browser-use 0.6.1 → 0.7.1

package/dist/browser/watchdogs/security-watchdog.js

@@ -1,5 +1,26 @@
 import { BrowserErrorEvent, CloseTabEvent, NavigateToUrlEvent, NavigationCompleteEvent, TabCreatedEvent, } from '../events.js';
 import { BaseWatchdog } from './base.js';
+const redactUrlForError = (url) => {
+    try {
+        const parsed = new URL(url);
+        if (parsed.protocol === 'data:') {
+            return 'data:<redacted>';
+        }
+        if (parsed.protocol === 'blob:') {
+            return parsed.origin && parsed.origin !== 'null'
+                ? `blob:${parsed.origin}/<redacted>`
+                : 'blob:<redacted>';
+        }
+        return `${parsed.origin}${parsed.pathname}${parsed.search ? '?<redacted>' : ''}${parsed.hash ? '#<redacted>' : ''}`;
+    }
+    catch {
+        const queryIndex = url.indexOf('?');
+        const hashIndex = url.indexOf('#');
+        const cutoffCandidates = [queryIndex, hashIndex].filter((index) => index >= 0);
+        const cutoff = cutoffCandidates.length > 0 ? Math.min(...cutoffCandidates) : url.length;
+        return `${url.slice(0, cutoff)}${queryIndex >= 0 ? '?<redacted>' : ''}${hashIndex >= 0 ? '#<redacted>' : ''}`;
+    }
+};
 export class SecurityWatchdog extends BaseWatchdog {
     static LISTENS_TO = [
         NavigateToUrlEvent,
@@ -12,30 +33,38 @@ export class SecurityWatchdog extends BaseWatchdog {
         if (!denialReason) {
             return;
         }
+        const safeUrl = redactUrlForError(event.url);
         await this.event_bus.dispatch(new BrowserErrorEvent({
             error_type: 'NavigationBlocked',
-            message: `Navigation blocked to disallowed URL: ${event.url}`,
+            message: `Navigation blocked to disallowed URL: ${safeUrl}`,
             details: {
-                url: event.url,
+                url: safeUrl,
                 reason: denialReason,
             },
         }));
-        throw new Error(`Navigation to ${event.url} blocked by security policy`);
+        throw new Error(`Navigation to ${safeUrl} blocked by security policy`);
     }
     async on_NavigationCompleteEvent(event) {
         const denialReason = this._getUrlDenialReason(event.url);
         if (!denialReason) {
             return;
         }
+        const safeUrl = redactUrlForError(event.url);
         await this.event_bus.dispatch(new BrowserErrorEvent({
             error_type: 'NavigationBlocked',
-            message: `Navigation blocked to non-allowed URL: ${event.url} - redirecting to about:blank`,
+            message: `Navigation blocked to non-allowed URL: ${safeUrl}`,
             details: {
-                url: event.url,
+                url: safeUrl,
                 target_id: event.target_id,
                 reason: denialReason,
             },
         }));
+        if (!this._isActiveTarget(event.target_id)) {
+            await this.event_bus.dispatch(new CloseTabEvent({
+                target_id: event.target_id,
+            }));
+            return;
+        }
         try {
             await this.browser_session.navigate_to('about:blank');
         }
@@ -48,11 +77,12 @@ export class SecurityWatchdog extends BaseWatchdog {
         if (!denialReason) {
             return;
         }
+        const safeUrl = redactUrlForError(event.url);
         await this.event_bus.dispatch(new BrowserErrorEvent({
             error_type: 'TabCreationBlocked',
-            message: `Tab created with non-allowed URL: ${event.url}`,
+            message: `Tab created with non-allowed URL: ${safeUrl}`,
             details: {
-                url: event.url,
+                url: safeUrl,
                 target_id: event.target_id,
                 reason: denialReason,
             },
@@ -81,4 +111,14 @@ export class SecurityWatchdog extends BaseWatchdog {
         }
         return null;
     }
+    _isActiveTarget(targetId) {
+        if (!targetId) {
+            return true;
+        }
+        const activeTab = this.browser_session.active_tab;
+        if (!activeTab) {
+            return true;
+        }
+        return activeTab.target_id === targetId || activeTab.tab_id === targetId;
+    }
 }

package/dist/browser/watchdogs/storage-state-watchdog.d.ts

@@ -19,6 +19,12 @@ export declare class StorageStateWatchdog extends BaseWatchdog {
     private _snapshotStorageState;
     private _readStoredState;
     private _mergeStorageStates;
+    private _filterStorageStateForSave;
+    private _hasUrlAccessRestrictions;
     private _applyOriginsStorage;
+    private _getOriginDenialReason;
+    private _filterCookies;
+    private _filterOrigins;
+    private _getCookieDenialReason;
     private _normalizeStorageEntries;
 }

package/dist/browser/watchdogs/storage-state-watchdog.js

@@ -2,6 +2,59 @@ import fs from 'node:fs';
 import path from 'node:path';
 import { BrowserConnectedEvent, BrowserStopEvent, LoadStorageStateEvent, SaveStorageStateEvent, StorageStateLoadedEvent, StorageStateSavedEvent, } from '../events.js';
 import { BaseWatchdog } from './base.js';
+const chmodPrivateFile = (filePath) => {
+    if (process.platform === 'win32') {
+        return;
+    }
+    fs.chmodSync(filePath, 0o600);
+};
+const ensurePrivateDirectoryIfCreated = (dirPath) => {
+    const existed = fs.existsSync(dirPath);
+    fs.mkdirSync(dirPath, { recursive: true, mode: 0o700 });
+    if (!existed && process.platform !== 'win32') {
+        fs.chmodSync(dirPath, 0o700);
+    }
+};
+const redactUrlForLogging = (url) => {
+    const raw = String(url ?? '');
+    if (!raw) {
+        return raw;
+    }
+    if (/^data:/i.test(raw)) {
+        return 'data:<redacted>';
+    }
+    try {
+        const parsed = new URL(raw);
+        parsed.username = '';
+        parsed.password = '';
+        const [withoutHash] = parsed.href.split('#', 1);
+        const [withoutQuery] = withoutHash.split('?', 1);
+        return `${withoutQuery}${parsed.search ? '?<redacted>' : ''}${parsed.hash ? '#<redacted>' : ''}`;
+    }
+    catch {
+        const queryIndex = raw.indexOf('?');
+        const hashIndex = raw.indexOf('#');
+        const firstSensitiveIndex = [queryIndex, hashIndex]
+            .filter((index) => index >= 0)
+            .sort((a, b) => a - b)[0];
+        if (firstSensitiveIndex === undefined) {
+            return raw;
+        }
+        return `${raw.slice(0, firstSensitiveIndex)}${queryIndex >= 0 ? '?<redacted>' : ''}${hashIndex >= 0 ? '#<redacted>' : ''}`;
+    }
+};
+const sameOrigin = (left, right) => {
+    try {
+        return new URL(left).origin === new URL(right).origin;
+    }
+    catch {
+        return false;
+    }
+};
+const writePrivateFile = (filePath, contents) => {
+    fs.writeFileSync(filePath, contents, { encoding: 'utf-8', mode: 0o600 });
+    chmodPrivateFile(filePath);
+};
 export class StorageStateWatchdog extends BaseWatchdog {
     static LISTENS_TO = [
         BrowserConnectedEvent,
@@ -34,25 +87,27 @@ export class StorageStateWatchdog extends BaseWatchdog {
         }
         const storageState = (await browserContext.storageState());
         const normalized = storageState ?? {};
-        const merged = this._mergeStorageStates(this._readStoredState(targetPath), {
+        const merged = this._filterStorageStateForSave(this._mergeStorageStates(this._readStoredState(targetPath), {
             cookies: Array.isArray(normalized.cookies) ? normalized.cookies : [],
             origins: Array.isArray(normalized.origins) ? normalized.origins : [],
-        });
+        }));
         this._lastSavedSnapshot = this._snapshotStorageState(merged);
         const dirPath = path.dirname(targetPath);
-        fs.mkdirSync(dirPath, { recursive: true });
+        ensurePrivateDirectoryIfCreated(dirPath);
         const tempPath = `${targetPath}.tmp`;
-        fs.writeFileSync(tempPath, JSON.stringify(merged, null, 2));
+        writePrivateFile(tempPath, JSON.stringify(merged, null, 2));
         if (fs.existsSync(targetPath)) {
             const backupPath = `${targetPath}.bak`;
             try {
                 fs.renameSync(targetPath, backupPath);
+                chmodPrivateFile(backupPath);
             }
             catch {
                 // Ignore backup failures and continue with atomic swap.
             }
         }
         fs.renameSync(tempPath, targetPath);
+        chmodPrivateFile(targetPath);
         await this.event_bus.dispatch(new StorageStateSavedEvent({
             path: targetPath,
             cookies_count: Array.isArray(merged.cookies)
@@ -81,16 +136,18 @@ export class StorageStateWatchdog extends BaseWatchdog {
             cookies,
             origins,
         });
-        if (cookies.length > 0 && typeof browserContext.addCookies === 'function') {
-            await browserContext.addCookies(cookies);
-        }
-        if (origins.length > 0) {
-            await this._applyOriginsStorage(origins);
+        const allowedCookies = this._filterCookies(cookies);
+        if (allowedCookies.length > 0 &&
+            typeof browserContext.addCookies === 'function') {
+            await browserContext.addCookies(allowedCookies);
         }
+        const originsLoaded = origins.length > 0
+            ? await this._applyOriginsStorage(origins)
+            : 0;
         await this.event_bus.dispatch(new StorageStateLoadedEvent({
             path: targetPath,
-            cookies_count: cookies.length,
-            origins_count: origins.length,
+            cookies_count: allowedCookies.length,
+            origins_count: originsLoaded,
         }));
     }
     onDetached() {
@@ -142,7 +199,10 @@ export class StorageStateWatchdog extends BaseWatchdog {
         try {
             const storageState = (await browserContext.storageState());
             const normalized = storageState ?? {};
-            const snapshot = this._snapshotStorageState(normalized);
+            const snapshot = this._snapshotStorageState(this._filterStorageStateForSave({
+                cookies: Array.isArray(normalized.cookies) ? normalized.cookies : [],
+                origins: Array.isArray(normalized.origins) ? normalized.origins : [],
+            }));
             if (snapshot === this._lastSavedSnapshot) {
                 return;
             }
@@ -213,11 +273,32 @@ export class StorageStateWatchdog extends BaseWatchdog {
             origins: [...mergedOrigins.values()],
         };
     }
+    _filterStorageStateForSave(state) {
+        const cookies = Array.isArray(state.cookies) ? state.cookies : [];
+        const origins = Array.isArray(state.origins) ? state.origins : [];
+        if (!this._hasUrlAccessRestrictions()) {
+            return { cookies, origins };
+        }
+        return {
+            cookies: this._filterCookies(cookies),
+            origins: this._filterOrigins(origins),
+        };
+    }
+    _hasUrlAccessRestrictions() {
+        const profile = this.browser_session.browser_profile;
+        const hasEntries = (value) => Array.isArray(value)
+            ? value.length > 0
+            : value instanceof Set && value.size > 0;
+        return (hasEntries(profile.allowed_domains) ||
+            hasEntries(profile.prohibited_domains) ||
+            Boolean(profile.block_ip_addresses));
+    }
     async _applyOriginsStorage(origins) {
         const browserContext = this.browser_session.browser_context;
         if (!browserContext?.newPage) {
-            return;
+            return 0;
         }
+        let loadedCount = 0;
         for (const originState of origins) {
             const origin = typeof originState?.origin === 'string'
                 ? originState.origin.trim()
@@ -225,6 +306,11 @@ export class StorageStateWatchdog extends BaseWatchdog {
             if (!origin || !/^https?:\/\//i.test(origin)) {
                 continue;
             }
+            const denialReason = this._getOriginDenialReason(origin);
+            if (denialReason) {
+                this.browser_session.logger.warning(`[StorageStateWatchdog] Skipping storage origin ${redactUrlForLogging(origin)}: ${denialReason}`);
+                continue;
+            }
             const localStorageEntries = this._normalizeStorageEntries(originState?.localStorage);
             const sessionStorageEntries = this._normalizeStorageEntries(originState?.sessionStorage);
             if (localStorageEntries.length === 0 &&
@@ -238,6 +324,34 @@ export class StorageStateWatchdog extends BaseWatchdog {
                     waitUntil: 'domcontentloaded',
                     timeout: 5_000,
                 });
+                const finalUrl = typeof page.url === 'function' ? page.url() : origin;
+                const finalDenialReason = this._getOriginDenialReason(finalUrl);
+                if (finalDenialReason) {
+                    this.browser_session.logger.warning(`[StorageStateWatchdog] Skipping storage origin ${redactUrlForLogging(origin)} after redirect to blocked URL: ${finalDenialReason}`);
+                    try {
+                        await page.goto?.('about:blank', {
+                            waitUntil: 'load',
+                            timeout: 5_000,
+                        });
+                    }
+                    catch {
+                        // The temporary page is closed below; resetting first is best effort.
+                    }
+                    continue;
+                }
+                if (!sameOrigin(origin, finalUrl)) {
+                    this.browser_session.logger.warning(`[StorageStateWatchdog] Skipping storage origin ${redactUrlForLogging(origin)} after redirect to a different origin`);
+                    try {
+                        await page.goto?.('about:blank', {
+                            waitUntil: 'load',
+                            timeout: 5_000,
+                        });
+                    }
+                    catch {
+                        // The temporary page is closed below; resetting first is best effort.
+                    }
+                    continue;
+                }
                 await page.evaluate?.((payload) => {
                     for (const entry of payload.localStorageEntries) {
                         window.localStorage.setItem(entry.name, entry.value);
@@ -249,9 +363,10 @@ export class StorageStateWatchdog extends BaseWatchdog {
                     localStorageEntries,
                     sessionStorageEntries,
                 });
+                loadedCount += 1;
             }
             catch (error) {
-                this.browser_session.logger.debug(`[StorageStateWatchdog] Failed to apply origin storage for ${origin}: ${error.message}`);
+                this.browser_session.logger.debug(`[StorageStateWatchdog] Failed to apply origin storage for ${redactUrlForLogging(origin)}: ${error.message}`);
             }
             finally {
                 try {
@@ -262,6 +377,83 @@ export class StorageStateWatchdog extends BaseWatchdog {
                 }
             }
         }
+        return loadedCount;
+    }
+    _getOriginDenialReason(origin) {
+        const session = this.browser_session;
+        if (typeof session._get_url_access_denial_reason === 'function') {
+            try {
+                return session._get_url_access_denial_reason(origin);
+            }
+            catch {
+                return 'blocked';
+            }
+        }
+        if (typeof session._is_url_allowed === 'function') {
+            try {
+                return session._is_url_allowed(origin) ? null : 'blocked';
+            }
+            catch {
+                return 'blocked';
+            }
+        }
+        return null;
+    }
+    _filterCookies(cookies) {
+        return cookies.filter((cookie) => {
+            const denialReason = this._getCookieDenialReason(cookie);
+            if (!denialReason) {
+                return true;
+            }
+            const cookieName = cookie && typeof cookie === 'object' && 'name' in cookie
+                ? String(cookie.name ?? '')
+                : '';
+            this.browser_session.logger.warning(`[StorageStateWatchdog] Skipping storage cookie ${cookieName || '<unnamed>'}: ${denialReason}`);
+            return false;
+        });
+    }
+    _filterOrigins(origins) {
+        return origins.filter((originState) => {
+            const origin = originState &&
+                typeof originState === 'object' &&
+                'origin' in originState &&
+                typeof originState.origin === 'string'
+                ? originState.origin.trim()
+                : '';
+            const denialReason = origin
+                ? this._getOriginDenialReason(origin)
+                : 'invalid_url';
+            if (!denialReason) {
+                return true;
+            }
+            this.browser_session.logger.warning(`[StorageStateWatchdog] Skipping saved storage origin ${origin ? redactUrlForLogging(origin) : '<invalid>'}: ${denialReason}`);
+            return false;
+        });
+    }
+    _getCookieDenialReason(cookie) {
+        const session = this.browser_session;
+        if (typeof session._get_cookie_access_denial_reason === 'function') {
+            try {
+                return session._get_cookie_access_denial_reason(cookie);
+            }
+            catch {
+                return 'blocked';
+            }
+        }
+        if (!cookie || typeof cookie !== 'object') {
+            return null;
+        }
+        const cookieLike = cookie;
+        const explicitUrl = typeof cookieLike.url === 'string' ? cookieLike.url.trim() : '';
+        if (explicitUrl) {
+            return this._getOriginDenialReason(explicitUrl);
+        }
+        const rawDomain = typeof cookieLike.domain === 'string' ? cookieLike.domain.trim() : '';
+        const host = rawDomain.replace(/^\./, '');
+        if (!host) {
+            return null;
+        }
+        return this._getOriginDenialReason(`https://${host}`);
     }
     _normalizeStorageEntries(entries) {
         if (!Array.isArray(entries)) {

package/dist/cli.d.ts

@@ -3,9 +3,10 @@ import { spawnSync } from 'node:child_process';
 import { BrowserProfile } from './browser/profile.js';
 import { CloudBrowserClient } from './browser/cloud/cloud.js';
 import { CloudManagementClient } from './browser/cloud/management.js';
+import { loginAndSaveCodexDeviceCode, saveImportedCodexCliTokens } from './llm/codex/auth.js';
 import type { BaseChatModel } from './llm/base.js';
 import { get_tunnel_manager } from './skill-cli/tunnel.js';
-type CliModelProvider = 'openai' | 'anthropic' | 'google' | 'deepseek' | 'groq' | 'openrouter' | 'azure' | 'mistral' | 'cerebras' | 'vercel' | 'oci' | 'aws-anthropic' | 'aws' | 'ollama' | 'browser-use';
+type CliModelProvider = 'openai' | 'anthropic' | 'google' | 'deepseek' | 'groq' | 'openrouter' | 'azure' | 'codex' | 'mistral' | 'cerebras' | 'vercel' | 'oci' | 'aws-anthropic' | 'aws' | 'ollama' | 'browser-use';
 export interface ParsedCliArgs {
     help: boolean;
     version: boolean;
@@ -122,6 +123,16 @@ type BrowserCookieInit = {
     partitionKey?: string;
 };
 export declare const runInstallCommand: (options?: RunInstallCommandOptions) => void;
+export interface RunAuthCommandOptions {
+    stdout?: WritableLike;
+    stderr?: WritableLike;
+    json_output?: boolean;
+    configDir?: string | null;
+    authStorePath?: string | null;
+    login_device_code?: typeof loginAndSaveCodexDeviceCode;
+    import_codex_cli?: typeof saveImportedCodexCliTokens;
+}
+export declare const runAuthCommand: (argv: string[], options?: RunAuthCommandOptions) => Promise<0 | 1>;
 export declare const runTunnelCommand: (argv: string[], options?: RunTunnelCommandOptions) => Promise<0 | 1>;
 export declare const runSetupCommand: (params: {
     mode?: string | null;
@@ -133,7 +144,7 @@ export declare const runSessionCommand: (argv: string[], options?: RunSessionCom
 export declare const runProfileCommand: (argv: string[], options?: RunProfileCommandOptions) => Promise<0 | 1>;
 export declare const hasCloudRunFlags: (argv: string[]) => boolean;
 type PrefixedSubcommand = {
-    command: 'run' | 'task' | 'session' | 'profile';
+    command: 'run' | 'task' | 'session' | 'profile' | 'auth';
     argv: string[];
     debug: boolean;
     forwardedArgs: string[];