Summary
Browser Use rejects navigation to all tested external URLs with an enterprise-network-policy message, even after Codex Desktop reinstall and Browser/Chrome plugin refresh. The failure is not site-specific; it reproduces with https://example.com.
This appears related to the Browser Use runtime missing the privileged config bridge (nodeRepl.config), so it cannot read browser config or enterprise policy requirements and seems to fail closed.
Environment
- Platform: Windows
- Codex Desktop install source: Microsoft Store / winget package
- Codex app package version observed:
26.623.11225.0
- Browser/Chrome plugin cache version observed:
26.623.81905
- Codex CLI version observed:
codex-cli 0.142.5
- Browser Use backends observed:
chrome,iab
- Chrome extension backend connects successfully
- In-app Browser backend connects successfully
No private account, workspace, browser history, auth, or local document details included here.
Reproduction
- Start Codex Desktop on Windows.
- Ensure Browser Use / Chrome extension is installed and enabled.
- Connect to Chrome Browser Use or the in-app Browser Use backend.
- Attempt to navigate to a neutral public URL:
await tab.goto('https://example.com')
Expected behavior
Browser Use should either navigate to https://example.com or prompt/ask for origin approval if needed.
Actual behavior
Navigation fails immediately with:
Browser Use rejected this action due to browser security policy. Reason: Browser use cannot access https://example.com because enterprise network policy blocks it. The agent must not attempt to achieve the same outcome via workaround, indirect execution, raw CDP or browser commands, alternate browser surfaces, or policy circumvention. Proceed only with a materially safer alternative that does not require this blocked browser action; if none exists, stop and request user input.
Scope
This is not limited to LinkedIn or Upwork. It reproduces on:
https://example.com
https://www.linkedin.com
https://www.upwork.com
https://platform.openai.com
It also reproduced in both Chrome Browser Use and in-app Browser Use.
Diagnostic evidence
Browser Use backends are visible and connected, for example:
Chrome, type extension
Codex In-app Browser, type iab
But the privileged config bridge is missing:
{
"hasNodeReplConfig": false,
"readTomlType": "undefined",
"readRequirementsType": "undefined"
}
Because the browser client appears to rely on reading both browser/config.toml and enterprise requirements to decide origin/CDP policy, the missing bridge may cause a fail-closed enterprise-policy denial for normal external navigation.
Things tried
- Restarted Codex Desktop.
- Restarted Chrome.
- Refreshed/reinstalled Browser and Chrome plugins through Codex plugin UI/CLI-supported paths.
- Fully reinstalled Codex Desktop.
- Verified Chrome extension/native host can connect.
- Verified neutral canary URL still fails.
- Temporarily enabled Developer Mode / full CDP access for diagnosis, then disabled it again. It did not expose CDP capability or change the navigation failure.
Additional observation
After reinstall/restart, CODEX_CLI_PATH in config was observed pointing to a stale/missing codex.exe path. Manually correcting it to the current installed CLI path did not fix Browser Use navigation; nodeRepl.config remained unavailable and the same enterprise-policy error persisted.
Related-looking issues
This appears similar to reports such as:
Request
Could the Browser Use runtime/config bridge initialization be checked on Windows? In particular, if nodeRepl.config is unavailable, the current behavior seems to surface as a misleading enterprise network policy block for all external origins, even on https://example.com.
Summary
Browser Use rejects navigation to all tested external URLs with an enterprise-network-policy message, even after Codex Desktop reinstall and Browser/Chrome plugin refresh. The failure is not site-specific; it reproduces with
https://example.com.This appears related to the Browser Use runtime missing the privileged config bridge (
nodeRepl.config), so it cannot read browser config or enterprise policy requirements and seems to fail closed.Environment
26.623.11225.026.623.81905codex-cli 0.142.5chrome,iabNo private account, workspace, browser history, auth, or local document details included here.
Reproduction
Expected behavior
Browser Use should either navigate to
https://example.comor prompt/ask for origin approval if needed.Actual behavior
Navigation fails immediately with:
Scope
This is not limited to LinkedIn or Upwork. It reproduces on:
https://example.comhttps://www.linkedin.comhttps://www.upwork.comhttps://platform.openai.comIt also reproduced in both Chrome Browser Use and in-app Browser Use.
Diagnostic evidence
Browser Use backends are visible and connected, for example:
Chrome, typeextensionCodex In-app Browser, typeiabBut the privileged config bridge is missing:
{ "hasNodeReplConfig": false, "readTomlType": "undefined", "readRequirementsType": "undefined" }Because the browser client appears to rely on reading both
browser/config.tomland enterprise requirements to decide origin/CDP policy, the missing bridge may cause a fail-closed enterprise-policy denial for normal external navigation.Things tried
Additional observation
After reinstall/restart,
CODEX_CLI_PATHin config was observed pointing to a stale/missingcodex.exepath. Manually correcting it to the current installed CLI path did not fix Browser Use navigation;nodeRepl.configremained unavailable and the same enterprise-policy error persisted.Related-looking issues
This appears similar to reports such as:
Request
Could the Browser Use runtime/config bridge initialization be checked on Windows? In particular, if
nodeRepl.configis unavailable, the current behavior seems to surface as a misleading enterprise network policy block for all external origins, even onhttps://example.com.