feat: harden remote serve and reuse connections
Testing / remote-protocol-compat (0.9.5) (push) Successful in 56s
Testing / remote-protocol-compat (0.9.3) (push) Successful in 59s
Testing / test (push) Successful in 1m1s
Build & Publish Package / publish (push) Successful in 33s
Package Extension / package-extension (push) Successful in 36s
Testing / remote-protocol-compat (0.9.5) (push) Successful in 56s
Testing / remote-protocol-compat (0.9.3) (push) Successful in 59s
Testing / test (push) Successful in 1m1s
Build & Publish Package / publish (push) Successful in 33s
Package Extension / package-extension (push) Successful in 36s
- Gate TCP serve commands with safe-by-default policies, per-key allow tokens, per-key rate limiting, and audit labels. - Reuse authenticated encrypted remote sessions and parallelize/caches multi-browser fanout to reduce repeated handshake roundtrips. - Increase paged native-host batch size with extension-side byte budgeting to speed large tab listings safely. - Point install output at public Chrome Web Store / Firefox AMO listings by default, with --dev preserving unpacked workflows. - Share search-engine metadata between CLI and SDK and bump the package/extension version to 0.16.0. - Cover the new security, pooling, paging, install, and fanout behavior with expanded Python and extension tests.
This commit is contained in:
@@ -31,6 +31,66 @@ def gentle_mode_option(help_text: str):
|
||||
help=help_text,
|
||||
)
|
||||
|
||||
def command_policy_options(fn):
|
||||
"""Reusable raw-command safety flags for /command-like entry points."""
|
||||
fn = click.option(
|
||||
"--allow-all",
|
||||
is_flag=True,
|
||||
help="Allow every command (equivalent to --allow-read-page --allow-control --allow-dangerous --allow-keys)",
|
||||
)(fn)
|
||||
fn = click.option(
|
||||
"--allow-keys",
|
||||
is_flag=True,
|
||||
help="Allow key-management commands (list/trust authorized keys over --remote)",
|
||||
)(fn)
|
||||
fn = click.option(
|
||||
"--allow-dangerous",
|
||||
is_flag=True,
|
||||
help="Allow high-risk commands such as dom.eval, storage.*, screenshots",
|
||||
)(fn)
|
||||
fn = click.option(
|
||||
"--allow-control",
|
||||
is_flag=True,
|
||||
help="Allow browser-control commands such as nav.*, tabs.close, dom.click",
|
||||
)(fn)
|
||||
fn = click.option(
|
||||
"--allow-read-page",
|
||||
is_flag=True,
|
||||
help="Allow page-content read commands such as extract.* and dom.text",
|
||||
)(fn)
|
||||
return fn
|
||||
|
||||
def command_policy_from_options(*, allow_read_page: bool, allow_control: bool, allow_dangerous: bool, allow_keys: bool = False, allow_all: bool = False):
|
||||
"""Build a CommandPolicy from shared raw-command safety flags."""
|
||||
from browser_cli.command_security import CommandPolicy
|
||||
|
||||
if allow_all:
|
||||
return CommandPolicy.unrestricted()
|
||||
return CommandPolicy(
|
||||
allow_read_page=allow_read_page,
|
||||
allow_control=allow_control,
|
||||
allow_dangerous=allow_dangerous,
|
||||
allow_keys=allow_keys,
|
||||
)
|
||||
|
||||
def command_categories_from_options(*, allow_read_page: bool, allow_control: bool, allow_dangerous: bool, allow_keys: bool = False, allow_all: bool = False):
|
||||
"""Convert the shared --allow-* flags into a category list, or None if none were set.
|
||||
|
||||
None means "no explicit policy" — the key falls back to the server-wide default.
|
||||
"""
|
||||
if allow_all:
|
||||
return ["all"]
|
||||
cats = []
|
||||
if allow_read_page:
|
||||
cats.append("read-page")
|
||||
if allow_control:
|
||||
cats.append("control")
|
||||
if allow_dangerous:
|
||||
cats.append("dangerous")
|
||||
if allow_keys:
|
||||
cats.append("keys")
|
||||
return cats or None
|
||||
|
||||
def print_counts(result, noun: str, *, single_suffix: str = "") -> None:
|
||||
"""Render a count result.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user