browser-mcp-server

The server includes placeholder OAuth compatibility endpoints (`/.well-known/oauth-authorization-server`, `/oauth/register`, `/oauth/authorize`, `/oauth/token`). These endpoints are explicitly *not* protected by the server's authentication mechanism, meaning they are accessible even when `AUTH_ENABLED` is set to `true`. Specifically: - `/oauth/token` returns a hardcoded `access_token: 'local-access-token'` without any authentication or validation. - `/oauth/register` returns a hardcoded `client_secret: 'not-secret'`. - `/oauth/authorize` automatically redirects with an `auto-approved-code`. While these seem intended for compatibility or local testing, their complete lack of protection creates a significant vulnerability if the server is exposed publicly, potentially allowing attackers to exploit or misuse these endpoints. Additional minor concerns: - Token authentication via URL query parameters (`?token=`) for SSE connections, which can lead to token leakage in server logs or browser history. - The `--no-sandbox` flag is used when launching browsers on Linux, which can reduce the browser's security posture in certain environments.