Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Headless browser detection

Tags:

selenium

webdriver

puppeteer

phantomjs

headless-browser

Do you know any webapps/online tests/online firewalls that are trying to detect if user is using selenium/puppeteer/phantomJS or any other headless browser?

I've created my puppeteer online crawler. I've changed many different stuff like window.navigator object (user-agent, ~.webdriver etc.).

Now I want to make sure that it is undetectable.

like image 264
BT101 Avatar asked Mar 26 '19 19:03

BT101

People also ask

Can headless browser be detected?

There are many ways to detect whether a request is coming from a headless browser, but whether it will be easy to do so depends greatly on how the headless browser is configured. If used for web scraping, hackers do their absolute best to obscure detection.

Can headless Chrome be detected?

On the one hand, Google works to detect bots with reCAPTCHA, but on the other hand, they've created Headless Chrome. Google's solution for blocking bots isn't effective against their own technology. For now, DataDome is the only solution I've tested that can detect Headless Chrome.

What is headless browser testing?

Headless testing is when you run a UI-based browser test without showing the browser UI. It's running a test or running a script against a browser, but without the browser, UI starts up.

What is a headless browser used for?

Headless browsers provide automated control of a web page in an environment similar to popular web browsers, but they are executed via a command-line interface or using network communication.

1 Answers

There is a headless browser detection test which tests for the following:

  • Does the User-Agent contain the string "HeadlessChrome"?
  • Is navigator.webdriver set?
  • Is window.chrome unset?
  • Does the browser skip asking for permissions (like notifications)?
  • Are browser plugins unavailable?
  • Is navigator.languages unset?

If your browser answers any of these questions with yes, then you fail the test. For more information on the test, check out this post, which is a reply to a post called "Detecting Chrome headless, new techniques".

The author of the latter post also published another test test (code), which claims to be able to detect bots and crawlers. It performs various tests on browser attributes and generates a fingerprint of your browser.

Other "soft" tests done by websites, might include the mouse movement, scrolling behavior, IP address, etc. I doubt you will find many tests regarding these information as this is basically a cat-and-mouse game.

like image 82
Thomas Dondorf Avatar answered Oct 17 '22 07:10

Thomas Dondorf
Sign in to Comment

Related questions

Is it possible to run Selenium scripts without having an X server running, too?
Selenium WebDriver clicking on hidden element
How to have Django test case and Selenium server use same database?
How to get session id on Selenium webdriver using Python?
Selenium get value of current implicit wait
Find element by value Selenium/Python
Selenium: Point towards default Chrome session
Firefox windows don't close after Selenium test has run
How to Test Blur - Firefox Selenium driver?
Dynamically changing proxy in Firefox with Selenium webdriver
What is by.js locator for in Protractor/WebDriverJS?
Selenium - Basic Authentication via url
Ruby - unable to bind to locking port 7054 within 45 seconds (Selenium::WebDriver::Error::WebDriverError)
Selenium WebDriver works but SLOW (Java)
how to downgrade Chrome on Ubuntu and disable auto-update?
What is the Difference between Selenium Webdriver and Selenium Ghostdriver? [closed]
Run Individual Test from Nunit3-console.exe
Anaconda selenium and Chrome
Webpage Is Detecting Selenium Webdriver with Chromedriver as a bot
Selenium pdf automatic download not working

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!