📦 Chrome — DevTools调试

Name: Chrome — DevTools调试
Rating: 13

v1.0.0

Chrome DevTools协议、扩展Manifest V3和调试模式，防止常见自动化失败。

13· 3.8k·40 当前·42 累计

by @ivangdavila (Iván)·MIT-0

下载技能包

License

MIT-0

最后更新

2026/2/25

安全扫描

VirusTotal

无害

查看报告

OpenClaw

安全

high confidence

这是一个仅指令的技能，包含Chrome DevTools协议和Manifest V3的最佳实践说明；不请求凭证、安装或文件系统访问，其需求与其声明的目的匹配。

安全有层次，运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发，无需署名。

查看条款 ↗

运行时依赖

无特殊依赖

版本

latestv1.0.02026/2/9

Initial release

● 无害

安装命令

点击复制

官方npx clawhub@latest install chrome

🇨🇳 镜像加速npx clawhub@latest install chrome --registry https://cn.longxiaskill.com

技能文档

Chrome DevTools Protocol (CDP)

Get tab WebSocket URL first: Never connect to ws://localhost:9222/devtools/browser directly. Fetch http://localhost:9222/json/list and use webSocketDebuggerUrl from the active tab.

Enable domains before use: Runtime.enable and Page.enable must be called before any Runtime.evaluate or Page.navigate commands.

CDP is async: Wait for response before sending next command. Use Promise-based wrapper with response ID tracking.

Screenshot on high-DPI: Include fromSurface: true and scale: 2 in Page.captureScreenshot params for Retina displays.

Get response body separately: Network.responseReceived doesn't include body. Call Network.getResponseBody with requestId after response completes.

Chrome Extension Manifest V3

Permissions split: Use permissions for APIs, host_permissions for URLs. Never use http:/// in permissions.

Service workers terminate: No persistent state. Use chrome.storage.local instead of global variables. Use chrome.alarms instead of setInterval.

Content script isolation: Can't access page globals. Use chrome.scripting.executeScript with func for page context. Use window.postMessage for content↔page communication.

Storage is async: chrome.storage.local.get() returns Promise, not data. Always await. Handle QUOTA_EXCEEDED errors.

Context Detection

Detect actual Chrome (not Edge/Brave): Check window.chrome && navigator.vendor === "Google Inc." and exclude Opera/Edge.

Extension context types:

chrome.runtime.id exists → content script
chrome.runtime.getManifest exists → popup/background/options
chrome.loadTimes exists but no runtime → regular Chrome web page

Manifest version check: Wrap chrome.runtime.getManifest() in try-catch. Use chrome.action for V3, chrome.browserAction for V2.

Performance Debugging

Memory API conditional: Check 'memory' in performance before accessing performance.memory.usedJSHeapSize.

Use performance marks: performance.mark() and performance.measure() for sub-frame timing. Clear marks to prevent memory leaks.

Layout thrash detection: PerformanceObserver with entryTypes: ['measure', 'paint', 'largest-contentful-paint']. Flag entries >16.67ms.

Network Debugging

Block before navigate: Call Network.setBlockedURLs before Page.navigate, not after.

Request interception: Use Network.setRequestInterception with requestStage: 'Request' for granular control. Return errorReason: 'BlockedByClient' to block.

Security Contexts

Mixed content: HTTPS pages can't load HTTP resources. Check location.protocol vs resource URL.

CORS errors: TypeError on cross-origin fetch usually means CORS. Check DevTools Network tab for specific error.

Secure context required: File System Access API, Clipboard API require window.isSecureContext === true and user gesture.

数据来源：ClawHub ↗ · 中文优化：龙虾技能库