browser-use 0.6.1 → 0.7.0

package/dist/browser/watchdogs/default-action-watchdog.js

@@ -2,7 +2,26 @@ import fs from 'node:fs';
 import os from 'node:os';
 import path from 'node:path';
 import { ClickCoordinateEvent, ClickElementEvent, CloseTabEvent, FileDownloadedEvent, GetDropdownOptionsEvent, GoBackEvent, GoForwardEvent, NavigateToUrlEvent, RefreshEvent, ScrollEvent, ScrollToTextEvent, SelectDropdownOptionEvent, SendKeysEvent, SwitchTabEvent, TypeTextEvent, UploadFileEvent, WaitEvent, } from '../events.js';
+import { URLNotAllowedError } from '../views.js';
 import { BaseWatchdog } from './base.js';
+const chmodPrivatePath = (targetPath, mode) => {
+    if (process.platform === 'win32') {
+        return;
+    }
+    try {
+        fs.chmodSync(targetPath, mode);
+    }
+    catch {
+        /* best effort */
+    }
+};
+const ensurePrivateDirectoryIfCreated = (dirPath) => {
+    const existed = fs.existsSync(dirPath);
+    fs.mkdirSync(dirPath, { recursive: true, mode: 0o700 });
+    if (!existed) {
+        chmodPrivatePath(dirPath, 0o700);
+    }
+};
 export class DefaultActionWatchdog extends BaseWatchdog {
     static LISTENS_TO = [
         NavigateToUrlEvent,
@@ -158,26 +177,33 @@ export class DefaultActionWatchdog extends BaseWatchdog {
             return null;
         }
         try {
+            await this.browser_session.validate_page_after_action(page);
             const cdpSession = await this.browser_session.get_or_create_cdp_session(page);
+            await this.browser_session.validate_page_after_action(page);
             const result = await cdpSession.send?.('Page.printToPDF', {
                 printBackground: true,
                 preferCSSPageSize: true,
             });
+            await this.browser_session.validate_page_after_action(page);
             const pdfBase64 = result && typeof result.data === 'string' ? result.data : null;
             if (!pdfBase64) {
                 return null;
             }
             const downloadsPath = this.browser_session.browser_profile.downloads_path || os.tmpdir();
-            fs.mkdirSync(downloadsPath, { recursive: true });
+            ensurePrivateDirectoryIfCreated(downloadsPath);
+            await this.browser_session.validate_page_after_action(page);
             const title = typeof page.title === 'function' ? await page.title() : 'document';
+            await this.browser_session.validate_page_after_action(page);
             const suggestedName = this._sanitizeFilename(`${title || 'document'}.pdf`);
             const uniqueFilename = await this._getUniqueFilename(downloadsPath, suggestedName);
             const finalPath = path.join(downloadsPath, uniqueFilename);
             const content = Buffer.from(pdfBase64, 'base64');
-            fs.writeFileSync(finalPath, content);
+            fs.writeFileSync(finalPath, content, { mode: 0o600 });
+            chmodPrivatePath(finalPath, 0o600);
+            const pageUrl = typeof page.url === 'function' ? page.url() : '';
             await this.event_bus.dispatch(new FileDownloadedEvent({
                 guid: null,
-                url: typeof page.url === 'function' ? page.url() : '',
+                url: pageUrl,
                 path: finalPath,
                 file_name: uniqueFilename,
                 file_size: content.length,
@@ -188,6 +214,9 @@ export class DefaultActionWatchdog extends BaseWatchdog {
             return finalPath;
         }
         catch (error) {
+            if (error instanceof URLNotAllowedError) {
+                throw error;
+            }
             this.browser_session.logger.debug(`[DefaultActionWatchdog] Print-to-PDF failed: ${error.message}`);
             return null;
         }

package/dist/browser/watchdogs/downloads-watchdog.d.ts

@@ -66,12 +66,16 @@ export declare class DownloadsWatchdog extends BaseWatchdog {
     private _normalizeCallbackRegistration;
     private _startCdpDownloadMonitoring;
     private _stopCdpDownloadMonitoring;
+    private _getUrlDenialReason;
     private _handleNetworkResponse;
     private _handleNetworkLoadingFinished;
     private _normalizeHeaders;
     private _resolveSuggestedFilename;
+    private _decodeFilenameCandidate;
     private _sanitizeFilename;
     private _inferFileType;
     private _getUniqueFilename;
+    private _isPathContained;
+    private _realPathForMissingPath;
 }
 export {};

package/dist/browser/watchdogs/downloads-watchdog.js

@@ -2,6 +2,24 @@ import fs from 'node:fs';
 import path from 'node:path';
 import { BrowserConnectedEvent, BrowserLaunchEvent, BrowserStateRequestEvent, BrowserStoppedEvent, DownloadProgressEvent, DownloadStartedEvent, FileDownloadedEvent, NavigationCompleteEvent, TabClosedEvent, TabCreatedEvent, } from '../events.js';
 import { BaseWatchdog } from './base.js';
+const chmodPrivatePath = (targetPath, mode) => {
+    if (process.platform === 'win32') {
+        return;
+    }
+    try {
+        fs.chmodSync(targetPath, mode);
+    }
+    catch {
+        /* best effort */
+    }
+};
+const ensurePrivateDirectoryIfCreated = (dirPath) => {
+    const existed = fs.existsSync(dirPath);
+    fs.mkdirSync(dirPath, { recursive: true, mode: 0o700 });
+    if (!existed) {
+        chmodPrivatePath(dirPath, 0o700);
+    }
+};
 export class DownloadsWatchdog extends BaseWatchdog {
     static LISTENS_TO = [
         BrowserConnectedEvent,
@@ -36,7 +54,7 @@ export class DownloadsWatchdog extends BaseWatchdog {
         if (!downloadsPath) {
             return;
         }
-        fs.mkdirSync(downloadsPath, { recursive: true });
+        ensurePrivateDirectoryIfCreated(downloadsPath);
     }
     async on_BrowserStateRequestEvent(event) {
         const activeTab = this.browser_session.active_tab;
@@ -252,6 +270,26 @@ export class DownloadsWatchdog extends BaseWatchdog {
             this._cdpSession = null;
         }
     }
+    _getUrlDenialReason(url) {
+        const session = this.browser_session;
+        if (typeof session._get_url_access_denial_reason === 'function') {
+            try {
+                return session._get_url_access_denial_reason(url);
+            }
+            catch {
+                return 'blocked';
+            }
+        }
+        if (typeof session._is_url_allowed === 'function') {
+            try {
+                return session._is_url_allowed(url) ? null : 'blocked';
+            }
+            catch {
+                return 'blocked';
+            }
+        }
+        return null;
+    }
     async _handleNetworkResponse(payload) {
         const requestId = String(payload?.requestId ?? '');
         if (!requestId) {
@@ -273,6 +311,12 @@ export class DownloadsWatchdog extends BaseWatchdog {
         if (!isPdf && !isAttachment && !isBinary) {
             return;
         }
+        const denialReason = this._getUrlDenialReason(url);
+        if (denialReason) {
+            this._detectedDownloadUrls.add(url);
+            this.browser_session.logger.warning(`[DownloadsWatchdog] Blocked downloadable network response by domain policy: ${denialReason}`);
+            return;
+        }
         this._detectedDownloadUrls.add(url);
         const suggestedFilename = this._resolveSuggestedFilename(contentDisposition, url);
         const guid = `cdp-${requestId}`;
@@ -328,13 +372,18 @@ export class DownloadsWatchdog extends BaseWatchdog {
             if (!body) {
                 return;
             }
-            fs.mkdirSync(downloadsPath, { recursive: true });
+            ensurePrivateDirectoryIfCreated(downloadsPath);
             const uniqueFilename = await this._getUniqueFilename(downloadsPath, metadata.suggested_filename);
             const filePath = path.join(downloadsPath, uniqueFilename);
+            if (!this._isPathContained(filePath, downloadsPath)) {
+                this.browser_session.logger.debug(`[DownloadsWatchdog] Refusing to write download outside downloads_path: ${filePath}`);
+                return;
+            }
             const content = responseBody?.base64Encoded
                 ? Buffer.from(body, 'base64')
                 : Buffer.from(body, 'utf8');
-            fs.writeFileSync(filePath, content);
+            fs.writeFileSync(filePath, content, { mode: 0o600 });
+            chmodPrivatePath(filePath, 0o600);
             await this.event_bus.dispatch(new FileDownloadedEvent({
                 guid: metadata.guid,
                 url: metadata.url,
@@ -362,7 +411,7 @@ export class DownloadsWatchdog extends BaseWatchdog {
     _resolveSuggestedFilename(contentDisposition, url) {
         const filenameMatch = /filename\*=UTF-8''([^;]+)|filename="?([^";]+)"?/i.exec(contentDisposition);
         const fromHeader = filenameMatch?.[1] || filenameMatch?.[2] || '';
-        const candidate = decodeURIComponent(fromHeader || '').trim();
+        const candidate = this._decodeFilenameCandidate(fromHeader).trim();
         if (candidate) {
             return this._sanitizeFilename(candidate);
         }
@@ -378,9 +427,29 @@ export class DownloadsWatchdog extends BaseWatchdog {
         }
         return 'download';
     }
+    _decodeFilenameCandidate(filename) {
+        if (!filename) {
+            return '';
+        }
+        try {
+            return decodeURIComponent(filename);
+        }
+        catch {
+            return filename;
+        }
+    }
     _sanitizeFilename(filename) {
-        const sanitized = filename
-            .replace(/[\\/:*?"<>|]+/g, '_')
+        const basename = filename
+            .replace(/\0/g, '')
+            .replace(/\\/g, '/')
+            .split('/')
+            .pop()
+            ?.trim();
+        if (!basename || basename === '.' || basename === '..') {
+            return 'download';
+        }
+        const sanitized = basename
+            .replace(/[:*?"<>|]+/g, '_')
             .replace(/\s+/g, ' ')
             .trim();
         return sanitized || 'download';
@@ -396,9 +465,10 @@ export class DownloadsWatchdog extends BaseWatchdog {
         return null;
     }
     async _getUniqueFilename(directory, filename) {
-        const ext = path.extname(filename);
-        const basename = ext ? filename.slice(0, -ext.length) : filename;
-        let candidate = filename || 'download';
+        const safeFilename = this._sanitizeFilename(filename);
+        const ext = path.extname(safeFilename);
+        const basename = ext ? safeFilename.slice(0, -ext.length) : safeFilename;
+        let candidate = safeFilename || 'download';
         let counter = 1;
         while (fs.existsSync(path.join(directory, candidate))) {
             candidate = `${basename || 'download'}_${counter}${ext}`;
@@ -406,4 +476,30 @@ export class DownloadsWatchdog extends BaseWatchdog {
         }
         return candidate;
     }
+    _isPathContained(filePath, directory) {
+        const realDirectory = this._realPathForMissingPath(directory);
+        const realFilePath = this._realPathForMissingPath(filePath);
+        const relative = path.relative(realDirectory, realFilePath);
+        return (relative === '' ||
+            (relative !== '' &&
+                !relative.startsWith('..') &&
+                !path.isAbsolute(relative)));
+    }
+    _realPathForMissingPath(inputPath) {
+        const resolvedPath = path.resolve(inputPath);
+        if (fs.existsSync(resolvedPath)) {
+            return fs.realpathSync.native(resolvedPath);
+        }
+        const missingParts = [];
+        let existingParent = resolvedPath;
+        while (!fs.existsSync(existingParent)) {
+            const parent = path.dirname(existingParent);
+            if (parent === existingParent) {
+                return resolvedPath;
+            }
+            missingParts.unshift(path.basename(existingParent));
+            existingParent = parent;
+        }
+        return path.join(fs.realpathSync.native(existingParent), ...missingParts);
+    }
 }

package/dist/browser/watchdogs/har-recording-watchdog.d.ts

@@ -15,5 +15,6 @@ export declare class HarRecordingWatchdog extends BaseWatchdog {
     private _resolveAndPrepareHarPath;
     private _startCdpCaptureIfNeeded;
     private _writeHarFallbackIfNeeded;
+    private _getUrlDenialReason;
     private _teardownCapture;
 }

package/dist/browser/watchdogs/har-recording-watchdog.js

@@ -32,6 +32,31 @@ const normalizeHeaders = (input) => {
     }
     return {};
 };
+const chmodPrivatePath = (targetPath, mode) => {
+    if (process.platform === 'win32') {
+        return;
+    }
+    try {
+        fs.chmodSync(targetPath, mode);
+    }
+    catch {
+        /* best effort */
+    }
+};
+const ensurePrivateDirectoryIfCreated = (dirPath) => {
+    const existed = fs.existsSync(dirPath);
+    fs.mkdirSync(dirPath, { recursive: true, mode: 0o700 });
+    if (!existed) {
+        chmodPrivatePath(dirPath, 0o700);
+    }
+};
+const writePrivateFile = (filePath, contents) => {
+    fs.writeFileSync(filePath, contents, {
+        encoding: 'utf-8',
+        mode: 0o600,
+    });
+    chmodPrivatePath(filePath, 0o600);
+};
 export class HarRecordingWatchdog extends BaseWatchdog {
     static LISTENS_TO = [
         BrowserStartEvent,
@@ -74,6 +99,7 @@ export class HarRecordingWatchdog extends BaseWatchdog {
             return;
         }
         try {
+            chmodPrivatePath(resolvedPath, 0o600);
             const stat = fs.statSync(resolvedPath);
             if (stat.size === 0) {
                 await this.event_bus.dispatch(new BrowserErrorEvent({
@@ -113,7 +139,7 @@ export class HarRecordingWatchdog extends BaseWatchdog {
         if (!resolvedPath) {
             return null;
         }
-        fs.mkdirSync(path.dirname(resolvedPath), { recursive: true });
+        ensurePrivateDirectoryIfCreated(path.dirname(resolvedPath));
         this.browser_session.browser_profile.config.record_har_path = resolvedPath;
         return resolvedPath;
     }
@@ -132,6 +158,11 @@ export class HarRecordingWatchdog extends BaseWatchdog {
                 if (!requestId || !url.toLowerCase().startsWith('https://')) {
                     return;
                 }
+                const denialReason = this._getUrlDenialReason(url);
+                if (denialReason) {
+                    this.browser_session.logger.debug(`[HarRecordingWatchdog] Skipping HAR entry blocked by domain policy: ${denialReason}`);
+                    return;
+                }
                 const tsRequest = typeof payload?.timestamp === 'number' ? payload.timestamp : null;
                 this._entries.set(requestId, {
                     request_id: requestId,
@@ -292,8 +323,29 @@ export class HarRecordingWatchdog extends BaseWatchdog {
             },
         };
         const tempPath = `${resolvedPath}.tmp`;
-        fs.writeFileSync(tempPath, JSON.stringify(harObject, null, 2), 'utf-8');
+        writePrivateFile(tempPath, JSON.stringify(harObject, null, 2));
         fs.renameSync(tempPath, resolvedPath);
+        chmodPrivatePath(resolvedPath, 0o600);
+    }
+    _getUrlDenialReason(url) {
+        const session = this.browser_session;
+        if (typeof session._get_url_access_denial_reason === 'function') {
+            try {
+                return session._get_url_access_denial_reason(url);
+            }
+            catch {
+                return 'blocked';
+            }
+        }
+        if (typeof session._is_url_allowed === 'function') {
+            try {
+                return session._is_url_allowed(url) ? null : 'blocked';
+            }
+            catch {
+                return 'blocked';
+            }
+        }
+        return null;
     }
     async _teardownCapture() {
         if (!this._cdpSession) {

package/dist/browser/watchdogs/permissions-watchdog.d.ts

@@ -4,5 +4,10 @@ export declare class PermissionsWatchdog extends BaseWatchdog {
     static LISTENS_TO: (typeof BrowserConnectedEvent)[];
     static EMITS: (typeof BrowserErrorEvent)[];
     on_BrowserConnectedEvent(): Promise<void>;
+    private _grantScopedPermissions;
+    private _dispatchPermissionError;
+    private _getScopedPermissionOrigins;
+    private _domainCollectionToStrings;
+    private _originsForAllowedPattern;
     private _grantPermissionsViaCdp;
 }

package/dist/browser/watchdogs/permissions-watchdog.js

@@ -8,6 +8,11 @@ export class PermissionsWatchdog extends BaseWatchdog {
         if (!Array.isArray(permissions) || permissions.length === 0) {
             return;
         }
+        const scopedOrigins = this._getScopedPermissionOrigins();
+        if (scopedOrigins) {
+            await this._grantScopedPermissions(permissions, scopedOrigins);
+            return;
+        }
         let cdpError = null;
         try {
             const grantedWithCdp = await this._grantPermissionsViaCdp(permissions);
@@ -49,16 +54,114 @@ export class PermissionsWatchdog extends BaseWatchdog {
             }));
         }
     }
-    async _grantPermissionsViaCdp(permissions) {
+    async _grantScopedPermissions(permissions, origins) {
+        if (origins.length === 0) {
+            this.browser_session.logger.debug('[PermissionsWatchdog] Domain restrictions are active; skipping global permission grants because no concrete allowed origins can be resolved.');
+            return;
+        }
+        const context = this.browser_session.browser_context;
+        for (const origin of origins) {
+            let cdpError = null;
+            try {
+                const grantedWithCdp = await this._grantPermissionsViaCdp(permissions, origin);
+                if (grantedWithCdp) {
+                    continue;
+                }
+            }
+            catch (error) {
+                cdpError = error;
+            }
+            if (!context?.grantPermissions) {
+                if (cdpError) {
+                    await this._dispatchPermissionError(permissions, 'cdp', cdpError, origin);
+                }
+                continue;
+            }
+            try {
+                await context.grantPermissions(permissions, { origin });
+            }
+            catch (error) {
+                await this._dispatchPermissionError(permissions, 'playwright', error, origin, cdpError);
+            }
+        }
+    }
+    async _dispatchPermissionError(permissions, mode, error, origin, cdpError) {
+        await this.event_bus.dispatch(new BrowserErrorEvent({
+            error_type: 'PermissionsWatchdogError',
+            message: error.message ?? 'Failed to grant permissions',
+            details: {
+                permissions,
+                cdp_error: cdpError?.message ?? null,
+                mode,
+                origin: origin ?? null,
+            },
+        }));
+    }
+    _getScopedPermissionOrigins() {
+        const session = this.browser_session;
+        const hasRestrictions = typeof session._has_url_access_restrictions === 'function'
+            ? session._has_url_access_restrictions()
+            : false;
+        if (!hasRestrictions) {
+            return null;
+        }
+        const allowedDomains = this._domainCollectionToStrings(this.browser_session.browser_profile.allowed_domains);
+        const origins = new Set();
+        for (const pattern of allowedDomains) {
+            for (const origin of this._originsForAllowedPattern(pattern)) {
+                const denialReason = typeof session._get_url_access_denial_reason === 'function'
+                    ? session._get_url_access_denial_reason(origin)
+                    : null;
+                if (!denialReason) {
+                    origins.add(origin);
+                }
+            }
+        }
+        return [...origins];
+    }
+    _domainCollectionToStrings(value) {
+        if (value instanceof Set) {
+            return [...value].filter((item) => typeof item === 'string');
+        }
+        if (Array.isArray(value)) {
+            return value.filter((item) => typeof item === 'string');
+        }
+        return [];
+    }
+    _originsForAllowedPattern(pattern) {
+        const trimmed = pattern.trim();
+        if (!trimmed || trimmed.includes('*')) {
+            return [];
+        }
+        try {
+            if (trimmed.includes('://')) {
+                const parsed = new URL(trimmed);
+                if (parsed.protocol !== 'https:' && parsed.protocol !== 'http:') {
+                    return [];
+                }
+                return [parsed.origin];
+            }
+            const parsed = new URL(`https://${trimmed}`);
+            return [parsed.origin];
+        }
+        catch {
+            return [];
+        }
+    }
+    async _grantPermissionsViaCdp(permissions, origin) {
         const browser = this.browser_session.browser;
         if (!browser?.newBrowserCDPSession) {
             return false;
         }
         const cdpSession = await browser.newBrowserCDPSession();
         try {
-            await cdpSession.send?.('Browser.grantPermissions', {
+            const params = {
                 permissions,
-            });
+            };
+            if (origin) {
+                params.origin = origin;
+            }
+            await cdpSession.send?.('Browser.grantPermissions', params);
             return true;
         }
         finally {

package/dist/browser/watchdogs/recording-watchdog.d.ts

@@ -8,12 +8,14 @@ export declare class RecordingWatchdog extends BaseWatchdog {
     private _cdpScreencastHandler;
     private _cdpScreencastPath;
     private _cdpScreencastStream;
+    private _warnedDomainPolicyRecordingDisabled;
     on_BrowserConnectedEvent(): Promise<void>;
     on_BrowserStopEvent(): Promise<void>;
     on_BrowserStoppedEvent(): Promise<void>;
     on_AgentFocusChangedEvent(event: AgentFocusChangedEvent): Promise<void>;
     on_TabCreatedEvent(): Promise<void>;
     protected onDetached(): void;
+    private _recordingDisabledByDomainPolicy;
     private _prepareVideoDirectory;
     private _startTracingIfConfigured;
     private _stopTracingIfStarted;

package/dist/browser/watchdogs/recording-watchdog.js

@@ -2,6 +2,24 @@ import fs from 'node:fs';
 import path from 'node:path';
 import { AgentFocusChangedEvent, BrowserConnectedEvent, BrowserErrorEvent, BrowserStopEvent, BrowserStoppedEvent, TabCreatedEvent, } from '../events.js';
 import { BaseWatchdog } from './base.js';
+const chmodPrivatePath = (targetPath, mode) => {
+    if (process.platform === 'win32') {
+        return;
+    }
+    try {
+        fs.chmodSync(targetPath, mode);
+    }
+    catch {
+        /* best effort */
+    }
+};
+const ensurePrivateDirectoryIfCreated = (dirPath) => {
+    const existed = fs.existsSync(dirPath);
+    fs.mkdirSync(dirPath, { recursive: true, mode: 0o700 });
+    if (!existed) {
+        chmodPrivatePath(dirPath, 0o700);
+    }
+};
 export class RecordingWatchdog extends BaseWatchdog {
     static LISTENS_TO = [
         BrowserConnectedEvent,
@@ -16,7 +34,11 @@ export class RecordingWatchdog extends BaseWatchdog {
     _cdpScreencastHandler = null;
     _cdpScreencastPath = null;
     _cdpScreencastStream = null;
+    _warnedDomainPolicyRecordingDisabled = false;
     async on_BrowserConnectedEvent() {
+        if (this._recordingDisabledByDomainPolicy()) {
+            return;
+        }
         this._prepareVideoDirectory();
         this._attachVideoListenersToKnownPages();
         await this._startCdpScreencastIfConfigured();
@@ -30,6 +52,9 @@ export class RecordingWatchdog extends BaseWatchdog {
         this._detachVideoListeners();
     }
     async on_AgentFocusChangedEvent(event) {
+        if (this._recordingDisabledByDomainPolicy()) {
+            return;
+        }
         this._attachVideoListenersToKnownPages();
         await this._startCdpScreencastIfConfigured();
         if (!this._traceStarted) {
@@ -38,6 +63,9 @@ export class RecordingWatchdog extends BaseWatchdog {
         this.browser_session.logger.debug(`[RecordingWatchdog] Focus changed to ${event.target_id}; tracing remains active`);
     }
     async on_TabCreatedEvent() {
+        if (this._recordingDisabledByDomainPolicy()) {
+            return;
+        }
         this._attachVideoListenersToKnownPages();
         await this._startCdpScreencastIfConfigured();
     }
@@ -45,13 +73,32 @@ export class RecordingWatchdog extends BaseWatchdog {
         void this._stopCdpScreencastIfStarted();
         this._detachVideoListeners();
     }
+    _recordingDisabledByDomainPolicy() {
+        const hasRestrictions = typeof this.browser_session._has_url_access_restrictions ===
+            'function'
+            ? this.browser_session._has_url_access_restrictions()
+            : false;
+        if (!hasRestrictions) {
+            return false;
+        }
+        const hasRecordingConfigured = Boolean(this.browser_session.browser_profile.traces_dir ||
+            this.browser_session.browser_profile.config.record_video_dir);
+        if (!hasRecordingConfigured) {
+            return false;
+        }
+        if (!this._warnedDomainPolicyRecordingDisabled) {
+            this.browser_session.logger.warning('[RecordingWatchdog] Skipping trace/video recording because domain restrictions are active and recording artifacts cannot be URL-filtered.');
+            this._warnedDomainPolicyRecordingDisabled = true;
+        }
+        return true;
+    }
     _prepareVideoDirectory() {
         const configuredPath = this.browser_session.browser_profile.config.record_video_dir;
         if (typeof configuredPath !== 'string' || configuredPath.trim() === '') {
             return;
         }
         const resolvedPath = path.resolve(configuredPath);
-        fs.mkdirSync(resolvedPath, { recursive: true });
+        ensurePrivateDirectoryIfCreated(resolvedPath);
         this.browser_session.browser_profile.config.record_video_dir = resolvedPath;
     }
     async _startTracingIfConfigured() {
@@ -171,7 +218,11 @@ export class RecordingWatchdog extends BaseWatchdog {
             }
             const session = (await this.browser_session.get_or_create_cdp_session(page));
             const filePath = path.join(configuredPath, `${Date.now()}-${this.browser_session.id.slice(-6)}.cdp-screencast.ndjson`);
-            const stream = fs.createWriteStream(filePath, { flags: 'a' });
+            const stream = fs.createWriteStream(filePath, {
+                flags: 'a',
+                mode: 0o600,
+            });
+            chmodPrivatePath(filePath, 0o600);
             const handler = (payload) => {
                 const frameData = typeof payload?.data === 'string' ? payload.data : '';
                 if (frameData && this._cdpScreencastStream) {
@@ -239,6 +290,7 @@ export class RecordingWatchdog extends BaseWatchdog {
         if (this._cdpScreencastPath &&
             fs.existsSync(this._cdpScreencastPath) &&
             fs.statSync(this._cdpScreencastPath).size > 0) {
+            chmodPrivatePath(this._cdpScreencastPath, 0o600);
             this.browser_session.add_downloaded_file(this._cdpScreencastPath);
         }
         this._cdpScreencastSession = null;

package/dist/browser/watchdogs/security-watchdog.d.ts

@@ -7,4 +7,5 @@ export declare class SecurityWatchdog extends BaseWatchdog {
     on_NavigationCompleteEvent(event: NavigationCompleteEvent): Promise<void>;
     on_TabCreatedEvent(event: TabCreatedEvent): Promise<void>;
     private _getUrlDenialReason;
+    private _isActiveTarget;
 }