Skip to content

fix: forward cookies on local-discovery path (dropped for auth-walled URLs)#526

Open
shrinishLT wants to merge 1 commit into
LambdaTest:stagefrom
shrinishLT:TE-15304-cookies-fix
Open

fix: forward cookies on local-discovery path (dropped for auth-walled URLs)#526
shrinishLT wants to merge 1 commit into
LambdaTest:stagefrom
shrinishLT:TE-15304-cookies-fix

Conversation

@shrinishLT
Copy link
Copy Markdown
Contributor

@shrinishLT shrinishLT commented Jun 3, 2026

Summary

processSnapshot.ts has two parallel functions emitting the processedSnapshot payload:

Function Used when Includes cookies field
prepareSnapshot (line 44) Remote discovery (USE_REMOTE_DISCOVERY / config.useRemoteDiscovery) ✅ yes (line 281)
processSnapshot (default export, line 288) Local discovery — the default path no

This PR adds the missing cookies field to the local-discovery return so the two paths emit the same payload shape.

Why this matters

The CLI's discovery flow navigates a separate Playwright instance to snapshot.url to fetch and cache page resources. For customers whose URL is behind authentication (Veeva Vault, internal apps with SSO), the discovery browser needs the session cookies captured by the SDK to authenticate.

With local discovery, those cookies are silently dropped from the payload. The discovery Playwright opens the URL unauthenticated, fails to fetch:

  • Auth-walled page assets (e.g., Vault's /ui/annotate/makepageimage?n=N PDF page images)
  • Customer's tenant CDN (e.g., static-assets.veevavault.com CSS/JS bundles)

…and the snapshot uploaded to dotui has zero useful CSS/JS/images. The rendered screenshot is blank or grossly mis-styled.

Reproduction with real customer DOMs

Two captured Veeva Vault payloads from the same customer's test suite:

Old payload New payload
Top-level keys [..., 'cookies', ...] ['name','url','dom','resources','options']
cookies field length 384 chars (IS_SELENIUM=true; veevaUserSsoSettings=…; VAULT_DATE_FORMAT_TYPE=…) 0 (field absent)
Cached makepageimage PNGs in resources 11 (pages 20–30) 0
Rendered snapshot Pages visible Blank / empty buffer

Same customer, same test pattern — the only thing that changed in the payload shape was the disappearance of cookies. Traced back to this dual-function divergence.

The fix

     return {
         processedSnapshot: {
             name: snapshot.name,
             url: snapshot.url,
             dom: Buffer.from(snapshot.dom.html).toString('base64'),
             resources: cache,
-            options: processedOptions
+            options: processedOptions,
+            cookies: Buffer.from(snapshot.dom.cookies ?? '').toString('base64'),
         },
         warnings: [...optionWarnings, ...snapshot.dom.warnings],
         discoveryErrors: discoveryErrors
     }

Identical pattern to the existing prepareSnapshot return at line 281 — just brings the local-discovery path to parity.

Scope / risk

  • One file, one line added (plus the trailing comma).
  • Forward-compatible: dotui already handles the cookies field on the payload (the remote-discovery path has been emitting it). For customers whose snapshot.dom.cookies was empty/undefined before, Buffer.from('').toString('base64') = '', so they get an empty cookies field — same effective behavior as before.
  • No new options, no new behavior for non-auth-walled snapshots.

Test plan

  • Builds locally (pnpm run build).
  • Reviewer: install this build for a customer test that hits an auth-walled URL (Veeva Vault, internal SSO app). Confirm the next snapshot payload now contains a non-empty cookies field and the page renders with proper styling in dotui.
  • Regression check: a public-URL snapshot (Wikipedia, etc.) where cookies are empty — should be unchanged.

Note on the dual-function divergence

This is the third bug caused by prepareSnapshot and processSnapshot diverging in this file. The first two (custom-scroll flag forwarding + the user-facing warning) were addressed in PR #522. Worth a follow-up refactor to share the payload-construction code between the two paths, but kept out of this PR for tightness.

🤖 Generated with Claude Code

@claude
fix: forward cookies on local-discovery path
cbc3df1 
processSnapshot.ts has two parallel functions producing processedSnapshot
payloads. prepareSnapshot (used for remote discovery) includes the
cookies field; processSnapshot (the default export, used for local
discovery — the most common path) silently drops it.

Symptom for customers whose snapshot URL is auth-walled (e.g. Veeva
Vault): the CLI's discovery Playwright navigates to the snapshot URL
unauthenticated, fails to fetch resources behind the customer's session
(page images, CDN-hosted CSS/JS), and dotui receives a payload with no
styling/scripts/images cached. The rendered screenshot ends up blank or
unstyled.

Reproduction with two captured Vault DOMs (same customer, similar test):

  Old (had cookies):
    'cookies' field present, 384 chars
    11 makepageimage PNGs cached → page rendered correctly

  New (cookies dropped on local discovery):
    'cookies' field absent
    0 makepageimage PNGs cached → page renders blank in dotui

Fix: the default-export processSnapshot's return now mirrors
prepareSnapshot's — emits `cookies: Buffer.from(snapshot.dom.cookies
?? '').toString('base64')` alongside the existing payload fields.

This is the third instance of the dual-function divergence in this
file; worth a refactor to share the payload-construction code, but
out of scope for a one-line correctness fix.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@shrinishLT