Conversation
|
Firetiger deploy monitoring skipped This PR didn't match the auto-monitor filter configured on your GitHub connection:
Reason: PR adds browser-scoped session client functionality but does not appear to modify API endpoints (packages/api/cmd/api/) or Temporal workflows (packages/api/lib/temporal) as specified in the filter. To monitor this PR anyway, reply with |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
Bind browser subresource calls to a browser session's base_url and expose raw HTTP through request and stream helpers so metro-routed access feels like normal httpx usage. Made-with: Cursor
Prevent browser-scoped raw HTTP helpers from letting user params override internal routing query keys, and clean up wording around browser session base_url routing. Made-with: Cursor
Keep the browser-scoped request helpers aligned with repo linting and reserve internal raw-request query keys without exposing implementation details. Made-with: Cursor
Keep the browser-scoped test file aligned with the repo lint configuration so the follow-up typing fixes pass CI. Made-with: Cursor
Tighten browser-scoped helper typing and test casts so the Python SDK passes the repository's lint and pyright checks cleanly. Made-with: Cursor
Replace the handwritten Python browser-scoped façade with deterministic generated bindings from the browser resource graph, and enforce regeneration during lint. Made-with: Cursor
Keep the browser-scoped Python generator compatible with the repo lint pipeline by suppressing strict pyright diagnostics that are not meaningful for the AST-walking build script. Made-with: Cursor
Keep the Python generator and generated browser-scoped façade aligned with pyright and mypy so the deterministic regeneration path passes the repo lint pipeline. Made-with: Cursor
Sort the generator script imports and keep the deterministic browser-scoped generation path aligned with the repo lint pipeline. Made-with: Cursor
rgarcia
force-pushed
the
raf/browser-scoped-client
branch
from
8f1d506 to
a80716b
Compare
Turn the browser-scoped Python example into a runnable demonstration of both process execution and /curl/raw-backed request and stream usage. Made-with: Cursor
Move browser raw HTTP and direct-to-VM routing onto the main browsers resource so the SDK uses the shared browser route cache instead of a generated wrapper layer. Made-with: Cursor
Remove the public cache priming helpers, keep jwt-required routes, and rename the example and tests so the python browser routing diff stays focused on cache-backed direct-to-VM behavior. Made-with: Cursor
rgarcia
changed the title
Shorten the browser_routing allowlist field to subresources so the direct-to-VM configuration stays concise while keeping the same routing behavior. Made-with: Cursor
Move the handwritten routing helpers out of the old browser_scoped package, delete the unused browser session clone helper, warm the async browser list cache, and drop the generated type churn from the branch. Made-with: Cursor
Preserve browser routing settings across copy(), skip cache warming for raw response wrappers, and clean up the handwritten routing files so lint can pass on the current branch. Made-with: Cursor
Make the browser routing helpers type-check cleanly in CI, keep copy() signatures aligned with __init__, and avoid cache-warming errors on raw response wrappers. Made-with: Cursor
Encode string request bodies before building raw /curl/raw request options so the browser routing helpers satisfy CI type checks while preserving the public request API. Made-with: Cursor
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is ON. A cloud agent has been kicked off to fix the reported issue. You can view the agent here.
Reviewed by Cursor Bugbot for commit 3ce80e7. Configure here.
| session_id=route.session_id.strip(), | ||
| base_url=route.base_url.strip().rstrip("/") + "/", | ||
| jwt=route.jwt.strip(), | ||
| ) |
There was a problem hiding this comment.
Cache stores route under unnormalized session ID key
Low Severity
BrowserRouteCache.set() uses the original route.session_id as the dictionary key but stores a BrowserRoute whose session_id is route.session_id.strip(). If the incoming session ID has any whitespace, subsequent cache.get() calls with the stripped ID won't find the entry, and cache.delete() with the stripped ID also won't remove it. The key and the stored value's session_id are inconsistent.
Reviewed by Cursor Bugbot for commit 3ce80e7. Configure here.
1 participant
Summary
browser_route_cacheplus direct-to-VM request rewritingsubresourcesso configuration reads more naturallyTest plan
.venv/bin/pytest tests/test_browser_routing.py -o addopts=Note
Medium Risk
Introduces request URL rewriting and automatic
Authorizationstripping for allowlisted browser subresources, which could misroute calls or change auth behavior if the cache/config is incorrect. Adds new raw HTTP request/stream helpers that rely on cached JWTs and parameter sanitization.Overview
Adds cache-backed direct-to-VM browser routing:
Kernel/AsyncKernelnow acceptbrowser_routingand maintain a sharedbrowser_route_cache, rewriting matching/browsers/{session}/{subresource}/...calls to the browser VM base URL and injectingjwtwhile removingAuthorizationon direct-to-VM requests.Extends
browserswithrequest()/stream()(sync + async) for raw HTTP via/curl/raw, sanitizing user query params sourl/jwtcannot be overridden, and auto-populates the route cache frombrowsers.create/retrieve/update/list. Includes a newexamples/browser_routing.pyand focused tests covering routing allowlists, auth stripping,/curl/rawbehavior, and cache requirements.Reviewed by Cursor Bugbot for commit 3ce80e7. Bugbot is set up for automated code reviews on this repo. Configure here.