iframe.contentWindow evasion causes troubles for some ad systems

[methyl]

Hello!

I've encountered a problem with iframe.contentWindow evasion. It seems to be breaking some of the websites that are displaying ads and I guess it's related to srcdoc attribute. With plugin enabled, the ad script instead of replacing iframe HTML content replaces whole page HTML.

You can see this being a case for eg. http://veganliftz.com/best-vegan-pre-workout.

Once I pluginStealth.enabledEvasions.delete('iframe.contentWindow') or enable adblocker, it starts to work again.

[Niek]

Probably related to puppeteer/puppeteer#1106

[berstend]

As this is becoming the canonical ticket for this: The iframe.contentWindow evasion attempts to mitigate a nasty puppeteer bug but that comes at the expense of some sites (specifically ad-infested ones) breaking.

Most often you don't need this evasion and can just disable it if you experience issues:

// Remove specific evasion from enabled ones dynamically
const pluginStealth = require('puppeteer-extra-plugin-stealth')()
pluginStealth.enabledEvasions.delete('iframe.contentWindow')
puppeteer.use(pluginStealth)

Alternatively you could try using the adblocker plugin in tandem.

There's a chance I might be able to improve the evasion so it doesn't break sites anymore but it's not my highest priority right now.

[Phyks]

As per #137 (comment), discarding this evasion or using an adblocker for websites full of ads might not be an option. Sometimes you do need the ads (e.g. for correct placements / layouts).

Would you have some opinion on the patch proposed above? #202 (comment)

Thanks!

[Niek]

I've probably solved this issue and rewrote the plugin a bit. Need to test a bit.

How does the check work? This way?
/Chrome/.test(fingerprint.userAgent) && fingerprint.iframeChrome === 'undefined'
Right?

You can see the existing tests in https://github.com/berstend/puppeteer-extra/blob/master/packages/puppeteer-extra-plugin-stealth/evasions/iframe.contentWindow/index.test.js

Run the tests locally: npx ava -v

[vladtreny]

@Niek

The above one by @Phyks is correct. I would suggest to change it a bit

+++ if (key === 'document') {
+++ return iframe.contentDocument || iframe.contentWindow.document;
+++ }

iframe.contentWindow.document - This works for iFrames in other domains.

[Niek]

PR @ #327, closing this

[raphaelpreston]

I might be confused by the threads, but has this been reopened? I'm running puppeteer-extra-plugin-stealth@2.6.5 and I'm still experiencing this issue (everything gets removed but the ads) on at least Best Buy. As before, deleting the iframe.contentWindow evasion fixes the problem.

[berstend]

Pretty sure the issue isn't resolved altogether - the iframe.contentWindow evasion is a pretty dirty hack unfortunately. The proper way would be to fix this in the CDP driver (a chromium issue has been raised for that). :-/