eliott/browser-use
1
0
Fork 0
mirror of https://github.com/browser-use/browser-use synced 2026-05-06 17:52:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
3,344 Commits 515 Branches 132 Tags
d4a29c4b93a65bc3894de3228c3f264d008c041d
Commit Graph

230 Commits

Author SHA1 Message Date
mertunsall
b3ccedf632 Update action description for input_text to clarify functionality 2025-06-22 17:56:53 +02:00
mertunsall
258d0b0bec Implemented a try-except block to handle exceptions when inputting text into DOM elements. If an error occurs, a descriptive message is returned to indicate the failure, improving robustness in browser interactions. 2025-06-22 15:34:37 +02:00
Nick Sweeting
b67be37490 fix type hint errors 2025-06-21 04:35:24 -07:00
Magnus Müller
4a8cf30dac Merge branch 'main' into mert/new_everything 2025-06-20 12:27:19 +02:00
Magnus Müller
4c2952d640 Squashed commit of the following: 
commit a9cf53a1b1
Merge: 5aa62c11 0f9ffa10
Author: Magnus Müller <67061560+MagMueller@users.noreply.github.com>
Date:   Fri Jun 20 10:41:19 2025 +0200

    Set user_data_dir to None (#2015)

    <!-- This is an auto-generated description by cubic. -->
    Changed browser session setup to use incognito mode by setting
    user_data_dir to None, preventing persistent state between evaluation
    runs.

    <!-- End of auto-generated description by cubic. -->

commit 0f9ffa1072
Author: Magnus Müller <67061560+MagMueller@users.noreply.github.com>
Date:   Fri Jun 20 10:38:01 2025 +0200

    Set user_data_dir to None

commit 5aa62c1113
Merge: d8a9d21b e559ff5e
Author: Nick Sweeting <git@sweeting.me>
Date:   Thu Jun 19 23:01:49 2025 -0700

    Fix cross-origin iframe DOM retrieval (#1965)

commit d8a9d21b00
Merge: 3e5f3049 b6be1583
Author: Nick Sweeting <git@sweeting.me>
Date:   Thu Jun 19 23:01:21 2025 -0700

    Fix critical domain restriction bypass vulnerability (#2006)

commit b6be158319
Author: Sahar <saharhashai@gmail.com>
Date:   Thu Jun 19 02:28:34 2025 -0700

    Delete tests/ci/test_security_url_validation.py

commit aca4b57329
Author: Sahar <saharhashai@gmail.com>
Date:   Thu Jun 19 02:27:57 2025 -0700

    Delete SECURITY_FIX_REPORT.md

commit 45872c1e45
Author: Your Name <your.email@example.com>
Date:   Thu Jun 19 11:24:50 2025 +0200

    fix(security): prevent domain restriction bypass in controller actions

    - Add domain validation to controller.click() and controller.type() methods
    - Implement comprehensive security checks before executing actions
    - Prevent potential prompt injection and unauthorized data access
    - Add extensive test coverage for domain validation scenarios
    - Update documentation with security considerations

    This critical fix prevents complete bypass of domain restrictions that
    could enable attackers to perform unauthorized actions on any domain.

commit e559ff5eaa
Merge: 19ae8a11 f348e0c5
Author: Nick Sweeting <git@sweeting.me>
Date:   Sat Jun 14 01:56:09 2025 -0700

    Merge branch 'main' into main

commit 19ae8a1146
Merge: e1b3ff9e 08ed0be3
Author: Nick Sweeting <git@sweeting.me>
Date:   Sat Jun 14 00:31:30 2025 -0700

    Merge branch 'main' into main

commit e1b3ff9e9d
Author: Ilya Biryukov <ilbiryuk@microsoft.com>
Date:   Thu Jun 12 17:40:40 2025 -0700

    Revert changes to  examples/features/multiple_agents_same_browser.py

commit d20a3b55d6
Author: Ilya Biryukov <ilbiryuk@microsoft.com>
Date:   Thu Jun 12 17:30:59 2025 -0700

    Fix pre-commit lint issues and compile error in multiple_agents_same_browser

commit 13d5468aa2
Author: Ilya Biryukov <ilbiryuk@microsoft.com>
Date:   Thu Jun 12 14:07:21 2025 -0700

    Fix cross-origin iframe DOM retrieval
 2025-06-20 10:51:06 +02:00
Magnus Müller
af09713d15 Enhance error reporting in retry_async_function by including the exception message in ActionResult. Update scroll height retrieval logic to correctly negate the result, improving clarity and consistency in error handling. 2025-06-19 23:27:43 +02:00
Magnus Müller
90ae26316e Refactor ActionResult to standardize the inclusion of extracted content, replacing update_only_read_state with include_extracted_content_only_once across multiple services. This change enhances clarity in memory management and ensures consistent handling of extracted content. 2025-06-19 23:18:30 +02:00
Magnus Müller
ce880e5e35 Refactor ActionResult handling across multiple services to standardize the use of long_term_memory, replacing memory references. Update related logic to ensure extracted content is consistently managed for improved clarity and error handling. 2025-06-19 23:11:55 +02:00
mertunsall
862f9d545a Refine prompt in service.py to enhance clarity for vague queries and improve response structure 2025-06-19 12:13:09 +02:00
mertunsall
51d7626c1a Update prompt in service.py to clarify response for vague queries 2025-06-19 12:07:06 +02:00
mertunsall
e29d98e6da Add retry mechanism for async functions in service.py 
- Introduced a new `retry_async_function` to handle retries for async operations, improving error resilience.
- Updated existing async calls in the content extraction and scrolling functions to utilize the new retry mechanism, enhancing reliability in case of transient errors.
- Added detailed logging for retry attempts to aid in debugging.
 2025-06-19 11:55:47 +02:00
Your Name
45872c1e45 fix(security): prevent domain restriction bypass in controller actions 
- Add domain validation to controller.click() and controller.type() methods
- Implement comprehensive security checks before executing actions
- Prevent potential prompt injection and unauthorized data access
- Add extensive test coverage for domain validation scenarios
- Update documentation with security considerations

This critical fix prevents complete bypass of domain restrictions that
could enable attackers to perform unauthorized actions on any domain.
 2025-06-19 11:24:50 +02:00
Magnus Müller
0b6ebea431 Merge branch 'main' into mert/new_everything 2025-06-19 09:49:43 +02:00
Yasith Jayawardana
e2e11966d3 Merge branch 'main' into typing-improvements 2025-06-18 21:20:47 -04:00
mertunsall
4f73c36a6e default include links to False 2025-06-18 15:57:08 +02:00
mertunsall
bbc8d26f63 - Updated ActionResult to include an attachments field for displaying files in the done message. 
- Enhanced logging in the Agent class to inform users about available attachments after task completion.
- Revised system prompt guidelines to clarify the use of text and files_to_display in the done action.
 2025-06-18 14:24:27 +02:00
mertunsall
38b0b4771c Update extract_structured_data action to default include_links to True for improved usability 2025-06-18 13:19:49 +02:00
mertunsall
1864e52635 Merge branch 'main' into mert/new_everything 2025-06-18 10:00:25 +02:00
Magnus Müller
1b5593d1aa remove unused success parameter from ActionResult in service.py 2025-06-17 19:15:33 +02:00
mertunsall
b8621e1089 Improve logging and action result handling: update messages for new elements detection and adjust success flag in action results so that agent doesn't stop. 2025-06-17 18:58:17 +02:00
mertunsall
f7a8e99f13 Enhance user guidance in data extraction: add reminder to save information during read state and refine instructions for structured data extraction to clarify usage and file saving practices. 2025-06-17 15:10:07 +02:00
mertunsall
084db13037 Enhance user messaging and data extraction functionality: update attachment display terminology, improve logging for navigation and extraction actions, and refine content extraction prompt for clarity and specificity. 2025-06-17 14:51:59 +02:00
mertunsall
0c34c399db Merge branch 'main' into mert/new_everything 2025-06-17 11:19:06 +02:00
yasithdev
8ea4b4c71a centralize playwright/patchwright imports, and update typing/checks to reduce lint errors 2025-06-16 22:57:20 -04:00
Nick Sweeting
582c039c15 make save_context and other file operations async, setup traces and other dirs on startup 2025-06-12 18:38:12 -07:00
Nick Sweeting
688b4768e2 make wait_for_load_state and network errors into AgentState entries instead of hard exceptions 2025-06-12 18:36:09 -07:00
Magnus Müller
e8f2467ab2 Refactor action result handling in message_manager and controller services 
Updated the logic for processing action results in service.py files. Changed the conditional check for memory in message_manager to use 'elif' for clarity. In controller, modified the return statement to handle errors more effectively by returning an ActionResult with the error message instead of memory, improving error logging and debugging capabilities.
 2025-06-11 11:36:06 +02:00
Nick Sweeting
d5d341f229 dont raise exception from click action 2025-06-10 23:57:41 -07:00
Nick Sweeting
fdaafa8afc click by x,y coordinate fallback when main method fails 2025-06-10 06:41:39 -07:00
Nick Sweeting
9eec34f916 fix missing _update_state method 2025-06-10 06:28:18 -07:00
Nick Sweeting
8daaaf665c auto-refresh state when desired element idx is not found 2025-06-10 06:17:52 -07:00
Nick Sweeting
31bd5fdbf2 skip iframes that mightve closed during iteration 2025-06-10 05:16:20 -07:00
Nick Sweeting
56de6cf75c fix markdownify in iframes not having arg bound 2025-06-10 02:21:01 -07:00
Nick Sweeting
3f6de11643 dont steal about:blank thats potentially used by another agent, it invalidates their objects 2025-06-10 02:06:12 -07:00
Nick Sweeting
ccb2af5947 make markdownify non-blocking async 2025-06-10 02:02:33 -07:00
Magnus Müller
9ddfce90c7 Refine prompt clarity in service.py to specify handling of vague queries. Updated the prompt to instruct the model to provide a brief summary when the query does not make sense for the page, enhancing the extraction process. 2025-06-09 21:47:02 +02:00
Magnus Müller
10705e3d48 Enhance content extraction in service.py by limiting output length to 60,000 characters and improving prompt clarity. The message format for extracted content now includes the specific query, ensuring better logging and user feedback. 2025-06-09 18:12:43 +02:00
Magnus Müller
347649e59f Refactor file display logic in service.py to improve user message formatting. Consolidated file content messages into a single variable and added a warning for cases where no files are found, enhancing clarity and user feedback. 2025-06-09 16:51:52 +02:00
Magnus Müller
837f0804df Enhance logging in service.py to include the specific query in the extracted content message, improving clarity for debugging and tracking purposes. 2025-06-09 16:09:10 +02:00
Magnus Müller
b835bd01dc Update prompt format in service.py to change 'Page content:' to 'answer:' for improved clarity in JSON response structure. 2025-06-09 11:47:34 +02:00
mertunsall
05d90b2123 ban displaying todo list 2025-06-03 19:34:41 +02:00
mertunsall
9459cd4f5b update extract_content further 2025-06-03 19:07:24 +02:00
mertunsall
50520dd607 update extract_content further 2025-06-03 19:05:58 +02:00
mertunsall
ae19b819c3 make extraction description more specific 2025-06-03 18:50:02 +02:00
mertunsall
1e549d72f3 now the model can display files to the users 2025-06-03 18:07:47 +02:00
mertunsall
5e44c9b191 small fixes, change system prompt 2025-06-03 16:18:21 +02:00
mertunsall
bcdc522ade Nuke it all 2025-05-31 17:30:21 +02:00
Nick Sweeting
addeb56f8c add new param optimization test 2025-05-25 03:50:02 -07:00
Nick Sweeting
e9b2462b49 convert actions to take a page when thats all they need 2025-05-25 03:39:53 -07:00
Nick Sweeting
10ec1e8841 fix all actions to use kwargs at callsites 2025-05-25 02:58:17 -07:00