fingerprint-suite icon indicating copy to clipboard operation
fingerprint-suite copied to clipboard

Published 20 hours ago verified publisher icon apify

feat: worker ready injection interface

Open petrpatek opened this issue 2 years ago • 4 comments

This feature is necessary for the worker fingerprint injection. I started playing with the worker injection when bypassing the Kasada protection. I have tried two methods of injection. First, using the playwright on worker events - resulted in having the fingerprint injected late. The second one was evaluating the injection script at the begging of the worker script - This worked well when the worker is not a phantom worker, i.e., not loading self. But for more testing and playing around, this interface would be extremely helpful.

petrpatek avatar Nov 23 '22 08:11 petrpatek

Make sure to check #64 :) There are basically more ways of worker injection that I and the guys in the thread could think of, but all of them have their caveats:

  • Routing the network requests (POC) - works for classic Workers, but not for Service- and SharedWorkers (but might be doable now, needs more research). Also, .route() disables caching, which might lead to performance drops.
  • Constructor overrides with base64 (comment) - apparently, worker constructors support base64 encoded strings as the input code. We could support this by overriding the Shared/Service/Worker constructor and prepending our code into the base string. However, this is probably not doable with classic "path" inputs (but could be an interesting backdoor?)
  • @piercefreeman's smart proxy (comment) - this would probably clash with Crawlee's proxy management, but maybe worth a try?

Either way, I'd be super happy to finally close this one, so if you come up with something, please lmk :)

barjin avatar Nov 23 '22 16:11 barjin

Yes, I checked it. These are great generic ideas. But this way, we can move one step closer to experimenting on per website/protection basis. As I understand, all these methods need a js to be injected into the worker that overrides the navigator.

petrpatek avatar Nov 24 '22 10:11 petrpatek

Oh, so the goal w/ this PR is to have an interface for worker-ready injectable script and handle the injection in the user code for now, do I get this right?

Either way, it works for me, we can release this as a prerelease so we can test it better :)

barjin avatar Nov 24 '22 12:11 barjin

Any progress?

Failton avatar Jan 29 '23 19:01 Failton