mirror of
https://github.com/garrytan/gstack.git
synced 2026-05-01 19:25:10 +02:00
Garry Tan
3cda8deec9
* fix: chrome-cdp localhost-only binding Restrict Chrome CDP to localhost by adding --remote-debugging-address=127.0.0.1 and --remote-allow-origins to prevent network-accessible debugging sessions. Clears 1 Socket anomaly (Chrome CDP session exposure). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: extension sender validation + message type allowlist Add sender.id check and ALLOWED_TYPES allowlist to the Chrome extension's message handler. Defense-in-depth against message spoofing from external extensions or future externally_connectable changes. Clears 2 Socket anomalies (extension permissions). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: checksum-verified bun install Replace unverified curl|bash bun installation with checksum-verified download-then-execute pattern. The install script is downloaded, sha256 verified against a known hash, then executed. Preserves the Bun-native install path without adding a Node/npm dependency. Clears Snyk W012 + 3 Socket anomalies. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: content trust boundary markers in browse output Wrap page-content commands (text, html, links, forms, accessibility, console, dialog, snapshot) with --- BEGIN/END UNTRUSTED EXTERNAL CONTENT --- markers. Covers direct commands (server.ts), chain sub-commands, and snapshot output (meta-commands.ts). Adds PAGE_CONTENT_COMMANDS set and wrapUntrustedContent() helper in commands.ts (single source of truth, DRY). Expands the SKILL.md trust warning with explicit processing rules for agents. Clears Snyk W011 (third-party content exposure). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: harden trust boundary markers against escape attacks - Sanitize URLs in markers (remove newlines, cap at 200 chars) to prevent marker injection via history.pushState - Escape marker strings in content (zero-width space) so malicious pages can't forge the END marker to break out of the untrusted block - Wrap resume command snapshot with trust boundary markers - Wrap diff command output with trust boundary markers - Wrap watch stop last snapshot with trust boundary markers Found by cross-model adversarial review (Claude + Codex). * chore: bump version and changelog (v0.13.4.0) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * chore: gitignore .factory/ and remove from tracking Factory Droid support was removed in this branch. The .factory/ directory was re-added by merging main (which had v0.13.5.0 Factory support). Gitignore it so it stays out. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
71 lines
2.2 KiB
Bash
Executable File
71 lines
2.2 KiB
Bash
Executable File
#!/bin/bash
|
|
# Launch Chrome with CDP (remote debugging) enabled.
|
|
# Usage: chrome-cdp [port]
|
|
#
|
|
# Chrome refuses --remote-debugging-port on its default data directory.
|
|
# We create a separate data dir with a symlink to the user's real profile,
|
|
# so Chrome thinks it's non-default but uses the same cookies/extensions.
|
|
|
|
PORT="${1:-9222}"
|
|
CHROME="/Applications/Google Chrome.app/Contents/MacOS/Google Chrome"
|
|
REAL_PROFILE="$HOME/Library/Application Support/Google/Chrome"
|
|
CDP_DATA_DIR="$HOME/.gstack/cdp-profile/chrome"
|
|
|
|
if ! [ -f "$CHROME" ]; then
|
|
echo "Chrome not found at $CHROME" >&2
|
|
exit 1
|
|
fi
|
|
|
|
# Check if Chrome is running
|
|
if pgrep -f "Google Chrome" >/dev/null 2>&1; then
|
|
echo "Chrome is still running. Quitting..."
|
|
osascript -e 'tell application "Google Chrome" to quit' 2>/dev/null
|
|
|
|
# Wait for it to fully exit
|
|
for i in $(seq 1 20); do
|
|
pgrep -f "Google Chrome" >/dev/null 2>&1 || break
|
|
sleep 0.5
|
|
done
|
|
|
|
if pgrep -f "Google Chrome" >/dev/null 2>&1; then
|
|
echo "Chrome won't quit. Force-killing..." >&2
|
|
pkill -f "Google Chrome"
|
|
sleep 1
|
|
fi
|
|
fi
|
|
|
|
# Set up CDP data dir with symlinked profile
|
|
# Chrome requires a "non-default" data dir for --remote-debugging-port.
|
|
# We symlink the real Default profile so cookies/extensions carry over.
|
|
mkdir -p "$CDP_DATA_DIR"
|
|
if [ -d "$REAL_PROFILE/Default" ] && ! [ -e "$CDP_DATA_DIR/Default" ]; then
|
|
ln -s "$REAL_PROFILE/Default" "$CDP_DATA_DIR/Default"
|
|
echo "Linked real Chrome profile into CDP data dir"
|
|
fi
|
|
# Also link Local State (contains crypto keys for cookie decryption, etc.)
|
|
if [ -f "$REAL_PROFILE/Local State" ] && ! [ -e "$CDP_DATA_DIR/Local State" ]; then
|
|
ln -s "$REAL_PROFILE/Local State" "$CDP_DATA_DIR/Local State"
|
|
fi
|
|
|
|
echo "Launching Chrome with CDP on port $PORT..."
|
|
"$CHROME" \
|
|
--remote-debugging-port="$PORT" \
|
|
--remote-debugging-address=127.0.0.1 \
|
|
--remote-allow-origins="http://127.0.0.1:$PORT" \
|
|
--user-data-dir="$CDP_DATA_DIR" \
|
|
--restore-last-session &
|
|
disown
|
|
|
|
# Wait for CDP to be available
|
|
for i in $(seq 1 30); do
|
|
if curl -s "http://127.0.0.1:$PORT/json/version" >/dev/null 2>&1; then
|
|
echo "CDP ready on port $PORT"
|
|
echo "Run: \$B connect chrome"
|
|
exit 0
|
|
fi
|
|
sleep 1
|
|
done
|
|
|
|
echo "CDP not available after 30s." >&2
|
|
exit 1
|