is-antibot 1.6.2 → 1.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -0
- package/package.json +2 -1
- package/src/index.js +13 -0
package/README.md
CHANGED
|
@@ -15,6 +15,7 @@
|
|
|
15
15
|
|
|
16
16
|
- **CloudFlare** - Bot management and challenge pages
|
|
17
17
|
- **Vercel** - Attack mode protection
|
|
18
|
+
- **Anubis** - Techaro BotStopper proof-of-work challenge
|
|
18
19
|
- **Akamai** - Bot Manager and Web Application Protector
|
|
19
20
|
- **DataDome** - Bot protection with CAPTCHA challenges
|
|
20
21
|
- **PerimeterX** - Behavioral bot detection
|
|
@@ -28,6 +29,7 @@
|
|
|
28
29
|
- **ThreatMetrix** - LexisNexis fraud prevention and device fingerprinting
|
|
29
30
|
- **Meetrics** - User authenticity verification
|
|
30
31
|
- **Ocule** - Bot detection with advanced obfuscation
|
|
32
|
+
- **Instagram** - Login page redirect bot detection
|
|
31
33
|
- **YouTube** - BotGuard attestation and abuse detection
|
|
32
34
|
- **LinkedIn** - Bot filter protection
|
|
33
35
|
- **Reddit** - Network security challenge-page detection
|
package/package.json
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
"name": "is-antibot",
|
|
3
3
|
"description": "Identify if a response is an antibot challenge from CloudFlare, Akamai, DataDome, Vercel, PerimeterX, Shape Security, and more, including CAPTCHA providers like reCAPTCHA and hCaptcha.",
|
|
4
4
|
"homepage": "https://github.com/microlinkhq/is-antibot",
|
|
5
|
-
"version": "1.
|
|
5
|
+
"version": "1.7.0",
|
|
6
6
|
"exports": {
|
|
7
7
|
".": "./src/index.js"
|
|
8
8
|
},
|
|
@@ -31,6 +31,7 @@
|
|
|
31
31
|
"keywords": [
|
|
32
32
|
"akamai",
|
|
33
33
|
"antibot",
|
|
34
|
+
"anubis",
|
|
34
35
|
"arkose",
|
|
35
36
|
"aws-waf",
|
|
36
37
|
"bot",
|
package/src/index.js
CHANGED
|
@@ -413,6 +413,19 @@ const detect = ({ headers = {}, html = '', url = '', statusCode } = {}) => {
|
|
|
413
413
|
return byHtml('youtube')
|
|
414
414
|
}
|
|
415
415
|
|
|
416
|
+
// Anubis (Techaro BotStopper): challenge pages always contain the JSON script block
|
|
417
|
+
// `<script id="anubis_challenge" type="application/json">` (hardcoded in web/index.templ)
|
|
418
|
+
// and asset/API URLs under the Go constant `StaticPath = "/.within.website/x/cmd/anubis/"`.
|
|
419
|
+
// Source: https://github.com/TecharoHQ/anubis
|
|
420
|
+
if (
|
|
421
|
+
hasAnyHtml([
|
|
422
|
+
/<script id="anubis_challenge"/,
|
|
423
|
+
'/.within.website/x/cmd/anubis/'
|
|
424
|
+
])
|
|
425
|
+
) {
|
|
426
|
+
return byHtml('anubis')
|
|
427
|
+
}
|
|
428
|
+
|
|
416
429
|
// AWS WAF: Check for x-amzn-waf-action or x-amzn-requestid headers
|
|
417
430
|
// Reference: https://github.com/scrapfly/Antibot-Detector/blob/main/detectors/antibot/detect-aws-waf.json
|
|
418
431
|
if (hasAnyHeader(['x-amzn-waf-action', 'x-amzn-requestid'])) {
|