Menu
I'm trying to impersonate user clicks and mouse movements using a Chrome extension.
For example:
In my content script there is a button click.
document.querySelector("SOME_SELECTOR").click();
This line triggers a click event with the following property:
MouseEvent {isTrusted: false}
How to trigger a MouseEvent where the isTrusted property will be true?
326
Definition and Usage. The isTrusted event property returns a Boolean value indicating whether the event is trusted or not. Note: In Chrome, Firefox and Opera, the event is trusted if it is invoked by the user, and not trusted if it is invoked by a script.
The isTrusted read-only property of the Event interface is a boolean value that is true when the event was generated by a user action, and false when the event was created or modified by a script or dispatched via EventTarget. dispatchEvent() .
You can inject trusted events using the debugger interface.
chrome.debugger.attach(target, "1.2", function() { chrome.debugger.sendCommand(target, "Input.dispatchMouseEvent", arguments) }) https://developer.chrome.com/extensions/debugger
https://chromedevtools.github.io/devtools-protocol/1-2/Input
178
I'm not sure if this is possible, since it's a read-only property that signifies exactly what you're trying to fake, namely if the event originated from the end user or from a script. There used to be browser-based differences, (IE used to have all events as trusted) but I don't know if this is still the case.
https://developer.mozilla.org/en-US/docs/Web/API/Event
There may still be ways around this, as mentioned for firefox in this topic:Are events generated by Firefox extension 'trusted'?
But you'll have to have a look at the chrome documentation to check if they have similar methods of delegating an event back to the window, since it does mention extension events are/can become trusted in some cases.
30
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
