fix(browser): preserve cdp ssrf policy

eleqtrizit · eleqtrizit · commit 1f8597805430 · 2026-06-09T23:01:30.000Z
diff --git a/extensions/browser/src/browser/pw-tools-core.browser-ssrf-guard.test.ts b/extensions/browser/src/browser/pw-tools-core.browser-ssrf-guard.test.ts
@@ -82,6 +82,40 @@ describe("pw-tools-core browser SSRF guards", () => {
     });
   });
 
+  it("preserves SSRF policy when aborting a pending click", async () => {
+    const ctrl = new AbortController();
+    let clickStarted: () => void = () => {};
+    const clickStartedPromise = new Promise<void>((resolve) => {
+      clickStarted = resolve;
+    });
+    pageState.page = { url: vi.fn(() => "https://example.com") };
+    pageState.locator = {
+      click: vi.fn(() => {
+        clickStarted();
+        return new Promise(() => {});
+      }),
+    };
+
+    const task = interactions.clickViaPlaywright({
+      cdpUrl: "http://127.0.0.1:18792",
+      targetId: "tab-1",
+      ref: "1",
+      ssrfPolicy: { dangerouslyAllowPrivateNetwork: false },
+      signal: ctrl.signal,
+    });
+
+    await clickStartedPromise;
+    ctrl.abort(new Error("aborted by test"));
+
+    await expect(task).rejects.toThrow("aborted by test");
+    expect(sessionMocks.forceDisconnectPlaywrightForTarget).toHaveBeenCalledWith({
+      cdpUrl: "http://127.0.0.1:18792",
+      targetId: "tab-1",
+      ssrfPolicy: { dangerouslyAllowPrivateNetwork: false },
+      reason: "click aborted",
+    });
+  });
+
   it("re-checks select-triggered navigations with the session safety helper", async () => {
     let currentUrl = "https://example.com";
     pageState.page = { url: vi.fn(() => currentUrl) };
diff --git a/extensions/browser/src/browser/pw-tools-core.interactions.evaluate.abort.test.ts b/extensions/browser/src/browser/pw-tools-core.interactions.evaluate.abort.test.ts
@@ -91,14 +91,20 @@ describe("evaluateViaPlaywright (abort)", () => {
       cdpUrl: "http://127.0.0.1:9222",
       fn,
       ref,
+      ssrfPolicy: { dangerouslyAllowPrivateNetwork: false },
       signal: ctrl.signal,
     });
 
     await pending.evalCalledPromise;
     ctrl.abort(new Error("aborted by test"));
 
     await expect(p).rejects.toThrow("aborted by test");
-    expect(forceDisconnectPlaywrightForTarget).toHaveBeenCalled();
+    expect(forceDisconnectPlaywrightForTarget).toHaveBeenCalledWith({
+      cdpUrl: "http://127.0.0.1:9222",
+      targetId: undefined,
+      ssrfPolicy: { dangerouslyAllowPrivateNetwork: false },
+      reason: "evaluate aborted",
+    });
   });
 
   it("does not disconnect when evaluate is blocked by an observed dialog", async () => {
diff --git a/extensions/browser/src/browser/pw-tools-core.interactions.ts b/extensions/browser/src/browser/pw-tools-core.interactions.ts
@@ -558,6 +558,7 @@ export async function clickViaPlaywright(opts: {
       void forceDisconnectPlaywrightForTarget({
         cdpUrl: opts.cdpUrl,
         targetId: opts.targetId,
+        ssrfPolicy: opts.ssrfPolicy,
         reason: "click aborted",
       }).catch(() => {});
     };
@@ -1025,6 +1026,7 @@ export async function evaluateViaPlaywright(opts: {
     void forceDisconnectPlaywrightForTarget({
       cdpUrl: opts.cdpUrl,
       targetId: opts.targetId,
+      ssrfPolicy: opts.ssrfPolicy,
       reason: "evaluate aborted",
     }).catch(() => {});
   });
diff --git a/extensions/browser/src/browser/pw-tools-core.snapshot.navigate-guard.test.ts b/extensions/browser/src/browser/pw-tools-core.snapshot.navigate-guard.test.ts
@@ -108,6 +108,7 @@ describe("pw-tools-core.snapshot navigate guard", () => {
     expect(getPwToolsCoreSessionMocks().forceDisconnectPlaywrightForTarget).toHaveBeenCalledWith({
       cdpUrl: "http://127.0.0.1:18792",
       targetId: "tab-1",
+      ssrfPolicy: { allowPrivateNetwork: true },
       reason: "retry navigate after detached frame",
     });
     expect(getPwToolsCoreSessionMocks().gotoPageWithNavigationGuard).toHaveBeenCalledTimes(2);
diff --git a/extensions/browser/src/browser/pw-tools-core.snapshot.ts b/extensions/browser/src/browser/pw-tools-core.snapshot.ts
@@ -435,6 +435,7 @@ export async function navigateViaPlaywright(opts: {
     await forceDisconnectPlaywrightForTarget({
       cdpUrl: opts.cdpUrl,
       targetId: opts.targetId,
+      ssrfPolicy: opts.ssrfPolicy,
       reason: "retry navigate after detached frame",
     }).catch(() => {});
     page = await getPageForTargetId(opts);
