A stable commerce contract over an unstable retailer surface.
Stop & Shop integration contains all retailer-specific selectors, request shapes, CSRF behavior, capability versions, and visible postconditions. The rest of the product only sees commerce operations.
Retailer gateway and discovery loop
Commerce operations the workflow understands
Understand the website one action at a time
- 01
Isolate
Open the approved account in a dedicated visible browser session with tracing and network observation enabled.
- 02
Act once
Perform exactly one action: open Past Purchases, search, add one item, change quantity, or open delivery slots.
- 03
Correlate
Match the visible action to requests, responses, initiators, CSRF behavior, cookies, and visible result.
- 04
Sanitize
Remove authorization, cookies, addresses, identity, loyalty data, signed URLs, and payment fields.
- 05
Catalog
Record method, path template, parameters, required headers, schema, side effect, and observed version.
- 06
Contract-test
Create sanitized fixtures, response schemas, and drift alerts. Keep a browser fallback for unstable operations.
Use the browser’s own evidence
| Tool | Role | Use |
|---|---|---|
| Playwright network events | Request, response, fetch/XHR, and WebSocket observation | Primary automated discovery |
| Chrome DevTools Network | Human inspection, sanitized HAR, copy as cURL/fetch | Primary manual baseline |
| Chrome DevTools Protocol | Post data, response bodies, initiators, and timing | Deep capture when needed |
| HAR fixtures | Sanitized contract fixtures and replay | Tests only; not proof of live compatibility |
| Browserbase | Hosted Playwright sessions and debug links | Optional cloud runtime |
Do not enumerate unlinked endpoints, replay another user’s traffic, evade limits, bypass security challenges, or treat undocumented calls as stable permission to integrate.