fix(browser): default to openclaw profile when unspecified

[liuxiaopai-ai]

Summary

Describe the problem and fix in 2–5 bullets:

• Problem: When browser.defaultProfile is not explicitly configured, browser routing defaulted to chrome (extension relay), causing desktop users without the relay extension to hit long relay timeouts.
• Why it matters: Fresh installs should work out-of-the-box with managed standalone browser mode instead of requiring extension relay setup.
• What changed: Default profile constant now resolves to openclaw when no explicit default is set.
• What changed: Browser config fallback logic and regression tests now assert default routing uses openclaw, while preserving explicit defaultProfile: "chrome" behavior.
• What did NOT change (scope boundary): No changes to relay profile auto-provisioning itself; chrome profile is still available for explicit opt-in.

Change Type (select all)

• Bug fix
• Feature
• Refactor
• Docs
• Security hardening
• Chore/infra

Scope (select all touched areas)

• Gateway / orchestration
• Skills / tool execution
• Auth / tokens
• Memory / storage
• Integrations
• API / contracts
• UI / DX
• CI/CD / infra

Linked Issue/PR

• Closes [Bug]: Default browser profile should prefer "openclaw" (standalone CDP) over "chrome" (extension relay) on desktop GUI environments #31907

User-visible / Behavior Changes

• Browser actions that omit profile now default to managed standalone profile (openclaw) unless users explicitly set browser.defaultProfile to another profile (including chrome).

Security Impact (required)

• New permissions/capabilities? (No)
• Secrets/tokens handling changed? (No)
• New/changed network calls? (No)
• Command/tool execution surface changed? (No)
• Data access scope changed? (No)
• If any Yes, explain risk + mitigation:

Repro + Verification

Environment

• OS: macOS/Linux (unit tests)
• Runtime/container: Node 22 + pnpm
• Model/provider: N/A
• Integration/channel (if any): browser tool config/profile selection
• Relevant config (redacted): browser.defaultProfile unset

Steps

1. Resolve browser config with no explicit browser.defaultProfile.
2. Inspect resolved default profile.
3. Run browser config/profile service tests.

Expected

• Default profile resolves to openclaw when unset.
• Explicit defaultProfile: "chrome" remains respected.

Actual

• Verified with updated tests and local run outputs.

Evidence

Attach at least one:

• Failing test/log before + passing after
• Trace/log snippets
• Screenshot/recording
• Perf numbers (if relevant)

Human Verification (required)

What you personally verified (not just CI), and how:

• Verified scenarios:
  • pnpm exec vitest run src/browser/config.test.ts src/browser/profiles-service.test.ts
  • pnpm lint
  • pnpm tsgo
• Edge cases checked:
  • chrome relay profile still exists in resolved profiles
  • explicit defaultProfile: "chrome" still overrides default
• What you did not verify:
  • Live end-to-end browser tool session against an actual extension relay instance

Compatibility / Migration

• Backward compatible? (Mostly)
• Config/env changes? (No)
• Migration needed? (No)
• If yes, exact upgrade steps:

Failure Recovery (if this breaks)

• How to disable/revert this change quickly:
  • Set browser.defaultProfile: "chrome" in config, or revert this PR commit.
• Files/config to restore:
  • src/browser/constants.ts
  • src/browser/config.ts
  • src/browser/config.test.ts
• Known bad symptoms reviewers should watch for:
  • Unexpected profile selection changes when users rely on implicit defaults.

Risks and Mitigations

List only real risks for this PR. Add/remove entries as needed. If none, write None.

• Risk: Users who implicitly relied on chrome relay as default without setting browser.defaultProfile will now route to openclaw.
  • Mitigation: Explicit browser.defaultProfile: "chrome" remains supported and is now the intended opt-in path for relay-first setups.

[aisle-research-bot]

🔒 Aisle Security Analysis

We found 1 potential security issue(s) in this PR:

#	Severity	Title
1	🟡 Medium	Default profile now uses unauthenticated Chrome DevTools Protocol (CDP) endpoint (local privilege boundary bypass)

---

1. 🟡 Default profile now uses unauthenticated Chrome DevTools Protocol (CDP) endpoint (local privilege boundary bypass)

Property	Value
Severity	Medium
CWE	CWE-306
Location	src/browser/config.ts:264-273

Description

The default browser profile selection was changed to prefer the openclaw managed profile. That profile launches a local Chrome instance exposing a raw CDP TCP port (Chrome DevTools Protocol), which provides full browser control.

While the control server itself binds to loopback and has auth middleware, the Chrome CDP endpoint is not authenticated (Chrome’s remote debugging port has no built-in auth). With openclaw now being the default, deployments that previously used the token-gated chrome extension relay by default will now commonly have an unauthenticated CDP port available on localhost, allowing any local process/user with network access to 127.0.0.1:<cdpPort> to:

• Control the browser (navigate, read DOM, take screenshots, etc.)
• Potentially exfiltrate sensitive data from active sessions
• Bypass OpenClaw’s higher-level auth controls by talking directly to CDP

Changed default selection (now prefers openclaw):

const defaultProfile = defaultProfileFromConfig ??
  (profiles[DEFAULT_BROWSER_DEFAULT_PROFILE_NAME]
    ? DEFAULT_BROWSER_DEFAULT_PROFILE_NAME
    : profiles[DEFAULT_OPENCLAW_BROWSER_PROFILE_NAME]
      ? DEFAULT_OPENCLAW_BROWSER_PROFILE_NAME
      : "chrome");

CDP is exposed via a listening port when launching Chrome:

const args: string[] = [
  `--remote-debugging-port=${profile.cdpPort}`,
  ​// ...
];

Notes on exposure:

• By default, the code constructs local CDP URLs using 127.0.0.1 and refuses to launch Chrome for non-loopback profiles, so this is not a remote bind-by-default issue.
• The risk is still meaningful in multi-tenant/shared-host environments or anywhere loopback is reachable by less-trusted local processes (including other containers sharing the network namespace).

Recommendation

Mitigate by ensuring the default path does not expose an unauthenticated CDP port, or by hardening how CDP is exposed:

1. Safer defaults / explicit opt-in

• Consider keeping chrome (extension relay with token gating) as default, or require browser.defaultProfile: "openclaw" explicit opt-in in server/multi-tenant modes.

2. Bind defensively (explicit loopback)

• When launching Chrome, explicitly bind remote debugging to loopback (defense-in-depth):

const args = [
  `--remote-debugging-port=${profile.cdpPort}`,
  "--remote-debugging-address=127.0.0.1",
  ​// ...
];

3. Avoid a TCP listener altogether (best)

• Prefer --remote-debugging-pipe (where feasible) and route CDP through the authenticated control server instead of a raw port.

4. Warn/fail on non-loopback CDP endpoints unless explicitly allowed

• If browser.cdpUrl / profile cdpUrl is set to a non-loopback host, require an explicit dangerouslyAllowRemoteCdp: true and log a prominent warning.

---

Analyzed PR: #32031 at commit 4536357

_{Last updated on: 2026-03-02T19:10:17Z}

[greptile-apps]

Greptile Summary

This PR successfully changes the default browser profile from chrome (extension relay) to openclaw (managed standalone CDP) to improve out-of-the-box experience for users without the Chrome extension. The implementation is correct:

• Updated constant DEFAULT_BROWSER_DEFAULT_PROFILE_NAME from "chrome" to "openclaw" in constants.ts
• Simplified profile resolution logic in config.ts by removing the headless/noSandbox conditional preference
• Comprehensive test updates verify the new default behavior while ensuring explicit defaultProfile: "chrome" configs still work
• CHANGELOG entry accurately documents the behavior change

Documentation gap: Multiple documentation files (docs/tools/browser.md lines 52 and 100, docs/tools/index.md line 319, and Chinese translations) still state that chrome is the default profile. These should be updated to reflect that openclaw is now the default, and users who want the extension relay should explicitly set defaultProfile: "chrome".

Minor code quality note: The default profile resolution logic (lines 269-273 in config.ts) now checks for the same profile name twice since both constants point to "openclaw", though this doesn't affect functionality.

Confidence Score: 4/5

• This PR is safe to merge with one documentation update needed
• The code changes are straightforward and well-tested. The logic correctly implements the intended behavior of defaulting to openclaw profile. Tests comprehensively cover the default behavior and explicit overrides. The only concern is outdated documentation that should be updated in a follow-up to prevent user confusion.
• Documentation files not included in this PR (docs/tools/browser.md, docs/tools/index.md, and translations) should be updated to reflect the new default profile behavior

_{Last reviewed commit: a9a44ab}

[steipete]

Landed via temp rebase onto main.

• Gate: bunx vitest run src/browser/config.test.ts src/browser/profiles-service.test.ts
• Land commit: 4536357
• Merge commit: 1727279

Thanks @liuxiaopai-ai!