invisible_playwright

apunkt/invisible_playwright

Fork 0

mirror of https://github.com/feder-cr/invisible_playwright.git synced 2026-06-10 08:45:13 +02:00

Commit graph

Author	SHA1	Message	Date
feder-cr	8d7b6eafdf	ci: drive gate exercises mouse/keyboard/iframe/canvas, not just navigate+eval An adversarial audit of the pipeline found the drive gate only did goto+evaluate, so several historically-shipped breakages would still pass it green: - firefox-2 (jugglerSendMouseEvent missing) — no mouse/keyboard was tested - issue #20 (cross-origin iframe content_frame() None) — no iframe was tested - canvas non-determinism (stealth seed) and headless navigator tells ci_drive_gate.py now clicks a button, moves the mouse, types into an input, reaches into an iframe, checks an identical canvas draw is byte-stable, and checks navigator.languages/plugins — all offline (data: URLs), GPU-free, no proxy. Validated against the real build. Pipeline hardening from the same audit: - Windows: stop swallowing `mach package` failure and never fall back to the dev tree dist/bin (that masked the firefox-7/8 packaging bugs) - macOS: plutil -lint Info.plist + required-key checks (a malformed plist ships fine through a headless drive but Finder calls the .app "damaged") - publish: assert all 5 archives present + fail_on_unmatched_files (no silent partial release if a build leg drops out)	2026-06-09 12:53:42 +02:00
feder-cr	86a04d2d34	ci: drive-test every release binary via Playwright, not just screenshot The old gate ran firefox --headless --screenshot, which renders fine even when the juggler automation layer is missing from the package — so a binary Playwright can't actually drive (firefox-8) passed and shipped broken. Replace it with a real drive gate: a 5-leg matrix that launches each binary over the juggler pipe on its native runner, loads a page, and round-trips JS (also asserts navigator.webdriver stays hidden). Headless and no screenshot, so it stays GPU-free on the hosted runners and needs no proxy or secrets. Same logic is reusable standalone via verify-assets.yml to drive-test an existing release's assets without a rebuild.	2026-06-09 12:24:06 +02:00
feder-cr	7a983e99c5	feat: initial public release invisible-playwright: a patched Firefox 150.0.1 for browser-fingerprint stealth, shipped as a Playwright-compatible Python wrapper. * Sync + async InvisiblePlaywright launcher (firefox_user_prefs, virtual desktop on Windows, SOCKS5 auth via patched nsProtocolProxyService) * fpforge: Bayesian fingerprint sampler over GPU / audio / fonts / screen / ~400 other navigator fields * WebRTC stealth: srflx address swap, synthetic srflx fallback, private-LAN host candidates. No real public IP leak via STUN. * GPU sandbox fix for FF150 alt-desktop regression * Bezier-curve mouse motion baked into Juggler Targets Windows x86_64 + Linux x86_64. Binary fetched on first run from GitHub Release "firefox-1".	2026-05-12 22:32:58 -07:00

Author

SHA1

Message

Date

feder-cr

8d7b6eafdf

ci: drive gate exercises mouse/keyboard/iframe/canvas, not just navigate+eval

An adversarial audit of the pipeline found the drive gate only did goto+evaluate,
so several historically-shipped breakages would still pass it green:
- firefox-2 (jugglerSendMouseEvent missing) — no mouse/keyboard was tested
- issue #20 (cross-origin iframe content_frame() None) — no iframe was tested
- canvas non-determinism (stealth seed) and headless navigator tells

ci_drive_gate.py now clicks a button, moves the mouse, types into an input,
reaches into an iframe, checks an identical canvas draw is byte-stable, and
checks navigator.languages/plugins — all offline (data: URLs), GPU-free, no
proxy. Validated against the real build.

Pipeline hardening from the same audit:
- Windows: stop swallowing `mach package` failure and never fall back to the
  dev tree dist/bin (that masked the firefox-7/8 packaging bugs)
- macOS: plutil -lint Info.plist + required-key checks (a malformed plist ships
  fine through a headless drive but Finder calls the .app "damaged")
- publish: assert all 5 archives present + fail_on_unmatched_files (no silent
  partial release if a build leg drops out)

2026-06-09 12:53:42 +02:00

feder-cr

86a04d2d34

ci: drive-test every release binary via Playwright, not just screenshot

The old gate ran firefox --headless --screenshot, which renders fine even
when the juggler automation layer is missing from the package — so a binary
Playwright can't actually drive (firefox-8) passed and shipped broken.

Replace it with a real drive gate: a 5-leg matrix that launches each binary
over the juggler pipe on its native runner, loads a page, and round-trips JS
(also asserts navigator.webdriver stays hidden). Headless and no screenshot,
so it stays GPU-free on the hosted runners and needs no proxy or secrets.

Same logic is reusable standalone via verify-assets.yml to drive-test an
existing release's assets without a rebuild.

2026-06-09 12:24:06 +02:00

feder-cr

7a983e99c5

feat: initial public release

invisible-playwright: a patched Firefox 150.0.1 for browser-fingerprint
stealth, shipped as a Playwright-compatible Python wrapper.

  * Sync + async InvisiblePlaywright launcher (firefox_user_prefs, virtual
    desktop on Windows, SOCKS5 auth via patched nsProtocolProxyService)
  * fpforge: Bayesian fingerprint sampler over GPU / audio / fonts /
    screen / ~400 other navigator fields
  * WebRTC stealth: srflx address swap, synthetic srflx fallback,
    private-LAN host candidates. No real public IP leak via STUN.
  * GPU sandbox fix for FF150 alt-desktop regression
  * Bezier-curve mouse motion baked into Juggler

Targets Windows x86_64 + Linux x86_64. Binary fetched on first run from
GitHub Release "firefox-1".

2026-05-12 22:32:58 -07:00

3 commits