Feature Request: Support Allowed Origins & Blocked Origins list options

[sakupi01]

Is your feature request related to a problem? Please describe.

When adopting browser automation MCPs in a corporate environment, considering security is especially crucial. Any possibility of automatic/unintentional access to unknown/malicious content can be a reason for preventing adoption.
Playwright MCP, for example, has --allowed-origins & --blocked-origins to filter in/out which contents the MCP is allowed to access. This gives us more certainty on which content the tool will access, and this can bring a good reason to use the browser automation tool corporate-wide.
For example, we can restrict access except to localhost.

Describe the solution you'd like
Like Playwright MCP, providing CLI options to filter origins the MCP server can access (e.g. localhost only) prevents unintended navigation to unauthorized or potentially malicious sites while maintaining safe internal tool usage.

Playwright uses context.route(), which internally relies on the same CDP methods in the identical way as Pupeteer page.setRequestInterception() does.

• https://github.com/microsoft/playwright/blob/main/packages/playwright-core/src/server/chromium/crNetworkManager.ts#L155
• https://github.com/puppeteer/puppeteer/blob/48902651782c712a90cba51e913f1adf78933766/packages/puppeteer-core/src/cdp/NetworkManager.ts#L312

Additional context

• microsoft/playwright-mcp: Playwright MCP server

[DavidPoliakoff]

Adding to the "thumbs up:" an answer to this is IMO the remaining blocker for taking this up at the firm I work for, as well.

The DevTools MCP is such a huge win, the amount of copy-pasting from the DevTools console that I'm doing is obviously wrong, this MCP really feels like the answer once we can have it in a secure way

[CW-EijiOsakabe]

@OrKoN
Hello, can I ask you about the status of this feature?
I see you have left a comment here saying you will consider to add the support with other implementation approach.
#232 (comment)

Our team would love to see this feature implemented for better security 🙇

[classiemilio]

+1 to this request. This is what would unblock our company from being able to adopt this MCP server, which would be a huge lift to our workflows!

[Oleg-Sulzhenko]

+1 my company postpone adopting this MCP because of security concerns, adding the possibility to whitelist urls will address this concern.

[501NotImplemented]

+1, the only reason that stops us from adopting the MCP is the security reasons.

[edgeq]

+1 here too for all the above reasons. My current approach is to try and leverage a hooks-based approach on some of the tools the MCP provides... but that might get pretty unmaintainable pretty quickly..

[OrKoN]

we should use https://chromedevtools.github.io/devtools-protocol/tot/Network/#method-setBlockedURLs to express allowed and blocked URLs using URL patterns (to support origins and other patterns). We should implement it in Puppeteer and use it in the MCP server. cc @nattallius