Skip to content
Branch: master
Find file History
Latest commit 41016b2 Feb 12, 2019

readme.md

puppeteer-extra-plugin-stealth Build Status npm

A plugin for puppeteer-extra to prevent detection.

Install

yarn add puppeteer-extra-plugin-stealth
# - or -
npm install puppeteer-extra-plugin-stealth

If this is your first puppeteer-extra plugin here's everything you need:

yarn add puppeteer puppeteer-extra puppeteer-extra-plugin-stealth
# - or -
npm install puppeteer puppeteer-extra puppeteer-extra-plugin-stealth

Usage

// puppeteer-extra is a drop-in replacement for puppeteer,
// it augments the installed puppeteer with plugin functionality
const puppeteer = require("puppeteer-extra")

// add stealth plugin and use defaults (all evasion techniques)
const pluginStealth = require("puppeteer-extra-plugin-stealth")
puppeteer.use(pluginStealth())

// puppeteer usage as normal
puppeteer.launch({ headless: true }).then(async browser => {
  const page = await browser.newPage()
  await page.setViewport({ width: 800, height: 600 })
  await page.goto("https://bot.sannysoft.com")
  await page.waitFor(5000)
  await page.screenshot({ path: "testresult.png", fullPage: true })
  await browser.close()
})

Changelog

v2.1.2

  • Improved: navigator.plugins - we fully emulate plugins/mimetypes in headless now πŸŽ‰
  • New: webgl.vendor - is otherwise set to "Google" in headless
  • New: window.outerdimensions - fix missing window.outerWidth/outerHeight and viewport
  • Fixed: navigator.webdriver now returns undefined instead of false

Test results (red is bad)

Vanilla puppeteer without stealth 😒

Chromium + headless Chromium + headful Chrome + headless Chrome + headful

Puppeteer with stealth plugin πŸ’―

Chromium + headless Chromium + headful Chrome + headless Chrome + headful

Tests have been done using this test site and these scripts.

Improved reCAPTCHA v3 scores

Using stealth also seems to help with maintaining a normal reCAPTCHA v3 score.

Regular Puppeteer
Stealth Puppeteer

Note: The official test is to be taken with a grain of salt, as the score is calculated individually per site and multiple other factors (past behaviour, IP address, etc). Based on anecdotal observations it still seems to work as a rough indicator.

Tip: Have a look at the recaptcha plugin if you have issues with reCAPTCHAs.

API

Table of Contents

Plugin

Extends: PuppeteerExtraPlugin

Stealth mode: Applies various techniques to make detection of headless puppeteer harder. πŸ’―

Purpose

There are a couple of ways the use of puppeteer can easily be detected by a target website. The addition of HeadlessChrome to the user-agent being only the most obvious one.

The goal of this plugin is to be the definite companion to puppeteer to avoid detection, applying new techniques as they surface.

As this cat & mouse game is in it's infancy and fast-paced the plugin is kept as flexibile as possible, to support quick testing and iterations.

Modularity

This plugin uses puppeteer-extra's dependency system to only require code mods for evasions that have been enabled, to keep things modular and efficient.

The stealth plugin is a convenience wrapper that requires multiple evasion techniques automatically and comes with defaults. You could also bypass the main module and require specific evasion plugins yourself, if you whish to do so (as they're standalone puppeteer-extra plugins):

// bypass main module and require a specific stealth plugin directly:
puppeteer.use(
  require("puppeteer-extra-plugin-stealth/evasions/console.debug")()
)

Contributing

PRs are welcome, if you want to add a new evasion technique I suggest you look at the template to kickstart things.

Kudos

Thanks to Evan Sangaline and Paul Irish for kickstarting the discussion!


Type: function (opts)

  • opts Object Options (optional, default {})
    • opts.enabledEvasions Set<string>? Specify which evasions to use (by default all)

Example:

const puppeteer = require("puppeteer-extra")
// Enable stealth plugin with all evasions
puppeteer.use(require("puppeteer-extra-plugin-stealth")())
;(async () => {
  // Launch the browser in headless mode and set up a page.
  const browser = await puppeteer.launch({
    args: ["--no-sandbox"],
    headless: true
  })
  const page = await browser.newPage()

  // Navigate to the page that will perform the tests.
  const testUrl =
    "https://intoli.com/blog/" +
    "not-possible-to-block-chrome-headless/chrome-headless-test.html"
  await page.goto(testUrl)

  // Save a screenshot of the results.
  const screenshotPath = "/tmp/headless-test-result.png"
  await page.screenshot({ path: screenshotPath })
  console.log("have a look at the screenshot:", screenshotPath)

  await browser.close()
})()

availableEvasions

Get all available evasions.

Please look into the evasions directory for an up to date list.

Type: Set<string>

Example:

const pluginStealth = require("puppeteer-extra-plugin-stealth")()
console.log(pluginStealth.availableEvasions) // => Set { 'user-agent', 'console.debug' }
puppeteer.use(pluginStealth)

enabledEvasions

Get all enabled evasions.

Enabled evasions can be configured either through opts or by modifying this property.

Type: Set<string>

Example:

// Remove specific evasion from enabled ones dynamically
const pluginStealth = require("puppeteer-extra-plugin-stealth")()
pluginStealth.enabledEvasions.delete("console.debug")
puppeteer.use(pluginStealth)

You can’t perform that action at this time.