Comment by johnsmith1840

5 days ago

Extensions are limited though.

One simple example is an extension can't see cross origin iframes. This means it could never do soemthing like fill out a payment form for you if it's an extension.

Limited computation and action space is another as well as bot detection systems.

For example a javascript method trying to automate something like microsoft word in an iframe will have a tough time because the second you inject code in there they will block you.

4 comments

johnsmith1840

arjunchint 5 days ago

> One simple example is an extension can't see cross origin iframes

Sounds like a skill issue, our web agent is able to interact with cross origin iframes to for example solve captchas: https://www.youtube.com/watch?v=LD3afouKPYc

We honestly haven't faced any bot detection or blocking issues. Owning the browser layer exposes to you much more detection just look at Comet getting blocked on Amazon etc.

johnsmith1840 5 days ago

With specific user permission to do so sure but in general it is blocked.
johnsmith1840 5 days ago
You're still limited in lots of annoying ways though
- quarkcarbon279 5 days ago
  
  what permissions are you talking about? No user permissions/any insecure permissions are needed to navigate cross origin iframes, shadow DOMs and likewise. It comes down to your architecture choices and capabilities - rtrvr can navigate these diff realms without ever taking debugger or such insecure permissions