barebrowse 0.5.8 → 0.5.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/barebrowse.context.md +3 -2
- package/mcp-server.js +11 -19
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -105,7 +105,7 @@ For code examples, API reference, and wiring instructions, see **[barebrowse.con
|
|
|
105
105
|
|
|
106
106
|
## What it handles automatically
|
|
107
107
|
|
|
108
|
-
Cookie consent walls (29 languages, with real mouse click fallback for stubborn CMPs), login walls (cookie extraction from your browsers), bot detection (stealth patches + automatic headed fallback
|
|
108
|
+
Cookie consent walls (29 languages, with real mouse click fallback for stubborn CMPs), login walls (cookie extraction from your browsers), bot detection (ARIA node count heuristic + stealth patches + automatic headed fallback — snapshot shows `[BOT CHALLENGE DETECTED]` warning when blocked), permission prompts, SPA navigation, JS dialogs, off-screen elements, pre-filled inputs, ARIA noise, and profile locking. The agent doesn't think about any of it.
|
|
109
109
|
|
|
110
110
|
## What the agent sees
|
|
111
111
|
|
package/barebrowse.context.md
CHANGED
|
@@ -76,9 +76,10 @@ const snapshot = await browse('https://example.com', {
|
|
|
76
76
|
| `waitForNetworkIdle(opts?)` | { timeout?: number, idle?: number } | void | Wait until no pending requests for `idle` ms (default 500) |
|
|
77
77
|
| `saveState(filePath)` | filePath: string | void | Export cookies + localStorage to JSON file |
|
|
78
78
|
| `injectCookies(url, opts?)` | url: string, { browser?: string } | void | Extract cookies from user's browser and inject via CDP |
|
|
79
|
+
| `botBlocked` | -- | boolean | True if last `goto()` hit a bot challenge (ARIA node count <50). Resets on each navigation. |
|
|
79
80
|
| `dialogLog` | -- | Array<{type, message, timestamp}> | Auto-dismissed JS dialog history |
|
|
80
81
|
| `cdp` | -- | object | Raw CDP session for escape hatch: `page.cdp.send(method, params)` |
|
|
81
|
-
| `createTab()` | -- | tab handle | New tab in same browser. Returns `{ goto, injectCookies, waitForNetworkIdle, cdp, close }`. Tab close doesn't affect session. |
|
|
82
|
+
| `createTab()` | -- | tab handle | New tab in same browser. Returns `{ goto, botBlocked, injectCookies, waitForNetworkIdle, cdp, close }`. Tab close doesn't affect session. |
|
|
82
83
|
| `close()` | -- | void | Close page, disconnect CDP, kill browser (if headless) |
|
|
83
84
|
|
|
84
85
|
**connect() options** (in addition to mode/port/consent):
|
|
@@ -154,7 +155,7 @@ barebrowse can inject cookies from the user's real browser sessions, bypassing l
|
|
|
154
155
|
| Off-screen elements | `DOM.scrollIntoViewIfNeeded` before every click | Both |
|
|
155
156
|
| Form submission | `press('Enter')` triggers onsubmit | Both |
|
|
156
157
|
| SPA navigation | `waitForNavigation()` uses loadEventFired + frameNavigated | Both |
|
|
157
|
-
| Bot detection |
|
|
158
|
+
| Bot detection | ARIA node count (<50 = bot-blocked) + text heuristics. `botBlocked` flag set after every `goto()`. Hybrid fallback switches to headed. Snapshot shows `[BOT CHALLENGE DETECTED]` warning. | Hybrid |
|
|
158
159
|
| `navigator.webdriver` | Stealth patches in headless (webdriver, plugins, chrome obj) | Headless |
|
|
159
160
|
| Profile locking | Unique temp dir per headless instance | Headless |
|
|
160
161
|
| Shared memory crash (Linux) | `--disable-dev-shm-usage` flag prevents `/dev/shm` exhaustion | Headless |
|
package/mcp-server.js
CHANGED
|
@@ -54,26 +54,18 @@ async function getPage() {
|
|
|
54
54
|
}
|
|
55
55
|
}
|
|
56
56
|
|
|
57
|
-
// Concurrency limiter
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
57
|
+
// Concurrency limiter — one assess at a time.
|
|
58
|
+
// Headless tabs are fast, but headed fallback uses the user's single browser.
|
|
59
|
+
// Running multiple headed navigations simultaneously hangs the browser.
|
|
60
|
+
let _assessLock = Promise.resolve();
|
|
61
61
|
|
|
62
62
|
function acquireAssessSlot() {
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
return new Promise((resolve) => _assessQueue.push(resolve));
|
|
63
|
+
let release;
|
|
64
|
+
const prev = _assessLock;
|
|
65
|
+
_assessLock = new Promise((r) => { release = r; });
|
|
66
|
+
return prev.then(() => release);
|
|
68
67
|
}
|
|
69
68
|
|
|
70
|
-
function releaseAssessSlot() {
|
|
71
|
-
if (_assessQueue.length > 0) {
|
|
72
|
-
_assessQueue.shift()();
|
|
73
|
-
} else {
|
|
74
|
-
_assessRunning--;
|
|
75
|
-
}
|
|
76
|
-
}
|
|
77
69
|
|
|
78
70
|
const TOOLS = [
|
|
79
71
|
{
|
|
@@ -292,7 +284,7 @@ async function handleToolCall(name, args) {
|
|
|
292
284
|
}
|
|
293
285
|
case 'assess': {
|
|
294
286
|
if (!assessFn) throw new Error('wearehere is not installed. Run: npm install wearehere');
|
|
295
|
-
await acquireAssessSlot();
|
|
287
|
+
const releaseSlot = await acquireAssessSlot();
|
|
296
288
|
try {
|
|
297
289
|
const runAssess = async (headed) => {
|
|
298
290
|
let tab;
|
|
@@ -351,7 +343,7 @@ async function handleToolCall(name, args) {
|
|
|
351
343
|
}
|
|
352
344
|
}
|
|
353
345
|
} finally {
|
|
354
|
-
|
|
346
|
+
releaseSlot();
|
|
355
347
|
}
|
|
356
348
|
}
|
|
357
349
|
default:
|
|
@@ -374,7 +366,7 @@ async function handleMessage(msg) {
|
|
|
374
366
|
return jsonrpcResponse(id, {
|
|
375
367
|
protocolVersion: '2024-11-05',
|
|
376
368
|
capabilities: { tools: {} },
|
|
377
|
-
serverInfo: { name: 'barebrowse', version: '0.5.
|
|
369
|
+
serverInfo: { name: 'barebrowse', version: '0.5.9' },
|
|
378
370
|
});
|
|
379
371
|
}
|
|
380
372
|
|