Closed momala454 closed 4 years ago
Yeah, currently we're only handling notifications
permission (if that chrome launch arg is present).
Code of this evasion plugin for reference: here
This ties into a bigger idea of more fully emulation missing capabilities in headless (including the window.chrome
object). I've already did something similar with the navigator.plugins
evasion and the mime types.
Right now the evasions are a mix of simplistic ones (copy pasted from the web in the early days of this project) and more sophisticated custom written ones.
I'm thinking about streamlining this and maybe add "anti-fingerprint" functionality as well.
i think it's more than just anti fingerprinting, as on default chrome all of the permissions are shown as i wrote in the previous post (without having any popup), so i think we can conclude that if it's just denied like on your plugin, it's a bot ?
or do you know how to reproduce the same behaviour on legit chrome by changing a parameter?
Are you using chromium or regular chrome right now? It seems like your use-case would benefit from using regular Chrome, if necessary running in a virtualized Windows container/VM. :)
If stealth behaviour is paramount the only viable option is to run regular Google Chrome headful (!) in a Container or VM.
regular chrome
As I just learned you cannot run Windows in a docker container so your options would be a VM like virtualbox or using a Windows server provider (Azure, AWS?)
But it all depends on what you're trying to achieve, don't forget that most sites are not extremely sophisticated about their stealth detection ;)
Stuff like datacenter IP issues or rate limits are probably things you run into long before the site complains about missing window taskbar pixels in your viewport dimensions.
i don't know exactly what they do, but i used this plugin to show what functions they use : https://chrome.google.com/webstore/detail/dont-fingerprint-me/nhbedikkbkakbjipijipejfojanppbfg
and the result :
navigator get self.navigator.userAgent navigator get self.navigator.userAgent navigator get self.navigator.platform screen get self.screen.width screen get self.screen.height screen get self.screen.colorDepth navigator get self.navigator.plugins navigator get self.navigator.javaEnabled navigator get self.navigator.language navigator get self.navigator.loadPurpose navigator get self.navigator.sendBeacon navigator get self.navigator.cookieEnabled navigator get self.navigator.connection navigator get self.navigator.connection.downlinkMax navigator get self.navigator.connection.type navigator get self.navigator.connection.effectiveType navigator get self.navigator.connection.rtt navigator get self.navigator.connection.downlink navigator get self.navigator.userAgent navigator get self.navigator.plugins navigator get self.navigator.mimeTypes screen get self.screen.height screen get self.screen.width screen get self.screen.availHeight screen get self.screen.availWidth screen get self.screen.pixelDepth screen get self.screen.colorDepth navigator get self.navigator.appCodeName navigator get self.navigator.appName navigator get self.navigator.appVersion navigator get self.navigator.hardwareConcurrency navigator get self.navigator.maxTouchPoints navigator get self.navigator.platform navigator get self.navigator.product navigator get self.navigator.productSub navigator get self.navigator.vendor navigator get self.navigator.vendorSub navigator get self.navigator.doNotTrack navigator get self.navigator.webdriver canvas apply self.CanvasRenderingContext2D.prototype.fillText canvas apply self.HTMLCanvasElement.prototype.toDataURL canvas apply self.CanvasRenderingContext2D.prototype.getImageData navigator get self.navigator.javaEnabled webgl apply self.WebGLRenderingContext.prototype.getParameter(ALIASED_LINE_WIDTH_RANGE) webgl apply self.WebGLRenderingContext.prototype.getParameter(ALIASED_POINT_SIZE_RANGE) webgl apply self.WebGLRenderingContext.prototype.getParameter(MAX_VIEWPORT_DIMS) webgl apply self.WebGLRenderingContext.prototype.getParameter(ALPHA_BITS) webgl apply self.WebGLRenderingContext.prototype.getParameter(BLUE_BITS) webgl apply self.WebGLRenderingContext.prototype.getParameter(GREEN_BITS) webgl apply self.WebGLRenderingContext.prototype.getParameter(RED_BITS) webgl apply self.WebGLRenderingContext.prototype.getParameter(DEPTH_BITS) webgl apply self.WebGLRenderingContext.prototype.getParameter(MAX_COMBINED_TEXTURE_IMAGE_UNITS) webgl apply self.WebGLRenderingContext.prototype.getParameter(MAX_CUBE_MAP_TEXTURE_SIZE) webgl apply self.WebGLRenderingContext.prototype.getParameter(MAX_FRAGMENT_UNIFORM_VECTORS) webgl apply self.WebGLRenderingContext.prototype.getParameter(MAX_RENDERBUFFER_SIZE) webgl apply self.WebGLRenderingContext.prototype.getParameter(MAX_TEXTURE_IMAGE_UNITS) webgl apply self.WebGLRenderingContext.prototype.getParameter(MAX_TEXTURE_SIZE) webgl apply self.WebGLRenderingContext.prototype.getParameter(MAX_VARYING_VECTORS) webgl apply self.WebGLRenderingContext.prototype.getParameter(MAX_VERTEX_ATTRIBS) webgl apply self.WebGLRenderingContext.prototype.getParameter(MAX_VERTEX_TEXTURE_IMAGE_UNITS) webgl apply self.WebGLRenderingContext.prototype.getParameter(MAX_VERTEX_UNIFORM_VECTORS) webgl apply self.WebGLRenderingContext.prototype.getParameter(RENDERER) webgl apply self.WebGLRenderingContext.prototype.getParameter(SHADING_LANGUAGE_VERSION) webgl apply self.WebGLRenderingContext.prototype.getParameter(STENCIL_BITS) webgl apply self.WebGLRenderingContext.prototype.getParameter(VENDOR) webgl apply self.WebGLRenderingContext.prototype.getParameter(VERSION) webgl apply self.WebGLRenderingContext.prototype.getExtension(WEBGL_debug_renderer_info) webgl apply self.WebGLRenderingContext.prototype.getParameter(37445) webgl apply self.WebGLRenderingContext.prototype.getParameter(37446) webgl apply self.WebGLRenderingContext.prototype.getContextAttributes webgl apply self.WebGLRenderingContext.prototype.getExtension(EXT_texture_filter_anisotropic) webgl apply self.WebGLRenderingContext.prototype.getParameter(34047) webgl apply self.WebGLRenderingContext.prototype.getShaderPrecisionFormat webgl apply self.WebGLRenderingContext.prototype.getSupportedExtensions navigator get self.navigator.connection navigator get self.navigator.connection.downlinkMax navigator get self.navigator.connection.type navigator get self.navigator.connection.effectiveType navigator get self.navigator.connection.rtt navigator get self.navigator.connection.downlink
Fingerprinting is (currently) not in the scope of the stealth plugin but I make a note in the umbrella ticket for this.
Closing in favor of #101
Hi, you deny the permission, but according to https://amiunique.org/fp it's common by only 0.08% While by default it seems like chrome is returning this :
accelerometer : granted camera : prompt clipboard-read : prompt clipboard-write : granted geolocation : prompt background-sync : granted magnetometer : granted microphone : prompt midi : granted notifications : prompt payment-handler : granted persistent-storage : prompt
for 20%
What do you think if we return the same ? It may need to emulate the funtionnalities which are "granted" however