Support existing-session browser CDP endpoints

[lifuyue]

Summary

• Allow driver: "existing-session" browser profiles to use cdpUrl as a Chrome DevTools MCP endpoint.
• Preserve auto-connect behavior for userDataDir-only profiles, while endpoint profiles use Chrome MCP --browserUrl / --wsEndpoint and surface the endpoint in status/CLI output.
• Improve Chrome MCP connection diagnostics for endpoint failures and DevToolsActivePort auto-connect failures.
• Update browser docs and CLI docs to document the existing-session endpoint path.

Fixes #56118.

Verification

• PATH=/root/openclaw-repro-56118/node-v24.15.0-linux-x64/bin:$PATH NODE_OPTIONS="--max-old-space-size=768" node scripts/run-vitest.mjs extensions/browser/src/browser/profiles-service.test.ts extensions/browser/src/browser/server-context.existing-session.test.ts extensions/browser/src/browser/chrome-mcp.test.ts extensions/browser/src/cli/browser-cli-manage.test.ts
  • Result: 4 files passed, 87 tests passed.
• PATH=/root/openclaw-repro-56118/node-v24.15.0-linux-x64/bin:$PATH node_modules/.bin/oxlint --threads=1 extensions/browser/src/browser/chrome-mcp.ts extensions/browser/src/browser/chrome-mcp.test.ts extensions/browser/src/browser/config-mutations.ts extensions/browser/src/browser/profiles-service.ts extensions/browser/src/browser/profiles-service.test.ts extensions/browser/src/browser/server-context.ts extensions/browser/src/browser/server-context.existing-session.test.ts extensions/browser/src/browser/routes/basic.ts extensions/browser/src/cli/browser-cli-manage.ts extensions/browser/src/cli/browser-cli-manage.test.ts
  • Result: 0 warnings, 0 errors.
• git diff --check
  • Result: passed.
• pnpm docs:list
  • Result: exited 0 after listing docs; local ignored design spec was not committed.

Real behavior proof

Behavior addressed: existing-session browser profiles can attach through a configured DevTools endpoint instead of failing in Chrome MCP auto-connect when DevToolsActivePort is missing.

Real environment tested: remote Ubuntu host under /root/openclaw-repro-56118, Chrome for Testing 149.0.7827.55 running headless with --remote-debugging-port=9222 and user data dir /root/openclaw-repro-56118/chrome-profile.

Exact steps or command run after this patch: used the node browser proxy entrypoint against an isolated OPENCLAW_CONFIG_PATH=/root/openclaw-repro-56118/state-verify/openclaw.json containing:

{
  "browser": {
    "profiles": {
      "chrome-port": {
        "driver": "existing-session",
        "attachOnly": true,
        "cdpUrl": "http://127.0.0.1:9222",
        "color": "#00AA00"
      }
    },
    "defaultProfile": "chrome-port"
  }
}

Evidence after fix: Copied terminal output from the remote OpenClaw checkout after this patch, using the isolated OPENCLAW_CONFIG_PATH=/root/openclaw-repro-56118/state-verify/openclaw.json profile that points chrome-port at http://127.0.0.1:9222:

[browser/server] Browser control listening on http://127.0.0.1:18791/ (auth=token)
server http://127.0.0.1:18791
cdp Chrome/149.0.7827.55 ws-ok
profiles_status 200
profiles [{"name":"chrome-port","transport":"chrome-mcp","driver":"existing-session","cdpUrl":"http://127.0.0.1:9222"},{"name":"openclaw","transport":"cdp","driver":"openclaw","cdpUrl":"http://127.0.0.1:18800"},{"name":"user","transport":"chrome-mcp","driver":"existing-session","cdpUrl":null}]
tabs_status 200
tabs {"running":true,"firstUrl":"about:blank"}

Observed result after fix: the same browser that reproduced #56118 attaches successfully when represented as existing-session + cdpUrl.

What was not tested: full Gateway source startup on the 1.6 GiB repro machine, because earlier source startup/build attempts exhausted resources. The verification uses the same browser proxy/node-host path that exercises the Chrome MCP adapter behind the Gateway route.

[clawsweeper]

Codex review: needs maintainer review before merge. Reviewed June 9, 2026, 11:48 PM ET / 03:48 UTC.

Summary
The PR allows existing-session browser profiles to use cdpUrl endpoint attachment, reports the endpoint in status/profile output, improves Chrome MCP endpoint diagnostics, and updates browser docs and focused tests.

PR surface: Source +47, Tests +189, Docs +14. Total +250 across 13 files.

Reproducibility: yes. from source inspection: current main rejects createProfile({ driver: "existing-session", cdpUrl }) before writing config, while the lower-level Chrome MCP adapter already knows how to use that endpoint. I did not run the current-main failure path locally because the review is read-only.

Review metrics: 1 noteworthy metric.

• Existing-session endpoint config path: 1 validation path relaxed. The PR makes an existing cdpUrl config field accepted for driver: "existing-session" profile creation, so maintainers should notice the endpoint/security-sensitive surface even though it reuses existing validation.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🦞 diamond lobster
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• [P2] Let required CI or a maintainer smoke cover full Gateway startup if maintainers want proof beyond the browser proxy/node-host route.

Risk before merge

• [P1] The supplied real proof exercises the browser proxy/node-host path and Chrome MCP adapter, but not full Gateway source startup on the constrained repro host.
• [P1] The separate top-level browser.cdpUrl plus defaultProfile: "user" normalization path remains owned by fix(browser): honor cdpUrl for user default profile #80143, so this PR should stay scoped to per-profile endpoint creation/status.

Maintainer options:

1. Decide the mitigation before merge
   Land the scoped per-profile existing-session endpoint support after normal CI and maintainer review, while keeping top-level browser.cdpUrl normalization separate.
2. Pause or close
   Do not merge this PR until maintainers decide whether the risk is worth taking.

Next step before merge

• No automated repair is queued; the PR has no concrete review finding for ClawSweeper to fix, so the remaining work is normal maintainer review and CI.

Security
Cleared: No concrete security or supply-chain regression was found; the newly accepted endpoint path reuses existing URL parsing, SSRF endpoint validation, and redacted output tests.

Review details

Best possible solution:

Land the scoped per-profile existing-session endpoint support after normal CI and maintainer review, while keeping top-level browser.cdpUrl normalization separate.

Do we have a high-confidence way to reproduce the issue?

Yes, from source inspection: current main rejects createProfile({ driver: "existing-session", cdpUrl }) before writing config, while the lower-level Chrome MCP adapter already knows how to use that endpoint. I did not run the current-main failure path locally because the review is read-only.

Is this the best way to solve the issue?

Yes, this is the best scoped fix for this PR: it changes the profile service, status output, diagnostics, and docs while reusing the existing resolver and Chrome MCP argument builder. Folding the separate top-level default-profile normalization issue into this branch would broaden it unnecessarily.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against bf89552e6783.

Label changes

Label changes:

• add proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes after-fix terminal output from a real remote Ubuntu setup showing endpoint attach, profile status, and tab listing through the browser proxy/node-host path.

Label justifications:

• P2: This is a normal-priority browser/profile bug fix with limited blast radius and targeted proof, not an emergency or broad regression.
• rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🦞 diamond lobster and patch quality is 🐚 platinum hermit.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (terminal): The PR body includes after-fix terminal output from a real remote Ubuntu setup showing endpoint attach, profile status, and tab listing through the browser proxy/node-host path.
• proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes after-fix terminal output from a real remote Ubuntu setup showing endpoint attach, profile status, and tab listing through the browser proxy/node-host path.

Evidence reviewed

PR surface:

Source +47, Tests +189, Docs +14. Total +250 across 13 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	6	61	14	+47
Tests	4	193	4	+189
Docs	3	19	5	+14
Config	0	0	0	0
Generated	0	0	0	0
Other	0	0	0	0
Total	13	273	23	+250

What I checked:

• Repository policy read: Root AGENTS.md plus the scoped extensions and docs guides were read fully; the relevant policy is to inspect owner boundaries, config compatibility, docs, tests, and dependency contracts for browser/plugin changes. (AGENTS.md:10, bf89552e6783)
• Current main still rejects the requested create-profile path: On current main, createBrowserProfilesService throws when driver is existing-session and cdpUrl is provided, so the PR is not already implemented by current main. (extensions/browser/src/browser/profiles-service.ts:104, bf89552e6783)
• Current main already has the lower-level Chrome MCP endpoint transport: The Chrome MCP argument builder already maps an existing-session cdpUrl to --browserUrl or --wsEndpoint, which makes the PR's service/status changes the right narrow surface rather than a duplicate transport implementation. (extensions/browser/src/browser/chrome-mcp.ts:336, bf89552e6783)
• PR removes the service-level rejection while preserving endpoint validation: The PR head parses and validates cdpUrl for created profiles without special-casing existing-session rejection, then returns the resolved endpoint instead of hiding it for Chrome MCP profiles. (extensions/browser/src/browser/profiles-service.ts:103, d27f0276bcc8)
• PR keeps strict SSRF validation for newly accepted endpoint profiles: The added test accepts loopback existing-session cdpUrl creation and rejects a private-network endpoint when strict SSRF mode is enabled, which covers the main security-sensitive validation change. (extensions/browser/src/browser/profiles-service.test.ts:278, d27f0276bcc8)
• Endpoint status output is covered with redaction assertions: The PR adds CLI status coverage showing an existing-session endpoint while asserting credentials and long token values are not printed. (extensions/browser/src/cli/browser-cli-manage.test.ts:98, d27f0276bcc8)

Likely related people:

• vincentkoc: Authored the merged Chrome MCP existing-session launch configuration work that already maps cdpUrl to Chrome MCP endpoint flags and touched the same runtime/config/doc surfaces. (role: feature owner / recent area contributor; confidence: high; commits: ab1d1a5c9eb6, 5181e4f7c82b; files: extensions/browser/src/browser/chrome-mcp.ts, extensions/browser/src/browser/config.ts, src/config/types.browser.ts)
• steipete: Introduced Chrome MCP existing-session support and later moved browser ownership into the bundled browser plugin, making him a strong routing candidate for the broader behavior boundary. (role: original feature owner / adjacent owner; confidence: high; commits: 593964560ba7, 8eeb7f082975; files: extensions/browser/src/browser/chrome-mcp.ts, extensions/browser/src/browser/profiles-service.ts, docs/tools/browser.md)
• Radek Sienkiewicz: Added non-Chrome existing-session userDataDir support across the same Chrome MCP profile, CLI, docs, and doctor surfaces that this PR now combines with endpoint profiles. (role: adjacent owner; confidence: medium; commits: 7deb543624e5; files: extensions/browser/src/browser/chrome-mcp.ts, extensions/browser/src/browser/profiles-service.ts, extensions/browser/src/cli/browser-cli-manage.ts)
• scotthuang: Current-main blame for the involved browser profile service, resolver, Chrome MCP adapter, and status lines points to a recent broad sync commit, though the commit subject is not browser-specific. (role: recent current-main line provenance; confidence: low; commits: 696c1ecd2068; files: extensions/browser/src/browser/profiles-service.ts, extensions/browser/src/browser/chrome-mcp.ts, extensions/browser/src/browser/config.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[sallyom]

Maintainer review: I’m comfortable merging this as the scoped fix for #56118.

Why I’m confident enough to merge:

• The change is additive: existing existing-session profiles without cdpUrl still use Chrome MCP auto-connect, and managed/raw CDP profiles are not rerouted.
• The newly accepted endpoint path reuses the existing CDP URL parsing + SSRF validation instead of adding a bypass.
• Chrome MCP already supports this contract (--browserUrl for HTTP(S), --wsEndpoint for WS(S)); this PR wires the profile/create/status/docs path to that existing transport behavior.
• Status/profile/CLI output redacts endpoint secrets, and the focused tests cover creation, strict SSRF rejection, Chrome MCP args, server profile reporting, diagnostics, and CLI redaction.
• CI and the supplied real behavior proof are green for the intended per-profile endpoint attach path.

I’m intentionally keeping #80143 separate for the overlapping but distinct browser.cdpUrl + defaultProfile: "user" inheritance case.