chromeflow 0.10.0 → 0.10.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/bin/chromeflow.mjs +16 -4
  2. package/package.json +1 -1
package/bin/chromeflow.mjs CHANGED
@@ -24825,6 +24825,16 @@ After tabs.onUpdated fires status=complete, chromeflow also runs a 6s settle che
24825
24825
  text += `
24826
24826
 
24827
24827
  \u26A0 expect_selector "${expect_selector}" never appeared within the 6s settle window. The page may be partially loaded or stuck.`;
24828
+ }
24829
+ if (r.anti_bot_detected) {
24830
+ text += `
24831
+
24832
+ \u26A0 anti_bot_detected: "${r.anti_bot_detected}" \u2014 the page returned a known block / challenge response. Page content is unlikely to be the intended target. Don't try to interact with it; navigate elsewhere or surface to the user.`;
24833
+ }
24834
+ if (r.dismissed_beforeunload) {
24835
+ text += `
24836
+
24837
+ \u2139 dismissed_beforeunload: true \u2014 the previous page had unsaved content (typed text in a composer, form draft, etc.) and Chrome's "Are you sure you want to leave?" dialog was auto-dismissed so navigation could proceed. If that draft was load-bearing, navigate back and re-capture before continuing.`;
24828
24838
  }
24829
24839
  return { content: [{ type: "text", text }] };
24830
24840
  }
@@ -25589,6 +25599,8 @@ Set binary=true for non-text responses (PDFs, images, zips) \u2014 the body is r
25589
25599
  }, wsTimeout);
25590
25600
  if (response.type !== "fetch_url_response") throw new Error(`Unexpected response: ${response.type}`);
25591
25601
  const r = response;
25602
+ const antiBotLine = r.anti_bot_detected ? `
25603
+ \u26A0 anti_bot_detected: "${r.anti_bot_detected}" \u2014 response body matches a known block / challenge page. Don't parse as the expected JSON/HTML; the user's IP may be challenged or the endpoint may require a real browser context.` : "";
25592
25604
  if (to_file) {
25593
25605
  const cwd = process.cwd();
25594
25606
  const resolved = isAbsolute(to_file) ? to_file : resolve(cwd, to_file);
@@ -25607,14 +25619,14 @@ Set binary=true for non-text responses (PDFs, images, zips) \u2014 the body is r
25607
25619
  type: "text",
25608
25620
  text: `HTTP ${r.status} ${r.status_text} \u2014 ${r.content_type || "no content-type"} \u2014 ${r.total_bytes} bytes
25609
25621
  Written to: ${resolved}
25610
- Size on disk: ${buf.byteLength}
25622
+ Size on disk: ${buf.byteLength}${antiBotLine}
25611
25623
 
25612
25624
  Headers:
25613
25625
  ${hdrLines}`
25614
25626
  }]
25615
25627
  };
25616
25628
  }
25617
- const header = `HTTP ${r.status} ${r.status_text} \u2014 ${r.content_type || "no content-type"} \u2014 ${r.total_bytes} bytes${r.truncated ? ` (truncated to ${max_bytes ?? 1e5}; set to_file=<path> to capture the full ${r.total_bytes} bytes)` : ""}`;
25629
+ const header = `HTTP ${r.status} ${r.status_text} \u2014 ${r.content_type || "no content-type"} \u2014 ${r.total_bytes} bytes${r.truncated ? ` (truncated to ${max_bytes ?? 1e5}; set to_file=<path> to capture the full ${r.total_bytes} bytes)` : ""}${antiBotLine}`;
25618
25630
  const bodyPart = r.body_base64 ? `
25619
25631
 
25620
25632
  [base64, ${r.body_base64.length} chars]
@@ -25651,7 +25663,7 @@ Scope matching with \`within_selector\` or \`near_text\` restricts where matches
25651
25663
 
25652
25664
  Shadow DOM (open AND closed) is pierced by default via chrome.dom.openOrClosedShadowRoot \u2014 Reddit faceplate-* / r-post-form-submit-button / web-component-heavy SPAs no longer need manual deepFind recipes.
25653
25665
 
25654
- ANTI-BOT SUBMIT CEILING \u2014 synthetic clicks on social/auth platforms (Reddit, X / Twitter, GitHub device-code, mcp.so) are silently rejected by isTrusted-aware form validators and CSRF/reCAPTCHA gates. Pass \`expect_submit: true\` to detect this case (returns success=false with "submit silently rejected" when no signal fires within 4s). For confirmed anti-bot sites, do NOT retry \u2014 pre-fill the form, then highlight the submit button and call wait_for_click so a real human gesture fires the submission.`,
25666
+ ANTI-BOT SUBMIT CEILING \u2014 synthetic clicks on social/auth platforms (Reddit, X / Twitter, mcp.so) are silently rejected by isTrusted-aware form validators and CSRF/reCAPTCHA gates. Pass \`expect_submit: true\` to detect this case (returns success=false with "submit silently rejected" when no signal fires within 4s). For confirmed anti-bot sites, do NOT retry \u2014 pre-fill the form, then highlight the submit button and call wait_for_click so a real human gesture fires the submission.`,
25655
25667
  {
25656
25668
  textHint: external_exports.string().optional().describe(
25657
25669
  "The visible label of the button or link (e.g. 'Save product', 'Continue', 'Add a product', 'Create'). Exactly one of textHint or selector must be set."
@@ -26048,7 +26060,7 @@ ${lines.join("\n")}${shadowSection}` }] };
26048
26060
  }
26049
26061
 
26050
26062
  // packages/mcp-server/src/index.ts
26051
- var PACKAGE_VERSION = true ? "0.10.0" : "dev";
26063
+ var PACKAGE_VERSION = true ? "0.10.2" : "dev";
26052
26064
  main().catch((err) => {
26053
26065
  console.error("[chromeflow] Fatal error:", err);
26054
26066
  process.exit(1);
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "chromeflow",
3
- "version": "0.10.0",
3
+ "version": "0.10.2",
4
4
  "description": "MCP server for chromeflow — lets Claude Code or Codex CLI drive your real Chrome browser with sessions intact. Plugin install recommended; npx chromeflow for manual MCP wiring.",
5
5
  "type": "module",
6
6
  "main": "./bin/chromeflow.mjs",