Skip to content

fix(browser): clear stale ChatGPT cookies before navigation#283

Merged
steipete merged 2 commits into
steipete:mainfrom
jung0han:codex/clear-chatgpt-conv-cookies
Jul 6, 2026
Merged

fix(browser): clear stale ChatGPT cookies before navigation#283
steipete merged 2 commits into
steipete:mainfrom
jung0han:codex/clear-chatgpt-conv-cookies

Conversation

@jung0han

@jung0han jung0han commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Open new local and remote targets at about:blank, so stale cookies can be removed before the first ChatGPT request.
  • Delete only conv_key_* cookies on ChatGPT domains.
  • Preserve keys belonging to every currently open ChatGPT conversation and any explicitly resumed conversation.
  • Skip cleanup if active-target discovery fails; cookie cleanup must not risk another concurrent Oracle run.
  • Cover normal local runs, remote Chrome, reattach, and Project Sources.

Why

Per-conversation keys can accumulate until ChatGPT requests exceed header limits. A public reproduction recorded 63 conv_key_* cookies causing HTTP 431, with service restored after deleting those volatile keys: https://github.com/ratacat/pro-cli/blob/f4dbaafe572e662cfd6d40e5c296566dd0a80e03/docs/chatgpt-431-cookie-bloat.md

The original branch cleaned after the new target had already navigated and omitted reattach/Project Sources. It also deleted every conversation key, including keys for concurrent or resumed work. This revision fixes those ordering and ownership boundaries.

Verification

  • pnpm test: 1,415 passed, 43 skipped
  • pnpm run check
  • pnpm run build
  • Autoreview clean

Authenticated remote-Chrome proof seeded twelve stale 2.5 KB keys plus one small key for a synthetic open conversation (30,016 value bytes total). Oracle:

  1. opened its dedicated target at about:blank;
  2. reported clearing exactly twelve stale keys;
  3. navigated to ChatGPT only afterward;
  4. passed login and returned the exact requested marker;
  5. left zero stale proof keys while preserving the open conversation key.

No cookie values are logged. Thanks @jung0han for the original patch.

@clawsweeper

clawsweeper Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Codex review: needs real behavior proof before merge. Reviewed July 6, 2026, 12:41 AM ET / 04:41 UTC.

Summary
Adds a CDP helper to delete ChatGPT conv* cookies, wires it into local and remote browser runs, adds cookie unit tests, and updates CHANGELOG.md.

Reproducibility: no. high-confidence live reproduction is available in this review. Source inspection confirms current and merged-result ChatGPT navigation paths that sync or reuse cookies without clearing conv* entries first, but the actual header-size failure depends on an accumulated browser profile.

Review metrics: 2 noteworthy metrics.

  • Changed surface: 4 files changed, +132/-2. The diff is focused, but it changes browser cookie state before ChatGPT navigation.
  • Cookie path coverage: 2 added, 2 uncovered. Local and remote main browser runs are covered, while reattach and Project Sources still navigate after syncing or reusing cookies without cleanup.

Merge readiness
Overall: 🧂 unranked krab
Proof: 🧂 unranked krab
Patch quality: 🦐 gold shrimp
Result: blocked until real behavior proof is added.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

  • [P1] Add cleanup coverage for reattach/follow-up and Project Sources cookie-navigation paths, or centralize the helper before all ChatGPT navigation after cookie sync/reuse.
  • [P1] Add redacted terminal output or logs from a real browser run showing stale conv* cleanup before ChatGPT navigation/submission.

Proof guidance:

  • [P1] Needs real behavior proof before merge: Missing: the PR lists validation commands but no redacted live browser output or logs showing real conv* cookies cleared before ChatGPT navigation; update the PR body with proof and request re-review if it does not trigger automatically.

Risk before merge

  • [P1] No redacted real browser evidence shows CDP deletion removing actual ChatGPT conv_key_* cookies before navigation or preventing the header-size failure.
  • [P1] Follow-up/reattach and Project Sources flows can still sync or reuse ChatGPT cookies and navigate without this cleanup.

Maintainer options:

  1. Decide the mitigation before merge
    Centralize the narrow ChatGPT conversation-cookie cleanup for every ChatGPT path that syncs or reuses browser cookies before navigation, then add redacted live browser proof against real conv_key_* cookies.
  2. Pause or close
    Do not merge this PR until maintainers decide whether the risk is worth taking.

Next step before merge

  • [P1] Needs contributor or human follow-up because the required real browser proof must come from a ChatGPT browser profile, and the branch still needs the remaining cookie-navigation paths covered.

Security
Cleared: No supply-chain, dependency, permission, or secret-handling changes were found; the cleanup logs cookie names/counts but not values.

Review findings

  • [P2] Cover the other ChatGPT cookie navigation paths — src/browser/index.ts:1197
Review details

Best possible solution:

Centralize the narrow ChatGPT conversation-cookie cleanup for every ChatGPT path that syncs or reuses browser cookies before navigation, then add redacted live browser proof against real conv_key_* cookies.

Do we have a high-confidence way to reproduce the issue?

No high-confidence live reproduction is available in this review. Source inspection confirms current and merged-result ChatGPT navigation paths that sync or reuse cookies without clearing conv* entries first, but the actual header-size failure depends on an accumulated browser profile.

Is this the best way to solve the issue?

No. The helper is narrow and plausibly useful, but this branch should cover the remaining ChatGPT cookie-navigation paths and show real browser proof before merge.

Full review comments:

  • [P2] Cover the other ChatGPT cookie navigation paths — src/browser/index.ts:1197
    This remains from the previous review: this call covers the initial local browser run, and the PR adds a similar remote-mode call, but src/browser/reattach.ts and src/browser/projectSourcesRunner.ts still sync or reuse ChatGPT cookies and then navigate without cleanup. A profile with enough stale conv_key_* cookies can still hit the same oversized-header failure in follow-up/reattach or Project Sources flows, so apply the helper there too or centralize cleanup before ChatGPT navigation.
    Confidence: 0.78

Overall correctness: patch is incorrect
Overall confidence: 0.78

AGENTS.md: found and applied where relevant.

Codex review notes: model internal, reasoning high; reviewed against c159bf863fdd.

Label changes

Label justifications:

  • P2: The PR targets a browser-mode reliability failure with limited blast radius to ChatGPT cookie-heavy sessions.
  • rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🧂 unranked krab and patch quality is 🦐 gold shrimp.
  • status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs real behavior proof before merge: Missing: the PR lists validation commands but no redacted live browser output or logs showing real conv* cookies cleared before ChatGPT navigation; update the PR body with proof and request re-review if it does not trigger automatically.
Evidence reviewed

What I checked:

  • Repository policy read: Read the full Oracle AGENTS.md; its browser smoke-test and ChatGPT cookie-sync guidance is relevant to this browser-mode PR. (AGENTS.md:1, c159bf863fdd)
  • Current main does not already implement the helper: Current main src/browser/cookies.ts exposes syncCookies but has no clearChatGptConversationCookies helper, so this PR is not redundant on main. (src/browser/cookies.ts:8, c159bf863fdd)
  • Proposed cookie helper behavior: The PR helper reads all CDP cookies, filters names starting with conv on chatgpt.com or chat.openai.com, deletes by name/domain/path, and logs names/counts without values. (src/browser/cookies.ts:8, a02eb536aa2e)
  • Local browser path coverage: The merge result calls the cleanup after local cookie sync/manual-login skip and before the first ChatGPT navigation. (src/browser/index.ts:1197, 41979f6db248)
  • Remote browser path coverage: The merge result calls the cleanup in remote Chrome mode before navigating to the configured or resumed ChatGPT URL. (src/browser/index.ts:2843, 41979f6db248)
  • Uncovered reattach path: The merged PR result still has session reattach syncing cookies and navigating to ChatGPT without the new cleanup. (src/browser/reattach.ts:287, 41979f6db248)

Likely related people:

  • steipete: Current blame and history anchor the cookie-sync implementation, manual-login reuse behavior, and current browser run paths in commits authored by Peter Steinberger. (role: current browser cookie area owner; confidence: high; commits: cfeccdfb8997, 44ebf110feca, 914e90725d9e; files: src/browser/cookies.ts, src/browser/index.ts, src/browser/config.ts)
  • pdurlej: Piotr Durlej introduced the Project Sources flow and related temporary-chat/profile setup work that remains in the uncovered cookie-navigation surface. (role: adjacent Project Sources and browser conversation contributor; confidence: medium; commits: 3e7a5447a51b, 2453b89c389d, edb6e2e227a4; files: src/browser/projectSourcesRunner.ts, src/browser/index.ts, CHANGELOG.md)
  • muly: Remote Chrome DevTools Protocol support is part of the PR's touched browser-cookie surface, and history traces that area to muly's remote Chrome commit. (role: remote Chrome introducer; confidence: medium; commits: 8bece60fad84; files: src/browser/index.ts, src/browser/config.ts, src/cli/browserConfig.ts)
What the crustacean ranks mean
  • 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
  • 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
  • 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
  • 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
  • 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
  • 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
  • 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works
  • ClawSweeper keeps one durable marker-backed review comment per issue or PR.
  • Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
  • A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
  • PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
  • Maintainers can also comment @clawsweeper review to request a fresh review only.
  • Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
  • Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
  • Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.
Review history (1 earlier review cycle)
  • reviewed 2026-07-06T04:31:37.048Z sha a02eb53 :: needs real behavior proof before merge. :: [P2] Cover the other ChatGPT cookie navigation paths

@clawsweeper clawsweeper Bot added rating: 🧂 unranked krab Not merge-ready due to missing proof or serious correctness/safety concerns. status: 📣 needs proof The PR needs real behavior proof before ClawSweeper can clear the contributor ask. P2 Normal priority bug or improvement with limited blast radius. labels Jul 6, 2026
@steipete steipete force-pushed the codex/clear-chatgpt-conv-cookies branch from a02eb53 to 753257d Compare July 6, 2026 09:33
@steipete steipete changed the title [codex] Clear stale ChatGPT conversation cookies fix(browser): clear stale ChatGPT cookies before navigation Jul 6, 2026
@steipete steipete merged commit 90a5f23 into steipete:main Jul 6, 2026
4 checks passed

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 753257dd03

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread src/browser/cookies.ts
.map((id) => `conv_key_${id}`),
);
try {
const { targetInfos = [] } = await Target.getTargets();

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Use browser-level target discovery for cleanup

In the normal local and non-browser-WebSocket remote paths, the client passed here is attached to a page target (connectToNewTarget opens CDP({ ..., target: target.id })), and page-level CDP sessions do not support browser-level target enumeration reliably. When Target.getTargets() fails, the catch returns before Network.getAllCookies() runs, so copy-profile/manual-login/remote profiles keep the stale conv_key_* cookies and still hit the oversized-header failure this change is meant to prevent. Use the browser target or the existing CDP.List style discovery for open conversations, or fall back to deleting with only the explicit preserve list.

Useful? React with 👍 / 👎.

etafund pushed a commit to etafund/oracle that referenced this pull request Jul 8, 2026
…#283)

Co-authored-by: Dongwoo Jeong <dongwoo@duck.com>
(cherry picked from commit 90a5f23)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

P2 Normal priority bug or improvement with limited blast radius. rating: 🧂 unranked krab Not merge-ready due to missing proof or serious correctness/safety concerns. status: 📣 needs proof The PR needs real behavior proof before ClawSweeper can clear the contributor ask.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants