From a7222f3e56c38f694b0ddd923fdbe74991791dca Mon Sep 17 00:00:00 2001 From: Cynthia Long Date: Tue, 10 Mar 2026 17:42:14 +0000 Subject: [PATCH] Check domain --- .../src/agents/browser/browserManager.test.ts | 15 +++++++++++++++ .../core/src/agents/browser/browserManager.ts | 7 ++++++- 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/packages/core/src/agents/browser/browserManager.test.ts b/packages/core/src/agents/browser/browserManager.test.ts index 28092bc06e..354f6a3249 100644 --- a/packages/core/src/agents/browser/browserManager.test.ts +++ b/packages/core/src/agents/browser/browserManager.test.ts @@ -254,6 +254,21 @@ describe('BrowserManager', () => { ); }); + it('should throw error when invalid domain is configured in allowedDomains', async () => { + const invalidConfig = makeFakeConfig({ + agents: { + browser: { + allowedDomains: ['invalid domain!'], + }, + }, + }); + + const manager = new BrowserManager(invalidConfig); + await expect(manager.ensureConnection()).rejects.toThrow( + 'Invalid domain in allowedDomains: invalid domain!', + ); + }); + it('should pass headless flag when configured', async () => { const headlessConfig = makeFakeConfig({ agents: { diff --git a/packages/core/src/agents/browser/browserManager.ts b/packages/core/src/agents/browser/browserManager.ts index 9e61262a6d..c53646a1ab 100644 --- a/packages/core/src/agents/browser/browserManager.ts +++ b/packages/core/src/agents/browser/browserManager.ts @@ -292,7 +292,12 @@ export class BrowserManager { browserConfig.customConfig.allowedDomains.length > 0 ) { const exclusionRules = browserConfig.customConfig.allowedDomains - .map((domain) => `EXCLUDE ${domain}`) + .map((domain) => { + if (!/^(\*\.)?([a-zA-Z0-9-]+\.)*[a-zA-Z0-9-]+$/.test(domain)) { + throw new Error(`Invalid domain in allowedDomains: ${domain}`); + } + return `EXCLUDE ${domain}`; + }) .join(', '); mcpArgs.push( `--chromeArg="--host-rules=MAP * 127.0.0.1, ${exclusionRules}, EXCLUDE 127.0.0.1"`,