From 0f5eb0ed0b9cabe89223ef55f9e25cc10a305987 Mon Sep 17 00:00:00 2001
From: baofuen <baofuen@AIPC.localdomain>
Date: Fri, 8 May 2026 14:54:12 +0800
Subject: [PATCH] fix(browse): add --disable-dev-shm-usage and --no-sandbox to
 Chromium launch args
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

WSL2 and Docker containers often lack /dev/shm (shared memory) and
unprivileged user namespaces. Chromium requires both to function
correctly in multi-step browsing (chain commands, goto→js, goto→screenshot).

Without these flags:
- Individual browse commands work (goto, status)
- Multi-step operations hang/timeout (chain, goto→js, goto→screenshot)

Root cause: Chromium's CDP communication stalls when /dev/shm is
insufficient, causing page.evaluate() and other IPC operations to hang.

Fix: Add --disable-dev-shm-usage and --no-sandbox as default arguments
in both launch() and launchCDP() methods, instead of conditionally adding
--no-sandbox only in CI/CONTAINER environments.

Verified: chain command with goto→status→js→console→network works on
localhost SPA in WSL2 where it previously hung.
---
 browse/src/browser-manager.ts | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/browse/src/browser-manager.ts b/browse/src/browser-manager.ts
index 9810674e1..3224abf32 100644
--- a/browse/src/browser-manager.ts
+++ b/browse/src/browser-manager.ts
@@ -194,16 +194,15 @@ export class BrowserManager {
     // Extensions only work in headed mode, so we use an off-screen window.
     const extensionsDir = process.env.BROWSE_EXTENSIONS_DIR;
     const { STEALTH_LAUNCH_ARGS } = await import('./stealth');
-    const launchArgs: string[] = [...STEALTH_LAUNCH_ARGS];
+    const launchArgs: string[] = [
+      ...STEALTH_LAUNCH_ARGS,
+      '--disable-dev-shm-usage',
+      '--no-sandbox',
+    ];
     let useHeadless = true;
 
     // Docker/CI: Chromium sandbox requires unprivileged user namespaces which
-    // are typically disabled in containers. Detect container environment and
-    // add --no-sandbox automatically.
-    if (process.env.CI || process.env.CONTAINER) {
-      launchArgs.push('--no-sandbox');
-    }
-
+    // are typically disabled in containers. --no-sandbox already added above.
     if (extensionsDir) {
       launchArgs.push(
         `--disable-extensions-except=${extensionsDir}`,
@@ -276,6 +275,8 @@ export class BrowserManager {
     const extensionPath = this.findExtensionPath();
     const launchArgs = [
       '--hide-crash-restore-bubble',
+      '--disable-dev-shm-usage',
+      '--no-sandbox',
       // Anti-bot-detection: remove the navigator.webdriver flag that Playwright sets.
       // Sites like Google and NYTimes check this to block automation browsers.
       '--disable-blink-features=AutomationControlled',