feat: harden remote serve and reuse connections
Testing / remote-protocol-compat (0.9.5) (push) Successful in 56s
Testing / remote-protocol-compat (0.9.3) (push) Successful in 59s
Testing / test (push) Successful in 1m1s
Build & Publish Package / publish (push) Successful in 33s
Package Extension / package-extension (push) Successful in 36s
Testing / remote-protocol-compat (0.9.5) (push) Successful in 56s
Testing / remote-protocol-compat (0.9.3) (push) Successful in 59s
Testing / test (push) Successful in 1m1s
Build & Publish Package / publish (push) Successful in 33s
Package Extension / package-extension (push) Successful in 36s
- Gate TCP serve commands with safe-by-default policies, per-key allow tokens, per-key rate limiting, and audit labels. - Reuse authenticated encrypted remote sessions and parallelize/caches multi-browser fanout to reduce repeated handshake roundtrips. - Increase paged native-host batch size with extension-side byte budgeting to speed large tab listings safely. - Point install output at public Chrome Web Store / Firefox AMO listings by default, with --dev preserving unpacked workflows. - Share search-engine metadata between CLI and SDK and bump the package/extension version to 0.16.0. - Cover the new security, pooling, paging, install, and fanout behavior with expanded Python and extension tests.
This commit is contained in:
@@ -20,11 +20,29 @@ FIREFOX_EXTENSION_ID = "browser-cli@yiprawr.dev"
|
||||
ALLOWED_EXTENSION_IDS = [EXTENSION_ID, WEBSTORE_EXTENSION_ID]
|
||||
SUPPORTED_BROWSERS = ["chrome", "chromium", "brave", "edge", "vivaldi", "firefox"]
|
||||
|
||||
# Public store listings — the default install path now that the extension is
|
||||
# published. Chromium-family browsers (Brave/Edge/Vivaldi/Chromium) can all
|
||||
# install from the Chrome Web Store.
|
||||
CHROME_WEBSTORE_URL = f"https://chromewebstore.google.com/detail/browser-cli/{WEBSTORE_EXTENSION_ID}"
|
||||
FIREFOX_ADDON_URL = "https://addons.mozilla.org/firefox/addon/browser-cli/"
|
||||
|
||||
PROTOCOL_MIN_CLIENT = "0.9.0"
|
||||
MAX_MSG_BYTES = 32 * 1024 * 1024
|
||||
DEFAULT_REMOTE_PORT = 443
|
||||
DEFAULT_PAGE_SIZE = 100
|
||||
# Count cap requested per page. The extension fills each page up to this many
|
||||
# items OR a byte budget (whichever comes first), so large items (e.g. data-URI
|
||||
# favicons) stay under the 1MB native-messaging limit while small items pack
|
||||
# into far fewer roundtrips.
|
||||
DEFAULT_PAGE_SIZE = 1000
|
||||
# Hard upper bound on total items collected across all pages, and the loop-guard
|
||||
# page count. Kept independent of page size so byte-budgeted small pages don't
|
||||
# falsely trip the guard.
|
||||
MAX_PAGED_ITEMS = 10_000
|
||||
DEFAULT_TRANSPORT_THRESHOLD = 512
|
||||
# How long a remote serve connection stays open waiting for the next command on
|
||||
# an established encrypted session before closing. Lets the client reuse one
|
||||
# authenticated connection for multiple commands instead of re-handshaking.
|
||||
REMOTE_SESSION_IDLE_TIMEOUT = 30
|
||||
|
||||
NO_ROUTE_COMMANDS = {"browser-cli.targets", "browser-cli.auth.keys", "browser-cli.auth.trust"}
|
||||
GENTLE_MODES = ["auto", "normal", "gentle", "ultra"]
|
||||
|
||||
Reference in New Issue
Block a user