Rename cli arguments to allowedUrlPattern and blockedUrlPattern

Author: Natallia Harshunova

README.md

@@ -636,13 +636,13 @@ The Chrome DevTools MCP server supports the following configuration option:
   Additional arguments for Chrome. Only applies when Chrome is launched by chrome-devtools-mcp.
   - **Type:** array
 
-- **`--blocklist`**
-  Restricts network access by blocking specified URL patterns (uses https://urlpattern.spec.whatwg.org/). Silently detaches from targets with blocked URLs upon connection, and blocks runtime requests (including navigations and subresources). Supports comma-separated patterns.
-  - **Type:** string
+- **`--blockedUrlPattern`/ `--blocked-url-pattern`**
+  Restricts network access by blocking specified URL patterns (uses https://urlpattern.spec.whatwg.org/). Silently detaches from targets with blocked URLs upon connection, and blocks runtime requests (including navigations and subresources). Accepts an array of patterns.
+  - **Type:** array
 
-- **`--allowlist`**
-  Restricts network access by allowing only specified URL patterns (uses https://urlpattern.spec.whatwg.org/). Requires Chrome 149+. Silently detaches from targets with unallowed URLs upon connection, and blocks runtime requests (including navigations and subresources). Supports comma-separated patterns.
-  - **Type:** string
+- **`--allowedUrlPattern`/ `--allowed-url-pattern`**
+  Restricts network access by allowing only specified URL patterns (uses https://urlpattern.spec.whatwg.org/). Requires Chrome 149+. Silently detaches from targets with unallowed URLs upon connection, and blocks runtime requests (including navigations and subresources). Accepts an array of patterns.
+  - **Type:** array
 
 - **`--ignoreDefaultChromeArg`/ `--ignore-default-chrome-arg`**
   Explicitly disable default arguments for Chrome. Only applies when Chrome is launched by chrome-devtools-mcp.

src/bin/chrome-devtools-mcp-cli-options.ts

@@ -204,37 +204,17 @@ export const cliOptions = {
     describe:
       'Additional arguments for Chrome. Only applies when Chrome is launched by chrome-devtools-mcp.',
   },
-  blocklist: {
-    type: 'string',
+  blockedUrlPattern: {
+    type: 'array',
     describe:
-      'Restricts network access by blocking specified URL patterns (uses https://urlpattern.spec.whatwg.org/). Silently detaches from targets with blocked URLs upon connection, and blocks runtime requests (including navigations and subresources). Supports comma-separated patterns.',
-    conflicts: ['allowlist'],
-    coerce: (value: string | string[] | undefined) => {
-      if (!value) {
-        return undefined;
-      }
-      const arr = Array.isArray(value) ? value : [value];
-      return arr
-        .flatMap(val => val.split(','))
-        .map(s => s.trim())
-        .filter(Boolean);
-    },
+      'Restricts network access by blocking specified URL patterns (uses https://urlpattern.spec.whatwg.org/). Silently detaches from targets with blocked URLs upon connection, and blocks runtime requests (including navigations and subresources). Accepts an array of patterns.',
+    conflicts: ['allowedUrlPattern'],
   },
-  allowlist: {
-    type: 'string',
+  allowedUrlPattern: {
+    type: 'array',
     describe:
-      'Restricts network access by allowing only specified URL patterns (uses https://urlpattern.spec.whatwg.org/). Requires Chrome 149+. Silently detaches from targets with unallowed URLs upon connection, and blocks runtime requests (including navigations and subresources). Supports comma-separated patterns.',
-    conflicts: ['blocklist'],
-    coerce: (value: string | string[] | undefined) => {
-      if (!value) {
-        return undefined;
-      }
-      const arr = Array.isArray(value) ? value : [value];
-      return arr
-        .flatMap(val => val.split(','))
-        .map(s => s.trim())
-        .filter(Boolean);
-    },
+      'Restricts network access by allowing only specified URL patterns (uses https://urlpattern.spec.whatwg.org/). Requires Chrome 149+. Silently detaches from targets with unallowed URLs upon connection, and blocks runtime requests (including navigations and subresources). Accepts an array of patterns.',
+    conflicts: ['blockedUrlPattern'],
   },
   ignoreDefaultChromeArg: {
     type: 'array',

src/index.ts

@@ -99,11 +99,11 @@ export async function createMcpServer(
       chromeArgs.push(`--proxy-server=${serverArgs.proxyServer}`);
     }
     const devtools = serverArgs.experimentalDevtools ?? false;
-    const blocklist = serverArgs.blocklist
-      ? serverArgs.blocklist.map(String)
+    const blocklist = serverArgs.blockedUrlPattern
+      ? serverArgs.blockedUrlPattern.map(String)
       : undefined;
-    const allowlist = serverArgs.allowlist
-      ? serverArgs.allowlist.map(String)
+    const allowlist = serverArgs.allowedUrlPattern
+      ? serverArgs.allowedUrlPattern.map(String)
       : undefined;
 
     const browser =

src/telemetry/flag_usage_metrics.json

@@ -297,11 +297,11 @@
     "flagType": "boolean"
   },
   {
-    "name": "blocklist_present",
+    "name": "blocked_url_pattern_present",
     "flagType": "boolean"
   },
   {
-    "name": "allowlist_present",
+    "name": "allowed_url_pattern_present",
     "flagType": "boolean"
   }
 ]

tests/browser.test.ts

@@ -113,7 +113,7 @@ describe('browser', () => {
       const browser = await launch({
         headless: true,
         isolated: true,
-        executablePath: executablePath(),
+        executablePath: await executablePath(),
         devtools: false,
         blocklist: ['*://*:*/blocked.html'],
       });
@@ -157,7 +157,7 @@ describe('browser', () => {
         const browser = await launch({
           headless: true,
           isolated: true,
-          executablePath: executablePath(),
+          executablePath: await executablePath(),
           devtools: false,
           allowlist: ['*://*/allowed.html'],
         });

tests/cli.test.ts

@@ -346,30 +346,61 @@ describe('cli args parsing', () => {
     assert.strictEqual(disabledArgs.performanceCrux, false);
   });
 
-  it('parses blocklist and allowlist flags with comma separation', async () => {
+  it('parses blocked-url-pattern flags as array', async () => {
     const defaultArgs = parseArguments('1.0.0', ['node', 'main.js']);
-    assert.strictEqual(defaultArgs.blocklist, undefined);
-    assert.strictEqual(defaultArgs.allowlist, undefined);
+    assert.strictEqual(defaultArgs.blockedUrlPattern, undefined);
 
-    const blocklistArgs = parseArguments(
+    const singleArgs = parseArguments(
+      '1.0.0',
+      ['node', 'main.js', '--blocked-url-pattern=https://example.com/*'],
+      {},
+    );
+    assert.deepStrictEqual(singleArgs.blockedUrlPattern, [
+      'https://example.com/*',
+    ]);
+
+    const repeatedArgs = parseArguments(
       '1.0.0',
       [
         'node',
         'main.js',
-        '--blocklist=https://example.com/ads/*,https://tracker.com/*',
+        '--blocked-url-pattern=https://a.com/*',
+        '--blocked-url-pattern=https://b.com/*',
       ],
       {},
     );
-    assert.deepStrictEqual(blocklistArgs.blocklist, [
-      'https://example.com/ads/*',
-      'https://tracker.com/*',
+    assert.deepStrictEqual(repeatedArgs.blockedUrlPattern, [
+      'https://a.com/*',
+      'https://b.com/*',
+    ]);
+  });
+
+  it('parses allowed-url-pattern flags as array', async () => {
+    const defaultArgs = parseArguments('1.0.0', ['node', 'main.js']);
+    assert.strictEqual(defaultArgs.allowedUrlPattern, undefined);
+
+    const singleArgs = parseArguments(
+      '1.0.0',
+      ['node', 'main.js', '--allowed-url-pattern=https://example.com/*'],
+      {},
+    );
+    assert.deepStrictEqual(singleArgs.allowedUrlPattern, [
+      'https://example.com/*',
     ]);
 
-    const allowlistArgs = parseArguments(
+    const repeatedArgs = parseArguments(
       '1.0.0',
-      ['node', 'main.js', '--allowlist=https://trusted.com/*'],
+      [
+        'node',
+        'main.js',
+        '--allowed-url-pattern=https://a.com/*',
+        '--allowed-url-pattern=https://b.com/*',
+      ],
       {},
     );
-    assert.deepStrictEqual(allowlistArgs.allowlist, ['https://trusted.com/*']);
+    assert.deepStrictEqual(repeatedArgs.allowedUrlPattern, [
+      'https://a.com/*',
+      'https://b.com/*',
+    ]);
   });
 });

tests/security_policies.test.ts

@@ -75,7 +75,7 @@ describe('Security Policies Integration', () => {
         );
       },
       {
-        blocklist: [server.getRoute('/blocked.html')],
+        blockedUrlPattern: [server.getRoute('/blocked.html')],
       },
     );
   });
@@ -138,7 +138,7 @@ describe('Security Policies Integration', () => {
         );
       },
       {
-        allowlist: [server.getRoute('/allowed.html')],
+        allowedUrlPattern: [server.getRoute('/allowed.html')],
       },
     );
   });
@@ -231,7 +231,7 @@ describe('Security Policies Integration', () => {
         );
       },
       {
-        blocklist: [server.getRoute('/blocked.html')],
+        blockedUrlPattern: [server.getRoute('/blocked.html')],
       },
     );
   });

tests/utils.ts

@@ -74,8 +74,8 @@ export async function withBrowser(
     autoOpenDevTools?: boolean;
     executablePath?: string;
     args?: string[];
-    blocklist?: string[];
-    allowlist?: string[];
+    blockedUrlPattern?: string[];
+    allowedUrlPattern?: string[];
   } = {},
 ) {
   const launchOptions: LaunchOptions = {
@@ -88,8 +88,8 @@ export async function withBrowser(
     handleDevToolsAsPage: true,
     args: [...(options.args || []), '--screen-info={3840x2160}'],
     enableExtensions: true,
-    blocklist: options.blocklist,
-    allowlist: options.allowlist,
+    blocklist: options.blockedUrlPattern,
+    allowlist: options.allowedUrlPattern,
   };
   const key = JSON.stringify(launchOptions);
 
@@ -119,8 +119,8 @@ export async function withMcpContext(
     performanceCrux?: boolean;
     executablePath?: string;
     args?: string[];
-    blocklist?: string[];
-    allowlist?: string[];
+    blockedUrlPattern?: string[];
+    allowedUrlPattern?: string[];
   } = {},
   args: ParsedArguments = {} as ParsedArguments,
 ) {