From 1773f8aea22bb746b418b45d5ca8f46dc6278f74 Mon Sep 17 00:00:00 2001
From: Peter Steinberger <steipete@gmail.com>
Date: Fri, 16 Jan 2026 08:44:00 +0000
Subject: [PATCH] fix: upgrade ws to wss for https CDP

---
 CHANGELOG.md            | 1 +
 src/browser/cdp.test.ts | 8 ++++++++
 src/browser/cdp.ts      | 3 +++
 3 files changed, 12 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 31b0d4011..70caeeca2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -38,6 +38,7 @@
 - Browser: extension mode recovers when only one tab is attached (stale targetId fallback).
 - Browser: prefer stable Chrome for auto-detect, with Brave/Edge fallbacks and updated docs. (#983) — thanks @cpojer.
 - Browser: fix `tab not found` for extension relay snapshots/actions when Playwright blocks `newCDPSession` (use the single available Page).
+- Browser: upgrade `ws` → `wss` when remote CDP uses `https` (fixes Browserless handshake).
 - Browser: preserve auth/query tokens for remote CDP endpoints and pass Basic auth for CDP HTTP/WS. (#895) — thanks @mukhtharcm.
 - Telegram: add bidirectional reaction support with configurable notifications and agent guidance. (#964) — thanks @bohdanpodvirnyi.
 - Telegram: allow custom commands in the bot menu (merged with native; conflicts ignored). (#860) — thanks @nachoiacovino.
diff --git a/src/browser/cdp.test.ts b/src/browser/cdp.test.ts
index ba3fefdac..24e9f7c58 100644
--- a/src/browser/cdp.test.ts
+++ b/src/browser/cdp.test.ts
@@ -173,4 +173,12 @@ describe("cdp", () => {
     );
     expect(normalized).toBe("wss://user:pass@example.com/devtools/browser/ABC?token=abc");
   });
+
+  it("upgrades ws to wss when CDP uses https", () => {
+    const normalized = normalizeCdpWsUrl(
+      "ws://production-sfo.browserless.io",
+      "https://production-sfo.browserless.io?token=abc",
+    );
+    expect(normalized).toBe("wss://production-sfo.browserless.io/?token=abc");
+  });
 });
diff --git a/src/browser/cdp.ts b/src/browser/cdp.ts
index 7b6ff30a0..e78b49701 100644
--- a/src/browser/cdp.ts
+++ b/src/browser/cdp.ts
@@ -16,6 +16,9 @@ export function normalizeCdpWsUrl(wsUrl: string, cdpUrl: string): string {
     if (cdpPort) ws.port = cdpPort;
     ws.protocol = cdp.protocol === "https:" ? "wss:" : "ws:";
   }
+  if (cdp.protocol === "https:" && ws.protocol === "ws:") {
+    ws.protocol = "wss:";
+  }
   if (!ws.username && !ws.password && (cdp.username || cdp.password)) {
     ws.username = cdp.username;
     ws.password = cdp.password;