npm - hypha-debugger - Versions diffs - 0.2.9 → 0.3.1 - Mend

hypha-debugger 0.2.9 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/bookmarklet.txt +1 -0
package/dist/hypha-debugger.js +79 -35
package/dist/hypha-debugger.min.js +4 -4
package/dist/hypha-debugger.mjs +76 -32
package/dist/hypha-debugger.mjs.map +1 -1
package/dist/hypha-debugger.slim.min.js +1 -0
package/dist/utils/wrap-fn.d.ts +6 -4
package/package.json +3 -1

package/dist/hypha-debugger.mjs CHANGED Viewed

@@ -2212,6 +2212,19 @@ takeScreenshot.__schema__ = {
 /**
  * Arbitrary JavaScript execution service.
  */
+/**
+ * Detect the EvalError thrown when a page's Content Security Policy blocks the
+ * Function constructor / eval (no 'unsafe-eval'). Chrome throws an EvalError
+ * whose message mentions "unsafe-eval" / "Content Security Policy".
+ */
+function isCspEvalError(e) {
+    if (!e)
+        return false;
+    if (e instanceof EvalError)
+        return true;
+    const msg = String(e.message || e);
+    return /unsafe-eval|Content Security Policy|call to .*Function/i.test(msg);
+}
 /**
  * Attempt to auto-return the last expression in a code block.
  * If the code doesn't contain an explicit `return`, we try to
@@ -2250,13 +2263,24 @@ function autoReturn(code) {
 async function executeScript(code, timeout_ms) {
     const timeoutMs = timeout_ms ?? 10000;
     try {
-        // Try with auto-return first, fall back to original code if syntax error
+        // Try with auto-return first, fall back to original code if syntax error.
+        // NOTE: running arbitrary code fundamentally requires the Function
+        // constructor, which strict CSP (no 'unsafe-eval') blocks. There is no
+        // CSP-safe alternative for execute_script — detect that and report clearly.
         let execCode = autoReturn(code);
         let fn;
         try {
             fn = new Function("return (async () => {" + execCode + "})()");
         }
-        catch {
+        catch (e) {
+            if (isCspEvalError(e)) {
+                return {
+                    error: "execute_script is unavailable on this page: its Content Security " +
+                        "Policy blocks dynamic code evaluation ('unsafe-eval' not allowed). " +
+                        "Use the DOM/interaction services (get_browser_state, click_element_by_index, " +
+                        "query_dom, etc.) instead — they do not need eval.",
+                };
+            }
             // Auto-return broke the syntax — use original code
             fn = new Function("return (async () => {" + code + "})()");
         }
@@ -3071,13 +3095,15 @@ function generateSkillMd(serviceFunctions, serviceUrl) {
  * Wrap a function with correct, unminified parameter names for hypha-rpc.
  *
  * In production builds, Babel/Terser minifies parameter names (e.g. 'code' → 'e').
- * hypha-rpc's getParamNames() parses Function.toString() to map kwargs to
+ * hypha-rpc's getFunctionInfo() parses Function.toString() to map kwargs to
  * positional args. With minified names, kwargs like {code: '...'} can't be
  * mapped and args are silently dropped.
  *
- * This helper uses new Function() to create a wrapper whose parameter names
- * are taken from the function's __schema__ property, so hypha-rpc always sees
- * the real parameter names regardless of minification.
+ * CSP NOTE: this used to build the wrapper with `new Function(...)`, but that is
+ * blocked on pages whose Content Security Policy lacks `'unsafe-eval'` (the exact
+ * pages the bookmarklet targets). Instead we use a normal closure and OVERRIDE its
+ * `.toString()` so hypha-rpc still reads the real, unminified parameter names from
+ * the schema — no eval / Function constructor involved.
  *
  * Additionally, it handles the case where hypha-rpc passes kwargs as a single
  * object argument (e.g. `fn({url: "..."})` instead of `fn("...")`). The
@@ -3091,33 +3117,51 @@ function wrapFn(fn) {
     if (paramNames.length === 0) {
         return fn;
     }
-    // Create a wrapper that:
-    // 1. Has correct, unminified parameter names (for hypha-rpc getParamNames)
-    // 2. Detects when kwargs are passed as a single object and destructures them
-    //
-    // hypha-rpc HTTP handler passes kwargs as a single plain object, e.g.:
-    //   execute_script({code: "..."}) instead of execute_script("...")
-    //   get_react_tree({}) instead of get_react_tree()
-    // We detect this and destructure, or discard empty objects.
-    const paramList = paramNames.join(", ");
-    const firstParam = paramNames[0];
-    const wrapper = new Function("fn", "paramNames", `return async function(${paramList}) {
-      // Detect kwargs-as-object: single argument that is a plain object
-      if (arguments.length === 1 && ${firstParam} != null && typeof ${firstParam} === "object" && !Array.isArray(${firstParam}) && !(${firstParam} instanceof Date) && ${firstParam}.constructor === Object) {
-        var _kw = ${firstParam};
-        var _keys = Object.keys(_kw);
-        // Empty object {} → call with no args (all defaults)
-        if (_keys.length === 0) {
-          return fn();
-        }
-        // Keys match schema params → destructure
-        if (paramNames.indexOf(_keys[0]) !== -1) {
-          var _args = paramNames.map(function(n) { return _kw[n]; });
-          return fn.apply(null, _args);
+    // A plain closure (no new Function). It:
+    // 1. Detects kwargs passed as a single object and destructures them.
+    //    hypha-rpc's HTTP handler passes kwargs as one plain object, e.g.
+    //    execute_script({code: "..."}) instead of execute_script("..."),
+    //    get_react_tree({}) instead of get_react_tree().
+    // 2. Otherwise forwards positional args unchanged.
+    const wrapper = async function (...args) {
+        if (args.length === 1 &&
+            args[0] != null &&
+            typeof args[0] === "object" &&
+            !Array.isArray(args[0]) &&
+            !(args[0] instanceof Date) &&
+            args[0].constructor === Object) {
+            const kw = args[0];
+            const keys = Object.keys(kw);
+            // Empty object {} → call with no args (all defaults)
+            if (keys.length === 0) {
+                return fn();
+            }
+            // Keys match schema params → destructure into positional args
+            if (paramNames.indexOf(keys[0]) !== -1) {
+                return fn.apply(null, paramNames.map((n) => kw[n]));
+            }
         }
-      }
-      return fn(${paramList});
-    }`)(fn, paramNames);
+        return fn.apply(null, args);
+    };
+    // hypha-rpc's getFunctionInfo() does `func.toString()` and extracts the param
+    // names from the first `(...)`. A real `...args` wrapper would hide them, so
+    // expose the schema's names via a toString override (CSP-safe, unlike Function).
+    const fakeSource = `function (${paramNames.join(", ")}) {}`;
+    try {
+        Object.defineProperty(wrapper, "toString", {
+            value: () => fakeSource,
+            writable: true,
+            configurable: true,
+        });
+        // Some consumers read arity via Function.length — keep it consistent.
+        Object.defineProperty(wrapper, "length", {
+            value: paramNames.length,
+            configurable: true,
+        });
+    }
+    catch {
+        wrapper.toString = () => fakeSource;
+    }
     if (schema)
         wrapper.__schema__ = schema;
     return wrapper;