browser live view recursion guard#302
Conversation
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes using high effort and found 3 potential issues.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Want fixes drafted automatically? Bugbot Autofix can create code changes for findings. A team admin can enable Autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit a8358d5. Configure here.
| entries = uniqueStrings(entries) | ||
| if len(entries) == 0 { | ||
| return nil | ||
| } |
There was a problem hiding this comment.
Disable env leaves blocklist
Medium Severity
When CHROMIUM_RECURSION_GUARD_URL_BLOCKLIST is set to 0, false, off, or none, parsing returns no entries and ApplyURLBlocklistGuard exits without writing policy. Guard URLs merged on earlier Chromium starts stay in URLBlocklist, so the recursion guard keeps blocking even though the env documents an explicit disable.
Reviewed by Cursor Bugbot for commit a8358d5. Configure here.
| // would disable subdomain matching. | ||
| // The query is intentionally omitted so livestream JWT variations are | ||
| // covered without per-request proxy work. | ||
| DefaultChromiumRecursionGuardURLBlocklist = "https://onkernel.com:8443/browser/live" |
There was a problem hiding this comment.
Default blocklist port mismatch
Medium Severity
The default guard pattern https://onkernel.com:8443/browser/live includes port 8443, while product docs describe live view on port 443. Chrome URLBlocklist filters with an explicit port generally match that port only, so navigations to https://onkernel.com/browser/live on implicit HTTPS 443 may not be blocked and nested live view can still recurse.
Reviewed by Cursor Bugbot for commit a8358d5. Configure here.
| return p.Modify(func(current *Policy) error { | ||
| return mergeURLBlocklistGuard(current, entries) | ||
| }) | ||
| } |
There was a problem hiding this comment.
Parallel policy writers lose updates
Medium Severity
Each Chromium start now read-modifies-writes policy.json via ApplyURLBlocklistGuard, while the API process uses the same Policy.Modify helper. The mutex is in-process only, so concurrent launcher and API updates can overwrite each other and drop extension or policy changes written in between.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit a8358d5. Configure here.


description
issue demo
kernel_recursionguard.mp4
Note
Medium Risk
Touches shared Chromium enterprise policy at every browser start; misconfiguration could block unintended URLs or fail launches if policy JSON is invalid.
Overview
Adds a recursion guard that merges extra Chromium
URLBlocklistentries before the browser starts, so agents cannot open the platform’s own live-browser capture URLs inside the VM (nested live view).chromium-launchernow callsApplyURLBlocklistGuardwith entries fromCHROMIUM_RECURSION_GUARD_URL_BLOCKLISTand exits on failure if policy cannot be applied. Unset/blank env uses a default pattern (https://onkernel.com:8443/browser/live);0/false/off/nonedisables the guard; comma/newline lists allow overrides.New
policyhelpers parse the env, dedupe entries, and append guard URLs to any existing customerURLBlocklistinpolicy.jsonwithout dropping other policy fields.Reviewed by Cursor Bugbot for commit a8358d5. Bugbot is set up for automated code reviews on this repo. Configure here.