dravr-browser 0.1.0

Headless-Chrome automation primitives: launch, persistent profiles, stealth, CDP input, and streaming network capture
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193

// ABOUTME: CDP-injected JS that hides automation tells and optionally captures matching network responses
// ABOUTME: Applied via Page.addScriptToEvaluateOnNewDocument so it runs before any page JS on every frame
//
// SPDX-License-Identifier: MIT OR Apache-2.0
// Copyright (c) 2026 dravr.ai

use chromiumoxide::cdp::browser_protocol::page::AddScriptToEvaluateOnNewDocumentParams;
use chromiumoxide::Page;

use crate::error::{BrowserError, BrowserResult};

/// Global JS object the capture hook writes into. Read by [`crate::capture`].
pub const CAPTURE_GLOBAL: &str = "__dravrCaptures";

/// Options controlling the injected stealth + capture payload.
#[derive(Debug, Clone, Default)]
pub struct StealthOptions {
    /// When set, responses whose request URL matches this JS regex source are
    /// captured into [`CAPTURE_GLOBAL`]. When `None`, only stealth is applied.
    pub capture_url_pattern: Option<String>,
    /// When `true`, matching responses are captured incrementally by teeing
    /// their `ReadableStream` (for SSE / streamed bodies). When `false`, the
    /// full response body is captured once it resolves.
    pub streaming: bool,
}

impl StealthOptions {
    /// Stealth only — no network capture.
    #[must_use]
    pub const fn stealth_only() -> Self {
        Self {
            capture_url_pattern: None,
            streaming: false,
        }
    }

    /// Capture full (non-streamed) response bodies matching `pattern`.
    #[must_use]
    pub fn capture(pattern: impl Into<String>) -> Self {
        Self {
            capture_url_pattern: Some(pattern.into()),
            streaming: false,
        }
    }

    /// Capture streamed (SSE) response bodies matching `pattern` incrementally.
    #[must_use]
    pub fn capture_stream(pattern: impl Into<String>) -> Self {
        Self {
            capture_url_pattern: Some(pattern.into()),
            streaming: true,
        }
    }
}

/// Build the JS payload for the given options.
///
/// The `navigator.webdriver` tell is already removed by Chrome's
/// `--disable-blink-features=AutomationControlled` flag (emitted by
/// chromiumoxide's `.hide()`), so JS-level navigator spoofing is intentionally
/// omitted — `Object.defineProperty` overrides leave a detectable `.toString()`
/// trace that modern detectors flag. The capture hook is the active payload.
fn build_script(opts: &StealthOptions) -> String {
    let Some(pattern) = opts.capture_url_pattern.as_ref() else {
        // Pure stealth: nothing to inject beyond the launch-flag behavior.
        return "(function(){})();".to_owned();
    };

    // Embed the pattern as a safe JS string literal.
    let pattern_lit = serde_json::to_string(pattern).unwrap_or_else(|_| "\"\"".to_owned());

    let capture_body = if opts.streaming {
        // Tee the ReadableStream: push decoded chunks as they arrive.
        "var rec = { status: r.status, chunks: [], done: false, streaming: true };
                store.byUrl[url] = rec; store.last = url;
                try {
                    var reader = r.clone().body.getReader();
                    var dec = new TextDecoder();
                    (function pump() {
                        reader.read().then(function(res) {
                            if (res.done) { rec.done = true; return; }
                            rec.chunks.push(dec.decode(res.value, { stream: true }));
                            pump();
                        }).catch(function() { rec.done = true; });
                    })();
                } catch (e) { rec.done = true; }"
    } else {
        // Capture the full body once it resolves.
        "var rec = { status: r.status, chunks: [], done: false, streaming: false };
                store.byUrl[url] = rec; store.last = url;
                try {
                    r.clone().text().then(function(t) {
                        rec.chunks.push(t); rec.done = true;
                    }).catch(function() { rec.done = true; });
                } catch (e) { rec.done = true; }"
    };

    format!(
        r"(function() {{
    if (window.{CAPTURE_GLOBAL}) return;
    var store = window.{CAPTURE_GLOBAL} = {{ byUrl: {{}}, last: null }};
    var pattern = new RegExp({pattern_lit});

    var origFetch = window.fetch;
    window.fetch = function(input, init) {{
        var url = typeof input === 'string' ? input : (input && input.url) || '';
        var p = origFetch.apply(this, arguments);
        if (pattern.test(url)) {{
            p.then(function(r) {{
                {capture_body}
                return r;
            }}).catch(function() {{}});
        }}
        return p;
    }};

    var origOpen = XMLHttpRequest.prototype.open;
    var origSend = XMLHttpRequest.prototype.send;
    XMLHttpRequest.prototype.open = function(method, url) {{
        this.__dravrUrl = url;
        return origOpen.apply(this, arguments);
    }};
    XMLHttpRequest.prototype.send = function() {{
        var self = this;
        var url = this.__dravrUrl || '';
        if (pattern.test(url)) {{
            this.addEventListener('load', function() {{
                try {{
                    store.byUrl[url] = {{
                        status: self.status,
                        chunks: [self.responseText],
                        done: true,
                        streaming: false
                    }};
                    store.last = url;
                }} catch (e) {{}}
            }});
        }}
        return origSend.apply(this, arguments);
    }};
}})();"
    )
}

/// Inject the stealth + capture payload into a page.
///
/// Must be called after `new_page` and before navigation. Runs on every frame
/// creation thereafter, including subsequent `page.goto(...)` calls.
pub async fn apply_stealth(page: &Page, opts: &StealthOptions) -> BrowserResult<()> {
    page.execute(AddScriptToEvaluateOnNewDocumentParams::new(build_script(
        opts,
    )))
    .await
    .map_err(|e| BrowserError::Browser {
        reason: format!("Failed to inject stealth script: {e}"),
    })?;
    Ok(())
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn stealth_only_has_no_capture_hook() {
        let js = build_script(&StealthOptions::stealth_only());
        assert!(!js.contains(CAPTURE_GLOBAL));
    }

    #[test]
    fn capture_script_embeds_pattern_and_global() {
        let js = build_script(&StealthOptions::capture("/completion"));
        assert!(js.contains(CAPTURE_GLOBAL));
        assert!(js.contains("/completion"));
        assert!(js.contains("r.clone().text()"));
        assert!(!js.contains("getReader"));
    }

    #[test]
    fn stream_capture_script_tees_reader() {
        let js = build_script(&StealthOptions::capture_stream("/completion"));
        assert!(js.contains("getReader"));
        assert!(js.contains("streaming: true"));
    }

    #[test]
    fn pattern_with_quotes_is_escaped() {
        let js = build_script(&StealthOptions::capture(r#"a"b"#));
        // Embedded as a JSON string literal — the raw unescaped sequence must
        // not appear, proving the quote was escaped.
        assert!(js.contains(r#"a\"b"#));
    }
}