mirror of https://github.com/openclaw/openclaw.git
f59b2b1db3
* feat(browser): add batch actions, CSS selector support, and click delayMs Adds three improvements to the browser act tool: 1. CSS selector support: All element-targeting actions (click, type, hover, drag, scrollIntoView, select) now accept an optional 'selector' parameter alongside 'ref'. When selector is provided, Playwright's page.locator() is used directly, skipping the need for a snapshot to obtain refs. This reduces roundtrips for agents that already know the DOM structure. 2. Click delay (delayMs): The click action now accepts an optional 'delayMs' parameter. When set, the element is hovered first, then after the specified delay, clicked. This enables human-like hover-before-click in a single tool call instead of three (hover + wait + click). 3. Batch actions: New 'batch' action kind that accepts an array of actions to execute sequentially in a single tool call. Supports 'stopOnError' (default true) to control whether execution halts on first failure. Results are returned as an array. This eliminates the AI inference roundtrip between each action, dramatically reducing latency and token cost for multi-step flows. Addresses: #44431, #38844 * fix(browser): address security review — batch evaluateEnabled guard, input validation, recursion limit Fixes all 4 issues raised by Greptile review: 1. Security: batch actions now respect evaluateEnabled flag. executeSingleAction and batchViaPlaywright accept evaluateEnabled param. evaluate and wait-with-fn inside batches are rejected when evaluateEnabled=false, matching the direct route guards. 2. Security: batch input validation. Each action in body.actions is validated as a plain object with a known kind string before dispatch. Applies same normalization as direct action handlers. 3. Perf: SELECTOR_ALLOWED_KINDS moved to module scope as a ReadonlySet<string> constant (was re-created on every request). 4. Security: max batch nesting depth of 5. Nested batch actions track depth and throw if MAX_BATCH_DEPTH exceeded, preventing call stack exhaustion from crafted payloads. * fix(browser): normalize batch act dispatch * fix(browser): tighten existing-session act typing * fix(browser): preserve batch type text * fix(browser): complete batch action execution * test(browser): cover batch route normalization * test(browser): cover batch interaction dispatch * fix(browser): bound batch route action inputs * fix(browser): harden batch interaction limits * test(browser): cover batch security guardrails --------- Co-authored-by: Diwakar <diwakarrankawat@gmail.com> |
||
|---|---|---|
| .. | ||
| acp | ||
| agents | ||
| auto-reply | ||
| browser | ||
| canvas-host | ||
| channels | ||
| cli | ||
| commands | ||
| compat | ||
| config | ||
| context-engine | ||
| cron | ||
| daemon | ||
| discord | ||
| docs | ||
| gateway | ||
| hooks | ||
| i18n | ||
| imessage | ||
| infra | ||
| line | ||
| link-understanding | ||
| logging | ||
| markdown | ||
| media | ||
| media-understanding | ||
| memory | ||
| node-host | ||
| pairing | ||
| plugin-sdk | ||
| plugins | ||
| process | ||
| providers | ||
| routing | ||
| scripts | ||
| secrets | ||
| security | ||
| sessions | ||
| shared | ||
| signal | ||
| slack | ||
| telegram | ||
| terminal | ||
| test-helpers | ||
| test-utils | ||
| tts | ||
| tui | ||
| types | ||
| utils | ||
| web | ||
| wizard | ||
| channel-web.ts | ||
| docker-build-cache.test.ts | ||
| docker-image-digests.test.ts | ||
| docker-setup.e2e.test.ts | ||
| dockerfile.test.ts | ||
| entry.ts | ||
| entry.version-fast-path.test.ts | ||
| extensionAPI.ts | ||
| globals.ts | ||
| index.ts | ||
| install-sh-version.test.ts | ||
| logger.test.ts | ||
| logger.ts | ||
| logging.ts | ||
| param-key.ts | ||
| poll-params.test.ts | ||
| poll-params.ts | ||
| polls.test.ts | ||
| polls.ts | ||
| runtime.ts | ||
| utils.test.ts | ||
| utils.ts | ||
| version.test.ts | ||
| version.ts | ||