fix(browser): honor cdpUrl for user default profile

[HemantSudarshan]

Fixes #48042

Problem summary

browser.cdpUrl was ignored when browser.defaultProfile selected an existing-session profile such as the built-in user profile. Chrome MCP then launched through its default auto-connect path and could still look for DevToolsActivePort instead of using the configured endpoint.

Root cause

resolveBrowserConfig only carried the legacy top-level browser.cdpUrl into the managed openclaw profile. resolveProfile handles existing-session profiles from their profile-local cdpUrl, so an explicit defaultProfile: "user" left the selected profile with an empty endpoint.

Architectural reasoning

The fix stays inside browser profile resolution, where the legacy single-profile config is normalized. When the selected default profile is existing-session and has no explicit endpoint, the resolver now applies the normalized top-level browser.cdpUrl to that profile. Explicit per-profile cdpUrl still wins. Chrome MCP session creation, caching, cleanup, gateway routes, and action behavior are unchanged; the existing Chrome MCP argument builder already converts HTTP endpoints to --browserUrl and websocket endpoints to --wsEndpoint without combining them with userDataDir.

Testing performed

• pnpm test extensions/browser/src/browser/config.test.ts
• pnpm test extensions/browser/src/browser/chrome-mcp.test.ts
• pnpm exec oxfmt --check --threads=1 extensions/browser/src/browser/config.ts extensions/browser/src/browser/config.test.ts
• pnpm lint:extensions
• pnpm tsgo:extensions from temporary P:\ mapping because the local checkout path contains a space and the direct Windows command split C:\Projects\Personal Project.
• pnpm tsgo:extensions:test from temporary P:\ mapping for the same path reason.
• git diff --check
• pnpm check:changed exited 0 in this checkout, but printed no lane details.
• pnpm test extensions/browser was attempted. It failed on existing local Windows environment assumptions outside this patch: unsupported local browser discovery in chrome.internal.test.ts, LaunchServices default-browser expectations, and POSIX /tmp path expectations resolving as C:\tmp.

Real behavior proof

• Behavior or issue addressed: browser.defaultProfile: "user" plus top-level browser.cdpUrl now resolves to an existing-session profile with that endpoint, so Chrome MCP receives endpoint flags instead of --autoConnect.
• Real environment tested: local Windows checkout, pnpm 10.33.2, Node v22.15.0. The repo warns it wants Node >=22.16.0, but targeted tests, lint, and typechecks completed as listed above.
• Exact steps or command run after this patch:

pnpm exec tsx -e "import { resolveBrowserConfig, resolveProfile } from './extensions/browser/src/browser/config.ts'; import { buildChromeMcpArgs } from './extensions/browser/src/browser/chrome-mcp.ts'; const resolved = resolveBrowserConfig({ defaultProfile: 'user', cdpUrl: 'http://127.0.0.1:9222/' } as any); const profile = resolveProfile(resolved, resolved.defaultProfile); if (!profile) throw new Error('profile missing'); const args = buildChromeMcpArgs(profile); console.log(JSON.stringify({ defaultProfile: resolved.defaultProfile, driver: profile.driver, cdpUrl: profile.cdpUrl, args }, null, 2)); if (!args.includes('--browserUrl') || args.includes('--autoConnect') || args.includes('--userDataDir')) throw new Error('Chrome MCP args did not use configured cdpUrl cleanly');"

• Evidence after fix:

{
  "defaultProfile": "user",
  "driver": "existing-session",
  "cdpUrl": "http://127.0.0.1:9222",
  "args": [
    "-y",
    "chrome-devtools-mcp@latest",
    "--browserUrl",
    "http://127.0.0.1:9222",
    "--experimentalStructuredContent",
    "--experimental-page-id-routing"
  ]
}

• Observed result after fix: the selected user existing-session profile carries http://127.0.0.1:9222, and Chrome MCP launch args contain --browserUrl with no --autoConnect or --userDataDir fallback.
• What was not tested: live attachment to a real Chrome v145 instance on port 9222 was not run in this environment.

Risk analysis

Risk is low to medium. The change is limited to config normalization and only affects an existing-session default profile with a top-level browser.cdpUrl and no profile-local endpoint. It does not modify session caching, concurrency, gateway protocol, route behavior, cleanup logic, or managed browser launch semantics. The main compatibility risk is users who accidentally had both defaultProfile: "user" and browser.cdpUrl; that config now follows the documented endpoint instead of silently ignoring it.

Backward compatibility

Existing defaults are preserved: the built-in user profile still has no endpoint unless selected as the default with a top-level browser.cdpUrl, and explicit browser.profiles.<name>.cdpUrl continues to take precedence. No public API shape, config schema, gateway payload, or protocol version changes are introduced.

[clawsweeper]

Codex review: needs maintainer review before merge. Reviewed June 10, 2026, 11:02 AM ET / 15:02 UTC.

Summary
The PR applies normalized top-level browser.cdpUrl to the selected existing-session default profile when it has no profile-local endpoint, adds precedence tests, and updates endpoint help/type descriptions.

PR surface: Source +30, Tests +33. Total +63 across 4 files.

Reproducibility: yes. Current-main source provides a high-confidence path: top-level browser.cdpUrl is assigned to the managed profile, while the selected built-in user existing-session profile remains endpoint-free and therefore uses Chrome MCP auto-connect.

Review metrics: 1 noteworthy metric.

• Config/default behavior: 1 existing setting newly honored in 1 selected-profile case. The patch changes how an existing top-level endpoint is normalized when the default is an existing-session profile, without adding a new config key or default.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🐚 platinum hermit
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• none.

Next step before merge

• The patch has no actionable repair finding and should proceed through normal maintainer review and landing rather than a ClawSweeper fix lane.

Security
Cleared: The diff adds no dependency, permission, secret-access, or code-execution source, and inherited endpoints use current main’s credential-redacted diagnostic and status paths.

Review details

Best possible solution:

Land the narrow resolver normalization on current main, keeping explicit per-profile cdpUrl authoritative and relying on the merged existing-session endpoint and redaction paths for runtime behavior.

Do we have a high-confidence way to reproduce the issue?

Yes. Current-main source provides a high-confidence path: top-level browser.cdpUrl is assigned to the managed profile, while the selected built-in user existing-session profile remains endpoint-free and therefore uses Chrome MCP auto-connect.

Is this the best way to solve the issue?

Yes. Browser config resolution is the narrow normalization owner, and this implementation reuses the canonical profile-local endpoint runtime added by #91736 instead of adding another connection path.

AGENTS.md: found and applied where relevant.

Codex review notes: reasoning high; reviewed against ade5ac03506e.

Label changes

Label changes:

• add P2: The PR fixes a bounded browser configuration bug that causes an explicitly configured endpoint to be ignored and selects the wrong Chrome MCP connection path.
• add proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes after-fix local live output showing the selected user profile carries the normalized endpoint and Chrome MCP receives --browserUrl without --autoConnect or --userDataDir.
• add rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🐚 platinum hermit and patch quality is 🐚 platinum hermit.
• add status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (live_output): The PR body includes after-fix local live output showing the selected user profile carries the normalized endpoint and Chrome MCP receives --browserUrl without --autoConnect or --userDataDir.

Label justifications:

• P2: The PR fixes a bounded browser configuration bug that causes an explicitly configured endpoint to be ignored and selects the wrong Chrome MCP connection path.
• rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🐚 platinum hermit and patch quality is 🐚 platinum hermit.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (live_output): The PR body includes after-fix local live output showing the selected user profile carries the normalized endpoint and Chrome MCP receives --browserUrl without --autoConnect or --userDataDir.
• proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes after-fix local live output showing the selected user profile carries the normalized endpoint and Chrome MCP receives --browserUrl without --autoConnect or --userDataDir.

Evidence reviewed

PR surface:

Source +30, Tests +33. Total +63 across 4 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	3	33	3	+30
Tests	1	33	0	+33
Docs	0	0	0	0
Config	0	0	0	0
Generated	0	0	0	0
Other	0	0	0	0
Total	4	66	3	+63

What I checked:

• Current-main reproduction: Current resolveBrowserConfig only passes the legacy endpoint into ensureDefaultProfile, which creates or updates the managed openclaw profile; ensureDefaultUserBrowserProfile creates user without cdpUrl, and no later normalization copies the top-level endpoint to the selected existing-session default. (extensions/browser/src/browser/config.ts:315, ade5ac03506e)
• Exact refreshed patch: The PR head adds one resolver helper that fills only a selected existing-session profile with no explicit cdpUrl, then adds tests for inheritance and profile-local precedence. (extensions/browser/src/browser/config.ts:345, 6026eb8ad14a)
• Merged sibling implementation: The related merged change supports profile-local existing-session endpoints in Chrome MCP, improves connection diagnostics, and redacts endpoint credentials, but its diff does not modify resolveBrowserConfig; this PR remains the missing legacy-config bridge. (extensions/browser/src/browser/chrome-mcp.ts:270, ac21e89c13e4)
• Redaction coverage: Current main redacts resolved profile endpoints in browser status and formats endpoint diagnostics through CDP URL redaction, so an inherited endpoint follows the same credential-safe output paths as an explicit profile endpoint. (extensions/browser/src/browser/server-context.ts:236, ade5ac03506e)
• Current-main provenance: Blame ties the current profile construction and legacy endpoint normalization block to the recent browser config refactor on main, while the endpoint runtime was subsequently completed by the merged related PR. (extensions/browser/src/browser/config.ts:417, 7b7e8f6e88e7)
• Release status: The PR head is not contained by current main or any release tag, while the latest release predates both the refreshed head and the merged downstream endpoint commit; the requested top-level normalization is therefore not shipped or implemented on main. (6026eb8ad14a)

Likely related people:

• lifuyue: Authored the merged existing-session endpoint routing, diagnostics, CLI/status, and redaction implementation that this normalization patch builds upon. (role: recent feature contributor; confidence: high; commits: ac21e89c13e4; files: extensions/browser/src/browser/chrome-mcp.ts, extensions/browser/src/browser/server-context.ts, extensions/browser/src/browser/profiles-service.ts)
• Vincent Koc: The current browser config construction and legacy endpoint normalization block trace through the recent config refactor commit, making this a useful routing candidate for resolver behavior. (role: recent area contributor; confidence: medium; commits: 7b7e8f6e88e7; files: extensions/browser/src/browser/config.ts)
• sallyom: Refreshed the PR head onto the current browser implementation and requested review after the related endpoint support merged. (role: recent integrator; confidence: medium; commits: 6026eb8ad14a; files: extensions/browser/src/browser/config.ts, extensions/browser/src/browser/config.test.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[RomneyDa]

Heads up: this PR needs to be updated against current main before the new required Dependency Guard check can pass.

[Copilot]

Pull request overview

Fixes a configuration-resolution bug where top-level browser.cdpUrl was not honored when browser.defaultProfile selected an existing-session profile (notably the built-in user profile), causing Chrome MCP to fall back to --autoConnect behavior instead of using the configured DevTools endpoint.

Changes:

• Apply the normalized top-level browser.cdpUrl to the selected default profile when that profile is existing-session and has no explicit per-profile cdpUrl.
• Update config/help text to describe per-profile cdpUrl as a general CDP/DevTools endpoint (remote CDP or existing-session attach).
• Add regression tests covering default-profile inheritance and precedence of explicit per-profile cdpUrl.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File	Description
src/config/types.browser.ts	Clarifies cdpUrl documentation for browser profiles.
src/config/schema.help.ts	Updates help text for per-profile cdpUrl to reflect existing-session attach semantics.
extensions/browser/src/browser/config.ts	Fixes profile resolution to propagate legacy/top-level cdpUrl into an existing-session default profile when needed.
extensions/browser/src/browser/config.test.ts	Adds tests validating the new default-profile cdpUrl inheritance and precedence rules.

[sallyom]

updated

[sallyom]

Rebased this on current main after #91736 landed, resolved the overlap, and addressed the review finding by updating the top-level browser.cdpUrl help text to match the accepted CDP/DevTools endpoint forms.

The fix still targets #48042’s reported path: top-level browser.cdpUrl with defaultProfile: "user" now resolves into the selected existing-session profile, while explicit per-profile cdpUrl continues to take precedence. Targeted tests, formatting, diff check, and autoreview are clean. I’m comfortable merging this.