tabIndex parameter is deprecated for session events tab_control, tab_paused, tab_resumed, please use ssid parameter instead. Documentation

2025-08-25

Webfuse widget api will require webfuse instead of Webfuse in the script snippet

2025-08-01

In the WebFuse Extensions API, virtualSession will be replaced with webfuseSession and virtualSession.onMessage will be replaced by webfuseSession.on

v5.36

released on 2026-03-18

v5.35

released on 2026-03-13
  • added Automation target representation coercion of evidently malformed representations (e.g., stringified point '[200, 400]')
  • added Automation API see.accessibilityTree() method as direct access shorthand of pure snapshot tool call
  • added beforeinput event for non-character key automation
  • added location key event property for modifier keys
  • added Default new tab page when Automation app is installed
  • fixed Resources unavailability for follower tabs after server deployment
  • added Support metadata query parameter on embedded session URL to pass an external reference to the Audit Log Documentation
  • added Support passing relative paths to the url parameter for relocate method in Dashboard and Studio
  • added Cross-frame reading of root frames in DOM snapshot method regardless of crossFrame option
  • changed Automation API see.guiSnapshot() return value representation to Base64
  • added Uniform Automation API snapshot parameter quality to apply lossy ‘compression’
  • added Automation API argument type validation and enhanced error messages

  • changed Extension new tab favicon falls back to icons if no exact icon is provided
  • changed Extension icons logic to fall back to an icon of available size
  • fixed Webhook signature header name in Dashboard integration options description
  • fixed Broken documentation link on Privacy Options page in Dashboard
  • changed Update session termination logic for recorded session running without participants
  • fixed Matching automation mouse and action target resolution
  • changed If empty string is passed as popup path to browser.browserAction.setPopup() method, the popup won’t be opened and browserAction.onClicked event will be triggered on top bar extension icon click
  • changed browser.sidePanel.open() JS API method returns a promise
  • changed browser.sidePanel.close() JS API method returns a promise
  • changed browser.sidePanel.setOptions() JS API method returns a promise
  • changed browser.sidePanel.setLayout() JS API method returns a promise
  • changed browser.sidePanel.setPanelBehavior() JS API method returns a promise
  • added Client-side MCP-based automation call timeout (10s)
  • changed Automation type() to paste text all-at-once if total duration would exceed maximum (5s)
  • security SameSite=Lax;Secure to webfuse_session_join_id cookie in Webfuse Studio
  • added Webfuse cookiejar app description
  • fixed Logging real client ip in ss-haproxy with multiserver setup

v5.34

released on 2026-03-11
  • added Cookiejar feature for all standard plans in Dashboard

v5.33

released on 2026-03-09

v5.32

released on 2026-02-27
  • added Support for browser.tabs and chrome.tabs in New Tab Extension component. Documentation
  • changed Automation API common act option moveMouse default to true
  • added Automation API method navigate() to navigate a tab to a given URL (alias of Session API relocate())
  • added Support for Session Continuation transfer-in to work with CookieJar service
  • added browser.sidePanel.onOpened event handlers for extension side panel in Webfuse
  • added browser.sidePanel.onClosed event handlers for extension side panel in Webfuse
  • added Automation API see.domSnapshot() option interactiveOnly to omit non-interactive subtrees
  • added UI for installing Extension via GitHub in Studio
  • added REST API route for updating extensions from GitHub Documentation
  • added Update Extensions Guide in Webfuse Documentation
  • changed MCP service follows JSON-RPC specification for success and error API responses
  • removed tabIndex parameter from tab_paused, tab_resumed and tab_control JS API session events
  • changed Upper limit for the setting “session cookie age” is reduced to 14 days from 90 days
  • security Add Secure attribute to the segment_config_str cookie
  • added Support of single object Automation API argument (mapping positional arguments)
  • added A new check in the Session Continuation diagnostics page to verify that the continuation point does not rewrite the Location header during redirects
  • fixed An issue where the PayPal window could not be opened
  • added Company Key authentication to all Console API endpoints
  • fixed Screenshot upload to S3 when using regional endpoints
  • added A synchronization of OffscreenCanvas between leader and its participants
  • added Support for Session Continuation backtransfer to work with cookiejar service
  • security Added missing security headers to the dashboard service: Permissions-Policy, Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy
  • added Automation internal application
  • added Interactivity check and fallback mechanism with automation targeting
  • added keepOpen parameter to action.openPopup() method to keep the popup open when clicking outside the popup element
  • fixed An issue where a cross-origin frame couldn’t be accessed by name after its name was changed at runtime

v5.31

released on 2026-02-27
  • fixed Updated test after new Firefox version release

v5.30

released on 2026-02-25
  • changed Generic error message for SSO authentication

v5.29

released on 2026-02-25
  • security Updated fast-xml-parser dependency to 5.3.7 for docs service to incorporate the latest security patches
  • fixed Version tagging ss-mcp container image
  • fixed TLS connection errors in Safari and Firefox browsers
  • security Updated swiper dependency to 12.1.2 to incorporate the latest security patches

v5.28

released on 2026-02-13
  • added Automation API actuation method base option scrollIntoView (true by default) to scroll target into view before action
  • added browser.sidePanel.getLayout() method for extension side panel in Webfuse
  • added browser.sidePanel.setLayout() method for extension side panel in Webfuse
  • added extension_side_panel_layout_set session event in Webfuse
  • fixed Patch drf-spectacular to address #1122
  • changed Upgrade session_ui dependencies
  • added browser.sidePanel.getPanelBehavior() method for extension side panel in Webfuse
  • added browser.sidePanel.setPanelBehavior() method for extension side panel in Webfuse
  • added extension_side_panel_behavior_set session event in Webfuse
  • fixed An issue with not removed MessageEvent listeners
  • changed openTab() method now returns a Promise that resolves to the object with opened tab data
  • added page_info session event triggered when data is received from cobrowsing frame
  • changed Upgrade dependencies in console_ui service
  • fixed Extension messaging errors in Safari browser
  • fixed Automation API DOM snapshots with inlined Webfuse IDs to skip subtrees without SSID
  • changed Automation API domSnapshot() method options name assignUniqueIDs for inlineWebfuseIDs
  • deprecated Automation API domSnapshot() method options name assignUniqueIDs
  • changed Improve stability of the post-deployment test for MCP functionality
  • fixed Proxy support for Sentry in ss-cf
  • added Automation API actuation method select()
  • changed Extension messaging Webfuse documentation to better reflect actual API state
  • fixed Internal links within Webfuse documentation which were referencing the old documentation structure
  • added Object Reference page to Webfuse documentation which will be referenced in other sections when describing data objects
  • security Addressed a vulnerability on session continuation cookie apply logic
  • changed Upgrade dependencies in ss-cmproxy service
  • fixed API Schema generation for MCP server
  • added extension_refreshed and extension_removed events for extensions in Studio. Documentation
  • fixed Automation type() for non-ASCII (undefined) symbols using minimal KeyboardEvent options
  • changed Upgrade dependencies in js/assets project
  • changed Upgrade dependencies in console_api service
  • added Accepted Automation API keyPress() keys (i.a., ‘Enter’)
  • fixed An issue with accessing cross origin windows
  • changed Add sessionLink for Webfuse widget API Documentation . Add deprecation message for using leaderLink and followerLink for Webfuse widget API
  • added https://*.intercom-messenger.com, wss://*.intercom-messenger.com to connect-src CSP policy in session to align with latest Intercom updates
  • or .
  • fixed Do not expose cookie values in logs when creating a session
  • added REST API for refreshing and removing an extension from the running session
  • fixed An issue with IntersectionObserver. The IntersectionObserver: root property is set to a top frame only if the top frame has the same origin as the current frame, otherwise it defaults to the current document
  • changed Upgrade dependencies in cf service
  • changed Extensive Webfuse ID assignment in automation DOM snapshots
  • added browser.sidePanel.getOptions() method for extension side panel in Webfuse
  • added browser.sidePanel.setOptions() method for extension side panel in Webfuse
  • added extension_side_panel_options_set session event in Webfuse
  • changed Upgrade dependencies in mcp service
  • fixed Resolved broken styles for Continuation point status in the Dashboard after uninstalling Bulma
  • fixed Remove config from Storage App GET API in Studio
    New strings available to translate (click for details)

v5.27

released on 2026-02-02
  • fixed Domain validation with empty string set as domains field