hai/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-11 15:07:26 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
b4c7e1811dc7392eed82e6aa1db36ed553d589c6
gstack/browse/src
History
Garry Tan 52470cd53a fix: gate /health token on chrome-extension Origin header 
Only return the auth token in /health response when the request Origin
starts with chrome-extension://. The Chrome extension always sends this
origin via manifest host_permissions. Regular HTTP requests (including
tunneled ones from ngrok/SSH) won't get the token. The extension also
has a fallback path through background.js that reads the token from the
state file directly.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-04 21:23:05 -07:00
..
activity.ts
feat: headed mode + sidebar agent + Chrome extension (v0.12.0) (#517)
2026-03-26 11:15:24 -06:00
browser-manager.ts
fix: validate saved URLs before navigation in restoreState
2026-04-04 21:18:18 -07:00
buffers.ts
feat: Phase 3.5 — cookie import, QA testing, team retro (v0.3.1) (#29)
2026-03-13 00:31:41 -07:00
bun-polyfill.cjs
fix: Windows support — Node.js server fallback for Playwright (#255)
2026-03-20 12:22:11 -07:00
cdp-inspector.ts
feat: sidebar CSS inspector + per-tab agents (v0.13.9.0) (#650)
2026-03-30 12:51:05 -06:00
cli.ts
feat: GStack Browser — double-click AI browser with anti-bot stealth (#695)
2026-04-04 10:17:05 -07:00
commands.ts
feat: sidebar CSS inspector + per-tab agents (v0.13.9.0) (#650)
2026-03-30 12:51:05 -06:00
config.ts
fix: harden file/directory permissions to owner-only (C5+H9+M9+M10)
2026-04-04 21:22:12 -07:00
cookie-import-browser.ts
feat: Wave 3 — community bug fixes & platform support (v0.11.6.0) (#359)
2026-03-23 22:15:23 -07:00
cookie-picker-routes.ts
fix: make cookie picker auth mandatory (H2)
2026-04-04 21:22:56 -07:00
cookie-picker-ui.ts
feat: GStack Browser — double-click AI browser with anti-bot stealth (#695)
2026-04-04 10:17:05 -07:00
find-browse.ts
feat: multi-agent support — gstack works on Codex, Gemini CLI, and Cursor (v0.9.0) (#226)
2026-03-19 18:20:50 -07:00
meta-commands.ts
fix: security audit round 2 (v0.13.4.0) (#640)
2026-03-29 22:46:33 -06:00
platform.ts
fix: Windows support — Node.js server fallback for Playwright (#255)
2026-03-20 12:22:11 -07:00
read-commands.ts
feat: sidebar CSS inspector + per-tab agents (v0.13.9.0) (#650)
2026-03-30 12:51:05 -06:00
server.ts
fix: gate /health token on chrome-extension Origin header
2026-04-04 21:23:05 -07:00
sidebar-agent.ts
fix: harden file/directory permissions to owner-only (C5+H9+M9+M10)
2026-04-04 21:22:12 -07:00
sidebar-utils.ts
fix: sidebar agent uses real tab URL instead of stale Playwright URL (v0.12.6.0) (#544)
2026-03-26 22:07:03 -06:00
snapshot.ts
feat: headed mode + sidebar agent + Chrome extension (v0.12.0) (#517)
2026-03-26 11:15:24 -06:00
url-validation.ts
fix: DNS rebinding protection checks AAAA (IPv6) records too
2026-04-04 21:18:03 -07:00
welcome.html
feat: GStack Browser — double-click AI browser with anti-bot stealth (#695)
2026-04-04 10:17:05 -07:00
write-commands.ts
fix: validateOutputPath symlink bypass — resolve real path before safe-dir check
2026-04-04 21:18:10 -07:00