Add Playwright screenshot endpoint to macserver #1170
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| await loadBlocker(); | ||
| scheduleRefresh(); | ||
| } catch (error) { | ||
| console.error("Failed to initialize adblocker:", error); | ||
| blocker = null; |
There was a problem hiding this comment.
If the first call to load the adblocker fails (e.g., no network when macserver boots), this initializeBlocker path just logs and sets blocker = null without scheduling scheduleRefresh(), so the filter lists are never retried and ad blocking stays disabled until the process is manually restarted—contrary to the documented expectation of periodic refresh and resilience to transient failures.
Useful? React with 👍 / 👎.
| const hostname = parsed.hostname.toLowerCase(); | ||
| if (LOCALHOSTS.includes(hostname) || PRIVATE_IP_REGEX.test(hostname)) { | ||
| throw createUrlError("URL points to a disallowed host"); | ||
| } |
There was a problem hiding this comment.
The new screenshot URL validation only rejects localhost and IPv4 private ranges, so the guard here still accepts IPv6 private addresses like http://[fd00::1] or http://[fe80::1]. On machines with IPv6 enabled, an authorized caller could therefore use the screenshot endpoint to reach internal services despite the intent to disallow private hosts.
Useful? React with 👍 / 👎.
Summary
Testing
Codex Task