chore: run w/ sandbox by default (#412)

Dockerfile

@@ -66,4 +66,4 @@ COPY --chown=${USERNAME}:${USERNAME} cli.js package.json ./
 COPY --from=builder --chown=${USERNAME}:${USERNAME} /app/lib /app/lib
 
 # Run in headless and only with chromium (other browsers need more dependencies not included in this image)
-ENTRYPOINT ["node", "cli.js", "--headless", "--browser", "chromium"]
+ENTRYPOINT ["node", "cli.js", "--headless", "--browser", "chromium", "--no-sandbox"]

README.md

@@ -110,8 +110,8 @@ Follow the MCP install [guide](https://modelcontextprotocol.io/quickstart/user),
 
 Playwright MCP server supports following arguments. They can be provided in the JSON configuration above, as a part of the `"args"` list:
 
-- `--allowed-origins <origins>`: Semicolon-separated list of origins to allow the browser to request. Default is to allow all. Origins matching both `--allowed-origins` and `--blocked-origins` will be blocked.
-- `--blocked-origins <origins>`: Semicolon-separated list of origins to block the browser to request. Origins matching both `--allowed-origins` and `--blocked-origins` will be blocked.
+- `--allowed-origins <origins>`: Semicolon-separated list of origins to allow the browser to request. Default is to allow all. Origins matching both `--allowed-origins` and `--blocked-origins` will be blocked
+- `--blocked-origins <origins>`: Semicolon-separated list of origins to block the browser to request. Origins matching both `--allowed-origins` and `--blocked-origins` will be blocked
 - `--block-service-workers`: Block service workers
 - `--browser <browser>`: Browser or chrome channel to use. Possible values:
   - `chrome`, `firefox`, `webkit`, `msedge`
@@ -124,13 +124,16 @@ Playwright MCP server supports following arguments. They can be provided in the
 - `--device`: Emulate mobile device
 - `--executable-path <path>`: Path to the browser executable
 - `--headless`: Run browser in headless mode (headed by default)
-- `--host <host>`: Host to bind server to. Default is localhost. Use 0.0.0.0 to bind to all interfaces.
+- `--host <host>`: Host to bind server to. Default is localhost. Use 0.0.0.0 to bind to all interfaces
 - `--ignore-https-errors`: Ignore https errors
 - `--isolated`: Keep the browser profile in memory, do not save it to disk
+- `--no-image-responses`: Do not send image responses to the client
+- `--no-sandbox`: Disable the sandbox for all process types that are normally sandboxed
 - `--output-dir`: Directory for output files
 - `--port <port>`: Port to listen on for SSE transport
 - `--proxy-bypass <bypass>`: Comma-separated domains to bypass proxy, for example ".com,chromium.org,.domain.com"'
 - `--proxy-server <proxy>`: Proxy server, for example "http://myproxy:3128" or "socks5://myproxy:8080"'
+- `--storage-state <path>`: Path to the storage state file for isolated sessions
 - `--user-agent <ua string>`: Specify user agent string
 - `--user-data-dir <path>`: Path to the user data directory. If not specified, a temporary directory will be created
 - `--viewport-size <size>`: Specify browser viewport size in pixels, for example "1280, 720"

src/config.ts

@@ -39,6 +39,7 @@ export type CLIOptions = {
   ignoreHttpsErrors?: boolean;
   isolated?: boolean;
   noImageResponses?: boolean;
+  sandbox?: boolean;
   outputDir?: string;
   port?: number;
   proxyBypass?: string;
@@ -56,6 +57,7 @@ const defaultConfig: Config = {
     launchOptions: {
       channel: 'chrome',
       headless: os.platform() === 'linux' && !process.env.DISPLAY,
+      chromiumSandbox: true,
     },
     contextOptions: {
       viewport: null,
@@ -107,8 +109,11 @@ export async function configFromCLIOptions(cliOptions: CLIOptions): Promise<Conf
     headless: cliOptions.headless,
   };
 
-  if (browserName === 'chromium')
+  if (browserName === 'chromium') {
     (launchOptions as any).cdpPort = await findFreePort();
+    if (cliOptions.sandbox === false)
+      launchOptions.chromiumSandbox = false;
+  }
 
   if (cliOptions.proxyServer) {
     launchOptions.proxy = {

src/program.ts

@@ -25,10 +25,10 @@ import { packageJSON } from './context.js';
 program
     .version('Version ' + packageJSON.version)
     .name(packageJSON.name)
-    .option('--browser <browser>', 'browser or chrome channel to use, possible values: chrome, firefox, webkit, msedge.')
     .option('--allowed-origins <origins>', 'semicolon-separated list of origins to allow the browser to request. Default is to allow all.', semicolonSeparatedList)
     .option('--blocked-origins <origins>', 'semicolon-separated list of origins to block the browser from requesting. Blocklist is evaluated before allowlist. If used without the allowlist, requests not matching the blocklist are still allowed.', semicolonSeparatedList)
     .option('--block-service-workers', 'block service workers')
+    .option('--browser <browser>', 'browser or chrome channel to use, possible values: chrome, firefox, webkit, msedge.')
     .option('--caps <caps>', 'comma-separated list of capabilities to enable, possible values: tabs, pdf, history, wait, files, install. Default is all.')
     .option('--cdp-endpoint <endpoint>', 'CDP endpoint to connect to.')
     .option('--config <path>', 'path to the configuration file.')
@@ -36,10 +36,10 @@ program
     .option('--executable-path <path>', 'path to the browser executable.')
     .option('--headless', 'run browser in headless mode, headed by default')
     .option('--host <host>', 'host to bind server to. Default is localhost. Use 0.0.0.0 to bind to all interfaces.')
-    .option('--in-memory', 'use in-memory storage for user data directory.')
     .option('--ignore-https-errors', 'ignore https errors')
     .option('--isolated', 'keep the browser profile in memory, do not save it to disk.')
     .option('--no-image-responses', 'do not send image responses to the client.')
+    .option('--no-sandbox', 'disable the sandbox for all process types that are normally sandboxed.')
     .option('--output-dir <path>', 'path to the directory for output files.')
     .option('--port <port>', 'port to listen on for SSE transport.')
     .option('--proxy-bypass <bypass>', 'comma-separated domains to bypass proxy, for example ".com,chromium.org,.domain.com"')