惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V2EX - 技术
V2EX - 技术
P
Privacy International News Feed
Security Latest
Security Latest
H
Hacker News: Front Page
T
Tenable Blog
The Hacker News
The Hacker News
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
S
Security @ Cisco Blogs
Project Zero
Project Zero
O
OpenAI News
AI
AI
Spread Privacy
Spread Privacy
C
CERT Recently Published Vulnerability Notes
The Last Watchdog
The Last Watchdog
G
GRAHAM CLULEY
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Scott Helme
Scott Helme
Application and Cybersecurity Blog
Application and Cybersecurity Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
C
CXSECURITY Database RSS Feed - CXSecurity.com
NISL@THU
NISL@THU
A
Arctic Wolf
T
Threat Research - Cisco Blogs
PCI Perspectives
PCI Perspectives
N
News and Events Feed by Topic
C
Cyber Attacks, Cyber Crime and Cyber Security
C
Cybersecurity and Infrastructure Security Agency CISA
Simon Willison's Weblog
Simon Willison's Weblog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Know Your Adversary
Know Your Adversary
Google Online Security Blog
Google Online Security Blog
罗磊的独立博客
L
LINUX DO - 最新话题
U
Unit 42
S
Security Affairs
有赞技术团队
有赞技术团队
WordPress大学
WordPress大学
博客园 - 【当耐特】
T
The Exploit Database - CXSecurity.com
S
Schneier on Security
月光博客
月光博客
Engineering at Meta
Engineering at Meta
腾讯CDC
F
Full Disclosure
Cyberwarzone
Cyberwarzone
S
SegmentFault 最新的问题
Recorded Future
Recorded Future
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
博客园 - 司徒正美
The Cloudflare Blog

Recent Commits to openclaw:main

test: merge chat side-result checks · openclaw/openclaw@ddd2c2a test: merge cron history checks · openclaw/openclaw@f7eb746 test: merge responsive navigation shell checks · openclaw/openclaw@c2e4b47 docs(changelog): add codex oauth fixes · openclaw/openclaw@628e6cd test: merge navigation routing cases · openclaw/openclaw@5d8cecb Tests: mock channel registry bundled fallback · openclaw/openclaw@2b08233 Secrets: avoid broad web search discovery for single plugin config · openclaw/openclaw@a464f59 test: merge config view browser checks · openclaw/openclaw@20cf511 fix(status): align oauth health with runtime · openclaw/openclaw@eed7116 feat: add macOS screen snapshots for monitor preview (#67954) thanks … · openclaw/openclaw@f377db1 fix: report shared auth scopes in hello-ok (#67810) thanks @BunsDev · openclaw/openclaw@0b6c39b Auto-reply: avoid eager bundled route fallback · openclaw/openclaw@3ea1bf4 Tests: narrow session binding contract setup · openclaw/openclaw@54e4e16 fix(macOS): enable undo/redo in webchat composer text input (#34962) · openclaw/openclaw@00951dc Tests: speed up channel setup promotion · openclaw/openclaw@82b529a Docs: refresh agent instructions · openclaw/openclaw@5775fe2 fix(auth): serialize OAuth refresh across agents to fix #26322 (#67876) · openclaw/openclaw@8e79080 test: allow ollama public surface boundary test · openclaw/openclaw@7d4f1a6 Docs: add test performance guardrails · openclaw/openclaw@89706d3 Tests: restore context-engine usage proof · openclaw/openclaw@e4c4f95 Tests: slim context engine runtime coverage · openclaw/openclaw@74c198f ci: retry failed custom checkouts · openclaw/openclaw@0ee5baf test: trim duplicate provider auth onboarding cases · openclaw/openclaw@1ffc02e matrix: fix sessions_spawn --thread subagent session spawning (#67643) · openclaw/openclaw@1ce2596 test: reduce auth choice fixture churn · openclaw/openclaw@857b9cd test: mock health status config boundaries · openclaw/openclaw@9d5ab4a test: mock onboard config io boundary · openclaw/openclaw@299694d test: mock legacy state plugin boundaries · openclaw/openclaw@2713089 test: mock channel install boundaries · openclaw/openclaw@b945248 test: mock doctor preview channel boundaries · openclaw/openclaw@b1a3ad4 test: trim doctor command hotspots · openclaw/openclaw@c66f16a test: isolate agent auth and spawn hotspots · openclaw/openclaw@9285935 test: stabilize MCP startup disposal race · openclaw/openclaw@dd9d2eb test: merge browser contract server suites · openclaw/openclaw@5817a76 test: narrow ollama provider discovery setup · openclaw/openclaw@a0d9598 build: declare qa-lab aimock runtime dependency · openclaw/openclaw@24431e5 test: speed up safe-bins exec harness · openclaw/openclaw@ee856ab test: preserve tool helpers in embedded runner mocks · openclaw/openclaw@acd86a0 refactor: move memory embeddings into provider plugins · openclaw/openclaw@77e6e4c test: reuse system-run temp fixtures · openclaw/openclaw@7e9ff0f test: trim hotspot wait overhead · openclaw/openclaw@12a59b0 Check: avoid duplicate boundary prep · openclaw/openclaw@baf11b8 test: reduce hotspot fixture overhead · openclaw/openclaw@3a59edd feat(ui): overhaul settings and slash command UX (#67819) thanks @Bun… · openclaw/openclaw@2cfb660 QA Matrix: exit cleanly on failure · openclaw/openclaw@42805d2 QA Matrix: isolate scenario coverage · openclaw/openclaw@7e659e1 Matrix: refresh crypto bootstrap state · openclaw/openclaw@94081d8 QA Lab: add provider registry · openclaw/openclaw@bb7e982 Matrix: add plugin changelog · openclaw/openclaw@4acab55 test: trim more hotspot overhead · openclaw/openclaw@f485311 test: trim remaining hotspot tests · openclaw/openclaw@6ba8626 test: narrow hotspot mocks · openclaw/openclaw@dbc8179 test: isolate gemini embedding request helpers · openclaw/openclaw@cd330f5 test: trim memory and mcp hotspots · openclaw/openclaw@fd48dfa test: slim provider registry mocks · openclaw/openclaw@2e08c77 test: harden Parallels update smoke · openclaw/openclaw@1a98090 feat: default Anthropic to Opus 4.7 · openclaw/openclaw@628b454 fix: harden node-host shell payload mutability checks · openclaw/openclaw@75c551e fix: land node-host approval binding for native binaries (#66731) (th… · openclaw/openclaw@29919bb CI: add daily schedule to CodeQL workflow (#67645) · openclaw/openclaw@69d25f5 fix(gateway): capture config hash after plugin auto-enable to prevent… · openclaw/openclaw@8c11210 fix: repair sanitized replay tool results before send (#67620) (thank… · openclaw/openclaw@c3c7a99 fix: restrict HTML timeout short-circuit to transient statuses · openclaw/openclaw@de129a6 fix: keep TUI watchdog bound to active run (#67401) (thanks @xantorres) · openclaw/openclaw@3525273 Gateway/skills: dedupe skills prefix-match + drop dead fallback on log · openclaw/openclaw@d7f489f Extensions/lmstudio: back off inference preload after consecutive fai… · openclaw/openclaw@b555214 TUI/streaming: add watchdog that resets the activity indicator after … · openclaw/openclaw@f44ab20 Agents/tool-loop: enable unknown-tool stream guard by default · openclaw/openclaw@36ed367 Gateway/skills: invalidate session skills snapshot on config write · openclaw/openclaw@b23d59a fix: classify HTML provider error pages correctly (#67642) (thanks @s… · openclaw/openclaw@e588e90 fix(skills): remove unused model-usage import (#67641) · openclaw/openclaw@55f05df docs(changelog): credit codex fix superseded PRs · openclaw/openclaw@e485f24 fix(openai-codex): normalize stale transport metadata in resolution a… · openclaw/openclaw@90801ba CI: pin Docker-related GitHub Actions (#67632) · openclaw/openclaw@f697b01 Android: modernize WebView and discovery API usage (#67627) · openclaw/openclaw@44a6e50 fix(deps): bump hono to 4.12.14 and @hono/node-server to 1.19.14 (GHS… · openclaw/openclaw@fbccc18 fix(deps): bump dompurify to 3.4.0 (#67614) · openclaw/openclaw@2c2dc00 CI: add explicit permissions to all workflow jobs (fixes code-scannin… · openclaw/openclaw@01b7516 fix: register bundled TTS providers and route overrides correctly (#6… · openclaw/openclaw@6ea3cdd fix: align host tilde paths with OS home (#62804) (thanks @stainlu) · openclaw/openclaw@ecfaf64 fix: flush creds queue before reconnect socket open (#67464) (thanks … · openclaw/openclaw@405c63f fix: strip standalone <function> tool call tags from visible text (#6… · openclaw/openclaw@78df859 fix(agents): preserve cli session metadata before transcript persist … · openclaw/openclaw@898fd04 docs(changelog): move cli transcript entry · openclaw/openclaw@c1817c6 fix(agents): normalize cli transcript api field · openclaw/openclaw@3a3fae0 docs(changelog): note cli transcript persistence · openclaw/openclaw@6c343f1 fix(agents): persist cli transcript turns · openclaw/openclaw@b8ef507 fix(msteams): harden security-sensitive flows (#65841) · openclaw/openclaw@c56b56e [Dashboard] Fix exec approval modal overflow for long command content… · openclaw/openclaw@053c5b0 Docs: remove QA changelog entry · openclaw/openclaw@7fd5771 QA: fix private runtime source loading (#67428) · openclaw/openclaw@d5933af docs(gateway): correct protocol.md schema path, hello-ok example, aut… · openclaw/openclaw@489404d CI: pin Node 22 runners to 22.18.0 · openclaw/openclaw@4ffa621 models.authStatus: normalize provider ids + tighten env-backed escape… · openclaw/openclaw@f2fdb9d Update CHANGELOG.md · openclaw/openclaw@7694a92 test(parallels): clean up npm update guard jobs · openclaw/openclaw@045ea7b Plugins: prefer scanDir override paths · openclaw/openclaw@b2974da fix(dreaming): default storage.mode to "separate" so phase blocks sto… · openclaw/openclaw@8c392f0 fix(memory-core): skip dreaming transcript ingestion via session stor… · openclaw/openclaw@a1b01f0 fix: dedupe replayed exec.finished node events (#67281) · openclaw/openclaw@5dcf526
docs(tools): split browser docs by extracting control API and CLI ref… · openclaw/openclaw@743b69d
vincentkoc · 2026-04-24 · via Recent Commits to openclaw:main

@@ -0,0 +1,343 @@

1+

---

2+

summary: "OpenClaw browser control API, CLI reference, and scripting actions"

3+

read_when:

4+

- Scripting or debugging the agent browser via the local control API

5+

- Looking for the `openclaw browser` CLI reference

6+

- Adding custom browser automation with snapshots and refs

7+

title: "Browser control API"

8+

---

9+10+

For setup, configuration, and troubleshooting, see [Browser](/tools/browser).

11+

This page is the reference for the local control HTTP API, the `openclaw browser`

12+

CLI, and scripting patterns (snapshots, refs, waits, debug flows).

13+14+

## Control API (optional)

15+16+

For local integrations only, the Gateway exposes a small loopback HTTP API:

17+18+

- Status/start/stop: `GET /`, `POST /start`, `POST /stop`

19+

- Tabs: `GET /tabs`, `POST /tabs/open`, `POST /tabs/focus`, `DELETE /tabs/:targetId`

20+

- Snapshot/screenshot: `GET /snapshot`, `POST /screenshot`

21+

- Actions: `POST /navigate`, `POST /act`

22+

- Hooks: `POST /hooks/file-chooser`, `POST /hooks/dialog`

23+

- Downloads: `POST /download`, `POST /wait/download`

24+

- Debugging: `GET /console`, `POST /pdf`

25+

- Debugging: `GET /errors`, `GET /requests`, `POST /trace/start`, `POST /trace/stop`, `POST /highlight`

26+

- Network: `POST /response/body`

27+

- State: `GET /cookies`, `POST /cookies/set`, `POST /cookies/clear`

28+

- State: `GET /storage/:kind`, `POST /storage/:kind/set`, `POST /storage/:kind/clear`

29+

- Settings: `POST /set/offline`, `POST /set/headers`, `POST /set/credentials`, `POST /set/geolocation`, `POST /set/media`, `POST /set/timezone`, `POST /set/locale`, `POST /set/device`

30+31+

All endpoints accept `?profile=<name>`.

32+33+

If shared-secret gateway auth is configured, browser HTTP routes require auth too:

34+35+

- `Authorization: Bearer <gateway token>`

36+

- `x-openclaw-password: <gateway password>` or HTTP Basic auth with that password

37+38+

Notes:

39+40+

- This standalone loopback browser API does **not** consume trusted-proxy or

41+

Tailscale Serve identity headers.

42+

- If `gateway.auth.mode` is `none` or `trusted-proxy`, these loopback browser

43+

routes do not inherit those identity-bearing modes; keep them loopback-only.

44+45+

### `/act` error contract

46+47+

`POST /act` uses a structured error response for route-level validation and

48+

policy failures:

49+50+

```json

51+

{ "error": "<message>", "code": "ACT_*" }

52+

```

53+54+

Current `code` values:

55+56+

- `ACT_KIND_REQUIRED` (HTTP 400): `kind` is missing or unrecognized.

57+

- `ACT_INVALID_REQUEST` (HTTP 400): action payload failed normalization or validation.

58+

- `ACT_SELECTOR_UNSUPPORTED` (HTTP 400): `selector` was used with an unsupported action kind.

59+

- `ACT_EVALUATE_DISABLED` (HTTP 403): `evaluate` (or `wait --fn`) is disabled by config.

60+

- `ACT_TARGET_ID_MISMATCH` (HTTP 403): top-level or batched `targetId` conflicts with request target.

61+

- `ACT_EXISTING_SESSION_UNSUPPORTED` (HTTP 501): action is not supported for existing-session profiles.

62+63+

Other runtime failures may still return `{ "error": "<message>" }` without a

64+

`code` field.

65+66+

### Playwright requirement

67+68+

Some features (navigate/act/AI snapshot/role snapshot, element screenshots,

69+

PDF) require Playwright. If Playwright isn’t installed, those endpoints return

70+

a clear 501 error.

71+72+

What still works without Playwright:

73+74+

- ARIA snapshots

75+

- Page screenshots for the managed `openclaw` browser when a per-tab CDP

76+

WebSocket is available

77+

- Page screenshots for `existing-session` / Chrome MCP profiles

78+

- `existing-session` ref-based screenshots (`--ref`) from snapshot output

79+80+

What still needs Playwright:

81+82+

- `navigate`

83+

- `act`

84+

- AI snapshots / role snapshots

85+

- CSS-selector element screenshots (`--element`)

86+

- full browser PDF export

87+88+

Element screenshots also reject `--full-page`; the route returns `fullPage is

89+

not supported for element screenshots`.

90+91+

If you see `Playwright is not available in this gateway build`, repair the

92+

bundled browser plugin runtime dependencies so `playwright-core` is installed,

93+

then restart the gateway. For packaged installs, run `openclaw doctor --fix`.

94+

For Docker, also install the Chromium browser binaries as shown below.

95+96+

#### Docker Playwright install

97+98+

If your Gateway runs in Docker, avoid `npx playwright` (npm override conflicts).

99+

Use the bundled CLI instead:

100+101+

```bash

102+

docker compose run --rm openclaw-cli \

103+

node /app/node_modules/playwright-core/cli.js install chromium

104+

```

105+106+

To persist browser downloads, set `PLAYWRIGHT_BROWSERS_PATH` (for example,

107+

`/home/node/.cache/ms-playwright`) and make sure `/home/node` is persisted via

108+

`OPENCLAW_HOME_VOLUME` or a bind mount. See [Docker](/install/docker).

109+110+

## How it works (internal)

111+112+

A small loopback control server accepts HTTP requests and connects to Chromium-based browsers via CDP. Advanced actions (click/type/snapshot/PDF) go through Playwright on top of CDP; when Playwright is missing, only non-Playwright operations are available. The agent sees one stable interface while local/remote browsers and profiles swap freely underneath.

113+114+

## CLI quick reference

115+116+

All commands accept `--browser-profile <name>` to target a specific profile, and `--json` for machine-readable output.

117+118+

<AccordionGroup>

119+120+

<Accordion title="Basics: status, tabs, open/focus/close">

121+122+

```bash

123+

openclaw browser status

124+

openclaw browser start

125+

openclaw browser stop # also clears emulation on attach-only/remote CDP

126+

openclaw browser tabs

127+

openclaw browser tab # shortcut for current tab

128+

openclaw browser tab new

129+

openclaw browser tab select 2

130+

openclaw browser tab close 2

131+

openclaw browser open https://example.com

132+

openclaw browser focus abcd1234

133+

openclaw browser close abcd1234

134+

```

135+136+

</Accordion>

137+138+

<Accordion title="Inspection: screenshot, snapshot, console, errors, requests">

139+140+

```bash

141+

openclaw browser screenshot

142+

openclaw browser screenshot --full-page

143+

openclaw browser screenshot --ref 12 # or --ref e12

144+

openclaw browser snapshot

145+

openclaw browser snapshot --format aria --limit 200

146+

openclaw browser snapshot --interactive --compact --depth 6

147+

openclaw browser snapshot --efficient

148+

openclaw browser snapshot --labels

149+

openclaw browser snapshot --selector "#main" --interactive

150+

openclaw browser snapshot --frame "iframe#main" --interactive

151+

openclaw browser console --level error

152+

openclaw browser errors --clear

153+

openclaw browser requests --filter api --clear

154+

openclaw browser pdf

155+

openclaw browser responsebody "**/api" --max-chars 5000

156+

```

157+158+

</Accordion>

159+160+

<Accordion title="Actions: navigate, click, type, drag, wait, evaluate">

161+162+

```bash

163+

openclaw browser navigate https://example.com

164+

openclaw browser resize 1280 720

165+

openclaw browser click 12 --double # or e12 for role refs

166+

openclaw browser type 23 "hello" --submit

167+

openclaw browser press Enter

168+

openclaw browser hover 44

169+

openclaw browser scrollintoview e12

170+

openclaw browser drag 10 11

171+

openclaw browser select 9 OptionA OptionB

172+

openclaw browser download e12 report.pdf

173+

openclaw browser waitfordownload report.pdf

174+

openclaw browser upload /tmp/openclaw/uploads/file.pdf

175+

openclaw browser fill --fields '[{"ref":"1","type":"text","value":"Ada"}]'

176+

openclaw browser dialog --accept

177+

openclaw browser wait --text "Done"

178+

openclaw browser wait "#main" --url "**/dash" --load networkidle --fn "window.ready===true"

179+

openclaw browser evaluate --fn '(el) => el.textContent' --ref 7

180+

openclaw browser highlight e12

181+

openclaw browser trace start

182+

openclaw browser trace stop

183+

```

184+185+

</Accordion>

186+187+

<Accordion title="State: cookies, storage, offline, headers, geo, device">

188+189+

```bash

190+

openclaw browser cookies

191+

openclaw browser cookies set session abc123 --url "https://example.com"

192+

openclaw browser cookies clear

193+

openclaw browser storage local get

194+

openclaw browser storage local set theme dark

195+

openclaw browser storage session clear

196+

openclaw browser set offline on

197+

openclaw browser set headers --headers-json '{"X-Debug":"1"}'

198+

openclaw browser set credentials user pass # --clear to remove

199+

openclaw browser set geo 37.7749 -122.4194 --origin "https://example.com"

200+

openclaw browser set media dark

201+

openclaw browser set timezone America/New_York

202+

openclaw browser set locale en-US

203+

openclaw browser set device "iPhone 14"

204+

```

205+206+

</Accordion>

207+208+

</AccordionGroup>

209+210+

Notes:

211+212+

- `upload` and `dialog` are **arming** calls; run them before the click/press that triggers the chooser/dialog.

213+

- `click`/`type`/etc require a `ref` from `snapshot` (numeric `12` or role ref `e12`). CSS selectors are intentionally not supported for actions.

214+

- Download, trace, and upload paths are constrained to OpenClaw temp roots: `/tmp/openclaw{,/downloads,/uploads}` (fallback: `${os.tmpdir()}/openclaw/...`).

215+

- `upload` can also set file inputs directly via `--input-ref` or `--element`.

216+217+

Snapshot flags at a glance:

218+219+

- `--format ai` (default with Playwright): AI snapshot with numeric refs (`aria-ref="<n>"`).

220+

- `--format aria`: accessibility tree, no refs; inspection only.

221+

- `--efficient` (or `--mode efficient`): compact role snapshot preset. Set `browser.snapshotDefaults.mode: "efficient"` to make this the default (see [Gateway configuration](/gateway/configuration-reference#browser)).

222+

- `--interactive`, `--compact`, `--depth`, `--selector` force a role snapshot with `ref=e12` refs. `--frame "<iframe>"` scopes role snapshots to an iframe.

223+

- `--labels` adds a viewport-only screenshot with overlayed ref labels (prints `MEDIA:<path>`).

224+225+

## Snapshots and refs

226+227+

OpenClaw supports two “snapshot” styles:

228+229+

- **AI snapshot (numeric refs)**: `openclaw browser snapshot` (default; `--format ai`)

230+

- Output: a text snapshot that includes numeric refs.

231+

- Actions: `openclaw browser click 12`, `openclaw browser type 23 "hello"`.

232+

- Internally, the ref is resolved via Playwright’s `aria-ref`.

233+234+

- **Role snapshot (role refs like `e12`)**: `openclaw browser snapshot --interactive` (or `--compact`, `--depth`, `--selector`, `--frame`)

235+

- Output: a role-based list/tree with `[ref=e12]` (and optional `[nth=1]`).

236+

- Actions: `openclaw browser click e12`, `openclaw browser highlight e12`.

237+

- Internally, the ref is resolved via `getByRole(...)` (plus `nth()` for duplicates).

238+

- Add `--labels` to include a viewport screenshot with overlayed `e12` labels.

239+240+

Ref behavior:

241+242+

- Refs are **not stable across navigations**; if something fails, re-run `snapshot` and use a fresh ref.

243+

- If the role snapshot was taken with `--frame`, role refs are scoped to that iframe until the next role snapshot.

244+245+

## Wait power-ups

246+247+

You can wait on more than just time/text:

248+249+

- Wait for URL (globs supported by Playwright):

250+

- `openclaw browser wait --url "**/dash"`

251+

- Wait for load state:

252+

- `openclaw browser wait --load networkidle`

253+

- Wait for a JS predicate:

254+

- `openclaw browser wait --fn "window.ready===true"`

255+

- Wait for a selector to become visible:

256+

- `openclaw browser wait "#main"`

257+258+

These can be combined:

259+260+

```bash

261+

openclaw browser wait "#main" \

262+

--url "**/dash" \

263+

--load networkidle \

264+

--fn "window.ready===true" \

265+

--timeout-ms 15000

266+

```

267+268+

## Debug workflows

269+270+

When an action fails (e.g. “not visible”, “strict mode violation”, “covered”):

271+272+

1. `openclaw browser snapshot --interactive`

273+

2. Use `click <ref>` / `type <ref>` (prefer role refs in interactive mode)

274+

3. If it still fails: `openclaw browser highlight <ref>` to see what Playwright is targeting

275+

4. If the page behaves oddly:

276+

- `openclaw browser errors --clear`

277+

- `openclaw browser requests --filter api --clear`

278+

5. For deep debugging: record a trace:

279+

- `openclaw browser trace start`

280+

- reproduce the issue

281+

- `openclaw browser trace stop` (prints `TRACE:<path>`)

282+283+

## JSON output

284+285+

`--json` is for scripting and structured tooling.

286+287+

Examples:

288+289+

```bash

290+

openclaw browser status --json

291+

openclaw browser snapshot --interactive --json

292+

openclaw browser requests --filter api --json

293+

openclaw browser cookies --json

294+

```

295+296+

Role snapshots in JSON include `refs` plus a small `stats` block (lines/chars/refs/interactive) so tools can reason about payload size and density.

297+298+

## State and environment knobs

299+300+

These are useful for “make the site behave like X” workflows:

301+302+

- Cookies: `cookies`, `cookies set`, `cookies clear`

303+

- Storage: `storage local|session get|set|clear`

304+

- Offline: `set offline on|off`

305+

- Headers: `set headers --headers-json '{"X-Debug":"1"}'` (legacy `set headers --json '{"X-Debug":"1"}'` remains supported)

306+

- HTTP basic auth: `set credentials user pass` (or `--clear`)

307+

- Geolocation: `set geo <lat> <lon> --origin "https://example.com"` (or `--clear`)

308+

- Media: `set media dark|light|no-preference|none`

309+

- Timezone / locale: `set timezone ...`, `set locale ...`

310+

- Device / viewport:

311+

- `set device "iPhone 14"` (Playwright device presets)

312+

- `set viewport 1280 720`

313+314+

## Security and privacy

315+316+

- The openclaw browser profile may contain logged-in sessions; treat it as sensitive.

317+

- `browser act kind=evaluate` / `openclaw browser evaluate` and `wait --fn`

318+

execute arbitrary JavaScript in the page context. Prompt injection can steer

319+

this. Disable it with `browser.evaluateEnabled=false` if you do not need it.

320+

- For logins and anti-bot notes (X/Twitter, etc.), see [Browser login + X/Twitter posting](/tools/browser-login).

321+

- Keep the Gateway/node host private (loopback or tailnet-only).

322+

- Remote CDP endpoints are powerful; tunnel and protect them.

323+324+

Strict-mode example (block private/internal destinations by default):

325+326+

```json5

327+

{

328+

browser: {

329+

ssrfPolicy: {

330+

dangerouslyAllowPrivateNetwork: false,

331+

hostnameAllowlist: ["*.example.com", "example.com"],

332+

allowedHostnames: ["localhost"], // optional exact allow

333+

},

334+

},

335+

}

336+

```

337+338+

## Related

339+340+

- [Browser](/tools/browser) — overview, configuration, profiles, security

341+

- [Browser login](/tools/browser-login) — signing in to sites

342+

- [Browser Linux troubleshooting](/tools/browser-linux-troubleshooting)

343+

- [Browser WSL2 troubleshooting](/tools/browser-wsl2-windows-remote-cdp-troubleshooting)