[Browserless 2.0] Clarification on the `/function` API execution about browserless HOT 4 CLOSED

Yup: we extract the connect method from puppeteer's ESM build and bundle that for use inside the browser itself. When a POST call comes in with the function body, we inject that into a specific page that sets up the puppeteer browser and page objects, and then we execute your code from within the browser's runtime. The example you listed was written minimally to illustrate that it's a pretty minimal change with regard to the interface(s).

The largest challenge you might face is if you're requiring npm packages for use inside your /function call. The easiest answer is to either:

• Compile any packages you need as part of the /function call.
• Load those dependencies from a CDN or host like unpkg.
• Migrate your function calls to be purely self-contained without any dependencies.

Happy to send over an example of what those might look like. This was done purely so we don't have to run untrusted code in the NodeJS environment, while allowing developers to utilize other modules when they aren't running the service themselves.

from browserless.

Of course! More details below:

• Each /function call creates a new browser and tab. We'll eventually expose a new API to reconnect to an existing browser so it'd be possible to have multiple functions running the browser each talking to their own respective tabs. More on that at a later date since it involves what we call a CDP-firewall, where each connected client can only see their own tabs/pages and not others.
• I don't think so... at least I'd imagine it'd be hard in a way. The way it works is that the page that "runs" the function code simply connects over websocket to Chrome's debugger URL, meaning Chrome just sees it as a remote debugging client. Since it goes through the same "flow" as puppeteer there's really no way to distinguish that it's a page from Chrome itself that's talking to another page. I'm myself not worried about it at this point.

from browserless.

Thanks for the quick reply, Joel. That was very helpful.

Is it correct to think this implementation as controlling one tab/page from another tab/page? If yes, I have a couple of follow-up questions:

• Does each call to the /function API create its own tab (for controlling another target tab)? (In particular, when session support is enabled for a browser instance, I was curious if the controlling tab is reused or newly created each time)
• Could Chromium decide in the future to disallow such connectivity/info-sharing between tabs?

from browserless.

Thanks a lot for the detailed explanations!

from browserless.