From 2c21381d0fdd817d53695dc27cb4370c604b8ba9 Mon Sep 17 00:00:00 2001
From: Matt Van Horn <455140+mvanhorn@users.noreply.github.com>
Date: Tue, 10 Mar 2026 12:59:58 -0700
Subject: [PATCH] fix(browser): remove verbatim upstream text from 429 error
 surface

Stop reflecting provider-controlled response body into thrown errors
on HTTP 429. The upstream text was embedded in error messages that
reach logs and agent tool output, creating an avoidable log/output
injection surface for remote CDP/browser endpoints.

The stable BROWSER_RATE_LIMIT_MESSAGE already provides all the
actionable information the user needs.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 src/browser/cdp.helpers.ts  |  5 ++---
 src/browser/client-fetch.ts | 15 ++++-----------
 2 files changed, 6 insertions(+), 14 deletions(-)

diff --git a/src/browser/cdp.helpers.ts b/src/browser/cdp.helpers.ts
index 4a0cccbc73b..890c49bed67 100644
--- a/src/browser/cdp.helpers.ts
+++ b/src/browser/cdp.helpers.ts
@@ -174,10 +174,9 @@ export async function fetchCdpChecked(
     );
     if (!res.ok) {
       if (res.status === 429) {
-        const text = await res.text().catch(() => "");
-        const detail = text ? ` (${text.slice(0, 200)})` : "";
+        // Do not reflect upstream response text into the error surface (log/agent injection risk)
         throw new Error(
-          `${BROWSER_RATE_LIMIT_MESSAGE}${detail} Do NOT retry - wait for the current session to complete, or upgrade your plan.`,
+          `${BROWSER_RATE_LIMIT_MESSAGE} Do NOT retry - wait for the current session to complete, or upgrade your plan.`,
         );
       }
       throw new Error(`HTTP ${res.status}`);
diff --git a/src/browser/client-fetch.ts b/src/browser/client-fetch.ts
index 5f4beca1ef7..f3c51f80bfc 100644
--- a/src/browser/client-fetch.ts
+++ b/src/browser/client-fetch.ts
@@ -185,10 +185,8 @@ async function fetchHttpJson<T>(
     if (!res.ok) {
       const text = await res.text().catch(() => "");
       if (isRateLimitStatus(res.status)) {
-        const detail = text ? ` (${text.slice(0, 200)})` : "";
-        throw new BrowserServiceError(
-          `${BROWSER_RATE_LIMIT_MESSAGE}${detail} ${BROWSER_TOOL_MODEL_HINT}`,
-        );
+        // Do not reflect upstream response text into the error surface (log/agent injection risk)
+        throw new BrowserServiceError(`${BROWSER_RATE_LIMIT_MESSAGE} ${BROWSER_TOOL_MODEL_HINT}`);
       }
       throw new BrowserServiceError(text || `HTTP ${res.status}`);
     }
@@ -284,13 +282,8 @@ export async function fetchBrowserJson<T>(
 
     if (result.status >= 400) {
       if (isRateLimitStatus(result.status)) {
-        const detail =
-          result.body && typeof result.body === "object" && "error" in result.body
-            ? ` (${String((result.body as { error?: unknown }).error).slice(0, 200)})`
-            : "";
-        throw new BrowserServiceError(
-          `${BROWSER_RATE_LIMIT_MESSAGE}${detail} ${BROWSER_TOOL_MODEL_HINT}`,
-        );
+        // Do not reflect upstream response text into the error surface (log/agent injection risk)
+        throw new BrowserServiceError(`${BROWSER_RATE_LIMIT_MESSAGE} ${BROWSER_TOOL_MODEL_HINT}`);
       }
       const message =
         result.body && typeof result.body === "object" && "error" in result.body