebSocket(wsOrUrl);
+    } else {
+      this.ws = wsOrUrl;
+    }
+    this.bindWebSocket();
+  }
+  /** Wait for the connection to be fully open */
+  async ready() {
+    if (this.ws.readyState === WebSocket.OPEN) return;
+    if (this.ws.readyState === WebSocket.CLOSED || this.ws.readyState === WebSocket.CLOSING) {
+      throw new Error(`WebSocket already closed: ${this.closeReason ?? "unknown"}`);
+    }
+    return new Promise((resolve, reject) => {
+      const onOpen = () => {
+        this.ws.off("error", onError);
+        resolve();
+      };
+      const onError = (err) => {
+        this.ws.off("open", onOpen);
+        reject(err);
+      };
+      this.ws.once("open", onOpen);
+      this.ws.once("error", onError);
+    });
+  }
+  /** Is the underlying WebSocket alive? */
+  get isOpen() {
+    return !this.closed && this.ws.readyState === WebSocket.OPEN;
+  }
+  /**
+   * Send a CDP command and await its response.
+   *
+   * @param method — CDP domain.method (e.g. "Page.navigate")
+   * @param params — method parameters
+   * @param sessionId — optional flat session ID for sub-targets
+   * @param timeoutMs — response timeout (default: 30s)
+   * @returns the `result` field from the CDP response
+   */
+  async send(method, params, sessionId, timeoutMs = 3e4) {
+    if (this.closed) {
+      throw new Error(`CDP connection closed: ${this.closeReason ?? "unknown"}`);
+    }
+    if (!this.isOpen) {
+      throw new Error(`CDP connection not open (state: ${this.ws.readyState})`);
+    }
+    const id = this.nextId++;
+    const sid = sessionId ?? this.defaultSessionId;
+    const message = { id, method };
+    if (params !== void 0) message.params = params;
+    if (sid !== void 0) message.sessionId = sid;
+    return new Promise((resolve, reject) => {
+      const timeout = setTimeout(() => {
+        this.pending.delete(id);
+        reject(new Error(`CDP timeout: ${method} (${timeoutMs}ms)`));
+      }, timeoutMs);
+      this.pending.set(id, {
+        resolve: (v) => {
+          clearTimeout(timeout);
+          this.pending.delete(id);
+          resolve(v);
+        },
+        reject: (err) => {
+          clearTimeout(timeout);
+          this.pending.delete(id);
+          reject(err);
+        },
+        method,
+        timeout
+      });
+      const data = JSON.stringify(message);
+      try {
+        this.ws.send(data);
+      } catch (err) {
+        clearTimeout(timeout);
+        this.pending.delete(id);
+        reject(new Error(`CDP send failed: ${method} \u2014 ${err instanceof Error ? err.message : String(err)}`));
+      }
+    });
+  }
+  /**
+   * Subscribe to a CDP event.
+   *
+   * @param event — full event name (e.g. "Page.frameNavigated")
+   * @param handler — called with the event params
+   * @param sessionId — optional session filter
+   */
+  on(event, handler) {
+    return super.on(event, handler);
+  }
+  once(event, handler) {
+    return super.once(event, handler);
+  }
+  /** Remove an event listener */
+  off(event, handler) {
+    super.off(event, handler);
+    return this;
+  }
+  /**
+   * Subscribe to a CDP event for a specific session.
+   * Returns an unsubscribe function.
+   */
+  subscribe(event, sessionId, handler) {
+    const wrapper = (params, sid) => {
+      if (sid === sessionId || !sessionId && !sid) handler(params);
+    };
+    this.on(event, wrapper);
+    return () => this.off(event, wrapper);
+  }
+  /** Close the WebSocket */
+  async close() {
+    if (this.closed) return;
+    this.closed = true;
+    this.closeReason = "closed by caller";
+    for (const [id, pending] of this.pending) {
+      clearTimeout(pending.timeout);
+      pending.reject(new Error(`Connection closed: ${pending.method}`));
+      this.pending.delete(id);
+    }
+    if (this.ws.readyState === WebSocket.OPEN || this.ws.readyState === WebSocket.CONNECTING) {
+      this.ws.close(1e3, "normal closure");
+    }
+  }
+  /** Set the default session ID for flat protocol */
+  setDefaultSessionId(sid) {
+    this.defaultSessionId = sid;
+  }
+  // ── Private ─────────────────────────────────────────────────
+  bindWebSocket() {
+    this.ws.on("message", (raw) => {
+      let msg;
+      try {
+        msg = JSON.parse(raw.toString());
+      } catch {
+        return;
+      }
+      if (msg.id !== void 0) {
+        const pending = this.pending.get(msg.id);
+        if (!pending) return;
+        if (msg.error) {
+          pending.reject(new CDPProtocolError(msg.error.code, msg.error.message, pending.method));
+        } else {
+          pending.resolve(msg.result ?? {});
+        }
+        return;
+      }
+      if (msg.method) {
+        this.emit(msg.method, msg.params ?? {}, msg.sessionId);
+        this.emit("*", msg.method, msg.params ?? {}, msg.sessionId);
+      }
+    });
+    this.ws.on("close", (code, reason) => {
+      if (this.closed) return;
+      this.closed = true;
+      this.closeReason = `WebSocket closed: ${code} ${reason?.toString() ?? ""}`.trim();
+      for (const [id, pending] of this.pending) {
+        clearTimeout(pending.timeout);
+        pending.reject(new Error(`Connection closed: ${pending.method}`));
+        this.pending.delete(id);
+      }
+      this.emit("disconnect");
+    });
+    this.ws.on("error", (err) => {
+      if (this.closed) return;
+      this.emit("ws-error", err);
+    });
+  }
+};
+var CDPProtocolError = class extends Error {
+  code;
+  method;
+  data;
+  constructor(code, message, method, data) {
+    super(`CDP error [${code}] in ${method}: ${message}`);
+    this.name = "CDPProtocolError";
+    this.code = code;
+    this.method = method;
+    this.data = data;
+  }
+};
+
+// src/cdp-driver/index.ts
+async function launch(options = {}) {
+  let wsEndpoint;
+  let childProcess;
+  let tmpDir;
+  if (options.cdpEndpoint) {
+    wsEndpoint = await connectToCDP(options.cdpEndpoint);
+  } else {
+    const result = await launchChrome({
+      executablePath: options.executablePath,
+      headless: options.headless,
+      args: options.args,
+      userDataDir: options.userDataDir,
+      timeout: options.timeout,
+      env: options.env
+    });
+    wsEndpoint = result.wsEndpoint;
+    childProcess = result.process;
+    tmpDir = result.tmpDir;
+  }
+  const conn = new CDPConnection(wsEndpoint);
+  await conn.ready();
+  const httpEndpoint = options.cdpEndpoint && !options.cdpEndpoint.startsWith("ws") ? options.cdpEndpoint : void 0;
+  const browser = new XBBrowserImpl(conn, childProcess, tmpDir, httpEndpoint);
+  return { browser, wsEndpoint };
+}
+
+// src/cdp-interceptor/proxy.ts
+import { WebSocketServer, WebSocket as WebSocket2 } from "ws";
+
+// src/cdp-interceptor/rules/shared.ts
+var PLAYWRIGHT_INTERNAL_MARKERS = [
+  "__commonJS",
+  "module.exports",
+  "__require",
+  "__toESM",
+  "inject_utils"
+];
+function isPlaywrightInternal(code) {
+  return PLAYWRIGHT_INTERNAL_MARKERS.some((marker) => code.includes(marker));
+}
+function extractUserCode(ctx) {
+  if (ctx.method === "Runtime.evaluate") {
+    const expr = ctx.params.expression;
+    if (typeof expr === "string") {
+      if (isPlaywrightInternal(expr)) return null;
+      return expr;
+    }
+  }
+  if (ctx.method === "Runtime.callFunctionOn") {
+    const decl = ctx.params.functionDeclaration;
+    if (typeof decl === "string" && decl.includes("utilityScript.evaluate")) {
+      return extractAllStrings(ctx.params.arguments);
+    }
+    if (typeof decl === "string") return decl;
+  }
+  return null;
+}
+function extractAllStrings(rawArgs) {
+  if (!Array.isArray(rawArgs)) return null;
+  const strings = [];
+  for (const arg of rawArgs) {
+    if (arg && typeof arg === "object" && "value" in arg) {
+      const val = arg.value;
+      if (typeof val === "string" && val.length > 5 && !["true", "false"].includes(val)) {
+        strings.push(val);
+      }
+    }
+  }
+  return strings.length > 0 ? strings.join("\n") : null;
+}
+
+// src/cdp-interceptor/rules/dom-mutation.ts
+var DOM_PATTERNS = [
+  // ── P0: Value/Checked (bypasses React onChange) ────────────
+  { pattern: /\.value\s*=\s*(?!["'\s]*$)/, name: ".value =", severity: "danger", action: "block", errorCode: -32001, suggestion: "Use page.fill(selector, value) which dispatches proper input/change events." },
+  { pattern: /\.checked\s*=\s*(?:true|false)/, name: ".checked =", severity: "danger", action: "block", errorCode: -32001, suggestion: "Use page.check(selector) or page.uncheck(selector)." },
+  { pattern: /\.indeterminate\s*=\s*true/, name: ".indeterminate =", severity: "warn", action: "block", errorCode: -32021, suggestion: "No human can set indeterminate state \u2014 remove this call." },
+  { pattern: /\.valueAsDate\s*=/, name: ".valueAsDate =", severity: "warn", action: "block", errorCode: -32022, suggestion: "Use page.fill() with formatted date string instead." },
+  { pattern: /\.valueAsNumber\s*=/, name: ".valueAsNumber =", severity: "warn", action: "block", errorCode: -32022, suggestion: "Use page.fill() with numeric string instead." },
+  // ── P1: Select/Option (bypasses React onChange on select) ─
+  { pattern: /\.selectedIndex\s*=\s*\d+/, name: ".selectedIndex =", severity: "danger", action: "block", errorCode: -32003, suggestion: "Use page.selectOption(selector, value)." },
+  { pattern: /(?:options|children)\s*\[[^\]]*\]\s*\.\s*selected\s*=\s*(?:true|false)/, name: "options[N].selected =", severity: "danger", action: "block", errorCode: -32003, suggestion: "Use page.selectOption(selector, value)." },
+  { pattern: /\.value\s*=\s*["'][^"']*["']\s*[;)]?\s*$/, name: "selectElement.value =", severity: "warn", action: "block", errorCode: -32023, suggestion: "For select elements, use page.selectOption(selector, value)." },
+  // ── P2: Content properties (bypasses virtual DOM diffing) ──
+  { pattern: /\.innerHTML\s*=/, name: ".innerHTML =", severity: "info", action: "pass", errorCode: -32007, suggestion: ".innerHTML bypasses React/Vue diffing. Use component state or page.setContent()." },
+  { pattern: /\.outerHTML\s*=/, name: ".outerHTML =", severity: "info", action: "pass", errorCode: -32007, suggestion: "outerHTML replacement destroys React fiber tree. Use page.setContent()." },
+  { pattern: /\.innerText\s*=/, name: ".innerText =", severity: "warn", action: "block", errorCode: -32024, suggestion: "Framework components should be updated via state, not innerText." },
+  { pattern: /\.textContent\s*=/, name: ".textContent =", severity: "warn", action: "block", errorCode: -32024, suggestion: "textContent bypasses React/Vue diffing. Use component state instead." },
+  { pattern: /\.outerText\s*=/, name: ".outerText =", severity: "warn", action: "block", errorCode: -32024, suggestion: "Non-standard property \u2014 use proper framework update methods." },
+  { pattern: /nodeValue\s*=/, name: "node.nodeValue =", severity: "info", action: "block", errorCode: -32025, suggestion: "Direct text node mutation. Use textContent instead if needed." },
+  // ── P3: Style properties ──────────────────────────────────
+  { pattern: /\.style\s*=\s*["']/, name: ".style = (string override)", severity: "info", action: "pass", errorCode: -32008, suggestion: 'Setting style as a string overwrites CSSStyleDeclaration. Use element.style.prop = "value".' },
+  { pattern: /\.style\.cssText\s*=/, name: ".style.cssText =", severity: "info", action: "pass", errorCode: -32008, suggestion: "style.cssText replacement destroys inline styles \u2014 use individual property set." },
+  { pattern: /\.style\.setProperty\s*\(/, name: ".style.setProperty()", severity: "info", action: "pass", errorCode: -32008, suggestion: "Direct style property set bypasses CSS transitions." },
+  { pattern: /\.style\.removeProperty\s*\(/, name: ".style.removeProperty()", severity: "info", action: "pass", errorCode: -32026, suggestion: "Style removal without user interaction is suspicious." },
+  { pattern: /\.style\.animation\s*=/, name: ".style.animation =", severity: "info", action: "pass", errorCode: -32027, suggestion: "Forcing animation state via CDP is detectable." },
+  { pattern: /\.style\.transition\s*=/, name: ".style.transition =", severity: "info", action: "pass", errorCode: -32027, suggestion: "Manipulating CSS transitions is rare in normal browsing." },
+  // ── P4: Class/Attribute properties ────────────────────────
+  { pattern: /\.className\s*=/, name: ".className =", severity: "info", action: "pass", errorCode: -32009, suggestion: "Use component state or a Playwright locator instead." },
+  { pattern: /\.classList\.add\s*\(/, name: ".classList.add()", severity: "info", action: "pass", errorCode: -32009, suggestion: "classList manipulation via CDP bypasses framework state tracking." },
+  { pattern: /\.classList\.remove\s*\(/, name: ".classList.remove()", severity: "info", action: "pass", errorCode: -32009, suggestion: "Use component state or attribute selectors instead." },
+  { pattern: /\.classList\.toggle\s*\(/, name: ".classList.toggle()", severity: "info", action: "pass", errorCode: -32009, suggestion: "Toggle without user interaction is detectable." },
+  { pattern: /\.classList\.replace\s*\(/, name: ".classList.replace()", severity: "info", action: "pass", errorCode: -32028, suggestion: "Rare operation \u2014 likely automated." },
+  // ── P5: Attribute manipulation ────────────────────────────
+  { pattern: /\.setAttribute\s*\(/, name: ".setAttribute()", severity: "info", action: "pass", errorCode: -32010, suggestion: "setAttribute bypasses framework attribute tracking. Use component state." },
+  { pattern: /\.removeAttribute\s*\(/, name: ".removeAttribute()", severity: "info", action: "pass", errorCode: -32010, suggestion: "Attribute removal without user interaction is suspicious." },
+  { pattern: /\.toggleAttribute\s*\(/, name: ".toggleAttribute()", severity: "info", action: "pass", errorCode: -32029, suggestion: "Attribute toggling via CDP is detectable." },
+  { pattern: /\.dataset\.\w+\s*=/, name: ".dataset.* =", severity: "info", action: "pass", errorCode: -32030, suggestion: "dataset mutations via evaluate bypass native mutation observers." },
+  // ── P6: Focus/Selection properties ────────────────────────
+  { pattern: /\.selectionStart\s*=/, name: ".selectionStart =", severity: "info", action: "pass", errorCode: -32011, suggestion: "Setting cursor position without focus is detectable." },
+  { pattern: /\.selectionEnd\s*=/, name: ".selectionEnd =", severity: "info", action: "pass", errorCode: -32011, suggestion: "Selection range manipulation without user input is suspicious." },
+  { pattern: /\.selectionDirection\s*=/, name: ".selectionDirection =", severity: "info", action: "pass", errorCode: -32031, suggestion: "Selection direction changes normally via mouse drag." },
+  // ── P7: Boolean properties ────────────────────────────────
+  { pattern: /\.disabled\s*=/, name: ".disabled =", severity: "info", action: "pass", errorCode: -32012, suggestion: "Disabling elements via CDP mid-interaction is detectable." },
+  { pattern: /\.readOnly\s*=/, name: ".readOnly =", severity: "info", action: "pass", errorCode: -32032, suggestion: "readOnly changes without user action." },
+  { pattern: /\.hidden\s*=/, name: ".hidden =", severity: "info", action: "pass", errorCode: -32012, suggestion: "Hiding elements is a common scraper tactic \u2014 detectable." },
+  { pattern: /\.required\s*=/, name: ".required =", severity: "info", action: "pass", errorCode: -32032, suggestion: "Validation constraint changes mid-session." },
+  { pattern: /\.multiple\s*=/, name: ".multiple =", severity: "info", action: "pass", errorCode: -32032, suggestion: "Multiple attribute toggle is rare in normal browsing." },
+  { pattern: /\.autofocus\s*=/, name: ".autofocus =", severity: "info", action: "pass", errorCode: -32032, suggestion: "autofocus changes mid-session are suspicious." },
+  // ── P8: Frame/Navigation properties ───────────────────────
+  { pattern: /\.src\s*=/, name: ".src = (on img/iframe/script)", severity: "info", action: "pass", errorCode: -32013, suggestion: "Changing src via CDP bypasses user interaction. Use page.click() on the element." },
+  { pattern: /\.href\s*=/, name: ".href =", severity: "info", action: "pass", errorCode: -32033, suggestion: "Changing anchor href via evaluate \u2014 use page.click() instead." },
+  { pattern: /\.action\s*=/, name: "form.action =", severity: "info", action: "pass", errorCode: -32034, suggestion: "Changing form action URL is highly suspicious." },
+  { pattern: /\.method\s*=/, name: "form.method =", severity: "info", action: "pass", errorCode: -32034, suggestion: "Form method changes without user interaction." },
+  { pattern: /\.target\s*=/, name: "link/area.target =", severity: "info", action: "pass", errorCode: -32034, suggestion: "Link target manipulation via CDP." },
+  // ── P9: Media properties ──────────────────────────────────
+  { pattern: /\.currentTime\s*=/, name: "media.currentTime = (seeking)", severity: "info", action: "pass", errorCode: -32014, suggestion: "Video seeking without user interaction \u2014 common scraper pattern." },
+  { pattern: /\.playbackRate\s*=/, name: "media.playbackRate =", severity: "info", action: "pass", errorCode: -32014, suggestion: "Changing playback speed is detectable automation signal." },
+  { pattern: /\.volume\s*=/, name: "media.volume =", severity: "info", action: "pass", errorCode: -32035, suggestion: "Volume setting via evaluate is suspicious." },
+  { pattern: /\.muted\s*=/, name: "media.muted =", severity: "info", action: "pass", errorCode: -32035, suggestion: "Muting media without user click is suspicious." },
+  // ── P10: Element geometry ─────────────────────────────────
+  { pattern: /\.scrollTop\s*=/, name: ".scrollTop =", severity: "info", action: "pass", errorCode: -32015, suggestion: "Programmatic scroll without user gesture. Use page.mouse.wheel()." },
+  { pattern: /\.scrollLeft\s*=/, name: ".scrollLeft =", severity: "info", action: "pass", errorCode: -32015, suggestion: "Horizontal scroll without user gesture." },
+  { pattern: /\.scrollTo\s*\(/, name: ".scrollTo()", severity: "info", action: "pass", errorCode: -32015, suggestion: "ScrollTo bypasses user scroll detection." },
+  { pattern: /\.scrollBy\s*\(/, name: ".scrollBy()", severity: "info", action: "pass", errorCode: -32015, suggestion: "ScrollBy without user gesture." },
+  { pattern: /\.scrollIntoView\s*\(/, name: ".scrollIntoView()", severity: "info", action: "pass", errorCode: -32015, suggestion: "scrollIntoView is a common bot pattern. Let Playwright handle scrolling." },
+  // ── P11: Shadow DOM ───────────────────────────────────────
+  { pattern: /\.shadowRoot\s*=/, name: ".shadowRoot = (override)", severity: "info", action: "block", errorCode: -32036, suggestion: "ShadowRoot is read-only \u2014 this set attempt is detectable." },
+  // ── P12: Force reflow / layout thrashing ──────────────────
+  { pattern: /\.offsetHeight\b(?!\s*===?\s*)/, name: ".offsetHeight read (forced reflow)", severity: "warn", action: "pass", errorCode: -32016, suggestion: "Reading offsetHeight triggers forced reflow \u2014 anti-crawlers detect this as layout probing." },
+  { pattern: /\.offsetWidth\b(?!\s*===?\s*)/, name: ".offsetWidth read (forced reflow)", severity: "warn", action: "pass", errorCode: -32016, suggestion: "Reading offsetWidth triggers forced reflow \u2014 detectable." },
+  { pattern: /getBoundingClientRect\s*\(/, name: "getBoundingClientRect()", severity: "warn", action: "pass", errorCode: -32037, suggestion: "getBoundingClientRect triggers reflow. Minimize calls." },
+  { pattern: /getComputedStyle\s*\(/, name: "getComputedStyle()", severity: "info", action: "pass", errorCode: -32038, suggestion: "getComputedStyle can trigger style recalculation." },
+  { pattern: /\.clientHeight\b/, name: ".clientHeight read", severity: "info", action: "pass", errorCode: -32038, suggestion: "clientHeight read triggers layout." },
+  { pattern: /\.clientWidth\b/, name: ".clientWidth read", severity: "info", action: "pass", errorCode: -32038, suggestion: "clientWidth read triggers layout." }
+];
+var domMutationRule = {
+  id: "dom-mutation",
+  name: "DOM Property Mutation Detection (50+ setters)",
+  priority: 10,
+  canHandle(ctx) {
+    return ctx.method === "Runtime.evaluate" || ctx.method === "Runtime.callFunctionOn";
+  },
+  evaluate(ctx) {
+    const userCode = extractUserCode(ctx);
+    if (!userCode) return null;
+    for (const p of DOM_PATTERNS) {
+      if (p.pattern.test(userCode)) {
+        return {
+          ruleId: "dom-mutation",
+          action: p.action,
+          severity: p.severity,
+          reason: `Direct DOM property setter: "${p.name}". This bypasses framework event systems and is detectable as automation.`,
+          suggestion: p.suggestion,
+          errorCode: p.errorCode,
+          errorMessage: p.severity === "danger" ? `[CDP Firewall] ${p.name} blocked \u2014 bypasses framework reactivity` : `[CDP Firewall] ${p.name} detected \u2014 use proper interaction API`
+        };
+      }
+    }
+    return null;
+  }
+};
+
+// src/cdp-interceptor/rules/mouse-trajectory.ts
+var TRACKER_KEY = "mouse-trajectory-tracker";
+var MAX_SAMPLES = 200;
+var MIN_SAMPLES_FOR_ANALYSIS = 5;
+var mouseTrajectoryRule = {
+  id: "mouse-trajectory",
+  name: "Mouse Trajectory Analysis",
+  priority: 20,
+  canHandle(ctx) {
+    return ctx.method === "Input.dispatchMouseEvent";
+  },
+  evaluate(ctx) {
+    const type = ctx.params.type;
+    const x = ctx.params.x;
+    const y = ctx.params.y;
+    if (typeof x !== "number" || typeof y !== "number") return null;
+    let tracker = ctx.sessionState.get(TRACKER_KEY);
+    if (!tracker) {
+      tracker = { samples: [], lastMouseDownAt: 0, isDragging: false };
+      ctx.sessionState.set(TRACKER_KEY, tracker);
+    }
+    if (type === "mousePressed") {
+      const priorResult = analyzeTrajectory(tracker.samples);
+      tracker.lastMouseDownAt = Date.now();
+      tracker.isDragging = true;
+      tracker.samples = [];
+      return priorResult;
+    }
+    if (type === "mouseReleased") {
+      tracker.isDragging = false;
+      const result = analyzeTrajectory(tracker.samples);
+      tracker.samples = [];
+      return result;
+    }
+    if (type === "mouseMoved") {
+      const now = Date.now();
+      const prevSample = tracker.samples[tracker.samples.length - 1];
+      const distanceTraveled = prevSample ? prevSample.distanceTraveled + distance(prevSample.x, prevSample.y, x, y) : 0;
+      const sample = { x, y, timestamp: now, distanceTraveled };
+      tracker.samples.push(sample);
+      if (tracker.samples.length > MAX_SAMPLES) {
+        tracker.samples.shift();
+      }
+      return null;
+    }
+    if (type === "mouseReleased" && tracker.samples.length < MIN_SAMPLES_FOR_ANALYSIS) {
+      tracker.samples = [];
+      return null;
+    }
+    return null;
+  }
+};
+function analyzeTrajectory(samples) {
+  if (samples.length < MIN_SAMPLES_FOR_ANALYSIS) return null;
+  const issues = [];
+  const startX = samples[0].x;
+  const startY = samples[0].y;
+  const endX = samples[samples.length - 1].x;
+  const endY = samples[samples.length - 1].y;
+  const lineLength = distance(startX, startY, endX, endY);
+  const collinearityResult = checkCollinearity(samples, startX, startY, endX, endY, lineLength);
+  if (collinearityResult) {
+    issues.push(collinearityResult);
+  }
+  const velocityResult = checkConstantVelocity(samples);
+  if (velocityResult) {
+    issues.push(velocityResult);
+  }
+  const jitterResult = checkJitter(samples);
+  if (jitterResult) {
+    issues.push(jitterResult);
+  }
+  if (issues.length === 0) return null;
+  const stopX = samples[samples.length - 1].x;
+  const stopY = samples[samples.length - 1].y;
+  return {
+    ruleId: "mouse-trajectory",
+    action: "block",
+    severity: "danger",
+    reason: `Suspicious mouse trajectory: ${issues.join("; ")}`,
+    suggestion: `This mouse movement appears automated (straight line A\u2192B, no natural variation).
+  Use a humanized mouse API that generates:
+  - Bezier curves instead of straight lines
+  - Random acceleration/deceleration
+  - 1-3px micro-jitter per sample
+
+  Example: The 'faker' or 'ghost-cursor' libraries generate realistic mouse paths.
+  Target was: (${Math.round(startX)}, ${Math.round(startY)}) \u2192 (${Math.round(stopX)}, ${Math.round(stopY)})`,
+    errorCode: -32002,
+    errorMessage: "[CDP Firewall] Automated mouse trajectory blocked \u2014 appears non-human"
+  };
+}
+function distance(x1, y1, x2, y2) {
+  return Math.sqrt((x2 - x1) ** 2 + (y2 - y1) ** 2);
+}
+function checkCollinearity(samples, x1, y1, x2, y2, lineLength) {
+  if (lineLength < 5) return null;
+  let maxDeviation = 0;
+  const dx = x2 - x1;
+  const dy = y2 - y1;
+  for (let i = 1; i < samples.length - 1; i++) {
+    const { x, y } = samples[i];
+    const cross = Math.abs(dy * x - dx * y + x2 * y1 - y2 * x1);
+    const dev = cross / lineLength;
+    if (dev > maxDeviation) maxDeviation = dev;
+  }
+  if (maxDeviation < 1.5 && lineLength > 20) {
+    return `Perfectly straight line (max deviation ${maxDeviation.toFixed(1)}px over ${lineLength.toFixed(0)}px)`;
+  }
+  if (maxDeviation < 0.5 && lineLength > 10) {
+    return `Near-perfect straight line (max deviation ${maxDeviation.toFixed(1)}px)`;
+  }
+  return null;
+}
+function checkConstantVelocity(samples) {
+  if (samples.length < 3) return null;
+  const speeds = [];
+  for (let i = 1; i < samples.length; i++) {
+    const d = distance(
+      samples[i - 1].x,
+      samples[i - 1].y,
+      samples[i].x,
+      samples[i].y
+    );
+    const dt = samples[i].timestamp - samples[i - 1].timestamp;
+    if (dt > 0) speeds.push(d / dt);
+  }
+  if (speeds.length < 2) return null;
+  const mean = speeds.reduce((a, b) => a + b, 0) / speeds.length;
+  if (mean === 0) return null;
+  const variance = speeds.reduce((sum, v) => sum + (v - mean) ** 2, 0) / speeds.length;
+  const stddev = Math.sqrt(variance);
+  const cv = stddev / mean;
+  if (cv < 0.05) {
+    return `Constant velocity (CV=${cv.toFixed(3)}, mean=${mean.toFixed(1)} px/ms)`;
+  }
+  return null;
+}
+function checkJitter(samples) {
+  if (samples.length < 4) return null;
+  let totalLateralChange = 0;
+  for (let i = 1; i < samples.length; i++) {
+    const d = distance(
+      samples[i - 1].x,
+      samples[i - 1].y,
+      samples[i].x,
+      samples[i].y
+    );
+    totalLateralChange += d;
+  }
+  const avgLateral = totalLateralChange / (samples.length - 1);
+  if (avgLateral < 0.3) {
+    return "No micro-jitter (sub-pixel precision, impossible for human)";
+  }
+  return null;
+}
+
+// src/cdp-interceptor/rules/input-keystroke.ts
+var TRACKER_KEY2 = "keystroke-tracker";
+var MIN_KEYS_FOR_ANALYSIS = 4;
+var inputKeystrokeRule = {
+  id: "input-keystroke",
+  name: "Input Keystroke Timing Analysis",
+  priority: 40,
+  canHandle(ctx) {
+    return ctx.method === "Input.dispatchKeyEvent" || ctx.method === "Input.insertText";
+  },
+  evaluate(ctx) {
+    if (ctx.method === "Input.insertText") {
+      return {
+        ruleId: "input-keystroke",
+        action: "pass",
+        severity: "info",
+        reason: "Input.insertText bypasses native keyboard events. Playwright uses this internally for page.fill().",
+        suggestion: "Prefer page.type() with variable delay for human-like input.",
+        errorCode: -32004,
+        errorMessage: "[CDP Firewall] Input.insertText detected \u2014 note: Playwright uses this for fill()"
+      };
+    }
+    let tracker = ctx.sessionState.get(TRACKER_KEY2);
+    if (!tracker) {
+      tracker = { samples: [] };
+      ctx.sessionState.set(TRACKER_KEY2, tracker);
+    }
+    const type = ctx.params.type;
+    const code = ctx.params.code;
+    const key = ctx.params.key;
+    if (type === "keyDown" && key && key.length === 1) {
+      tracker.samples.push({
+        code,
+        key,
+        timestamp: Date.now(),
+        type
+      });
+    }
+    if (tracker.samples.length >= MIN_KEYS_FOR_ANALYSIS && (type === "keyUp" || type === "keyDown")) {
+      return analyzeKeyTiming(tracker.samples);
+    }
+    return null;
+  }
+};
+function analyzeKeyTiming(samples) {
+  if (samples.length < MIN_KEYS_FOR_ANALYSIS) return null;
+  const intervals = [];
+  for (let i = 1; i < samples.length; i++) {
+    const dt = samples[i].timestamp - samples[i - 1].timestamp;
+    if (dt > 0) intervals.push(dt);
+  }
+  if (intervals.length < 3) return null;
+  const mean = intervals.reduce((a, b) => a + b, 0) / intervals.length;
+  if (mean === 0) return null;
+  const variance = intervals.reduce((sum, v) => sum + (v - mean) ** 2, 0) / intervals.length;
+  const stddev = Math.sqrt(variance);
+  const cv = stddev / mean;
+  const uniqueIntervals = new Set(intervals);
+  const allIdentical = uniqueIntervals.size === 1;
+  if (allIdentical) {
+    return {
+      ruleId: "input-keystroke",
+      action: "block",
+      severity: "danger",
+      reason: `All ${intervals.length} keystroke intervals are exactly ${intervals[0]}ms \u2014 impossible for human typing.`,
+      suggestion: `Use page.fill(selector, text) instead of page.type() with delay.
+Or add random variation: page.type(selector, text, {delay: 50 + Math.random() * 80}).`,
+      errorCode: -32004,
+      errorMessage: "[CDP Firewall] Constant keystroke timing detected \u2014 automated typing pattern"
+    };
+  }
+  if (cv < 0.08) {
+    return {
+      ruleId: "input-keystroke",
+      action: "block",
+      severity: "warn",
+      reason: `Unnatural keystroke timing (CV=${cv.toFixed(3)}). Human typing has CV > 0.2 on average.`,
+      suggestion: `Add random variation to your typing delay: page.type(selector, text, {delay: 50 + Math.random() * 80}).`,
+      errorCode: -32004,
+      errorMessage: "[CDP Firewall] Suspicious keystroke timing \u2014 likely automated"
+    };
+  }
+  return null;
+}
+
+// src/cdp-interceptor/rules/automation-signals.ts
+var AUTOMATION_PATTERNS = [
+  // ── Playwright markers ─────────────────────────
+  { pattern: /window\s*\.\s*__playwright/, name: "window.__playwright", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__pw_[a-zA-Z]/, name: "window.__pw_*", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__pw_paused/, name: "window.__pw_paused", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*playwright\b/, name: "window.playwright", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__pw_recorder/, name: "window.__pw_recorder", severity: "warn", errorCode: -32041 },
+  { pattern: /window\s*\.\s*__pw_trace/, name: "window.__pw_trace", severity: "warn", errorCode: -32041 },
+  // ── Puppeteer markers ──────────────────────────
+  { pattern: /window\s*\.\s*__puppeteer\b/, name: "window.__puppeteer", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__puppeteer_evaluation_script/, name: "window.__puppeteer_evaluation_script", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__puppeteer_testId/, name: "window.__puppeteer_testId", severity: "warn", errorCode: -32041 },
+  { pattern: /window\s*\.\s*__puppeteer_/, name: "window.__puppeteer_*", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*_puppeteer\b/, name: "window._puppeteer", severity: "warn", errorCode: -32041 },
+  // ── Selenium / WebDriver markers ───────────────
+  { pattern: /window\s*\.\s*__webdriver_script_fn/, name: "window.__webdriver_script_fn", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__selenium\b/, name: "window.__selenium", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__selenium_evaluate/, name: "window.__selenium_evaluate", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__driver_evaluate/, name: "window.__driver_evaluate", severity: "warn", errorCode: -32041 },
+  { pattern: /window\s*\.\s*__webdriver_evaluate/, name: "window.__webdriver_evaluate", severity: "danger", errorCode: -32040 },
+  { pattern: /document\.\$cdc_/, name: "document.$cdc_* (Selenium marker)", severity: "danger", errorCode: -32040 },
+  { pattern: /document\.\$chrome_asyncScriptInfo/, name: "document.$chrome_asyncScriptInfo", severity: "danger", errorCode: -32040 },
+  // ── navigator.webdriver detection ─────────────
+  { pattern: /navigator\s*\.\s*webdriver/, name: "navigator.webdriver read", severity: "danger", errorCode: -32042 },
+  { pattern: /navigator\[["']webdriver["']\]/, name: 'navigator["webdriver"]', severity: "danger", errorCode: -32042 },
+  // ── Chrome headless API surface checks ────────
+  { pattern: /chrome\s*\.\s*app/, name: "chrome.app detection", severity: "danger", errorCode: -32043 },
+  { pattern: /chrome\s*\.\s*runtime/, name: "chrome.runtime detection", severity: "danger", errorCode: -32043 },
+  { pattern: /chrome\s*\.\s*loadTimes/, name: "chrome.loadTimes detection", severity: "warn", errorCode: -32044 },
+  { pattern: /chrome\s*\.\s*csi\b/, name: "chrome.csi detection", severity: "warn", errorCode: -32044 },
+  { pattern: /window\s*\.\s*chrome\b/, name: "window.chrome object probe", severity: "warn", errorCode: -32044 },
+  { pattern: /navigator\s*\.\s*plugins\b/, name: "navigator.plugins enumeration", severity: "warn", errorCode: -32044 },
+  { pattern: /navigator\s*\.\s*mimeTypes/, name: "navigator.mimeTypes enumeration", severity: "warn", errorCode: -32044 },
+  { pattern: /navigator\s*\.\s*hardwareConcurrency/, name: "navigator.hardwareConcurrency", severity: "warn", errorCode: -32044 },
+  { pattern: /navigator\s*\.\s*deviceMemory/, name: "navigator.deviceMemory", severity: "info", errorCode: -32045 },
+  { pattern: /navigator\s*\.\s*maxTouchPoints/, name: "navigator.maxTouchPoints", severity: "warn", errorCode: -32044 },
+  { pattern: /navigator\s*\.\s*languages/, name: "navigator.languages", severity: "info", errorCode: -32045 },
+  { pattern: /navigator\s*\.\s*platform/, name: "navigator.platform", severity: "info", errorCode: -32045 },
+  // ── Anti-detection injection attempts ─────────
+  { pattern: /navigator\.webdriver\s*=\s*(false|undefined|null)/, name: "navigator.webdriver override attempt", severity: "danger", errorCode: -32046, suggestionOverride: "Overriding navigator.webdriver is detectable. Use CDP Page.addScriptToEvaluateOnNewDocument instead." },
+  { pattern: /Object\.defineProperty\s*\([^)]*webdriver/, name: "Object.defineProperty navigator.webdriver", severity: "danger", errorCode: -32046, suggestionOverride: "Object.defineProperty patches are detectable via Function.prototype.toString checks." },
+  { pattern: /delete\s+navigator\s*\.\s*webdriver/, name: "delete navigator.webdriver", severity: "danger", errorCode: -32046, suggestionOverride: "Deleting webdriver flag is detectable \u2014 the delete itself is visible." },
+  // ── PhantomJS / Headless markers ──────────────
+  { pattern: /window\s*\.\s*callPhantom/, name: "window.callPhantom", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*_phantom/, name: "window._phantom", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*phantom\b/, name: "window.phantom", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*Buffer\b/, name: "window.Buffer (Node.js leak)", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*process\b/, name: "window.process (Node.js leak)", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*global\b/, name: "window.global (Node.js leak)", severity: "danger", errorCode: -32040 },
+  { pattern: /window\s*\.\s*__dirname/, name: "window.__dirname (Node.js leak)", severity: "danger", errorCode: -32040 }
+];
+var automationSignalsRule = {
+  id: "automation-signals",
+  name: "Browser Automation Signal Detection (35+ markers)",
+  priority: 20,
+  canHandle(ctx) {
+    return ctx.method === "Runtime.evaluate" || ctx.method === "Runtime.callFunctionOn" || ctx.method === "Page.addScriptToEvaluateOnNewDocument";
+  },
+  evaluate(ctx) {
+    if (ctx.method === "Page.addScriptToEvaluateOnNewDocument") {
+      const source = ctx.params.source;
+      if (typeof source === "string") {
+        for (const p of AUTOMATION_PATTERNS) {
+          if (p.pattern.test(source)) {
+            return makeDecision(p, source.substring(0, 60));
+          }
+        }
+      }
+      return null;
+    }
+    const userCode = extractUserCode(ctx);
+    if (!userCode) return null;
+    for (const p of AUTOMATION_PATTERNS) {
+      if (p.pattern.test(userCode)) {
+        return makeDecision(p, userCode.substring(0, 60));
+      }
+    }
+    return null;
+  }
+};
+function makeDecision(p, context) {
+  const suggestion = p.suggestionOverride ?? `Detected: "${p.name}" \u2014 an automation tool marker that anti-crawler systems immediately flag. Remove this pattern from your code.`;
+  return {
+    ruleId: "automation-signals",
+    action: "block",
+    severity: p.severity,
+    reason: `Automation marker detected: "${p.name}". Context: "${context}..."`,
+    suggestion,
+    errorCode: p.errorCode,
+    errorMessage: p.severity === "danger" ? `[CDP Firewall] ${p.name} blocked \u2014 automation tool marker detected` : `[CDP Firewall] ${p.name} detected \u2014 potential automation signal`
+  };
+}
+
+// src/cdp-interceptor/rules/fingerprinting.ts
+var FP_PATTERNS = [
+  // ── Canvas Rendering fingerprinting ────────────────────
+  { pattern: /\.toDataURL\s*\(/, name: "canvas.toDataURL()", severity: "danger", errorCode: -32050, suggestion: "canvas.toDataURL() returns a unique hash that identifies the browser engine. Minimize calls." },
+  { pattern: /\.toBlob\s*\(/, name: "canvas.toBlob()", severity: "danger", errorCode: -32050, suggestion: "canvas.toBlob() is used for canvas fingerprinting. Avoid if possible." },
+  { pattern: /getImageData\s*\(/, name: "CanvasRenderingContext2D.getImageData()", severity: "danger", errorCode: -32050, suggestion: "getImageData reads pixel-level data used for fingerprinting." },
+  { pattern: /measureText\s*\(/, name: "CanvasRenderingContext2D.measureText()", severity: "warn", errorCode: -32051, suggestion: "Font metrics reveal installed fonts \u2014 a fingerprinting vector." },
+  { pattern: /OffscreenCanvas\s*\(/, name: "new OffscreenCanvas()", severity: "warn", errorCode: -32051, suggestion: "OffscreenCanvas is sometimes used to avoid visibility detection." },
+  { pattern: /convertToBlob\s*\(/, name: "OffscreenCanvas.convertToBlob()", severity: "warn", errorCode: -32051, suggestion: "Headless OffscreenCanvas rendering differs from real browser." },
+  // ── WebGL Fingerprinting ──────────────────────────────
+  { pattern: /getParameter\s*\([^)]*(?:VENDOR|RENDERER|VERSION)/, name: "WebGL getParameter(VENDOR/RENDERER)", severity: "danger", errorCode: -32052, suggestion: "WebGL VENDOR/RENDERER returns emulated values in headless. Cannot be reliably spoofed." },
+  { pattern: /getSupportedExtensions\s*\(/, name: "WebGL getSupportedExtensions()", severity: "warn", errorCode: -32053, suggestion: "WebGL extension list differs in headless mode." },
+  { pattern: /getShaderPrecisionFormat\s*\(/, name: "WebGL getShaderPrecisionFormat()", severity: "info", errorCode: -32054, suggestion: "Shader precision differs between headless and real GPU." },
+  { pattern: /UNMASKED_VENDOR_WEBGL/, name: "WEBGL_debug_renderer_info UNMASKED_VENDOR", severity: "warn", errorCode: -32053, suggestion: "Unmasked vendor info reveals the real GPU \u2014 blocked in many envs." },
+  { pattern: /UNMASKED_RENDERER_WEBGL/, name: "WEBGL_debug_renderer_info UNMASKED_RENDERER", severity: "warn", errorCode: -32053, suggestion: "Unmasked renderer string reveals the real GPU." },
+  // ── AudioContext Fingerprinting ────────────────────────
+  { pattern: /AnalyserNode\s*\(/, name: "new AnalyserNode()", severity: "warn", errorCode: -32055, suggestion: "Audio fingerprinting via AnalyserNode \u2014 produces silence in headless." },
+  { pattern: /getFloatFrequencyData\s*\(/, name: "AnalyserNode.getFloatFrequencyData()", severity: "danger", errorCode: -32050, suggestion: "Audio frequency data in headless returns silence (all zeros) \u2014 detectable." },
+  { pattern: /getByteFrequencyData\s*\(/, name: "AnalyserNode.getByteFrequencyData()", severity: "danger", errorCode: -32050, suggestion: "Audio byte frequency data in headless returns zeros." },
+  { pattern: /getByteTimeDomainData\s*\(/, name: "AnalyserNode.getByteTimeDomainData()", severity: "danger", errorCode: -32050, suggestion: "Time domain audio data in headless is a flat line \u2014 detectable." },
+  { pattern: /OfflineAudioContext\s*\(/, name: "new OfflineAudioContext()", severity: "warn", errorCode: -32055, suggestion: "Offline audio rendering is a known fingerprinting method." },
+  { pattern: /OscillatorNode\s*\(/, name: "new OscillatorNode()", severity: "info", errorCode: -32056, suggestion: "Audio oscillator used in fingerprinting probes." },
+  // ── Navigator property probing ───────────────────────
+  { pattern: /navigator\s*\.\s*connection\b/, name: "navigator.connection", severity: "info", errorCode: -32057, suggestion: 'Network connection info is used for fingerprinting (always "4g" in bots).' },
+  { pattern: /navigator\s*\.\s*getBattery\s*\(/, name: "navigator.getBattery()", severity: "warn", errorCode: -32058, suggestion: "Battery API is a fingerprinting vector. Returns fixed values in headless." },
+  { pattern: /navigator\s*\.\s*mediaDevices\s*\.\s*enumerateDevices/, name: "navigator.mediaDevices.enumerateDevices()", severity: "warn", errorCode: -32058, suggestion: "Media device enumeration returns empty/no devices in headless." },
+  { pattern: /navigator\s*\.\s*permissions\s*\.\s*query/, name: "navigator.permissions.query()", severity: "info", errorCode: -32059, suggestion: "Permission queries can reveal automation environment." },
+  // ── Screen / Window geometry probing ──────────────────
+  { pattern: /screen\.avail(Width|Height|Left|Top)/, name: "screen.avail*", severity: "warn", errorCode: -32060, suggestion: "screen.avail* values differ in headless (no OS chrome)." },
+  { pattern: /window\.outerWidth\s*-?\s*window\.innerWidth/, name: "window.outerWidth - window.innerWidth", severity: "danger", errorCode: -32050, suggestion: "This difference is 0 in headless (no browser chrome) \u2014 100% detection rate." },
+  { pattern: /window\.outerHeight\s*-?\s*window\.innerHeight/, name: "window.outerHeight - window.innerHeight", severity: "danger", errorCode: -32050, suggestion: "This difference is 0 in headless \u2014 immediate automation detection." },
+  { pattern: /screen\.width\b/, name: "screen.width", severity: "info", errorCode: -32061, suggestion: "Screen dimensions can be spoofed but inconsistencies with viewport are detectable." },
+  { pattern: /screen\.height\b/, name: "screen.height", severity: "info", errorCode: -32061, suggestion: "Screen dimension probes for viewport inconsistency detection." },
+  { pattern: /window\.devicePixelRatio/, name: "window.devicePixelRatio", severity: "warn", errorCode: -32060, suggestion: "devicePixelRatio is always 1 in headless \u2014 differs from real displays." },
+  { pattern: /matchMedia\s*\(/, name: "window.matchMedia()", severity: "warn", errorCode: -32060, suggestion: "matchMedia can detect CDP overridden viewport dimensions." },
+  // ── Performance / Timing API ──────────────────────────
+  { pattern: /performance\s*\.\s*now\s*\(/, name: "performance.now()", severity: "info", errorCode: -32062, suggestion: "High-resolution timer used for timing attacks and bot detection." },
+  { pattern: /performance\s*\.\s*memory/, name: "performance.memory", severity: "warn", errorCode: -32063, suggestion: "performance.memory shows VM memory limits in containers." },
+  { pattern: /performance\.getEntriesByType\s*\(\s*["']navigation["']\s*\)/, name: 'performance.getEntriesByType("navigation")', severity: "info", errorCode: -32062, suggestion: "Navigation timing reveals request pattern inconsistencies." },
+  { pattern: /performance\.getEntriesByType\s*\(\s*["']resource["']\s*\)/, name: 'performance.getEntriesByType("resource")', severity: "info", errorCode: -32062, suggestion: "Resource loading timing analysis for bot detection." },
+  // ── Font Detection ────────────────────────────────────
+  { pattern: /document\.fonts\.check\s*\(/, name: "document.fonts.check()", severity: "warn", errorCode: -32064, suggestion: "Font availability checks are used for fingerprinting. Installed font list is unique per user." },
+  { pattern: /document\.fonts\.ready/, name: "document.fonts.ready", severity: "info", errorCode: -32065, suggestion: "Font loading state probe for fingerprinting." },
+  // ── WebRTC / Connectivity ────────────────────────────
+  { pattern: /RTCPeerConnection\s*\(/, name: "new RTCPeerConnection()", severity: "warn", errorCode: -32066, suggestion: "WebRTC can leak internal IP and is used for connectivity fingerprinting." },
+  { pattern: /navigator\.mediaDevices\.getUserMedia/, name: "navigator.mediaDevices.getUserMedia()", severity: "info", errorCode: -32067, suggestion: "getUserMedia always fails in headless (no camera)." },
+  // ── Feature Consistency Checks ─────────────────────────
+  { pattern: /Intl\.DateTimeFormat.*resolvedOptions.*timeZone/, name: "Intl.DateTimeFormat timezone check", severity: "warn", errorCode: -32068, suggestion: "Timezone from Intl API vs Emulation.setTimezoneOverride will be inconsistent when mocked." },
+  { pattern: /new\s+Date\s*\(\s*\)\s*\.\s*getTimezoneOffset/, name: "Date.getTimezoneOffset()", severity: "info", errorCode: -32069, suggestion: "Timezone offset used for timing consistency cross-checks." },
+  { pattern: /Error\s*\(\s*\)\s*\.\s*stack/, name: "Error().stack format check", severity: "info", errorCode: -32070, suggestion: "Stack trace format differs between headless and full Chrome." },
+  { pattern: /Function\.prototype\.toString/, name: "Function.prototype.toString on native fn", severity: "info", errorCode: -32070, suggestion: "Native function toString() format can reveal patched APIs." }
+];
+var fingerprintingRule = {
+  id: "fingerprinting",
+  name: "Browser Fingerprinting Access Detection (35+ APIs)",
+  priority: 30,
+  canHandle(ctx) {
+    return ctx.method === "Runtime.evaluate" || ctx.method === "Runtime.callFunctionOn";
+  },
+  evaluate(ctx) {
+    const userCode = extractUserCode(ctx);
+    if (!userCode) return null;
+    for (const p of FP_PATTERNS) {
+      if (p.pattern.test(userCode)) {
+        return {
+          ruleId: "fingerprinting",
+          action: "block",
+          severity: p.severity,
+          reason: `Browser fingerprinting API accessed: "${p.name}". Anti-crawler systems use this to identify your browser.`,
+          suggestion: p.suggestion,
+          errorCode: p.errorCode,
+          errorMessage: `[CDP Firewall] ${p.name} blocked \u2014 fingerprinting API access detected`
+        };
+      }
+    }
+    return null;
+  }
+};
+
+// src/cdp-interceptor/rules/event-simulation.ts
+var EVENT_PATTERNS = [
+  // ── Direct method calls (all isTrusted=false) ─────────
+  { pattern: /\.click\s*\(\s*\)/, name: "el.click()", severity: "danger", errorCode: -32070, suggestion: "el.click() fires isTrusted=false events. Use page.click(selector) which uses Input.dispatchMouseEvent (isTrusted=true)." },
+  { pattern: /\.focus\s*\(\s*\)/, name: "el.focus()", severity: "danger", errorCode: -32071, suggestion: "el.focus() without user interaction is detectable. Use page.click(selector) which naturally focuses." },
+  { pattern: /\.blur\s*\(\s*\)/, name: "el.blur()", severity: "danger", errorCode: -32071, suggestion: "el.blur() without user interaction. Avoid in automation scripts." },
+  { pattern: /\.submit\s*\(\s*\)/, name: "el.submit()", severity: "danger", errorCode: -32072, suggestion: `form.submit() bypasses onSubmit handlers. Click the submit button: page.click('button[type="submit"]').` },
+  { pattern: /\.reset\s*\(\s*\)/, name: "el.reset()", severity: "danger", errorCode: -32072, suggestion: "form.reset() without user action. Let the user clear fields manually." },
+  { pattern: /\.select\s*\(\s*\)/, name: "el.select()", severity: "warn", errorCode: -32073, suggestion: "input.select() selects text without user interaction. Use page.click(selector) instead." },
+  { pattern: /dialog\.close\s*\(\s*\)|showModal\(\)/, name: "dialog.showModal()/close()", severity: "danger", errorCode: -32074, suggestion: "dialog.showModal() requires user gesture. Let the user open the dialog naturally." },
+  { pattern: /\.showPopover\s*\(\s*\)/, name: "el.showPopover()", severity: "warn", errorCode: -32073, suggestion: "Popover.show() requires user gesture. Simulate a click on the popover trigger." },
+  { pattern: /\.hidePopover\s*\(\s*\)/, name: "el.hidePopover()", severity: "warn", errorCode: -32073, suggestion: "Hiding popovers via CDP is detectable." },
+  { pattern: /\.requestFullscreen\s*\(\s*\)/, name: "el.requestFullscreen()", severity: "danger", errorCode: -32074, suggestion: "Fullscreen requests require user gesture. Cannot be triggered by automation." },
+  { pattern: /\.requestPointerLock\s*\(\s*\)/, name: "el.requestPointerLock()", severity: "danger", errorCode: -32074, suggestion: "Pointer lock requires user gesture. Blocked in automation." },
+  { pattern: /\.setSelectionRange\s*\(/, name: "el.setSelectionRange()", severity: "warn", errorCode: -32073, suggestion: "Setting selection range without user interaction is suspicious." },
+  { pattern: /\.setRangeText\s*\(/, name: "el.setRangeText()", severity: "info", errorCode: -32076, suggestion: "Range text replacement without user input is detectable." },
+  { pattern: /\.showPicker\s*\(\s*\)/, name: "HTMLInputElement.showPicker()", severity: "info", errorCode: -32076, suggestion: "Date/color picker shown without click \u2014 detectable." },
+  { pattern: /\.reportValidity\s*\(\s*\)/, name: "el.reportValidity()", severity: "info", errorCode: -32076, suggestion: "Validity reporting without form submission attempt." },
+  // ── dispatchEvent with synthetic events (isTrusted=false) ──
+  { pattern: /dispatchEvent\s*\(\s*new\s+(?:Event|CustomEvent)\s*\(/, name: "dispatchEvent(new Event/CustomEvent)", severity: "danger", errorCode: -32077, suggestion: "Synthetic events have isTrusted=false. Use Input.dispatch* CDP methods for trusted events." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+MouseEvent\s*\(/, name: "dispatchEvent(new MouseEvent)", severity: "danger", errorCode: -32077, suggestion: "Synthetic mouse events (isTrusted=false). Use Input.dispatchMouseEvent CDP method." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+KeyboardEvent\s*\(/, name: "dispatchEvent(new KeyboardEvent)", severity: "danger", errorCode: -32077, suggestion: "Synthetic keyboard events (isTrusted=false). Use Input.dispatchKeyEvent CDP method." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+FocusEvent\s*\(/, name: "dispatchEvent(new FocusEvent)", severity: "warn", errorCode: -32078, suggestion: "Synthetic focus events bypass user interaction." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+InputEvent\s*\(/, name: "dispatchEvent(new InputEvent)", severity: "danger", errorCode: -32077, suggestion: "Synthetic input events (isTrusted=false). Use page.fill() or page.type()." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+(?:Event)\s*\(\s*["'](?:input|change|submit|reset)/, name: 'dispatchEvent("input"/"change"/"submit")', severity: "danger", errorCode: -32077, suggestion: "Synthetic input/change/submit events are trusted=false. Always detectable." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+PointerEvent\s*\(/, name: "dispatchEvent(new PointerEvent)", severity: "danger", errorCode: -32077, suggestion: "Synthetic pointer events bypass the trusted input pipeline." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+TouchEvent\s*\(/, name: "dispatchEvent(new TouchEvent)", severity: "danger", errorCode: -32077, suggestion: "Synthetic touch events on mobile are detectable." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+WheelEvent\s*\(/, name: "dispatchEvent(new WheelEvent)", severity: "warn", errorCode: -32078, suggestion: "Synthetic scroll events (isTrusted=false). Use Input.dispatchMouseEvent with wheel type." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+ClipboardEvent\s*\(/, name: "dispatchEvent(new ClipboardEvent)", severity: "warn", errorCode: -32078, suggestion: "Synthetic clipboard events are detectable." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+DragEvent\s*\(/, name: "dispatchEvent(new DragEvent)", severity: "warn", errorCode: -32078, suggestion: "Synthetic drag events bypass real user interaction." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+CompositionEvent\s*\(/, name: "dispatchEvent(new CompositionEvent)", severity: "info", errorCode: -32079, suggestion: "Synthetic IME composition events \u2014 detectable pattern." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+AnimationEvent\s*\(/, name: "dispatchEvent(new AnimationEvent)", severity: "info", errorCode: -32079, suggestion: "Forcing animation state transitions via fake events." },
+  { pattern: /dispatchEvent\s*\(\s*new\s+TransitionEvent\s*\(/, name: "dispatchEvent(new TransitionEvent)", severity: "info", errorCode: -32079, suggestion: "Forcing CSS transition end via fake events." }
+];
+var eventSimulationRule = {
+  id: "event-simulation",
+  name: "Event Simulation Detection (30+ patterns)",
+  priority: 40,
+  canHandle(ctx) {
+    return ctx.method === "Runtime.evaluate" || ctx.method === "Runtime.callFunctionOn";
+  },
+  evaluate(ctx) {
+    const userCode = extractUserCode(ctx);
+    if (!userCode) return null;
+    for (const p of EVENT_PATTERNS) {
+      if (p.pattern.test(userCode)) {
+        return {
+          ruleId: "event-simulation",
+          action: "block",
+          severity: p.severity,
+          reason: `Event simulation detected: "${p.name}". Synthetic events have isTrusted=false and are 100% detectable.`,
+          suggestion: p.suggestion,
+          errorCode: p.errorCode,
+          errorMessage: p.severity === "danger" ? `[CDP Firewall] ${p.name} blocked \u2014 synthetic event (isTrusted=false)` : `[CDP Firewall] ${p.name} detected \u2014 event simulation`
+        };
+      }
+    }
+    return null;
+  }
+};
+
+// src/cdp-interceptor/rules/emulation-override.ts
+var OVERRIDE_PATTERNS = [
+  // ── Emulation overrides ──────────────────────────────
+  // NOTE: Emulation.setDeviceMetricsOverride is NOT included here because
+  // Playwright calls it internally for every new page (viewport setup).
+  // Blocking it would break page creation.
+  { method: "Emulation.setUserAgentOverride", name: "Emulation.setUserAgentOverride", severity: "danger", errorCode: -32080, suggestion: "navigator.userAgent override can be detected by checking consistency with navigator.plugins, WebGL vendor, etc." },
+  { method: "Emulation.setTouchEmulationEnabled", name: "Emulation.setTouchEmulationEnabled", severity: "warn", errorCode: -32081, suggestion: "Touch emulation creates inconsistent touch/mouse state. Windows touch events without real touch hardware." },
+  { method: "Emulation.setGeolocationOverride", name: "Emulation.setGeolocationOverride", severity: "danger", errorCode: -32082, suggestion: "Geolocation changing mid-session without user travel is impossible. Detectable via IP geo vs overridden geo." },
+  { method: "Emulation.setLocaleOverride", name: "Emulation.setLocaleOverride", severity: "warn", errorCode: -32081, suggestion: "Locale change without browser restart detectable via navigator.languages vs Accept-Language consistency." },
+  { method: "Emulation.setTimezoneOverride", name: "Emulation.setTimezoneOverride", severity: "danger", errorCode: -32082, suggestion: "Timezone mismatch vs IP geolocation + Date() is 100% detectable." },
+  { method: "Emulation.setDisabledImageTypes", name: "Emulation.setDisabledImageTypes", severity: "info", errorCode: -32083, suggestion: "Disabling image types prevents normal resource loading \u2014 visible to performance API." },
+  { method: "Emulation.setScriptExecutionDisabled", name: "Emulation.setScriptExecutionDisabled", severity: "info", errorCode: -32083, suggestion: "Disabling JS mid-session kills page interactivity \u2014 immediately obvious." },
+  { method: "Emulation.setCPUThrottlingRate", name: "Emulation.setCPUThrottlingRate", severity: "info", errorCode: -32083, suggestion: "CPU throttling creates unrealistic performance.now() profiles." },
+  { method: "Emulation.setVirtualTimePolicy", name: "Emulation.setVirtualTimePolicy", severity: "info", errorCode: -32083, suggestion: "Virtual time breaks Date.now() and performance.now() based detections \u2014 detectable via timer drift." },
+  // ── Network overrides ────────────────────────────────
+  { method: "Network.setUserAgentOverride", name: "Network.setUserAgentOverride (HTTP layer)", severity: "danger", errorCode: -32080, suggestion: "HTTP User-Agent vs navigator.userAgent inconsistency = immediate detection." },
+  { method: "Network.setExtraHTTPHeaders", name: "Network.setExtraHTTPHeaders", severity: "danger", errorCode: -32084, suggestion: "Custom headers can conflict with browser-generated headers. Missing client hints (Sec-CH-UA) are also detectable." },
+  { method: "Network.emulateNetworkConditions", name: "Network.emulateNetworkConditions", severity: "warn", errorCode: -32081, suggestion: "Network throttling creates unrealistic load timing patterns." },
+  { method: "Network.setCookie", name: "Network.setCookie", severity: "warn", errorCode: -32085, suggestion: "CDP-injected cookies are detectable via document.cookie vs Network.getCookies inconsistency." },
+  { method: "Network.deleteCookies", name: "Network.deleteCookies", severity: "warn", errorCode: -32085, suggestion: "Cookie deletion via CDP bypasses HTTP cookie expiration \u2014 detectable." },
+  // ── Security overrides ──────────────────────────────
+  { method: "Security.setIgnoreCertificateErrors", name: "Security.setIgnoreCertificateErrors", severity: "info", errorCode: -32086, suggestion: "Ignoring certificate errors creates unusual TLS behavior visible at network level." },
+  // ── Page overrides ──────────────────────────────────
+  { method: "Page.setDownloadBehavior", name: "Page.setDownloadBehavior", severity: "info", errorCode: -32087, suggestion: "Bypassing download dialogs \u2014 detectable via download event flow." },
+  { method: "Page.setWebLifecycleState", name: "Page.setWebLifecycleState", severity: "info", errorCode: -32087, suggestion: "Forcing page lifecycle transitions is unnatural." },
+  // ── Storage / Permissions ───────────────────────────
+  { method: "Storage.clearDataForOrigin", name: "Storage.clearDataForOrigin", severity: "info", errorCode: -32089, suggestion: "Clearing storage mid-session is unnatural for real users." },
+  { method: "Browser.grantPermissions", name: "Browser.grantPermissions", severity: "warn", errorCode: -32090, suggestion: "Granting permissions via CDP is detectable as the permission flow skips the user prompt." },
+  { method: "Browser.resetPermissions", name: "Browser.resetPermissions", severity: "info", errorCode: -32089, suggestion: "Permission resets without user action are unnatural." }
+];
+var emulationOverrideRule = {
+  id: "emulation-override",
+  name: "CDP Emulation / Override Detection (20+ methods)",
+  priority: 60,
+  canHandle(ctx) {
+    for (const p of OVERRIDE_PATTERNS) {
+      if (ctx.method === p.method) return true;
+    }
+    return false;
+  },
+  evaluate(ctx) {
+    for (const p of OVERRIDE_PATTERNS) {
+      if (ctx.method !== p.method) continue;
+      return {
+        ruleId: "emulation-override",
+        action: "block",
+        severity: p.severity,
+        reason: `CDP emulation/override detected: "${p.name}". This creates detectable inconsistencies between the JS environment and real browser state.`,
+        suggestion: p.suggestion,
+        errorCode: p.errorCode,
+        errorMessage: `[CDP Firewall] ${p.name} blocked \u2014 creates detectable browser state inconsistency`
+      };
+    }
+    return null;
+  }
+};
+
+// src/cdp-interceptor/rules/network-anomaly.ts
+var networkAnomalyRule = {
+  id: "network-anomaly",
+  name: "Network Anomaly Detection (8+ patterns)",
+  priority: 70,
+  canHandle(ctx) {
+    const m = ctx.method;
+    return m === "Network.setExtraHTTPHeaders" || m === "Network.clearBrowserCache" || m === "Network.clearBrowserCookies" || m === "Network.setBlockedURLs" || m === "Network.setBypassServiceWorker" || m === "Fetch.enable" || m === "Network.enable";
+  },
+  evaluate(ctx) {
+    switch (ctx.method) {
+      case "Network.setExtraHTTPHeaders": {
+        const headers = ctx.params.headers;
+        if (headers) {
+          const headerStr = JSON.stringify(headers).toLowerCase();
+          if (!headerStr.includes("sec-ch-ua")) {
+            return {
+              ruleId: "network-anomaly",
+              action: "block",
+              severity: "warn",
+              reason: "Network.setExtraHTTPHeaders called without Sec-CH-UA client hints \u2014 browser normally sends these.",
+              suggestion: "Modern browsers send Sec-CH-UA headers automatically. Adding custom headers without them creates detectable inconsistency.",
+              errorCode: -32110,
+              errorMessage: "[CDP Firewall] Missing client hints in custom headers"
+            };
+          }
+        }
+        return null;
+      }
+      case "Network.clearBrowserCache": {
+        return {
+          ruleId: "network-anomaly",
+          action: "block",
+          severity: "warn",
+          reason: "Network.clearBrowserCache called \u2014 cache clearing mid-session is unnatural for real users.",
+          suggestion: "Avoid cache clearing during sessions. Start with a fresh profile if needed.",
+          errorCode: -32111,
+          errorMessage: "[CDP Firewall] Cache clearing detected"
+        };
+      }
+      case "Network.clearBrowserCookies": {
+        return {
+          ruleId: "network-anomaly",
+          action: "block",
+          severity: "warn",
+          reason: "Network.clearBrowserCookies called \u2014 wiping cookies mid-session is a scraper optimization.",
+          suggestion: "Cookies should only be cleared via normal browser flow (expiration, user action).",
+          errorCode: -32112,
+          errorMessage: "[CDP Firewall] Cookie clearing detected"
+        };
+      }
+      case "Network.setBlockedURLs": {
+        return {
+          ruleId: "network-anomaly",
+          action: "block",
+          severity: "warn",
+          reason: "Network.setBlockedURLs blocks resource loading \u2014 this changes the page behavior and is detectable.",
+          suggestion: "Blocking images/fonts/etc creates measurable differences in performance and page rendering.",
+          errorCode: -32113,
+          errorMessage: "[CDP Firewall] URL blocking detected"
+        };
+      }
+      case "Network.setBypassServiceWorker": {
+        return {
+          ruleId: "network-anomaly",
+          action: "block",
+          severity: "info",
+          reason: "Network.setBypassServiceWorker called \u2014 bypassing service workers for content extraction.",
+          suggestion: "Service worker bypass changes fetch behavior and is detectable server-side.",
+          errorCode: -32114,
+          errorMessage: "[CDP Firewall] Service worker bypass detected"
+        };
+      }
+      case "Fetch.enable": {
+        return {
+          ruleId: "network-anomaly",
+          action: "block",
+          severity: "warn",
+          reason: "Fetch.enable intercepts all network requests \u2014 a man-in-the-middle approach used by scrapers.",
+          suggestion: "Do not use Fetch domain for network interception if avoiding detection.",
+          errorCode: -32115,
+          errorMessage: "[CDP Firewall] Fetch interception detected"
+        };
+      }
+      default:
+        return null;
+    }
+  }
+};
+
+// src/cdp-interceptor/rules/page-lifecycle.ts
+var STAT_KEY = "lifecycle-tracker";
+var pageLifecycleRule = {
+  id: "page-lifecycle",
+  name: "Page Lifecycle Anomaly Detection (10+ patterns)",
+  priority: 80,
+  canHandle(ctx) {
+    const m = ctx.method;
+    return m === "Page.navigate" || m === "Page.captureScreenshot" || m === "Page.printToPDF" || m === "Page.reload" || m === "Page.close" || m === "Runtime.evaluate" || m === "Runtime.callFunctionOn";
+  },
+  evaluate(ctx) {
+    let state = ctx.sessionState.get(STAT_KEY);
+    if (!state) {
+      state = { navigations: [], screenshots: 0, printToPDF: false, evaluateCount: 0, lastNavTime: 0, lastEvalTime: 0 };
+      ctx.sessionState.set(STAT_KEY, state);
+    }
+    const now = Date.now();
+    switch (ctx.method) {
+      case "Page.navigate": {
+        state.navigations.push(now);
+        if (state.navigations.length >= 2) {
+          const prev = state.navigations[state.navigations.length - 2];
+          const interval = now - prev;
+          if (interval < 100) {
+            return {
+              ruleId: "page-lifecycle",
+              action: "block",
+              severity: "warn",
+              reason: `Multiple Page.navigate calls within ${interval}ms of each other \u2014 unnatural rapid navigation.`,
+              suggestion: "Add proper waits between navigations: wait for page load before navigating again.",
+              errorCode: -32100,
+              errorMessage: "[CDP Firewall] Rapid navigation sequence detected"
+            };
+          }
+        }
+        state.lastNavTime = now;
+        return null;
+      }
+      case "Page.captureScreenshot": {
+        state.screenshots++;
+        if (state.lastNavTime > 0 && now - state.lastNavTime < 500) {
+          return {
+            ruleId: "page-lifecycle",
+            action: "block",
+            severity: "danger",
+            reason: "Page.captureScreenshot called within 500ms of navigation \u2014 content extraction pattern.",
+            suggestion: "Wait for the page to fully render before taking screenshots: wait for load/networkidle.",
+            errorCode: -32101,
+            errorMessage: "[CDP Firewall] Pre-render screenshot blocked \u2014 content extraction pattern"
+          };
+        }
+        if (state.screenshots > 3 && state.navigations.length < 2) {
+          return {
+            ruleId: "page-lifecycle",
+            action: "block",
+            severity: "warn",
+            reason: "Multiple screenshots on a single page without navigation \u2014 suspicious extraction behavior.",
+            suggestion: "Consider if all screenshots are necessary.",
+            errorCode: -32102,
+            errorMessage: "[CDP Firewall] Excessive screenshot detection"
+          };
+        }
+        return null;
+      }
+      case "Page.printToPDF": {
+        return {
+          ruleId: "page-lifecycle",
+          action: "block",
+          severity: "danger",
+          reason: "Page.printToPDF called \u2014 this is a telltale scraper pattern that gives away automation intent.",
+          suggestion: "Avoid PDF generation. If you must, add significant delays and user-like interaction first.",
+          errorCode: -32103,
+          errorMessage: "[CDP Firewall] printToPDF blocked \u2014 scraper intent detected"
+        };
+      }
+      case "Page.reload": {
+        if (state.lastNavTime > 0 && now - state.lastNavTime < 1e3) {
+          return {
+            ruleId: "page-lifecycle",
+            action: "block",
+            severity: "warn",
+            reason: "Page.reload called immediately after navigate \u2014 unnatural fast-reload pattern.",
+            suggestion: "Introduce delays between navigation and reload to simulate human behavior.",
+            errorCode: -32104,
+            errorMessage: "[CDP Firewall] Rapid reload detected"
+          };
+        }
+        return null;
+      }
+      case "Page.close": {
+        if (state.navigations.length < 2) {
+          return {
+            ruleId: "page-lifecycle",
+            action: "block",
+            severity: "info",
+            reason: "Page.close called after minimal interaction \u2014 zombie pages common in automation.",
+            suggestion: "Ensure meaningful interaction before closing pages.",
+            errorCode: -32105,
+            errorMessage: "[CDP Firewall] Page close after minimal interaction"
+          };
+        }
+        return null;
+      }
+      case "Runtime.evaluate":
+      case "Runtime.callFunctionOn": {
+        state.evaluateCount++;
+        if (state.evaluateCount > 50 && state.navigations.length === 0) {
+          return {
+            ruleId: "page-lifecycle",
+            action: "block",
+            severity: "info",
+            reason: "50+ evaluate calls without any Page.navigate \u2014 data extraction without real browsing.",
+            suggestion: "Navigate to a real page first. Evaluate on about:blank is suspicious.",
+            errorCode: -32106,
+            errorMessage: "[CDP Firewall] Excessive evaluate without navigation"
+          };
+        }
+        return null;
+      }
+      default:
+        return null;
+    }
+  }
+};
+
+// src/cdp-interceptor/rules-engine.ts
+var BUILTIN_RULES = [
+  domMutationRule,
+  automationSignalsRule,
+  fingerprintingRule,
+  eventSimulationRule,
+  mouseTrajectoryRule,
+  inputKeystrokeRule,
+  emulationOverrideRule,
+  networkAnomalyRule,
+  pageLifecycleRule
+];
+function createRuleEngine(customRules) {
+  const rules = [...BUILTIN_RULES, ...customRules ?? []].sort((a, b) => a.priority - b.priority);
+  const sessionStates = /* @__PURE__ */ new Map();
+  function getSessionState(sessionId) {
+    let state = sessionStates.get(sessionId);
+    if (!state) {
+      state = /* @__PURE__ */ new Map();
+      sessionStates.set(sessionId, state);
+    }
+    return state;
+  }
+  return {
+    start() {
+      sessionStates.clear();
+    },
+    stop() {
+      sessionStates.clear();
+    },
+    evaluate(ctx) {
+      const fullCtx = {
+        ...ctx,
+        sessionState: getSessionState(ctx.sessionId)
+      };
+      for (const rule of rules) {
+        if (rule.canHandle && !rule.canHandle(fullCtx)) continue;
+        const decision = rule.evaluate(fullCtx);
+        if (!decision) continue;
+        if (decision.action !== "pass") return decision;
+      }
+      return null;
+    }
+  };
+}
+
+// src/cdp-interceptor/logger.ts
+function createLogger(config) {
+  const buffer = [];
+  const MAX_BUFFER = 2e3;
+  return {
+    info(message, meta) {
+      if (!config.enableLogging) return;
+      const ts = (/* @__PURE__ */ new Date()).toISOString();
+      if (meta) {
+        console.log(`[CDPInterceptor ${ts}] ${message}`, JSON.stringify(meta));
+      } else {
+        console.log(`[CDPInterceptor ${ts}] ${message}`);
+      }
+    },
+    log(method, direction, sessionId, payload, decision) {
+      const entry = {
+        timestamp: Date.now(),
+        direction,
+        sessionId,
+        method,
+        payload: sanitizePayload(payload),
+        decision: decision ?? void 0
+      };
+      if (config.enableLogging) {
+        buffer.push(entry);
+        if (buffer.length > MAX_BUFFER) buffer.shift();
+        const tag = decision ? decision.action === "block" ? "\u{1F6AB}BLOCK" : decision.action === "transform" ? "\u{1F504}XFMR" : "\u2705" : "  ";
+        const reason = decision ? ` [${decision.severity}] ${decision.reason}` : "";
+        console.log(`[CDP] ${tag} ${direction} ${method}${reason}`);
+      }
+      return entry;
+    },
+    getRecent(count) {
+      return buffer.slice(-count);
+    },
+    flush() {
+      buffer.length = 0;
+    }
+  };
+}
+function sanitizePayload(payload) {
+  if (typeof payload !== "object" || payload === null) return { raw: String(payload) };
+  const obj = payload;
+  const cleaned = {};
+  for (const [key, value] of Object.entries(obj)) {
+    if (key === "data" && typeof value === "string" && value.length > 200) {
+      cleaned[key] = `<binary: ${value.length} chars>`;
+    } else if (key === "expression" && typeof value === "string" && value.length > 500) {
+      cleaned[key] = value.substring(0, 500) + "...";
+    } else {
+      cleaned[key] = value;
+    }
+  }
+  return cleaned;
+}
+
+// src/cdp-interceptor/advisor.ts
+function formatBlockMessage(decision, method) {
+  const adv = advise(decision, method);
+  const lines = [
+    `[CDP-FIREWALL-BLOCK] rule=${decision.ruleId}`,
+    `method=${method}`,
+    `reason=${decision.reason}`,
+    `suggestion=${decision.suggestion ?? adv.detail}`
+  ];
+  if (adv.codeExample) {
+    lines.push(`code-example=`);
+    lines.push(adv.codeExample);
+  }
+  return lines.join("\n");
+}
+function advise(decision, originalMethod) {
+  const baseAdvice = getBaseAdvice(decision, originalMethod);
+  return {
+    ruleId: decision.ruleId,
+    title: baseAdvice.title,
+    detail: decision.suggestion ?? baseAdvice.detail,
+    codeExample: baseAdvice.codeExample
+  };
+}
+function getBaseAdvice(decision, method) {
+  switch (decision.ruleId) {
+    case "dom-mutation":
+      return {
+        title: "Direct DOM property mutation blocked",
+        detail: `Your ${method} call tried to set a DOM property directly. In React/Vue/Angular, this bypasses the framework's virtual DOM completely meaning onChange/onInput never fires. The website CAN detect this mismatch as automation.`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 what you tried to do:",
+          `page.evaluate(\`el.value = 'hello'\`)  # triggers isTrusted=false`,
+          "",
+          "# \u2705 USE INSTEAD \u2014 proper CDP input dispatch:",
+          "page.fill('#selector', 'hello')           # Playwright: dispatches input+change events",
+          "page.type('#selector', 'hello', {delay})  # Playwright: real keystrokes",
+          "page.locator('#selector').fill('hello')   # Playwright: recommended API"
+        ].join("\n")
+      };
+    case "mouse-trajectory":
+      return {
+        title: "Unnatural mouse trajectory blocked",
+        detail: `Your ${method} sequence formed a perfectly linear path. Human hands have micro-tremors (1-3px variation at any point along the arc), acceleration curves, and never draw straight lines between distant points.`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 linear interpolation:",
+          "for i in range(20):",
+          "    page.mouse.move(x0 + (x1-x0)*(i/20), y0 + (y1-y0)*(i/20))",
+          "",
+          "# \u2705 USE INSTEAD \u2014 Bezier curves with overshoot:",
+          '# Use "ghost-cursor" or similar library',
+          "from ghost_cursor import path_to",
+          "path_to(page, (x1, y1))"
+        ].join("\n")
+      };
+    case "input-keystroke":
+      if (method === "Input.insertText") {
+        return {
+          title: "Input.insertText detected (logged, not blocked)",
+          detail: "Input.insertText bypasses native keyDown\u2192keyPress\u2192input\u2192keyUp events. Playwright uses this internally for page.fill(). Logged for observability."
+        };
+      }
+      return {
+        title: "Unnatural keystroke timing blocked",
+        detail: `Your ${method} calls have unnaturally constant timing (e.g., exact 50ms intervals). Human typing always has variation (CV > 0.2).`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 exact constant delay:",
+          "page.type('#input', 'hello', {delay: 50})  # every keystroke exactly 50ms apart",
+          "",
+          "# \u2705 USE INSTEAD \u2014 variable delay (human-like):",
+          "page.fill('#input', 'hello')               # recommended, dispatches events properly",
+          "# OR: type with randomized delay",
+          "page.type('#input', 'hello', {delay: 50 + Math.floor(Math.random() * 80)})"
+        ].join("\n")
+      };
+    case "automation-signals":
+      return {
+        title: "Browser automation marker detected",
+        detail: `Your ${method} call accessed a property/marker that anti-crawler systems check to detect automation. These markers (navigator.webdriver, window.__playwright, etc.) are the #1 detection vector.`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 don't check for automation markers:",
+          "navigator.webdriver      # NEVER check this",
+          "window.__playwright      # NEVER check this",
+          "chrome.runtime           # NEVER check this",
+          "",
+          "# \u2705 Just go about your business normally.",
+          "# Anti-detection is handled by the CDP firewall automatically."
+        ].join("\n")
+      };
+    case "fingerprinting":
+      return {
+        title: "Browser fingerprinting API access blocked",
+        detail: `Your ${method} call accessed a known fingerprinting API. These APIs (canvas.toDataURL, WebGL getParameter, AudioContext, etc.) are used by anti-crawler systems to build a unique device fingerprint.`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 fingerprinting vector:",
+          "canvas.toDataURL()                        # returns unique browser hash",
+          'gl.getParameter(gl.VENDOR)                # returns "SwiftShader" in headless',
+          "screen.availWidth - screen.availHeight    # no OS chrome in headless",
+          "",
+          "# \u2705 Avoid accessing these APIs. They are only used for fingerprinting."
+        ].join("\n")
+      };
+    case "event-simulation":
+      return {
+        title: "Synthetic event simulation blocked",
+        detail: `Your ${method} call simulated user interaction via el.click() or dispatchEvent(new Event(...)). These produce isTrusted=false events, which are 100% detectable by any anti-crawler that checks isTrusted on critical events.`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 synthetic events (isTrusted=false):",
+          "el.click()                                 # isTrusted=false",
+          'el.dispatchEvent(new Event("click"))       # isTrusted=false',
+          "el.focus()                                 # isTrusted=false",
+          "",
+          "# \u2705 USE INSTEAD \u2014 CDP-level input dispatch (isTrusted=true):",
+          "page.click(selector)                       # uses Input.dispatchMouseEvent",
+          "page.fill(selector, value)                 # dispatches real input events"
+        ].join("\n")
+      };
+    case "emulation-override":
+      return {
+        title: "CDP emulation override blocked",
+        detail: `Your ${method} call overrides browser behavior in a way that creates detectable inconsistencies. Anti-crawler systems cross-check multiple sources (e.g., navigator.userAgent vs HTTP User-Agent header) to catch these mismatches.`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 detectable emulation override:",
+          "Emulation.setUserAgentOverride(...)        # JS vs HTTP header mismatch",
+          "Emulation.setGeolocationOverride(...)       # IP geo vs overridden geo mismatch",
+          "Emulation.setDeviceMetricsOverride(...)     # matchMedia vs actual viewport",
+          "",
+          "# \u2705 These are handled automatically by the CDP firewall.",
+          "# Do NOT call them manually."
+        ].join("\n")
+      };
+    case "network-anomaly":
+      return {
+        title: "Network anomaly detected",
+        detail: `Your ${method} call triggered a network pattern that is characteristic of scrapers: blocking URLs, clearing caches, or intercepting requests.`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 scraper optimization:",
+          "Network.clearBrowserCache()                # natural users never do this",
+          'Network.setBlockedURLs(["*fonts*"])        # blocking resources is detectable',
+          "Fetch.enable()                             # MITM-style interception",
+          "",
+          "# \u2705 Let the browser manage its own cache and network normally."
+        ].join("\n")
+      };
+    case "page-lifecycle":
+      return {
+        title: "Suspicious page lifecycle pattern blocked",
+        detail: `Your ${method} call reveals an unnatural page interaction sequence: navigating too fast, taking screenshots before the page renders, or generating PDFs (a telltale scraper giveaway).`,
+        codeExample: [
+          "# \u274C BLOCKED \u2014 unnatural lifecycle:",
+          "page.goto(url); page.pdf()                 # PDF = scraper giveaway",
+          "page.goto(url); page.screenshot() <500ms   # screenshot before render",
+          "page.goto(url) 3x in <100ms               # rapid navigation barrage",
+          "",
+          "# \u2705 Add proper waits between actions:",
+          'page.goto(url, {waitUntil: "networkidle"})',
+          'page.waitForSelector("body")',
+          "page.screenshot()                          # after rendering"
+        ].join("\n")
+      };
+    default:
+      return {
+        title: decision.reason,
+        detail: decision.suggestion ?? `The CDP call "${method}" was blocked by rule "${decision.ruleId}".`
+      };
+  }
+}
+
+// src/cdp-interceptor/proxy.ts
+function makeCompoundId(cdpSessionId, rawSessionId) {
+  return `${cdpSessionId ?? "nil"}::${rawSessionId ?? "nil"}`;
+}
+var CDPInterceptorProxy = class {
+  wss = null;
+  engine;
+  config;
+  logger;
+  started = false;
+  stats = {
+    totalMessages: 0,
+    blockedMessages: 0,
+    transformedMessages: 0,
+    passedMessages: 0,
+    byRule: {}
+  };
+  constructor(config) {
+    this.config = config;
+    this.engine = createRuleEngine(config.rules);
+    this.logger = createLogger({
+      enableLogging: config.enableLogging ?? true,
+      logDir: config.logDir
+    });
+  }
+  /** The port the proxy is listening on (only valid after start()) */
+  get port() {
+    const addr = this.wss?.address();
+    if (addr && typeof addr === "object") return addr.port;
+    return 0;
+  }
+  /** Start the proxy server */
+  async start() {
+    if (this.started) return this.port;
+    return new Promise((resolve, reject) => {
+      this.wss = new WebSocketServer({ port: this.config.listenPort ?? 0 }, () => {
+        const port = this.port;
+        this.engine.start();
+        this.started = true;
+        this.logger.info("CDP interceptor proxy started", { port, endpoint: this.config.cdpEndpoint });
+        resolve(port);
+      });
+      this.wss.on("error", reject);
+      this.wss.on("connection", (clientWs, _req) => {
+        this.handleConnection(clientWs);
+      });
+    });
+  }
+  /** Stop the proxy server */
+  async stop() {
+    this.engine.stop();
+    this.logger.flush();
+    this.started = false;
+    return new Promise((resolve) => {
+      if (!this.wss) return resolve();
+      this.wss.close(() => resolve());
+      this.wss = null;
+    });
+  }
+  /** Get accumulated statistics */
+  getStats() {
+    return { ...this.stats };
+  }
+  /** Get recent log entries (for inspection) */
+  getRecentLogs(count = 50) {
+    return this.logger.getRecent(count);
+  }
+  // ── Connection handling ──────────────────────────────────────
+  handleConnection(clientWs) {
+    let browserWs = null;
+    let isAlive = true;
+    const pendingMessages = [];
+    browserWs = new WebSocket2(this.config.cdpEndpoint);
+    clientWs.on("message", (raw) => {
+      if (browserWs && browserWs.readyState === WebSocket2.OPEN) {
+        this.handleClientMessage(clientWs, browserWs, raw);
+      } else {
+        pendingMessages.push(raw);
+      }
+    });
+    browserWs.on("open", () => {
+      for (const buf of pendingMessages) {
+        this.handleClientMessage(clientWs, browserWs, buf);
+      }
+      pendingMessages.length = 0;
+    });
+    browserWs.on("error", (err) => {
+      this.logger.info("Browser WebSocket error", { error: String(err) });
+    });
+    browserWs.on("close", (code, reason) => {
+      if (isAlive && clientWs.readyState === WebSocket2.OPEN) {
+        this.logger.info("Browser WS closed, closing client", { code, reason: String(reason) });
+        clientWs.close();
+      }
+    });
+    browserWs.on("message", (raw) => {
+      this.handleBrowserMessage(clientWs, browserWs, raw);
+    });
+    const cleanup = () => {
+      isAlive = false;
+      if (browserWs && browserWs.readyState === WebSocket2.OPEN) {
+        browserWs.close();
+      }
+    };
+    clientWs.on("close", cleanup);
+    clientWs.on("error", cleanup);
+    browserWs.on("close", () => {
+      if (isAlive && clientWs.readyState === WebSocket2.OPEN) {
+        clientWs.close();
+      }
+    });
+    browserWs.on("error", cleanup);
+  }
+  // ── Message processing ───────────────────────────────────────
+  handleClientMessage(clientWs, browserWs, raw) {
+    const msg = this.parseMessage(raw);
+    if (!msg) return;
+    this.stats.totalMessages++;
+    if (!("method" in msg)) {
+      browserWs.send(raw.toString());
+      return;
+    }
+    const request = msg;
+    const ctx = {
+      method: request.method,
+      params: request.params ?? {},
+      sessionId: makeCompoundId(browserWs._cdpSession, request.sessionId),
+      direction: "client\u2192browser"
+    };
+    const decision = this.engine.evaluate(ctx);
+    this.logger.log(ctx.method, "client\u2192browser", ctx.sessionId, { method: ctx.method, params: ctx.params }, decision);
+    if (decision) {
+      this.recordDecision(decision);
+    }
+    if (decision?.action === "block") {
+      const blockMsg = formatBlockMessage(decision, ctx.method);
+      const errorResponse = {
+        id: request.id,
+        error: {
+          code: decision.errorCode ?? -32e3,
+          message: blockMsg
+        },
+        sessionId: request.sessionId
+      };
+      this.stats.blockedMessages++;
+      console.error(`
+${blockMsg}
+`);
+      clientWs.send(JSON.stringify(errorResponse));
+      return;
+    }
+    if (decision?.action === "transform" && decision.transformedParams) {
+      const transformed = { ...request, params: decision.transformedParams };
+      this.stats.transformedMessages++;
+      browserWs.send(JSON.stringify(transformed));
+      return;
+    }
+    this.stats.passedMessages++;
+    browserWs.send(raw.toString());
+  }
+  handleBrowserMessage(clientWs, _browserWs, raw) {
+    const msg = this.parseMessage(raw);
+    if (!msg) {
+      clientWs.send(raw.toString());
+      return;
+    }
+    if ("method" in msg) {
+      const event = msg;
+      const ctx = {
+        method: event.method,
+        params: event.params ?? {},
+        sessionId: event.sessionId ?? "browser",
+        direction: "browser\u2192client"
+      };
+      const decision = this.engine.evaluate(ctx);
+      if (decision?.action === "block") {
+        return;
+      }
+    }
+    clientWs.send(raw.toString());
+  }
+  // ── Utilities ────────────────────────────────────────────────
+  parseMessage(raw) {
+    try {
+      return JSON.parse(raw.toString());
+    } catch {
+      return null;
+    }
+  }
+  recordDecision(decision) {
+    if (!this.stats.byRule[decision.ruleId]) {
+      this.stats.byRule[decision.ruleId] = { matched: 0, blocked: 0, transformed: 0 };
+    }
+    this.stats.byRule[decision.ruleId].matched++;
+    if (decision.action === "block") {
+      this.stats.byRule[decision.ruleId].blocked++;
+    } else if (decision.action === "transform") {
+      this.stats.byRule[decision.ruleId].transformed++;
+    }
+  }
+};
+
+// src/utils/cdp.ts
+async function fetchNoProxy(url) {
+  const savedProxy = {
+    http_proxy: process.env.http_proxy,
+    https_proxy: process.env.https_proxy,
+    HTTP_PROXY: process.env.HTTP_PROXY,
+    HTTPS_PROXY: process.env.HTTPS_PROXY,
+    all_proxy: process.env.all_proxy,
+    ALL_PROXY: process.env.ALL_PROXY
+  };
+  for (const key of Object.keys(savedProxy)) delete process.env[key];
+  try {
+    return await fetch(url);
+  } finally {
+    for (const [key, val] of Object.entries(savedProxy)) {
+      if (val !== void 0) process.env[key] = val;
+    }
+  }
+}
+async function resolveCDPEndpoint(raw) {
+  if (raw === "auto") {
+    const httpResp = await fetchNoProxy("http://localhost:9222/json/version");
+    const data = await httpResp.json();
+    if (!data.webSocketDebuggerUrl) {
+      throw new Error("Could not auto-discover CDP endpoint from localhost:9222");
+    }
+    return data.webSocketDebuggerUrl;
+  }
+  if (/^\d+$/.test(raw)) {
+    const port = raw;
+    const httpResp = await fetchNoProxy(`http://localhost:${port}/json/version`);
+    const data = await httpResp.json();
+    if (!data.webSocketDebuggerUrl) {
+      throw new Error(`Could not discover CDP endpoint from localhost:${port}`);
+    }
+    return data.webSocketDebuggerUrl;
+  }
+  if (raw.startsWith("http://") || raw.startsWith("https://")) {
+    try {
+      const httpResp = await fetchNoProxy(`${raw}/json/version`);
+      const data = await httpResp.json();
+      if (!data.webSocketDebuggerUrl) {
+        throw new Error(`Could not discover CDP endpoint from ${raw}`);
+      }
+      return data.webSocketDebuggerUrl;
+    } catch (error) {
+      console.warn(`Failed to fetch WebSocket URL from ${raw}, using endpoint directly: ${error instanceof Error ? error.message : String(error)}`);
+      return raw;
+    }
+  }
+  return raw;
+}
+
+// src/browser.ts
+import { SessionStore } from "@dyyz1993/xcli-core";
+function logSessionEvent(event, details) {
+  const ts = (/* @__PURE__ */ new Date()).toISOString().replace("T", " ").substring(0, 19);
+  const pid = process.pid;
+  console.error(`[SESSION] ${ts} [PID:${pid}] ${event} | ${details}`);
+}
+var SESSION_DIR = join(homedir(), ".xbrowser", "sessions");
+function sessionFile(name) {
+  return join(SESSION_DIR, `${name}.json`);
+}
+function ensureSessionDir() {
+  mkdirSync(SESSION_DIR, { recursive: true });
+}
+var sessions = new SessionStore();
+var _sharedBrowser = null;
+var _sharedCdpProxy = null;
+var IDLE_TIMEOUT_MS = (process.env.XBROWSER_IDLE_TIMEOUT ? parseInt(process.env.XBROWSER_IDLE_TIMEOUT, 10) : 30) * 60 * 1e3;
+var idleTimer = null;
+function resetIdleTimer() {
+  if (idleTimer) clearTimeout(idleTimer);
+  idleTimer = setTimeout(async () => {
+    const now = Date.now();
+    let allIdle = true;
+    const idleSessions = [];
+    for (const s of sessions) {
+      if (now - s.lastActivityAt < IDLE_TIMEOUT_MS) {
+        allIdle = false;
+      } else {
+        idleSessions.push(`${s.name}(${(now - s.lastActivityAt) / 1e3}s idle)`);
+      }
+    }
+    if (allIdle && (sessions.size > 0 || _sharedBrowser)) {
+      logSessionEvent("idle_timeout", `Sessions idle for >${IDLE_TIMEOUT_MS / 6e4}min. Sessions: ${idleSessions.join(", ") || "all"}. Calling destroyBrowser()`);
+      await destroyBrowser().catch(() => {
+      });
+    }
+  }, IDLE_TIMEOUT_MS);
+  if (idleTimer && typeof idleTimer.unref === "function") {
+    idleTimer.unref();
+  }
+}
+function touchSession(id) {
+  const s = sessions.get(id);
+  if (s) s.lastActivityAt = Date.now();
+  resetIdleTimer();
+}
+process.on("exit", () => {
+  for (const session of sessions.list()) {
+    if (session.isCDP) {
+      logSessionEvent("process_exit", `Session "${session.name}": CDP connection (not closing external browser).`);
+    } else {
+      logSessionEvent("process_exit", `Session "${session.name}": Closing browser.`);
+      try {
+        session.browser?.close();
+      } catch {
+      }
+    }
+  }
+  if (_sharedBrowser) {
+    logSessionEvent("process_exit", "Closing shared browser.");
+    try {
+      _sharedBrowser.close();
+    } catch {
+    }
+    _sharedBrowser = null;
+  }
+  if (_sharedCdpProxy) {
+    try {
+      _sharedCdpProxy.stop();
+    } catch {
+    }
+    _sharedCdpProxy = null;
+  }
+  sessions.clear();
+});
+async function getCDPTargets2(cdpEndpoint) {
+  try {
+    const ep = String(cdpEndpoint);
+    let host = "localhost";
+    let port = "9222";
+    if (ep.startsWith("http://") || ep.startsWith("https://")) {
+      const u = new URL(ep);
+      host = u.hostname;
+      port = u.port || "9222";
+    } else if (/^\d+$/.test(ep)) {
+      port = ep;
+    }
+    const url = `http://${host}:${port}/json/list`;
+    const resp = await fetch(url);
+    return await resp.json();
+  } catch {
+    return [];
+  }
+}
+async function findTargetPage(cdpEndpoint, target) {
+  const targets = await getCDPTargets2(cdpEndpoint);
+  const pages = targets.filter((t) => t.url && !t.url.startsWith("about:blank") && !t.url.startsWith("chrome://"));
+  const byId = pages.find((t) => t.id === target);
+  if (byId) return { pageId: byId.id, wsUrl: byId.webSocketDebuggerUrl, title: byId.title, url: byId.url };
+  const lowerTarget = target.toLowerCase();
+  const byTitle = pages.find((t) => t.title && t.title.toLowerCase().includes(lowerTarget));
+  if (byTitle) return { pageId: byTitle.id, wsUrl: byTitle.webSocketDebuggerUrl, title: byTitle.title, url: byTitle.url };
+  const byUrl = pages.find((t) => t.url.toLowerCase().includes(lowerTarget));
+  if (byUrl) return { pageId: byUrl.id, wsUrl: byUrl.webSocketDebuggerUrl, title: byUrl.title, url: byUrl.url };
+  return null;
+}
+function resolveLaunchOpts(ctx) {
+  if (ctx.cdpEndpoint) {
+    return { cdpEndpoint: ctx.cdpEndpoint };
+  }
+  return { headless: true };
+}
+var CHROMIUM_CANDIDATES = [
+  "/Applications/Chromium.app/Contents/MacOS/Chromium",
+  "/Applications/Google Chrome.app/Contents/MacOS/Google Chrome",
+  "/usr/bin/chromium-browser",
+  "/usr/bin/chromium",
+  "/usr/bin/google-chrome"
+];
+function discoverChromiumPath() {
+  for (const p of CHROMIUM_CANDIDATES) {
+    if (existsSync(p)) return p;
+  }
+  return void 0;
+}
+async function createBrowser(options) {
+  if (options?.cdpEndpoint) {
+    const realEndpoint = await resolveCDPEndpoint(options.cdpEndpoint);
+    if (options.intercept) {
+      const config = typeof options.intercept === "object" ? { ...options.intercept, cdpEndpoint: realEndpoint } : { cdpEndpoint: realEndpoint };
+      _sharedCdpProxy = new CDPInterceptorProxy(config);
+      const proxyPort = await _sharedCdpProxy.start();
+      console.error(`[CDP Interceptor] Proxy running on ws://localhost:${proxyPort}, forwarding to ${realEndpoint}`);
+      const { browser: browser3 } = await launch({ cdpEndpoint: `ws://localhost:${proxyPort}` });
+      return browser3;
+    }
+    const { browser: browser2 } = await launch({ cdpEndpoint: realEndpoint });
+    await browser2.discoverContexts().catch((err) => {
+      console.error(`[browser] discoverContexts failed: ${err.message}`);
+    });
+    return browser2;
+  }
+  const executablePath = options?.executablePath || process.env.XBROWSER_CHROMIUM_PATH || discoverChromiumPath();
+  const { browser } = await launch({ executablePath, headless: options?.headless ?? true });
+  return browser;
+}
+async function getBrowser(options) {
+  if (_sharedBrowser) return _sharedBrowser;
+  _sharedBrowser = await createBrowser(options);
+  if (options?.cdpEndpoint && options.intercept) {
+  }
+  return _sharedBrowser;
+}
+function findSession(name) {
+  return sessions.find(name);
+}
+function getSessionById(id) {
+  return sessions.get(id);
+}
+function setActivePage(session, page) {
+  session.page = page;
+  session.lastActivityAt = Date.now();
+}
+function saveSessionDiskMeta(name, data) {
+  ensureSessionDir();
+  const file = sessionFile(name);
+  let existing = {};
+  try {
+    existing = JSON.parse(readFileSync(file, "utf8"));
+  } catch {
+  }
+  Object.assign(existing, data, { name });
+  writeFileSync(file, JSON.stringify(existing, null, 2));
+}
+function readSessionDiskMeta(name) {
+  const file = sessionFile(name);
+  try {
+    return JSON.parse(readFileSync(file, "utf8"));
+  } catch {
+    return null;
+  }
+}
+function deleteSessionDiskMeta(name) {
+  const file = sessionFile(name);
+  try {
+    unlinkSync(file);
+  } catch {
+  }
+}
+async function findOrRestoreSession(name, cdpEndpoint) {
+  const inMem = findSession(name);
+  if (inMem) return inMem;
+  const meta = readSessionDiskMeta(name);
+  if (!meta) return void 0;
+  const ep = cdpEndpoint || meta.cdpEndpoint;
+  if (!ep) return void 0;
+  try {
+    const b = await createBrowser({ cdpEndpoint: ep });
+    await new Promise((r) => setTimeout(r, 500));
+    let contexts = b.contexts();
+    if (contexts.length === 0) {
+      await new Promise((r) => setTimeout(r, 500));
+      contexts = b.contexts();
+    }
+    const context = contexts[0] || await b.newContext();
+    const savedUrl = meta.conversationUrl || meta.url;
+    const targetHostname = savedUrl ? (() => {
+      try {
+        return new URL(savedUrl).hostname;
+      } catch {
+        return "";
+      }
+    })() : "";
+    let page = null;
+    let fallbackPage = null;
+    for (const ctx of contexts) {
+      const pages = ctx.pages();
+      for (const p of pages) {
+        const pUrl = p.url();
+        if (pUrl && pUrl !== "about:blank" && !pUrl.startsWith("chrome://")) {
+          if (targetHostname && pUrl.includes(targetHostname)) {
+            page = p;
+            break;
+          }
+          if (!fallbackPage) {
+            fallbackPage = p;
+          }
+        }
+      }
+      if (page) break;
+    }
+    page = page || fallbackPage;
+    if (!page) {
+      const targets = await getCDPTargets2(ep);
+      const matchTarget = targets.find(
+        (t) => t.url && t.url !== "about:blank" && !t.url.startsWith("chrome://") && (targetHostname ? t.url.includes(targetHostname) : true)
+      );
+      if (matchTarget && matchTarget.url) {
+        page = await context.newPage();
+        await page.goto(matchTarget.url, { waitUntil: "domcontentloaded", timeout: 15e3 }).catch(() => {
+        });
+      }
+    }
+    if (!page) {
+      const pages = context.pages();
+      page = pages.length > 0 ? pages[0] : await context.newPage();
+    }
+    try {
+      await Promise.race([
+        page.evaluate(() => true),
+        new Promise((_, reject) => setTimeout(() => reject(new Error("timeout")), 3e3))
+      ]);
+    } catch {
+      console.log(`[Session] "${name}" restored page unresponsive, creating fresh session`);
+      deleteSessionDiskMeta(name);
+      return void 0;
+    }
+    const targetUrl = meta.conversationUrl || meta.url;
+    if (targetUrl && page.url() !== targetUrl) {
+      try {
+        if (!page.url().includes(new URL(targetUrl).hostname)) {
+          await page.goto(targetUrl, { waitUntil: "domcontentloaded", timeout: 3e4 }).catch(() => {
+          });
+        }
+      } catch {
+      }
+    }
+    const session = {
+      id: meta.id || randomUUID(),
+      name,
+      context,
+      page,
+      browser: b,
+      createdAt: meta.createdAt || (/* @__PURE__ */ new Date()).toISOString(),
+      lastActivityAt: Date.now(),
+      isCDP: true,
+      cdpEndpoint: ep
+    };
+    for (const existingSession of sessions.list()) {
+      if (existingSession.name === name) {
+        logSessionEvent("remove_stale", `Removing stale session name="${name}" id="${existingSession.id}" during restore`);
+        sessions.removeById(existingSession.id);
+      }
+    }
+    sessions.set(session);
+    resetIdleTimer();
+    await installNetworkCapture(page, name);
+    return session;
+  } catch (e) {
+    console.error(`[Session Restore] Failed for "${name}":`, e.message);
+    deleteSessionDiskMeta(name);
+    return void 0;
+  }
+}
+async function createEphemeralContext(options) {
+  if (options?.cdpEndpoint) {
+    const endpoint = await resolveCDPEndpoint(options.cdpEndpoint);
+    const { browser: b2 } = await launch({ cdpEndpoint: endpoint });
+    const contexts = b2.contexts();
+    const ctx = contexts[0] || await b2.newContext();
+    const allPages = ctx.pages();
+    const existingPages = allPages.filter((p) => {
+      const url = p.url();
+      return url !== "about:blank" && !url.startsWith("chrome://");
+    });
+    const page2 = existingPages.length > 0 ? existingPages[0] : allPages.length > 0 ? allPages[0] : await ctx.newPage();
+    resetIdleTimer();
+    ephemeralConnections.set(page2, b2);
+    return { context: ctx, page: page2 };
+  }
+  const b = await getBrowser(options);
+  const context = await b.newContext();
+  const page = await context.newPage();
+  resetIdleTimer();
+  return { context, page };
+}
+var ephemeralConnections = /* @__PURE__ */ new WeakMap();
+async function closeEphemeralContext(context) {
+  try {
+    const pages = context.pages();
+    for (const p of pages) {
+      const conn = ephemeralConnections.get(p);
+      if (conn) {
+        ephemeralConnections.delete(p);
+        await conn.close();
+        break;
+      }
+    }
+    await context.close();
+  } catch {
+  }
+  if (sessions.size === 0 && idleTimer) {
+    clearTimeout(idleTimer);
+    idleTimer = null;
+  }
+}
+function getAllSessions() {
+  return sessions.list();
+}
+async function installNetworkCapture(page, sessionName) {
+  if (process.env.XBROWSER_DAEMON_WORKER !== "1") return;
+  const { networkStore } = await import("./network-store-YVDNUREI.js");
+  const requestData = /* @__PURE__ */ new Map();
+  const responseMeta = /* @__PURE__ */ new Map();
+  const xbPage = page;
+  xbPage.on("request", (params) => {
+    try {
+      const p = params;
+      requestData.set(p.requestId, {
+        method: p.request.method,
+        headers: p.request.headers,
+        postData: p.request.postData ?? null,
+        resourceType: p.type
+      });
+    } catch {
+    }
+  });
+  xbPage.on("response", (params) => {
+    try {
+      const p = params;
+      responseMeta.set(p.requestId, {
+        status: p.response.status,
+        url: p.response.url,
+        headers: p.response.headers,
+        mimeType: p.response.mimeType,
+        type: p.type
+      });
+    } catch {
+    }
+  });
+  xbPage.on("requestfinished", async (params) => {
+    try {
+      const p = params;
+      const meta = responseMeta.get(p.requestId);
+      if (!meta) return;
+      const req = requestData.get(p.requestId);
+      const method = req?.method ?? "GET";
+      const contentType = meta.headers["content-type"] || meta.headers["Content-Type"] || "";
+      const resourceType = req?.resourceType ?? meta.type;
+      const requestHeaders = req?.headers ?? {};
+      let requestBody = void 0;
+      const isPostLike = ["POST", "PATCH", "PUT"].includes(method);
+      if (isPostLike && requestHeaders["content-type"]?.includes("application/json")) {
+        const postData = req?.postData;
+        if (postData) {
+          try {
+            requestBody = JSON.parse(postData);
+          } catch {
+            requestBody = postData;
+          }
+        }
+      }
+      let responseBody = void 0;
+      let size = 0;
+      const isJsonish = contentType.includes("json") || contentType.includes("javascript") || contentType.includes("text/");
+      if (isJsonish) {
+        try {
+          const bodyResult = await xbPage._cdpSend(
+            "Network.getResponseBody",
+            { requestId: p.requestId }
+          );
+          const text = bodyResult.body ?? "";
+          size = text.length;
+          if (size <= 10240) {
+            try {
+              responseBody = JSON.parse(text);
+            } catch {
+              responseBody = text.slice(0, 200);
+            }
+          }
+        } catch {
+        }
+      } else {
+        try {
+          const bodyResult = await xbPage._cdpSend(
+            "Network.getResponseBody",
+            { requestId: p.requestId }
+          );
+          size = bodyResult.body?.length ?? 0;
+        } catch {
+          size = 0;
+        }
+      }
+      networkStore.add(sessionName, {
+        timestamp: Date.now(),
+        method,
+        url: meta.url,
+        path: new URL(meta.url).pathname,
+        status: meta.status,
+        contentType,
+        size,
+        headers: meta.headers,
+        body: responseBody,
+        requestHeaders,
+        requestBody,
+        resourceType
+      });
+      requestData.delete(p.requestId);
+      responseMeta.delete(p.requestId);
+    } catch {
+    }
+  });
+}
+async function createSession(name, url, options) {
+  const existing = findSession(name);
+  if (existing) {
+    logSessionEvent("replace_session", `name="${name}" id="${existing.id}" \u2014 closing existing session before creating new one`);
+    await closeSessionByName(name);
+  }
+  const b = await createBrowser(options);
+  const isCDP = !!options?.cdpEndpoint;
+  let context;
+  let page;
+  if (isCDP) {
+    await new Promise((r) => setTimeout(r, 500));
+    let contexts = b.contexts();
+    if (contexts.length === 0) {
+      await new Promise((r) => setTimeout(r, 500));
+      contexts = b.contexts();
+    }
+    context = contexts[0] || await b.newContext();
+    let targetPage = null;
+    const targetHostname = url ? (() => {
+      try {
+        return new URL(url).hostname;
+      } catch {
+        return "";
+      }
+    })() : "";
+    if (targetHostname) {
+      for (const ctx of contexts) {
+        const pages = ctx.pages();
+        for (const p of pages) {
+          const pUrl = p.url();
+          if (pUrl && pUrl !== "about:blank" && !pUrl.startsWith("chrome://") && pUrl.includes(targetHostname)) {
+            targetPage = p;
+            break;
+          }
+        }
+        if (targetPage) break;
+      }
+    }
+    if (!targetPage) {
+      for (const ctx of contexts) {
+        const pages = ctx.pages();
+        for (const p of pages) {
+          const pUrl = p.url();
+          if (pUrl && pUrl !== "about:blank" && !pUrl.startsWith("chrome://")) {
+            targetPage = p;
+            break;
+          }
+        }
+        if (targetPage) break;
+      }
+    }
+    if (!targetPage && options?.cdpEndpoint) {
+      const targets = await getCDPTargets2(options.cdpEndpoint);
+      const matchTarget = targets.find(
+        (t) => t.url && t.url !== "about:blank" && !t.url.startsWith("chrome://") && (url ? t.url.includes(new URL(url).hostname) : true)
+      );
+      if (matchTarget && matchTarget.url) {
+        targetPage = await context.newPage();
+        await targetPage.goto(matchTarget.url, { waitUntil: "domcontentloaded", timeout: 15e3 }).catch(() => {
+        });
+      }
+    }
+    if (!targetPage) {
+      const pages = context.pages();
+      if (pages.length > 0) {
+        targetPage = pages[0];
+      } else {
+        targetPage = await context.newPage();
+      }
+    }
+    page = targetPage;
+  } else {
+    context = await b.newContext({ viewport: { width: 1920, height: 1080 } });
+    page = await context.newPage();
+  }
+  if (url && page.url() !== url) {
+    await page.goto(url, { waitUntil: "domcontentloaded", timeout: 15e3 }).catch(() => {
+    });
+  }
+  const session = {
+    id: randomUUID(),
+    name,
+    context,
+    page,
+    browser: b,
+    createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+    lastActivityAt: Date.now(),
+    isCDP,
+    cdpEndpoint: options?.cdpEndpoint
+  };
+  sessions.set(session);
+  logSessionEvent("create_session", `name="${name}" id="${session.id}" url="${url || "(no url)"}" isCDP=${isCDP} cdpEndpoint=${options?.cdpEndpoint || "(none)"}`);
+  resetIdleTimer();
+  await installNetworkCapture(page, name);
+  return session;
+}
+async function closeSessionByName(name) {
+  for (const session of sessions) {
+    if (session.name === name || session.id === name) {
+      logSessionEvent("close_session", `name="${session.name}" id="${session.id}" url="${session.page.url()}"`);
+      if (session.isCDP) {
+        try {
+          await session.page.close();
+        } catch {
+        }
+        if (session.browser) {
+          await session.browser.close().catch(() => {
+          });
+        }
+      } else {
+        await session.context.close();
+        if (session.browser) {
+          await session.browser.close().catch(() => {
+          });
+        }
+      }
+      sessions.removeById(session.id);
+      const file2 = sessionFile(session.name);
+      try {
+        unlinkSync(file2);
+      } catch {
+      }
+      try {
+        const { networkStore, commandLogStore } = await import("./network-store-YVDNUREI.js");
+        networkStore.clear(session.name);
+        commandLogStore.clear(session.name);
+      } catch {
+      }
+      try {
+        const { SessionRecorder } = await import("./session-recorder-RTDGURIJ.js");
+        SessionRecorder.cleanup(session.name);
+      } catch {
+      }
+      return true;
+    }
+  }
+  const file = sessionFile(name);
+  try {
+    unlinkSync(file);
+  } catch {
+  }
+  return false;
+}
+async function closeAllSessions() {
+  const names = sessions.list().map((s) => `${s.name}(${s.page.url()})`).join(", ");
+  if (names) logSessionEvent("close_all_sessions", `Closing ${sessions.size} sessions: ${names}`);
+  for (const session of sessions.list()) {
+    try {
+      if (!session.isCDP) {
+        await session.context.close();
+      }
+      if (session.browser) {
+        await session.browser.close().catch(() => {
+        });
+      }
+      sessions.removeById(session.id);
+    } catch {
+      sessions.removeById(session.id);
+    }
+  }
+}
+async function destroyBrowser() {
+  logSessionEvent("destroy_browser", `Sessions count: ${sessions.size}. Clearing idle timer and closing all browsers.`);
+  if (idleTimer) {
+    clearTimeout(idleTimer);
+    idleTimer = null;
+  }
+  await closeAllSessions();
+  if (_sharedBrowser) {
+    await _sharedBrowser.close().catch(() => {
+    });
+    _sharedBrowser = null;
+  }
+  if (_sharedCdpProxy) {
+    await _sharedCdpProxy.stop().catch(() => {
+    });
+    _sharedCdpProxy = null;
+  }
+}
+function resetForTesting() {
+  sessions.clear();
+  _sharedBrowser = null;
+  _sharedCdpProxy = null;
+  try {
+    for (const f of readdirSync(SESSION_DIR)) {
+      unlinkSync(join(SESSION_DIR, f));
+    }
+  } catch {
+  }
+}
+async function ensureProcessCanExit() {
+  if (idleTimer) {
+    clearTimeout(idleTimer);
+    idleTimer = null;
+  }
+  for (const session of sessions.list()) {
+    if (session.browser) {
+      if (session.isCDP) {
+        await session.browser.close().catch(() => {
+        });
+      } else {
+        await session.browser.close().catch(() => {
+        });
+      }
+    }
+  }
+  sessions.clear();
+  if (_sharedBrowser) {
+    await _sharedBrowser.close().catch(() => {
+    });
+    _sharedBrowser = null;
+  }
+  if (_sharedCdpProxy) {
+    await _sharedCdpProxy.stop().catch(() => {
+    });
+    _sharedCdpProxy = null;
+  }
+}
+
+export {
+  createRuleEngine,
+  touchSession,
+  findTargetPage,
+  resolveLaunchOpts,
+  createBrowser,
+  getBrowser,
+  findSession,
+  getSessionById,
+  setActivePage,
+  saveSessionDiskMeta,
+  readSessionDiskMeta,
+  deleteSessionDiskMeta,
+  findOrRestoreSession,
+  createEphemeralContext,
+  closeEphemeralContext,
+  getAllSessions,
+  createSession,
+  closeSessionByName,
+  closeAllSessions,
+  destroyBrowser,
+  resetForTesting,
+  ensureProcessCanExit
+};