docs: sanitize CHANGELOG #18 entry + remove obsolete Known issues section

Two-part cleanup: - CHANGELOG.md #18 entry: rewrite the symptom description without naming the specific third-party site that originally reported it. The technical root cause and fix are unchanged. - README.md: remove the entire "Known issues" section. Its only entry was the headless=True alt-desktop crash from #18, which was fully fixed in 0.1.7 / firefox-7. Leaving the workaround instructions in the README would have misled users into adopting them unnecessarily. New issues can be added back as they're found; the default state is "no known issues". Pre-push: 402 unit + integration tests pass. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-06-07 08:35:12 +02:00 · 2026-05-23 10:23:34 -07:00 · 2026-05-23 10:23:34 -07:00 · 34aeb9601f
commit 34aeb9601f
parent 64eef4daff
2 changed files with 1 additions and 19 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -20,7 +20,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 ## [0.1.7] - 2026-05-21

 ### Fixed
- [#18](https://github.com/feder-cr/invisible_playwright/issues/18): Tab crash on `id.sky.com` and similar sites when running with `headless=True` on Windows. Two separate bugs that only triggered together: (1) the Chromium content sandbox at default level 6 puts content processes on `kAlternateWinstation`, but the wrapper hides the browser window on its own alt-desktop (`CreateDesktop` for headless on Windows). Mismatched desktops → cross-process navigations (Adobe AppMeasurement on id.sky.com triggers them) couldn't reparent windows → content process exits cleanly and Playwright fires `page.on('crash')`. (2) The canvas2d `getImageData` stealth spoof wrote to a read-only mapped `DataSourceSurface`. On GPU-backed canvases that memory is write-protected → segfault during the final `getImageData` id.sky.com runs at page unload. Wrapper now sets `security.sandbox.content.level=4` in the alt-desktop workaround set, and `firefox-7` ships the source fix that moves the noise to the JS array's writable backing buffer. Reporter: [@gamefireat123-eng](https://github.com/gamefireat123-eng).
+- [#18](https://github.com/feder-cr/invisible_playwright/issues/18): Tab crash when running with `headless=True` on Windows on pages that trigger cross-process navigation. Two separate bugs that only manifested together: (1) the Chromium content sandbox at default level 6 puts content processes on `kAlternateWinstation`, but the wrapper hides the browser window on its own alt-desktop (`CreateDesktop` for headless on Windows). Mismatched desktops → cross-process navigations couldn't reparent windows → content process exits cleanly and Playwright fires `page.on('crash')`. (2) The canvas2d `getImageData` stealth spoof wrote to a read-only mapped `DataSourceSurface`. On GPU-backed canvases that memory is write-protected → segfault during the final `getImageData` at page unload. Wrapper now sets `security.sandbox.content.level=4` in the alt-desktop workaround set, and `firefox-7` ships the source fix that moves the noise to the JS array's writable backing buffer.

 ### Changed
 - `BINARY_VERSION` bumped from `firefox-5` to `firefox-7`. `firefox-6` was rolled back when its partial fix turned out to be wrong (the iframe-burst hypothesis was a dead end; bisection in the evening found the real two-bug cause documented above).
--- a/README.md
+++ b/README.md
@ -203,24 +203,6 @@ invisible_playwright version        # wrapper and binary versions
 invisible_playwright clear-cache    # remove all cached binaries
 ```

-## Known issues
-
-### `headless=True` on Windows can cause tab crashes on sites with heavy cross-process navigation
-
-Reported as [#18](https://github.com/feder-cr/invisible_playwright/issues/18) (`id.sky.com` and similar). On Windows, `headless=True` runs Firefox headed on a hidden alt-desktop created via `CreateDesktop`. Some sites (id.sky.com, anything else loading Adobe AppMeasurement in a way that triggers cross-process navigation) end up firing `page.on('crash')` after about 10 seconds. The cause is a window-parenting interaction between the alt-desktop and the GPU/content processes; the workaround is one of:
-
-```python
-# Option A — keep the visible window (no alt-desktop)
-with InvisiblePlaywright(seed=42, headless=False) as browser:
-    ...
-
-# Option B — run inside Xvfb on Linux (alt-desktop bug is Windows-only)
-```
-
-The visible window case works on every site we've tested. Linux + Xvfb is unaffected.
-
---
-
 ## Related projects

 invisible_playwright takes a different angle than the major Firefox-hardening projects but stands on their shoulders: