* When cookies have been imported for specific domains, block JS execution * on pages whose origin doesn't match any imported cookie domain. * Prevents cross-origin cookie exfiltration via `js document.cookie` or * similar when the agent navigates to an untrusted page.
(bm: BrowserManager, pageUrl: string)
| 183 | * similar when the agent navigates to an untrusted page. |
| 184 | */ |
| 185 | function assertJsOriginAllowed(bm: BrowserManager, pageUrl: string): void { |
| 186 | if (!bm.hasCookieImports()) return; |
| 187 | |
| 188 | let hostname: string; |
| 189 | try { |
| 190 | hostname = new URL(pageUrl).hostname; |
| 191 | } catch { |
| 192 | return; // about:blank, data: URIs — allow (no cookies at risk) |
| 193 | } |
| 194 | |
| 195 | const importedDomains = bm.getCookieImportedDomains(); |
| 196 | const allowed = [...importedDomains].some(domain => { |
| 197 | // Exact match or subdomain match (e.g., ".github.com" matches "api.github.com") |
| 198 | const normalized = domain.startsWith('.') ? domain : '.' + domain; |
| 199 | return hostname === domain.replace(/^\./, '') || hostname.endsWith(normalized); |
| 200 | }); |
| 201 | |
| 202 | if (!allowed) { |
| 203 | throw new Error( |
| 204 | `JS execution blocked: current page (${hostname}) does not match any cookie-imported domain. ` + |
| 205 | `Imported cookies for: ${[...importedDomains].join(', ')}. ` + |
| 206 | `This prevents cross-origin cookie exfiltration. Navigate to an imported domain or run without imported cookies.` |
| 207 | ); |
| 208 | } |
| 209 | } |
| 210 | |
| 211 | export async function handleReadCommand( |
| 212 | command: string, |
no test coverage detected