Overview
PalanK’s local API does not require authentication tokens. Security is enforced through:- Local-only connections: Only
127.0.0.1andlocalhostare allowed - Session-based: Each browser tab attachment creates a unique session
Sessions
Session Creation
When the Chrome extension attaches to a tab, a session is automatically created:Using Session IDs
Include thesessionId in commands to target specific tabs:
Session Termination
When a tab is detached or closed:Connection Lifecycle
Handshake
Keepalive
The Gateway sends periodicping messages. Respond with pong:
Multiple Tabs
You can work with multiple tabs simultaneously:Error Handling
No Active Session
Invalid Session ID
Target.attachedToTarget event.
Connection Lost
If the WebSocket disconnects:- All pending commands will fail
- Tabs remain attached in Chrome
- Reconnect to resume operations
Best Practices
Track Sessions
Maintain a list of active session IDs from attach/detach events
Handle Disconnects
Implement reconnection logic for robustness
Default Session
Without sessionId, commands go to the first attached tab
Clean Up
Handle detach events to remove stale sessions