From 3c681677a0cb377b5dd6b86257e5eaf7e10de24d Mon Sep 17 00:00:00 2001
From: kensei <backtime1993@gmail.com>
Date: Thu, 19 Mar 2026 00:10:29 +0800
Subject: [PATCH] fix(main): navigate to domain before executing cookie/header
 strategy commands

When a cookie/header strategy command runs, the browser page may be on
an unrelated domain (e.g. YouTube tab active while running `bilibili search`).
The in-page `fetch()` with `credentials: 'include'` then fails because
the browser blocks cross-origin credentialed requests.

Fix: before executing cookie/header strategy commands, navigate to the
command's declared `domain` so the fetch runs in same-origin context.
This mirrors the pre-navigation already done in `cascade` command.

Fixes intermittent "Failed to fetch" errors for all cookie-strategy
adapters (bilibili, twitter, zhihu, xueqiu, etc.) when the active
Chrome tab is on a different site.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 src/main.ts | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/main.ts b/src/main.ts
index a98c313..36129f6 100644
--- a/src/main.ts
+++ b/src/main.ts
@@ -10,7 +10,7 @@ import { fileURLToPath } from 'node:url';
 import { Command } from 'commander';
 import chalk from 'chalk';
 import { discoverClis, executeCommand } from './engine.js';
-import { type CliCommand, fullName, getRegistry, strategyLabel } from './registry.js';
+import { Strategy, type CliCommand, fullName, getRegistry, strategyLabel } from './registry.js';
 import { render as renderOutput } from './output.js';
 import { PlaywrightMCP } from './browser.js';
 import { browserSession, DEFAULT_BROWSER_COMMAND_TIMEOUT, runWithTimeout } from './runtime.js';
@@ -101,7 +101,13 @@ for (const [, cmd] of registry) {
     try {
       let result: any;
       if (cmd.browser) {
-        result = await browserSession(PlaywrightMCP, async (page) => runWithTimeout(executeCommand(cmd, page, kwargs, actionOpts.verbose), { timeout: cmd.timeoutSeconds ?? DEFAULT_BROWSER_COMMAND_TIMEOUT, label: fullName(cmd) }));
+        result = await browserSession(PlaywrightMCP, async (page) => {
+          // Cookie/header strategies need same-origin context for credentialed fetch
+          if ((cmd.strategy === Strategy.COOKIE || cmd.strategy === Strategy.HEADER) && cmd.domain) {
+            try { await page.goto(`https://${cmd.domain}`); await page.wait(2); } catch {}
+          }
+          return runWithTimeout(executeCommand(cmd, page, kwargs, actionOpts.verbose), { timeout: cmd.timeoutSeconds ?? DEFAULT_BROWSER_COMMAND_TIMEOUT, label: fullName(cmd) });
+        });
       } else { result = await executeCommand(cmd, null, kwargs, actionOpts.verbose); }
       if (actionOpts.verbose && (!result || (Array.isArray(result) && result.length === 0))) {
         console.error(chalk.yellow(`[Verbose] Warning: Command returned an empty result. If the website structural API changed or requires authentication, check the network or update the adapter.`));