Playwright MCP Server

Instructions

Implementation Reference

• src/server.ts:282-325 (handler)

  The handler function for the 'browser_evaluate' tool. It validates the input script using Zod, performs security checks to block dangerous JavaScript patterns (like require, import, eval, etc.), connects to Playwright if needed, executes the script using page.evaluate(), and returns the result as JSON or an error message.
  async (params: any) => { try { const input = z.object({ script: z.string() }).parse(params); await this.playwright.ensureConnected(); // Basic security check - prevent dangerous operations const script = input.script.trim(); const dangerousPatterns = [ /require\s*\(/, /import\s+/, /eval\s*\(/, /Function\s*\(/, /process\./, /global\./, /window\.location/, /document\.cookie/ ]; if (dangerousPatterns.some(pattern => pattern.test(script))) { throw new Error('Script contains potentially dangerous operations'); } const page = this.playwright.getPage(); const result = await page.evaluate(input.script); return { content: [{ type: 'text', text: `Script executed. Result: ${JSON.stringify(result)}` }] }; } catch (error) { return { content: [{ type: 'text', text: `Script evaluation failed: ${error instanceof Error ? error.message : String(error)}` }], isError: true }; } } );
• src/server.ts:273-325 (registration)

  Registration of the 'browser_evaluate' tool with the MCP server. Specifies the tool name, title 'Execute JavaScript', description, and inline input schema requiring a 'script' string.
  this.server.registerTool( 'browser_evaluate', { title: 'Execute JavaScript', description: 'Execute JavaScript code in the browser context', inputSchema: { script: z.string() } }, async (params: any) => { try { const input = z.object({ script: z.string() }).parse(params); await this.playwright.ensureConnected(); // Basic security check - prevent dangerous operations const script = input.script.trim(); const dangerousPatterns = [ /require\s*\(/, /import\s+/, /eval\s*\(/, /Function\s*\(/, /process\./, /global\./, /window\.location/, /document\.cookie/ ]; if (dangerousPatterns.some(pattern => pattern.test(script))) { throw new Error('Script contains potentially dangerous operations'); } const page = this.playwright.getPage(); const result = await page.evaluate(input.script); return { content: [{ type: 'text', text: `Script executed. Result: ${JSON.stringify(result)}` }] }; } catch (error) { return { content: [{ type: 'text', text: `Script evaluation failed: ${error instanceof Error ? error.message : String(error)}` }], isError: true }; } } );
• src/types.ts:41-43 (schema)

  Zod input schema definition for the browser_evaluate tool: BrowserEvaluateInputSchema = z.object({ script: z.string() })
  export const BrowserEvaluateInputSchema = z.object({ script: z.string() });
• src/types.ts:65-65 (schema)

  TypeScript type definition: BrowserEvaluateInput = z.infer<typeof BrowserEvaluateInputSchema>
  export type BrowserEvaluateInput = z.infer<typeof BrowserEvaluateInputSchema>;