openchrome-mcp 1.10.1 → 1.10.3

package/README.md

@@ -14,6 +14,7 @@
   <a href="https://github.com/shaun0927/openchrome/releases/latest"><img src="https://img.shields.io/github/v/release/shaun0927/openchrome" alt="Latest Release"></a>
   <a href="https://github.com/shaun0927/openchrome/releases/latest"><img src="https://img.shields.io/github/release-date/shaun0927/openchrome" alt="Release Date"></a>
   <a href="https://opensource.org/licenses/MIT"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="MIT"></a>
+  <a href="https://mseep.ai/app/shaun0927-openchrome"><img src="assets/badges/mseep.png" alt="Listed on MseeP.ai" height="20"></a>
 </p>
 
 <p align="center">
@@ -208,6 +209,11 @@ npx openchrome-mcp setup
 npx openchrome-mcp setup --client codex
 ```
 
+**OpenCode**
+```bash
+npx openchrome-mcp setup --client opencode
+```
+
 One command. Configures the MCP server for the selected client.
 Restart your MCP client after setup completes.
 
@@ -244,6 +250,20 @@ claude mcp add openchrome -- npx -y openchrome-mcp@latest serve --auto-launch
 }
 ```
 
+
+**OpenCode** (`~/.config/opencode/opencode.json`):
+```json
+{
+  "$schema": "https://opencode.ai/config.json",
+  "mcp": {
+    "openchrome": {
+      "type": "local",
+      "command": ["npx", "--prefer-online", "-y", "openchrome-mcp@latest", "serve", "--auto-launch"]
+    }
+  }
+}
+```
+
 **Cursor / Windsurf / Other stdio MCP clients:**
 ```json
 {
@@ -397,9 +417,11 @@ When a navigation is blocked by CDN/WAF systems (Akamai, Cloudflare, etc.), Open
 Tier 3 launches a real headed Chrome window with a genuine user-agent (`Chrome/...` instead of `HeadlessChrome/...`) and a different TLS fingerprint, bypassing binary-level detection that no JavaScript injection can fix.
 
 **Parameters:**
-- `autoFallback: false` — disable all automatic retry
-- `headed: true` — skip directly to Tier 3 (headed Chrome)
-- `stealth: true` — use stealth mode (Tier 2) explicitly
+- `autoFallback: false` — disable automatic CDN/WAF retry. This does not log in for you or bypass normal authentication redirects.
+- `headed: true` — skip directly to headed Chrome for user-visible login, 2FA, CAPTCHA, or sites that require a real browser window.
+- `stealth: true` — use stealth mode (Tier 2) explicitly.
+
+**Authentication note:** Auto-fallback is for detected CDN/WAF blocking. If a protected app redirects from the requested URL to a same-site login page, treat that as an authentication handoff: retry with `headed: true` and the same persistent profile, let the user complete login, then verify whether headless can reuse that profile state.
 
 **Environment:** Tier 3 requires a display (macOS/Windows desktop, or Linux with `$DISPLAY`). In server/container environments without a display, Tier 3 is gracefully skipped.
 
@@ -426,15 +448,22 @@ If client A opens five tabs and client B opens five tabs, all ten `tabId`s are d
 
 ### How do I handle sites that require interactive login (password, 2FA, CAPTCHA)?
 
-Two mechanisms, used together in practice:
+Use two mechanisms, but keep their guarantees separate:
+
+**1. Persistent-profile headless — reuse an already-authenticated profile.**
+Point OpenChrome at a persistent `userDataDir` (+ optional `profileDirectory`) so cookies / `localStorage` / IndexedDB can survive across runs. If that persistent profile already contains a valid session, subsequent **headless** runs stay logged in until the site invalidates the session.
 
-**1. Persistent-profile headless — log in once, automate forever.**
-Point OpenChrome at a persistent `userDataDir` (+ optional `profileDirectory`) and cookies / `localStorage` / IndexedDB survive across runs. After the first login, subsequent **headless** runs stay logged in until the site invalidates the session.
+**2. Headed-by-default / headed fallback — let the user complete an interactive step.**
+Since #657 the launcher runs headed by default, so first-time login, 2FA, CAPTCHA, and WebAuthn can use a real visible window without extra flags. CI / Docker users opt into headless via `--headless` or `OPENCHROME_HEADLESS=1` after their persistent profile is bootstrapped. When a Tier-1/Tier-2 headless attempt is blocked by a CDN/WAF, OpenChrome can also lazy-launch a separate headed Chrome on a different debug port and register the headed page back into the same logical session.
 
-**2. Headed fallback for the initial login or WAF-blocked sites.**
-When a human action is genuinely required (first-time login, 2FA, CAPTCHA, WebAuthn) or when a Tier-1/Tier-2 headless attempt is blocked by a CDN/WAF, OpenChrome lazy-launches a separate headed Chrome on a different debug port. Cookies are sync'd from the real Chrome profile before launch, and the headed page is registered back into the same logical session so the surrounding workflow continues seamlessly.
+**Important:** a headed tab being authenticated does not automatically prove that a new headless tab can reuse the session after the headed tab is closed. Sites differ in how they bind cookies, storage, browser fingerprints, and session freshness. Always verify the handoff by closing/restarting the headed path you plan to stop using and navigating headless to the protected URL with the same persistent profile.
 
-**Typical pattern:** bootstrap the login once via the headed path → the persistent profile carries the cookies → all subsequent automation runs headless without a window.
+**Recommended flow:**
+1. Start with the persistent `userDataDir` / `profileDirectory` you intend to keep using.
+2. Navigate to the protected URL. If it resolves to `/login` or another auth page, do not keep retrying unauthenticated headless navigation.
+3. Use the visible headed window (default) or navigate with `headed: true` and the same profile context, then let the user complete login/2FA/CAPTCHA.
+4. Retry the protected URL with the same profile in the mode you intend to automate.
+5. If headless still lands on the login page, keep the headed tab open for that site or reconfigure persistence; do not assume the headed auth state transferred.
 
 ### Does OpenChrome steal focus with popup windows?
 
@@ -442,12 +471,12 @@ When a human action is genuinely required (first-time login, 2FA, CAPTCHA, WebAu
 
 The headed-browser focus-stealing pattern that users encounter with some MCP servers (cross-Space jumps on macOS, un-minimizable popups, per-tool-call window raises) comes from designs where the MCP drives a user-visible browser and creates OS windows as it works. OpenChrome is architected differently:
 
-- **Default mode is headless** — no window exists, so there is nothing to take focus.
 - **`tabs_create` opens a tab, not an OS window.** New tabs are created via CDP inside the already-running Chrome, and OpenChrome never calls `page.bringToFront()` anywhere in the codebase.
-- **The headed fallback is lazy and reused.** When it is needed, it launches **once** per server lifetime; every later navigation/tab runs inside that same instance. At worst you see one focus grab the very first time the fallback activates — not one per action, never one per tab.
-- **The headed fallback is optional.** If persistent-profile headless is sufficient for your sites, you will never see a browser window.
+- **No per-call window raises.** Each navigation/click/tool call runs against the existing window without `bringToFront()`, `focus()`, or any other stealing primitive. After the initial Chrome launch you keep working in your other apps without interruption.
+- **One Chrome per server lifetime.** Auto-launch creates Chrome **once** at startup and reuses it for every later tool call — no popup-per-action loop.
+- **Headless opt-in available.** For CI/server use, `--headless` or `OPENCHROME_HEADLESS=1` runs without any window at all. The default is headed since #657 because headless mode is materially more prone to silent hangs and login failures on real-world sites.
 
-The only scenario in which a window appears at all is the first time the Tier-3 headed fallback activates in a given session.
+The only scenario in which a focus grab can happen is the very first Chrome launch — not one per tool call, never one per tab.
 
 ---
 
@@ -535,6 +564,10 @@ docker run openchrome
 | `CHROME_USER_DATA_DIR` | Custom profile directory |
 | `CI` | Detected automatically; adds `--no-sandbox` |
 | `DOCKER` | Detected automatically; adds `--no-sandbox` |
+| `OPENCHROME_PPID_WATCH` | Set to `0` to disable the parent-process watcher in stdio mode. Default: enabled. The watcher exits the server when its launching MCP-client parent dies, so abrupt parent termination (force-quit, `kill -9`, tmux teardown) does not orphan the openchrome process. HTTP and `both` transport modes ignore this flag — they remain daemon-capable. |
+| `OPENCHROME_PPID_WATCH_INTERVAL_MS` | Polling interval for the parent watcher in milliseconds. Default: `2000`. Clamped to `[500, 60000]`. |
+| `OPENCHROME_HEALTH_ENDPOINT` | Force-enable (`1`/`true`) or force-disable (`0`/`false`) the `/health` and `/metrics` HTTP listener. Default: on for `--transport http` / `both`, off for `--transport stdio`. Stdio-mode instances usually talk to a single MCP client over the pipe and do not need an external monitoring port; disabling it saves ~200-300 KB heap + one file descriptor per instance. Operators who run stdio under a supervisor can opt in with `OPENCHROME_HEALTH_ENDPOINT=1`; daemon-mode operators who run the health check externally can opt out with `OPENCHROME_HEALTH_ENDPOINT=0`. Invalid values (e.g. `yes`, `2`) fall through to the transport-mode default. |
+| `OPENCHROME_HEADLESS` | Opt into headless Chrome from CI / Docker without `--headless`. Accepts `1`/`true`/`yes` (headless) or `0`/`false`/`no` (headed). Lower precedence than the CLI flag, higher than persisted config. Default since #657 is headed. |
 
 ### Individual flags
 
@@ -550,9 +583,10 @@ openchrome serve \
 | Flag | Default | Description |
 |------|---------|-------------|
 | `--auto-launch` | `false` | Auto-launch Chrome if not running |
+| `--headless` | `false` | Run Chrome headless. Also: `OPENCHROME_HEADLESS=1`. Default since #657 is headed. |
 | `--headless-shell` | `false` | Use chrome-headless-shell binary |
-| `--visible` | `false` | Show Chrome window (disables headless) |
-| `--server-mode` | `false` | Compound flag for server deployment |
+| `--visible` | (deprecated) | No-op alias for headed; the new default is headed since #657. Will be removed in a future release. |
+| `--server-mode` | `false` | Compound flag for server deployment (forces `--headless` + auto-launch) |
 
 ---
 

package/dist/browser-state/snapshot.d.ts

@@ -13,6 +13,7 @@
  *  - Old snapshots are pruned to keep disk usage bounded.
  *  - All restore operations are best-effort (try/catch, non-fatal).
  */
+import { IdleState } from '../utils/idle-state';
 export interface BrowserSnapshot {
     timestamp: number;
     cookies: Array<{
@@ -32,13 +33,17 @@ export declare class BrowserStateManager {
     private readonly intervalMs;
     private readonly maxSnapshots;
     private readonly snapshotDir;
+    private readonly idleState;
     private lastSnapshotAt;
     private snapshotCount;
+    private stopped;
+    private lastDelayMs;
     private getCookiesFn;
     private getTabUrlsFn;
     constructor(opts?: {
         intervalMs?: number;
         maxSnapshots?: number;
+        idleState?: IdleState;
     });
     /**
      * Register the cookie retrieval function (called from index.ts after CDP client is ready).
@@ -51,6 +56,13 @@ export declare class BrowserStateManager {
     setTabUrlProvider(fn: () => Promise<string[]>): void;
     start(): Promise<void>;
     stop(): void;
+    /**
+     * Current scheduling delay in ms — exposed for tests asserting the
+     * active/idle rate transition (issue #649 §3.1).
+     */
+    getCurrentDelayMs(): number;
+    private nextDelayMs;
+    private scheduleNext;
     takeSnapshot(): Promise<void>;
     /**
      * Load the latest snapshot's cookies (raw data for the caller to apply via CDP).

package/dist/browser-state/snapshot.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"snapshot.d.ts","sourceRoot":"","sources":["../../src/browser-state/snapshot.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAUH,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,KAAK,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,MAAM,EAAE,MAAM,CAAC;QACf,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,QAAQ,EAAE,OAAO,CAAC;QAClB,MAAM,EAAE,OAAO,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,CAAC,CAAC;IACH,OAAO,EAAE,MAAM,EAAE,CAAC;CACnB;AAED,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,KAAK,CAA+B;IAC5C,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IACpC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAS;IACtC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,cAAc,CAAK;IAC3B,OAAO,CAAC,aAAa,CAAK;IAC1B,OAAO,CAAC,YAAY,CAAuC;IAC3D,OAAO,CAAC,YAAY,CAA0C;gBAElD,IAAI,CAAC,EAAE;QAAE,UAAU,CAAC,EAAE,MAAM,CAAC;QAAC,YAAY,CAAC,EAAE,MAAM,CAAA;KAAE;IAMjE;;;OAGG;IACH,iBAAiB,CAAC,EAAE,EAAE,MAAM,OAAO,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI;IAIjD;;OAEG;IACH,iBAAiB,CAAC,EAAE,EAAE,MAAM,OAAO,CAAC,MAAM,EAAE,CAAC,GAAG,IAAI;IAI9C,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAa5B,IAAI,IAAI,IAAI;IAON,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;IA6BnC;;OAEG;IACG,gBAAgB,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;YAmBjC,cAAc;IAkB5B,SAAS,IAAI;QAAE,cAAc,EAAE,MAAM,CAAC;QAAC,aAAa,EAAE,MAAM,CAAA;KAAE;CAG/D"}
+{"version":3,"file":"snapshot.d.ts","sourceRoot":"","sources":["../../src/browser-state/snapshot.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AASH,OAAO,EAAgC,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAQ9E,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,KAAK,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,MAAM,EAAE,MAAM,CAAC;QACf,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,QAAQ,EAAE,OAAO,CAAC;QAClB,MAAM,EAAE,OAAO,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,CAAC,CAAC;IACH,OAAO,EAAE,MAAM,EAAE,CAAC;CACnB;AAED,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,KAAK,CAA+B;IAC5C,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IACpC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAS;IACtC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAY;IACtC,OAAO,CAAC,cAAc,CAAK;IAC3B,OAAO,CAAC,aAAa,CAAK;IAC1B,OAAO,CAAC,OAAO,CAAQ;IACvB,OAAO,CAAC,WAAW,CAAK;IACxB,OAAO,CAAC,YAAY,CAAuC;IAC3D,OAAO,CAAC,YAAY,CAA0C;gBAElD,IAAI,CAAC,EAAE;QAAE,UAAU,CAAC,EAAE,MAAM,CAAC;QAAC,YAAY,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,SAAS,CAAA;KAAE;IAOxF;;;OAGG;IACH,iBAAiB,CAAC,EAAE,EAAE,MAAM,OAAO,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI;IAIjD;;OAEG;IACH,iBAAiB,CAAC,EAAE,EAAE,MAAM,OAAO,CAAC,MAAM,EAAE,CAAC,GAAG,IAAI;IAI9C,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAS5B,IAAI,IAAI,IAAI;IAQZ;;;OAGG;IACH,iBAAiB,IAAI,MAAM;IAI3B,OAAO,CAAC,WAAW;IAInB,OAAO,CAAC,YAAY;IAed,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;IA6BnC;;OAEG;IACG,gBAAgB,IAAI,OAAO,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;YAmBjC,cAAc;IAkB5B,SAAS,IAAI;QAAE,cAAc,EAAE,MAAM,CAAC;QAAC,aAAa,EAAE,MAAM,CAAA;KAAE;CAG/D"}

package/dist/browser-state/snapshot.js

@@ -53,19 +53,29 @@ const path = __importStar(require("path"));
 const os = __importStar(require("os"));
 const fs = __importStar(require("fs/promises"));
 const defaults_1 = require("../config/defaults");
+const idle_state_1 = require("../utils/idle-state");
+/**
+ * Idle cadence. 300 s is 5× slower than the default 60 s active rate
+ * (issue #649 Part A §3.1 — snapshot is rebuilt on next RPC regardless).
+ */
+const IDLE_SNAPSHOT_INTERVAL_MS = 300_000;
 class BrowserStateManager {
     timer = null;
     intervalMs;
     maxSnapshots;
     snapshotDir;
+    idleState;
     lastSnapshotAt = 0;
     snapshotCount = 0;
+    stopped = true;
+    lastDelayMs = 0;
     getCookiesFn = null;
     getTabUrlsFn = null;
     constructor(opts) {
         this.intervalMs = opts?.intervalMs ?? defaults_1.DEFAULT_SNAPSHOT_INTERVAL_MS;
         this.maxSnapshots = opts?.maxSnapshots ?? defaults_1.DEFAULT_SNAPSHOT_MAX_COUNT;
         this.snapshotDir = path.join(os.homedir(), '.openchrome', 'snapshots');
+        this.idleState = opts?.idleState ?? (0, idle_state_1.getIdleState)();
     }
     /**
      * Register the cookie retrieval function (called from index.ts after CDP client is ready).
@@ -82,22 +92,44 @@ class BrowserStateManager {
     }
     async start() {
         this.stop();
+        this.stopped = false;
         await fs.mkdir(this.snapshotDir, { recursive: true });
         // Don't take immediate snapshot — wait for first interval
-        this.timer = setInterval(() => {
-            this.takeSnapshot().catch(err => {
-                console.error('[BrowserState] Snapshot failed:', err);
-            });
-        }, this.intervalMs);
-        this.timer.unref();
+        this.scheduleNext(this.nextDelayMs());
         console.error(`[BrowserState] Snapshot service started (interval: ${this.intervalMs}ms, dir: ${this.snapshotDir})`);
     }
     stop() {
+        this.stopped = true;
         if (this.timer) {
-            clearInterval(this.timer);
+            clearTimeout(this.timer);
             this.timer = null;
         }
     }
+    /**
+     * Current scheduling delay in ms — exposed for tests asserting the
+     * active/idle rate transition (issue #649 §3.1).
+     */
+    getCurrentDelayMs() {
+        return this.lastDelayMs;
+    }
+    nextDelayMs() {
+        return this.idleState.isIdle(idle_state_1.IDLE_WINDOW_MS) ? IDLE_SNAPSHOT_INTERVAL_MS : this.intervalMs;
+    }
+    scheduleNext(delay) {
+        if (this.stopped)
+            return;
+        this.lastDelayMs = delay;
+        this.timer = setTimeout(() => {
+            this.takeSnapshot()
+                .catch(err => {
+                console.error('[BrowserState] Snapshot failed:', err);
+            })
+                .finally(() => {
+                this.scheduleNext(this.nextDelayMs());
+            });
+        }, delay);
+        this.timer.unref();
+    }
     async takeSnapshot() {
         if (!this.getCookiesFn)
             return;

package/dist/browser-state/snapshot.js.map

@@ -1 +1 @@
-{"version":3,"file":"snapshot.js","sourceRoot":"","sources":["../../src/browser-state/snapshot.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,2CAA6B;AAC7B,uCAAyB;AACzB,gDAAkC;AAClC,iDAG4B;AAiB5B,MAAa,mBAAmB;IACtB,KAAK,GAA0B,IAAI,CAAC;IAC3B,UAAU,CAAS;IACnB,YAAY,CAAS;IACrB,WAAW,CAAS;IAC7B,cAAc,GAAG,CAAC,CAAC;IACnB,aAAa,GAAG,CAAC,CAAC;IAClB,YAAY,GAAkC,IAAI,CAAC;IACnD,YAAY,GAAqC,IAAI,CAAC;IAE9D,YAAY,IAAqD;QAC/D,IAAI,CAAC,UAAU,GAAG,IAAI,EAAE,UAAU,IAAI,uCAA4B,CAAC;QACnE,IAAI,CAAC,YAAY,GAAG,IAAI,EAAE,YAAY,IAAI,qCAA0B,CAAC;QACrE,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC;IACzE,CAAC;IAED;;;OAGG;IACH,iBAAiB,CAAC,EAAwB;QACxC,IAAI,CAAC,YAAY,GAAG,EAAE,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,iBAAiB,CAAC,EAA2B;QAC3C,IAAI,CAAC,YAAY,GAAG,EAAE,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,KAAK;QACT,IAAI,CAAC,IAAI,EAAE,CAAC;QACZ,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACtD,0DAA0D;QAC1D,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC,GAAG,EAAE;YAC5B,IAAI,CAAC,YAAY,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;gBAC9B,OAAO,CAAC,KAAK,CAAC,iCAAiC,EAAE,GAAG,CAAC,CAAC;YACxD,CAAC,CAAC,CAAC;QACL,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QACpB,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QACnB,OAAO,CAAC,KAAK,CAAC,sDAAsD,IAAI,CAAC,UAAU,YAAY,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC;IACtH,CAAC;IAED,IAAI;QACF,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC1B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QACpB,CAAC;IACH,CAAC;IAED,KAAK,CAAC,YAAY;QAChB,IAAI,CAAC,IAAI,CAAC,YAAY;YAAE,OAAO;QAE/B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;YAC1C,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAEnE,MAAM,QAAQ,GAAoB;gBAChC,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,OAAO;gBACP,OAAO;aACR,CAAC;YAEF,MAAM,QAAQ,GAAG,YAAY,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC;YAC/C,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACvD,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC,CAAC;YAChE,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;YAChC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACjC,IAAI,CAAC,aAAa,EAAE,CAAC;YAErB,sBAAsB;YACtB,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YAE5B,OAAO,CAAC,KAAK,CAAC,kCAAkC,OAAO,CAAC,MAAM,aAAa,OAAO,CAAC,MAAM,OAAO,CAAC,CAAC;QACpG,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,yCAAyC,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB;QACpB,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACjD,MAAM,aAAa,GAAG,KAAK;iBACxB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;iBAC7D,IAAI,EAAE;iBACN,OAAO,EAAE,CAAC;YAEb,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,IAAI,CAAC;YAE5C,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC;YACjE,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YACvD,MAAM,QAAQ,GAAoB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACtD,OAAO,QAAQ,CAAC,OAAO,CAAC;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,cAAc;QAC1B,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACjD,MAAM,aAAa,GAAG,KAAK;iBACxB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;iBAC7D,IAAI,EAAE;iBACN,OAAO,EAAE,CAAC;YAEb,gCAAgC;YAChC,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YACxD,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;gBAC5B,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC,CAAC;YACrD,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,sBAAsB;QACxB,CAAC;IACH,CAAC;IAED,SAAS;QACP,OAAO,EAAE,cAAc,EAAE,IAAI,CAAC,cAAc,EAAE,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC;IACpF,CAAC;CACF;AA3HD,kDA2HC"}
+{"version":3,"file":"snapshot.js","sourceRoot":"","sources":["../../src/browser-state/snapshot.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,2CAA6B;AAC7B,uCAAyB;AACzB,gDAAkC;AAClC,iDAG4B;AAC5B,oDAA8E;AAE9E;;;GAGG;AACH,MAAM,yBAAyB,GAAG,OAAO,CAAC;AAiB1C,MAAa,mBAAmB;IACtB,KAAK,GAA0B,IAAI,CAAC;IAC3B,UAAU,CAAS;IACnB,YAAY,CAAS;IACrB,WAAW,CAAS;IACpB,SAAS,CAAY;IAC9B,cAAc,GAAG,CAAC,CAAC;IACnB,aAAa,GAAG,CAAC,CAAC;IAClB,OAAO,GAAG,IAAI,CAAC;IACf,WAAW,GAAG,CAAC,CAAC;IAChB,YAAY,GAAkC,IAAI,CAAC;IACnD,YAAY,GAAqC,IAAI,CAAC;IAE9D,YAAY,IAA4E;QACtF,IAAI,CAAC,UAAU,GAAG,IAAI,EAAE,UAAU,IAAI,uCAA4B,CAAC;QACnE,IAAI,CAAC,YAAY,GAAG,IAAI,EAAE,YAAY,IAAI,qCAA0B,CAAC;QACrE,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC;QACvE,IAAI,CAAC,SAAS,GAAG,IAAI,EAAE,SAAS,IAAI,IAAA,yBAAY,GAAE,CAAC;IACrD,CAAC;IAED;;;OAGG;IACH,iBAAiB,CAAC,EAAwB;QACxC,IAAI,CAAC,YAAY,GAAG,EAAE,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,iBAAiB,CAAC,EAA2B;QAC3C,IAAI,CAAC,YAAY,GAAG,EAAE,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,KAAK;QACT,IAAI,CAAC,IAAI,EAAE,CAAC;QACZ,IAAI,CAAC,OAAO,GAAG,KAAK,CAAC;QACrB,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACtD,0DAA0D;QAC1D,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;QACtC,OAAO,CAAC,KAAK,CAAC,sDAAsD,IAAI,CAAC,UAAU,YAAY,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC;IACtH,CAAC;IAED,IAAI;QACF,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;QACpB,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACzB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QACpB,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,iBAAiB;QACf,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAEO,WAAW;QACjB,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,2BAAc,CAAC,CAAC,CAAC,CAAC,yBAAyB,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC;IAC7F,CAAC;IAEO,YAAY,CAAC,KAAa;QAChC,IAAI,IAAI,CAAC,OAAO;YAAE,OAAO;QACzB,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;QACzB,IAAI,CAAC,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YAC3B,IAAI,CAAC,YAAY,EAAE;iBAChB,KAAK,CAAC,GAAG,CAAC,EAAE;gBACX,OAAO,CAAC,KAAK,CAAC,iCAAiC,EAAE,GAAG,CAAC,CAAC;YACxD,CAAC,CAAC;iBACD,OAAO,CAAC,GAAG,EAAE;gBACZ,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;YACxC,CAAC,CAAC,CAAC;QACP,CAAC,EAAE,KAAK,CAAC,CAAC;QACV,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;IAED,KAAK,CAAC,YAAY;QAChB,IAAI,CAAC,IAAI,CAAC,YAAY;YAAE,OAAO;QAE/B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;YAC1C,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAEnE,MAAM,QAAQ,GAAoB;gBAChC,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,OAAO;gBACP,OAAO;aACR,CAAC;YAEF,MAAM,QAAQ,GAAG,YAAY,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC;YAC/C,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACvD,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC,CAAC;YAChE,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;YAChC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACjC,IAAI,CAAC,aAAa,EAAE,CAAC;YAErB,sBAAsB;YACtB,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YAE5B,OAAO,CAAC,KAAK,CAAC,kCAAkC,OAAO,CAAC,MAAM,aAAa,OAAO,CAAC,MAAM,OAAO,CAAC,CAAC;QACpG,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,yCAAyC,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB;QACpB,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACjD,MAAM,aAAa,GAAG,KAAK;iBACxB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;iBAC7D,IAAI,EAAE;iBACN,OAAO,EAAE,CAAC;YAEb,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,IAAI,CAAC;YAE5C,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC;YACjE,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YACvD,MAAM,QAAQ,GAAoB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACtD,OAAO,QAAQ,CAAC,OAAO,CAAC;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,cAAc;QAC1B,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACjD,MAAM,aAAa,GAAG,KAAK;iBACxB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;iBAC7D,IAAI,EAAE;iBACN,OAAO,EAAE,CAAC;YAEb,gCAAgC;YAChC,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YACxD,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;gBAC5B,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC,CAAC;YACrD,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,sBAAsB;QACxB,CAAC;IACH,CAAC;IAED,SAAS;QACP,OAAO,EAAE,cAAc,EAAE,IAAI,CAAC,cAAc,EAAE,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC;IACpF,CAAC;CACF;AAvJD,kDAuJC"}

package/dist/cdp/client.d.ts

@@ -60,6 +60,8 @@ export declare class CDPClient {
     private pingLatencies;
     private static readonly MAX_PING_SAMPLES;
     private static readonly COOKIE_CACHE_TTL;
+    private static readonly COOKIE_SOURCE_CACHE_MAX;
+    private static readonly COOKIE_DATA_CACHE_MAX;
     private reconnecting;
     private reconnectingAttempt;
     private reconnectNextRetryAt;
@@ -100,6 +102,20 @@ export declare class CDPClient {
      */
     private onTargetDestroyed;
     private touchTargetActivity;
+    /**
+     * Insert or refresh an entry in cookieSourceCache with a FIFO size cap.
+     * When the cache is at capacity AND the key is new, the oldest-inserted
+     * entry is evicted. Existing keys update in place without eviction.
+     * See issue #647.
+     */
+    private setCookieSourceCacheEntry;
+    /**
+     * Insert or refresh an entry in cookieDataCache with a FIFO size cap.
+     * When the cache is at capacity AND the key is new, the oldest-inserted
+     * entry is evicted. Existing keys update in place without eviction.
+     * See issue #647.
+     */
+    private setCookieDataCacheEntry;
     getLastCookieScanResult(): CookieScanResult | null;
     /**
      * Emit connection event

package/dist/cdp/client.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/cdp/client.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAkB,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AA0B9F,OAAO,EAAE,MAAM,EAAsB,MAAM,iBAAiB,CAAC;AAkB7D,MAAM,MAAM,gBAAgB,GAAG,UAAU,GAAG,SAAS,GAAG,eAAe,GAAG,YAAY,CAAC;AAEvF,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,gBAAgB,CAAC;IACzB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,gBAAgB;IAC/B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,oEAAoE;IACpE,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,MAAM,eAAe,GAAG,cAAc,GAAG,YAAY,GAAG,WAAW,GAAG,cAAc,CAAC;AAE3F,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,WAAW,GAAG,cAAc,GAAG,cAAc,GAAG,aAAa,GAAG,kBAAkB,CAAC;IACzF,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAkBD,qBAAa,SAAS;IACpB,OAAO,CAAC,OAAO,CAAwB;IACvC,OAAO,CAAC,QAAQ,CAAsC;IACtD,OAAO,CAAC,IAAI,CAAS;IACrB,OAAO,CAAC,oBAAoB,CAAS;IACrC,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,mBAAmB,CAAS;IACpC,OAAO,CAAC,cAAc,CAA+B;IACrD,OAAO,CAAC,eAAe,CAAmC;IAC1D,OAAO,CAAC,cAAc,CAA4C;IAClE,OAAO,CAAC,wBAAwB,CAAmD;IACnF,OAAO,CAAC,iBAAiB,CAAK;IAC9B,OAAO,CAAC,4BAA4B,CAAK;IACzC,OAAO,CAAC,6BAA6B,CAAK;IAC1C,OAAO,CAAC,uBAAuB,CAAS;IACxC,OAAO,CAAC,UAAU,CAAU;IAC5B,OAAO,CAAC,iBAAiB,CAAmE;IAC5F,OAAO,CAAC,eAAe,CAAyE;IAChG,OAAO,CAAC,aAAa,CAAgC;IACrD,OAAO,CAAC,gBAAgB,CAAkC;IAC1D,OAAO,CAAC,mBAAmB,CAAqD;IAChF,OAAO,CAAC,oBAAoB,CAAiC;IAC7D,wFAAwF;IACxF,OAAO,CAAC,cAAc,CAA8B;IACpD,wFAAwF;IACxF,OAAO,CAAC,cAAc,CAAK;IAG3B,OAAO,CAAC,aAAa,CAAsD;IAC3E,OAAO,CAAC,aAAa,CAAK;IAC1B,OAAO,CAAC,kBAAkB,CAA+B;IAGzD,OAAO,CAAC,cAAc,CAAK;IAC3B,OAAO,CAAC,aAAa,CAAgB;IACrC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAM;IAE9C,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAU;IAGlD,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,mBAAmB,CAAK;IAChC,OAAO,CAAC,oBAAoB,CAAK;IACjC,sEAAsE;IACtE,OAAO,CAAC,mBAAmB,CAAS;gBAExB,OAAO,GAAE,gBAAqB;IAU1C;;OAEG;IACH,kBAAkB,IAAI,eAAe;IAIrC;;OAEG;IACH,cAAc,IAAI,OAAO;IAIzB;;;OAGG;IACH,gBAAgB,IAAI,MAAM;IAO1B;;OAEG;IACH,qBAAqB,CAAC,QAAQ,EAAE,CAAC,KAAK,EAAE,eAAe,KAAK,IAAI,GAAG,IAAI;IAIvE;;OAEG;IACH,wBAAwB,CAAC,QAAQ,EAAE,CAAC,KAAK,EAAE,eAAe,KAAK,IAAI,GAAG,IAAI;IAO1E;;OAEG;IACH,0BAA0B,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,IAAI,KAAK,IAAI,GAAG,IAAI;IAInF;;OAEG;IACH,6BAA6B,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,IAAI,KAAK,IAAI,GAAG,IAAI;IAOtF;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAuBzB,OAAO,CAAC,mBAAmB;IAI3B,uBAAuB,IAAI,gBAAgB,GAAG,IAAI;IAIlD;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAU3B;;OAEG;IACH,OAAO,CAAC,cAAc;IA4BtB;;OAEG;IACH,OAAO,CAAC,aAAa;IAOrB;;OAEG;IACH,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG,QAAQ,GAAG,OAAO,GAAG,UAAU,GAAG,IAAI;IA2BtE;;OAEG;IACH,OAAO,CAAC,6BAA6B;IASrC;;;;;OAKG;IACH,qBAAqB,IAAI,IAAI;IAO7B;;OAEG;IACH,gBAAgB,IAAI,MAAM,GAAG,QAAQ,GAAG,OAAO,GAAG,UAAU;IAI5D;;;OAGG;IACH,YAAY,IAAI,MAAM,GAAG,IAAI;IAI7B;;OAEG;IACH,oBAAoB,IAAI;QACtB,mBAAmB,EAAE,MAAM,CAAC;QAC5B,cAAc,EAAE,MAAM,CAAC;QACvB,gBAAgB,EAAE,MAAM,CAAC;QACzB,aAAa,EAAE,MAAM,CAAC;QACtB,oBAAoB,EAAE,MAAM,CAAC;QAC7B,cAAc,EAAE,MAAM,CAAC;QACvB,YAAY,EAAE,OAAO,CAAC;QACtB,gBAAgB,EAAE,MAAM,CAAC;QACzB,sBAAsB,EAAE,MAAM,CAAC;KAChC;IAoBD;;;;OAIG;YACW,eAAe;IAyD7B;;OAEG;YACW,gBAAgB;IA+H9B;;;;;;;;OAQG;YACW,eAAe;IA2L7B;;;;;;;;;OASG;IACG,OAAO,CAAC,OAAO,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IA6D3D;;;;;;;;OAQG;IACG,cAAc,CAAC,OAAO,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAgElE;;;;OAIG;YACW,4BAA4B;IAqB1C;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IA0BjC;;OAEG;IACH,UAAU,IAAI,OAAO;IAQrB,MAAM,CAAC,QAAQ,CAAC,gBAAgB;;;MAAoB;IAEpD;;;OAGG;IACG,oBAAoB,IAAI,OAAO,CAAC,cAAc,CAAC;IAOrD;;OAEG;IACG,mBAAmB,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;IAUjE;;OAEG;IACH,OAAO,CAAC,WAAW;IASnB;;;OAGG;IACH,OAAO,CAAC,gBAAgB;IAqCxB;;;;;;;;OAQG;IACG,2BAA2B,CAAC,YAAY,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAkC7E,6BAA6B,CAAC,YAAY,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAKlF;;;;OAIG;YACW,8BAA8B;IAqK5C;;;;OAIG;IACG,iBAAiB,CAAC,cAAc,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC;IA6GhF;;;;;OAKG;IACG,UAAU,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,IAAI,EAAE,gBAAgB,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAyF1G;;;;;;;;;OASG;IACG,mBAAmB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,GAAE,MAAa,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,IAAI,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;IA0N1G;;;OAGG;IACH,OAAO,CAAC,qBAAqB;IA+K7B;;OAEG;IACG,QAAQ,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;IAKjC;;;;OAIG;IACG,oBAAoB,IAAI,OAAO,CAAC,MAAM,CAAC;IAuB7C;;OAEG;IACG,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAiC/D;;;;OAIG;IACH,iBAAiB,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,IAAI;IAWrD;;OAEG;IACG,aAAa,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,UAAU,CAAC;IAuBpD;;;OAGG;IACG,IAAI,CAAC,CAAC,GAAG,OAAO,EACpB,IAAI,EAAE,IAAI,EACV,MAAM,EAAE,MAAM,EACd,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,CAAC,CAAC;IAoBb;;OAEG;IACH,UAAU,IAAI,MAAM,EAAE;IAItB;;OAEG;IACH,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS;IAIhD;;OAEG;IACG,SAAS,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAS1C;;OAEG;IACG,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAShD;;OAEG;IACH,WAAW,IAAI,OAAO;IAItB;;OAEG;IACH,OAAO,IAAI,MAAM;IAIjB;;OAEG;IACH,MAAM,CAAC,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,SAAS;CAG1E;AAKD,wBAAgB,YAAY,CAAC,OAAO,CAAC,EAAE,gBAAgB,GAAG,SAAS,CAKlE;AAED;;GAEG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,OAAO,CAAqC;IAEpD;;OAEG;IACH,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,SAAS;IAShE;;OAEG;IACH,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,SAAS,GAAG,SAAS;IAIxC;;OAEG;IACH,MAAM,IAAI,SAAS,EAAE;IAIrB;;OAEG;IACG,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;CASrC;AAKD,wBAAgB,mBAAmB,IAAI,gBAAgB,CAKtD"}
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/cdp/client.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAkB,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AA0B9F,OAAO,EAAE,MAAM,EAAsB,MAAM,iBAAiB,CAAC;AAmB7D,MAAM,MAAM,gBAAgB,GAAG,UAAU,GAAG,SAAS,GAAG,eAAe,GAAG,YAAY,CAAC;AAEvF,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,gBAAgB,CAAC;IACzB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,gBAAgB;IAC/B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,oEAAoE;IACpE,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,MAAM,eAAe,GAAG,cAAc,GAAG,YAAY,GAAG,WAAW,GAAG,cAAc,CAAC;AAE3F,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,WAAW,GAAG,cAAc,GAAG,cAAc,GAAG,aAAa,GAAG,kBAAkB,CAAC;IACzF,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAkBD,qBAAa,SAAS;IACpB,OAAO,CAAC,OAAO,CAAwB;IACvC,OAAO,CAAC,QAAQ,CAAsC;IACtD,OAAO,CAAC,IAAI,CAAS;IACrB,OAAO,CAAC,oBAAoB,CAAS;IACrC,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,mBAAmB,CAAS;IACpC,OAAO,CAAC,cAAc,CAA+B;IACrD,OAAO,CAAC,eAAe,CAAmC;IAC1D,OAAO,CAAC,cAAc,CAA4C;IAClE,OAAO,CAAC,wBAAwB,CAAmD;IACnF,OAAO,CAAC,iBAAiB,CAAK;IAC9B,OAAO,CAAC,4BAA4B,CAAK;IACzC,OAAO,CAAC,6BAA6B,CAAK;IAC1C,OAAO,CAAC,uBAAuB,CAAS;IACxC,OAAO,CAAC,UAAU,CAAU;IAC5B,OAAO,CAAC,iBAAiB,CAAmE;IAC5F,OAAO,CAAC,eAAe,CAAyE;IAChG,OAAO,CAAC,aAAa,CAAgC;IACrD,OAAO,CAAC,gBAAgB,CAAkC;IAC1D,OAAO,CAAC,mBAAmB,CAAqD;IAChF,OAAO,CAAC,oBAAoB,CAAiC;IAC7D,wFAAwF;IACxF,OAAO,CAAC,cAAc,CAA8B;IACpD,wFAAwF;IACxF,OAAO,CAAC,cAAc,CAAK;IAG3B,OAAO,CAAC,aAAa,CAAsD;IAC3E,OAAO,CAAC,aAAa,CAAK;IAC1B,OAAO,CAAC,kBAAkB,CAA+B;IAGzD,OAAO,CAAC,cAAc,CAAK;IAC3B,OAAO,CAAC,aAAa,CAAgB;IACrC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAM;IAE9C,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAU;IASlD,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,uBAAuB,CAAM;IACrD,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,qBAAqB,CAAM;IAGnD,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,mBAAmB,CAAK;IAChC,OAAO,CAAC,oBAAoB,CAAK;IACjC,sEAAsE;IACtE,OAAO,CAAC,mBAAmB,CAAS;gBAExB,OAAO,GAAE,gBAAqB;IAU1C;;OAEG;IACH,kBAAkB,IAAI,eAAe;IAIrC;;OAEG;IACH,cAAc,IAAI,OAAO;IAIzB;;;OAGG;IACH,gBAAgB,IAAI,MAAM;IAO1B;;OAEG;IACH,qBAAqB,CAAC,QAAQ,EAAE,CAAC,KAAK,EAAE,eAAe,KAAK,IAAI,GAAG,IAAI;IAIvE;;OAEG;IACH,wBAAwB,CAAC,QAAQ,EAAE,CAAC,KAAK,EAAE,eAAe,KAAK,IAAI,GAAG,IAAI;IAO1E;;OAEG;IACH,0BAA0B,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,IAAI,KAAK,IAAI,GAAG,IAAI;IAInF;;OAEG;IACH,6BAA6B,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,IAAI,KAAK,IAAI,GAAG,IAAI;IAOtF;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAuBzB,OAAO,CAAC,mBAAmB;IAI3B;;;;;OAKG;IACH,OAAO,CAAC,yBAAyB;IAgBjC;;;;;OAKG;IACH,OAAO,CAAC,uBAAuB;IAgB/B,uBAAuB,IAAI,gBAAgB,GAAG,IAAI;IAIlD;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAU3B;;OAEG;IACH,OAAO,CAAC,cAAc;IA4BtB;;OAEG;IACH,OAAO,CAAC,aAAa;IAOrB;;OAEG;IACH,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG,QAAQ,GAAG,OAAO,GAAG,UAAU,GAAG,IAAI;IA2BtE;;OAEG;IACH,OAAO,CAAC,6BAA6B;IASrC;;;;;OAKG;IACH,qBAAqB,IAAI,IAAI;IAO7B;;OAEG;IACH,gBAAgB,IAAI,MAAM,GAAG,QAAQ,GAAG,OAAO,GAAG,UAAU;IAI5D;;;OAGG;IACH,YAAY,IAAI,MAAM,GAAG,IAAI;IAI7B;;OAEG;IACH,oBAAoB,IAAI;QACtB,mBAAmB,EAAE,MAAM,CAAC;QAC5B,cAAc,EAAE,MAAM,CAAC;QACvB,gBAAgB,EAAE,MAAM,CAAC;QACzB,aAAa,EAAE,MAAM,CAAC;QACtB,oBAAoB,EAAE,MAAM,CAAC;QAC7B,cAAc,EAAE,MAAM,CAAC;QACvB,YAAY,EAAE,OAAO,CAAC;QACtB,gBAAgB,EAAE,MAAM,CAAC;QACzB,sBAAsB,EAAE,MAAM,CAAC;KAChC;IAoBD;;;;OAIG;YACW,eAAe;IAyD7B;;OAEG;YACW,gBAAgB;IA+H9B;;;;;;;;OAQG;YACW,eAAe;IAmM7B;;;;;;;;;OASG;IACG,OAAO,CAAC,OAAO,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IA6D3D;;;;;;;;OAQG;IACG,cAAc,CAAC,OAAO,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAgElE;;;;OAIG;YACW,4BAA4B;IAqB1C;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IA0BjC;;OAEG;IACH,UAAU,IAAI,OAAO;IAQrB,MAAM,CAAC,QAAQ,CAAC,gBAAgB;;;MAAoB;IAEpD;;;OAGG;IACG,oBAAoB,IAAI,OAAO,CAAC,cAAc,CAAC;IAOrD;;OAEG;IACG,mBAAmB,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;IAUjE;;OAEG;IACH,OAAO,CAAC,WAAW;IASnB;;;OAGG;IACH,OAAO,CAAC,gBAAgB;IAqCxB;;;;;;;;OAQG;IACG,2BAA2B,CAAC,YAAY,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAuC7E,6BAA6B,CAAC,YAAY,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAKlF;;;;OAIG;YACW,8BAA8B;IAqK5C;;;;OAIG;IACG,iBAAiB,CAAC,cAAc,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC;IAkHhF;;;;;OAKG;IACG,UAAU,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,IAAI,EAAE,gBAAgB,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAyF1G;;;;;;;;;OASG;IACG,mBAAmB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,GAAE,MAAa,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,IAAI,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;IA0N1G;;;OAGG;IACH,OAAO,CAAC,qBAAqB;IA+K7B;;OAEG;IACG,QAAQ,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;IAKjC;;;;OAIG;IACG,oBAAoB,IAAI,OAAO,CAAC,MAAM,CAAC;IAuB7C;;OAEG;IACG,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAiC/D;;;;OAIG;IACH,iBAAiB,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,IAAI;IAWrD;;OAEG;IACG,aAAa,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,UAAU,CAAC;IAuBpD;;;OAGG;IACG,IAAI,CAAC,CAAC,GAAG,OAAO,EACpB,IAAI,EAAE,IAAI,EACV,MAAM,EAAE,MAAM,EACd,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,CAAC,CAAC;IAoBb;;OAEG;IACH,UAAU,IAAI,MAAM,EAAE;IAItB;;OAEG;IACH,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS;IAIhD;;OAEG;IACG,SAAS,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAS1C;;OAEG;IACG,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAShD;;OAEG;IACH,WAAW,IAAI,OAAO;IAItB;;OAEG;IACH,OAAO,IAAI,MAAM;IAIjB;;OAEG;IACH,MAAM,CAAC,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,SAAS;CAG1E;AAKD,wBAAgB,YAAY,CAAC,OAAO,CAAC,EAAE,gBAAgB,GAAG,SAAS,CAKlE;AAED;;GAEG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,OAAO,CAAqC;IAEpD;;OAEG;IACH,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,SAAS;IAShE;;OAEG;IACH,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,SAAS,GAAG,SAAS;IAIxC;;OAEG;IACH,MAAM,IAAI,SAAS,EAAE;IAIrB;;OAEG;IACG,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;CASrC;AAKD,wBAAgB,mBAAmB,IAAI,gBAAgB,CAKtD"}

package/dist/cdp/client.js

@@ -55,6 +55,7 @@ const with_timeout_1 = require("../utils/with-timeout");
 const collector_1 = require("../metrics/collector");
 const connection_1 = require("../errors/connection");
 const fingerprint_defense_1 = require("../stealth/fingerprint-defense");
+const idle_state_1 = require("../utils/idle-state");
 function parseEnvInt(name, fallback) {
     const raw = process.env[name];
     if (raw === undefined)
@@ -105,6 +106,15 @@ class CDPClient {
     pingLatencies = []; // rolling window
     static MAX_PING_SAMPLES = 60; // ~5 min at 5s interval
     static COOKIE_CACHE_TTL = 300000; // 5 minutes
+    // Bounded cookie cache sizes (see issue #647).
+    // Entries are evicted FIFO on write once at cap, and on read-miss when stale.
+    // Rationale:
+    //   - 64 source entries ≈ 64 distinct domains per instance (edge case fan-out
+    //     degrades gracefully to the existing fresh-scan slow path).
+    //   - 16 data entries ≈ typical open-tab count; one entry holds a full cookie
+    //     array (~50–100 KB) so this is the dominant memory line.
+    static COOKIE_SOURCE_CACHE_MAX = 64;
+    static COOKIE_DATA_CACHE_MAX = 16;
     // Reconnection progress (exposed via getConnectionMetrics)
     reconnecting = false;
     reconnectingAttempt = 0;
@@ -202,6 +212,38 @@ class CDPClient {
     touchTargetActivity(targetId) {
         this.targetActivityAt.set(targetId, Date.now());
     }
+    /**
+     * Insert or refresh an entry in cookieSourceCache with a FIFO size cap.
+     * When the cache is at capacity AND the key is new, the oldest-inserted
+     * entry is evicted. Existing keys update in place without eviction.
+     * See issue #647.
+     */
+    setCookieSourceCacheEntry(key, value) {
+        if (this.cookieSourceCache.size >= CDPClient.COOKIE_SOURCE_CACHE_MAX &&
+            !this.cookieSourceCache.has(key)) {
+            const firstKey = this.cookieSourceCache.keys().next().value;
+            if (firstKey !== undefined) {
+                this.cookieSourceCache.delete(firstKey);
+            }
+        }
+        this.cookieSourceCache.set(key, value);
+    }
+    /**
+     * Insert or refresh an entry in cookieDataCache with a FIFO size cap.
+     * When the cache is at capacity AND the key is new, the oldest-inserted
+     * entry is evicted. Existing keys update in place without eviction.
+     * See issue #647.
+     */
+    setCookieDataCacheEntry(key, value) {
+        if (this.cookieDataCache.size >= CDPClient.COOKIE_DATA_CACHE_MAX &&
+            !this.cookieDataCache.has(key)) {
+            const firstKey = this.cookieDataCache.keys().next().value;
+            if (firstKey !== undefined) {
+                this.cookieDataCache.delete(firstKey);
+            }
+        }
+        this.cookieDataCache.set(key, value);
+    }
     getLastCookieScanResult() {
         return this.lastCookieScanResult;
     }
@@ -610,6 +652,8 @@ class CDPClient {
         // Set up disconnect handler
         // Non-null assertion: the retry loop above either sets this.browser and breaks, or throws.
         this.browser.on('disconnected', () => {
+            // Inbound CDP event — reset idle window (issue #649 Part A).
+            (0, idle_state_1.getIdleState)().notifyActive();
             console.error('[CDPClient] Browser disconnected');
             this.handleDisconnect().catch((err) => {
                 console.error('[CDPClient] handleDisconnect failed:', err);
@@ -617,11 +661,15 @@ class CDPClient {
         });
         // Set up target destroyed handler
         this.browser.on('targetdestroyed', (0, safe_listener_1.safeAsyncListener)('targetdestroyed', async (target) => {
+            // Inbound CDP event — reset idle window (issue #649 Part A).
+            (0, idle_state_1.getIdleState)().notifyActive();
             const targetId = (0, puppeteer_helpers_1.getTargetId)(target);
             console.error(`[CDPClient] Target destroyed: ${targetId}`);
             this.onTargetDestroyed(targetId);
         }));
         this.browser.on('targetchanged', (0, safe_listener_1.safeAsyncListener)('targetchanged', async (target) => {
+            // Inbound CDP event — reset idle window (issue #649 Part A).
+            (0, idle_state_1.getIdleState)().notifyActive();
             if (target.type() !== 'page')
                 return;
             const targetId = (0, puppeteer_helpers_1.getTargetId)(target);
@@ -639,6 +687,8 @@ class CDPClient {
         // (popup/window.open). This makes OAuth redirects, popups, and cross-origin navigations
         // visible without materializing unrelated Chrome-internal targets.
         this.browser.on('targetcreated', (0, safe_listener_1.safeAsyncListener)('targetcreated', async (target) => {
+            // Inbound CDP event — reset idle window (issue #649 Part A).
+            (0, idle_state_1.getIdleState)().notifyActive();
             // Only track 'page' type targets (skip service_worker, browser, etc.)
             if (target.type() !== 'page')
                 return;
@@ -1001,6 +1051,11 @@ class CDPClient {
             this.lastCookieScanResult = result;
             return result;
         }
+        if (cached) {
+            // Stale entry: drop it so the cache does not retain expired data when
+            // the fresh scan path below produces a new result (see issue #647).
+            this.cookieSourceCache.delete(cacheKey);
+        }
         // Promise coalescing: if a scan for this domain is already in-flight, reuse it
         const existing = this.inFlightCookieScans.get(cacheKey);
         if (existing) {
@@ -1145,7 +1200,7 @@ class CDPClient {
                     if (cookieCount > 0) {
                         const domainScore = targetDomain ? this.domainMatchScore(candidate.url, targetDomain) : 0;
                         console.error(`[CDPClient] Found authenticated page ${candidate.targetId.slice(0, 8)} at ${candidate.url.slice(0, 50)} (${cookieCount} cookies, domain score: ${domainScore})`);
-                        this.cookieSourceCache.set(cacheKey, { targetId: candidate.targetId, timestamp: Date.now() });
+                        this.setCookieSourceCacheEntry(cacheKey, { targetId: candidate.targetId, timestamp: Date.now() });
                         this.touchTargetActivity(candidate.targetId);
                         const status = targetsScanned < candidates.length ? 'partial' : 'complete';
                         const resultSummary = buildResult(status, candidates.length, candidate.targetId);
@@ -1203,6 +1258,11 @@ class CDPClient {
                     await destSession.detach().catch(() => { });
                 }
             }
+            if (cachedData) {
+                // Stale entry: drop it so the cache does not retain expired data when
+                // the fresh scan path below produces a new result (see issue #647).
+                this.cookieDataCache.delete(sourceTargetId);
+            }
             // Attach to the source target via the multiplexed browser CDP session
             const browser = this.getBrowser();
             const browserSession = await browser.target().createCDPSession();
@@ -1226,7 +1286,7 @@ class CDPClient {
                 const result = await browserSession.send('Network.getAllCookies', undefined, { sessionId });
                 const cookies = result?.cookies || [];
                 // Store in cookie data cache
-                this.cookieDataCache.set(sourceTargetId, { cookies, timestamp: Date.now() });
+                this.setCookieDataCacheEntry(sourceTargetId, { cookies, timestamp: Date.now() });
                 if (cookies.length === 0) {
                     console.error('[CDPClient] No cookies found in source page');
                     return 0;