npm - @browserless/goto - Versions diffs - 10.12.6 → 10.12.7 - Mend

@browserless/goto 10.12.6 → 10.12.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/package.json CHANGED Viewed

@@ -2,7 +2,7 @@
   "name": "@browserless/goto",
   "description": "Navigate to web pages with built-in ad blocking, device emulation, and optimized loading for faster automation.",
   "homepage": "https://browserless.js.org/#/?id=gotopage-options",
-  "version": "10.12.6",
+  "version": "10.12.7",
   "main": "src/index.js",
   "author": {
     "email": "hello@microlink.io",
@@ -66,5 +66,5 @@
     "timeout": "2m",
     "workerThreads": false
   },
-  "gitHead": "5d4aaa106be3e196f5bfb1b52fc3d712ba9d512c"
+  "gitHead": "398978a3237780fa44ee70e9ffeb30759cab50a9"
 }

package/src/adblock.js CHANGED Viewed

@@ -8,59 +8,60 @@ const path = require('path')
 const debug = require('debug-logfmt')('browserless:goto:adblock')
-let enginePromise
+const lazy = fn => {
+  let p
+  return () => (p ??= fn())
+}
-const getEngine = () => {
-  if (enginePromise) return enginePromise
+const autoconsentDir = path.dirname(require.resolve('@duckduckgo/autoconsent'))
-  enginePromise = fs.readFile(path.resolve(__dirname, './engine.bin')).then(buffer => {
+const getEngine = lazy(() =>
+  fs.readFile(path.resolve(__dirname, './engine.bin')).then(buffer => {
     const engine = PuppeteerBlocker.deserialize(new Uint8Array(buffer))
     engine.on('request-blocked', ({ url }) => debug('block', url))
     engine.on('request-redirected', ({ url }) => debug('redirect', url))
     return engine
   })
-  return enginePromise
-}
+)
 /**
  * autoconsent.playwright.js is the only browser-injectable IIFE bundle in the package.
  * It is not in the package's "exports" map, so pin @duckduckgo/autoconsent with ~ to
  * avoid breakage from internal restructuring on minor/patch bumps.
  */
-let autoconsentPlaywrightScriptPromise
-const getAutoconsentPlaywrightScript = () => {
-  if (autoconsentPlaywrightScriptPromise) return autoconsentPlaywrightScriptPromise
-  autoconsentPlaywrightScriptPromise = fs.readFile(
-    path.resolve(
-      path.dirname(require.resolve('@duckduckgo/autoconsent')),
-      'autoconsent.playwright.js'
-    ),
-    'utf8'
-  )
+const getAutoconsentPlaywrightScript = lazy(() =>
+  fs.readFile(path.resolve(autoconsentDir, 'autoconsent.playwright.js'), 'utf8')
+)
-  return autoconsentPlaywrightScriptPromise
-}
+const getAutoconsentRules = lazy(() =>
+  fs.readFile(path.resolve(autoconsentDir, '../rules/compact-rules.json'), 'utf8').then(JSON.parse)
+)
 /* Configuration passed to autoconsent's `initResp` message.
-   See https://github.com/duckduckgo/autoconsent/blob/main/api.md */
+   See https://github.com/duckduckgo/autoconsent/blob/main/docs/api.md */
 const autoconsentConfig = Object.freeze({
   /* activate consent rule matching */
   enabled: true,
   /* automatically reject (opt-out) all cookies */
   autoAction: 'optOut',
+  /* skip these CMPs even if detected */
+  disabledCmps: [],
   /* hide banners early via CSS before detection finishes */
   enablePrehide: true,
   /* apply CSS-only rules that hide popups lacking a reject button */
   enableCosmeticRules: true,
   /* enable rules auto-generated from common CMP patterns */
   enableGeneratedRules: true,
-  /* fall back to heuristic click when no specific rule matches */
-  enableHeuristicAction: true,
   /* skip bundled ABP/uBO cosmetic filter list (saves bundle size) */
   enableFilterList: false,
+  /* detect CMPs using heuristics when no specific rule matches */
+  enableHeuristicDetection: true,
+  /* fall back to heuristic click when no specific rule matches */
+  enableHeuristicAction: true,
+  /* run in the page's main world (false = isolated world) */
+  isMainWorld: false,
+  /* max ms to keep prehide CSS applied before removing it */
+  prehideTimeout: 2000,
   /* how many times to retry CMP detection (~50 ms apart) */
   detectRetries: 20,
   logs: {
@@ -68,12 +69,16 @@ const autoconsentConfig = Object.freeze({
     lifecycle: false,
     /* individual rule step execution */
     rulesteps: false,
+    /* CMP detection step details */
+    detectionsteps: false,
     /* eval snippet calls */
     evals: false,
     /* rule errors */
     errors: false,
     /* background ↔ content-script messages */
-    messages: false
+    messages: false,
+    /* wait/delay step timing */
+    waits: false
   }
 })
@@ -95,35 +100,54 @@ const setupAutoConsent = async (page, timeout) => {
     if (!message || typeof message !== 'object') return
     if (message.__nonce !== nonce) return
-    if (message.type === 'init') {
-      return sendMessage(page, { type: 'initResp', config: autoconsentConfig })
-    }
+    switch (message.type) {
+      case 'init': {
+        page._autoconsentInitDone = true
+        const rules = await getAutoconsentRules()
+        return sendMessage(page, { type: 'initResp', config: autoconsentConfig, rules })
+      }
+      case 'eval': {
+        let result = false
+        try {
+          result = await pTimeout(page.evaluate(message.code), timeout)
+        } catch {}
+        return sendMessage(page, { type: 'evalResp', id: message.id, result })
+      }
+      case 'cmpDetected':
+      case 'popupFound':
+      case 'autoconsentDone':
+        debug(message.type, { cmp: message.cmp })
+        break
-    if (message.type === 'eval') {
-      let result = false
-      try {
-        result = await pTimeout(page.evaluate(message.code), timeout)
-      } catch {}
-      return sendMessage(page, { type: 'evalResp', id: message.id, result })
+      case 'optOutResult':
+        debug(message.type, { result: message.result })
+        break
+      case 'autoconsentError':
+        debug(message.type, { details: message.details })
+        break
     }
   })
-  /* Wrap the binding in the top frame so every outgoing message carries the
-     nonce.  Child frames (including cross-origin iframes) keep the raw CDP
-     binding which lacks the nonce, so their messages are silently rejected. */
-  await page.evaluateOnNewDocument(n => {
-    if (window.self !== window.top) return
-    const raw = window.autoconsentSendMessage
-    if (raw) window.autoconsentSendMessage = msg => raw({ ...msg, __nonce: n })
-  }, nonce)
-  await page.evaluateOnNewDocument(autoconsentPlaywrightScript)
+  /* Single injection: wrap the binding in the top frame so every outgoing
+     message carries the nonce, then run the autoconsent script. Child frames
+     keep the raw CDP binding which lacks the nonce, so their messages are
+     silently rejected. */
+  const nonceGuard = `(function(n){if(window.self!==window.top)return;var raw=window.autoconsentSendMessage;if(raw)window.autoconsentSendMessage=function(msg){return raw(Object.assign({},msg,{__nonce:n}))}})(${JSON.stringify(nonce)});`
+  await page.evaluateOnNewDocument(nonceGuard + autoconsentPlaywrightScript)
   page._autoconsentSetup = true
 }
-const runAutoConsent = async page => page.evaluate(await getAutoconsentPlaywrightScript())
+const runAutoConsent = async page => {
+  if (page._autoconsentInitDone) return
+  return page.evaluate(await getAutoconsentPlaywrightScript())
+}
 const enableBlockingInPage = (page, run, timeout) => {
+  getAutoconsentRules().catch(() => {})
   page.disableAdblock = () =>
     getEngine()
       .then(engine => engine.disableBlockingInPage(page, { keepRequestInterception: true }))

package/src/engine.bin CHANGED Viewed

Binary file