public/ESH-Media
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Compare commits

base: public:v1.0.9
Branches Tags
public:master
public:v1.0.14 public:v1.0.12 public:v1.0.11 public:v1.0.10 public:v1.0.9 public:v1.0.8 public:v1.0.7 public:v1.0.6 public:v1.0.5 public:v1.0.4 public:v1.0.3 public:v1.0.2 public:v1.0.1
..
compare: public:v1.0.10
Branches Tags
public:master
public:v1.0.14 public:v1.0.12 public:v1.0.11 public:v1.0.10 public:v1.0.9 public:v1.0.8 public:v1.0.7 public:v1.0.6 public:v1.0.5 public:v1.0.4 public:v1.0.3 public:v1.0.2 public:v1.0.1

1 Commits
v1.0.9 ... v1.0.10

Author SHA1 Message Date
eshmeshek
103c2d1e09 feat(1.0.10): experimental chrome.* spoof for Google embedded-browser detection 
Inject chrome.app, chrome.runtime, chrome.csi, chrome.loadTimes,
navigator.permissions.query wrapper via executeJavaScript on dom-ready
for every view. Goal: pass Google's JS-side embedded-browser detector
("Возможно, этот браузер небезопасны") by exposing the same chrome.*
shape real Chrome does.

Caveats acknowledged upfront:
- dom-ready fires AFTER <head> scripts, so detection scripts there have
  already seen the un-spoofed environment. Helps only if Google re-checks
  on form submit / later events.
- TLS fingerprint (JA3/JA4) is server-side. If Google flags us there,
  no client-side spoof works. This is a best-effort attempt.

No webPreferences changes — keeps contextIsolation:true and
sandbox-equivalent isolation intact. If this fails we lose nothing
architecturally and revert is trivial.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-16 22:45:49 +03:00
2 changed files with 67 additions and 1 deletions
Expand all files Collapse all files

66
main.js
View File

@@ -40,6 +40,61 @@ const DEFAULT_CONFIG = { apps: [], proxy: { host: '127.0.0.1', port: '7890' }, t
let blockerPromise = null;
let cachedTrustedDomains = DEFAULT_TRUSTED_DOMAINS;
// chrome.* spoof: injected via executeJavaScript on every page's dom-ready.
// Goal is to look like real Chrome to JS-based "embedded browser" detectors
// (Google login, etc.). Cannot fix TLS-fingerprint detection — that's server-side.
const CHROME_SPOOF_JS = `(function(){
try {
if (!window.chrome) window.chrome = {};
var c = window.chrome;
if (!c.app) c.app = {
isInstalled: false,
InstallState: { DISABLED: 'disabled', INSTALLED: 'installed', NOT_INSTALLED: 'not_installed' },
RunningState: { CANNOT_RUN: 'cannot_run', READY_TO_RUN: 'ready_to_run', RUNNING: 'running' },
getDetails: function(){ return null; },
getIsInstalled: function(){ return false; },
runningState: function(){ return 'cannot_run'; }
};
if (!c.runtime) c.runtime = {
PlatformOs: { MAC:'mac', WIN:'win', ANDROID:'android', CROS:'cros', LINUX:'linux', OPENBSD:'openbsd' },
PlatformArch: { ARM:'arm', X86_32:'x86-32', X86_64:'x86-64' },
PlatformNaclArch: { ARM:'arm', X86_32:'x86-32', X86_64:'x86-64' },
RequestUpdateCheckStatus: { NO_UPDATE:'no_update', THROTTLED:'throttled', UPDATE_AVAILABLE:'update_available' },
OnInstalledReason: { CHROME_UPDATE:'chrome_update', INSTALL:'install', SHARED_MODULE_UPDATE:'shared_module_update', UPDATE:'update' },
OnRestartRequiredReason: { APP_UPDATE:'app_update', OS_UPDATE:'os_update', PERIODIC:'periodic' },
sendMessage: function(){},
connect: function(){
return {
postMessage: function(){}, disconnect: function(){},
onDisconnect: { addListener: function(){}, removeListener: function(){} },
onMessage: { addListener: function(){}, removeListener: function(){} }
};
}
};
if (!c.csi) c.csi = function(){ return { startE: Date.now()-1000, onloadT: Date.now()-500, pageT: 1000, tran: 15 }; };
if (!c.loadTimes) c.loadTimes = function(){
var t = performance.timing;
return {
commitLoadTime: t.responseStart/1000, connectionInfo: 'http/1.1',
finishDocumentLoadTime: t.domContentLoadedEventEnd/1000,
finishLoadTime: (t.loadEventEnd/1000) || 0,
firstPaintAfterLoadTime: 0, firstPaintTime: t.responseEnd/1000,
navigationType: 'Other', npnNegotiatedProtocol: 'h2',
requestTime: t.requestStart/1000, startLoadTime: t.fetchStart/1000,
wasAlternateProtocolAvailable: false, wasFetchedViaSpdy: true, wasNpnNegotiated: true
};
};
// navigator.permissions.query: Notification permission must agree with Notification.permission
if (navigator.permissions && navigator.permissions.query) {
var origQuery = navigator.permissions.query.bind(navigator.permissions);
navigator.permissions.query = function(p){
if (p && p.name === 'notifications') return Promise.resolve({ state: Notification.permission, onchange: null });
return origQuery(p);
};
}
} catch (_) {}
})();`;
function loadTrustedDomainsFromDisk() {
try {
if (fs.existsSync(CONFIG_PATH)) {
@@ -608,6 +663,17 @@ ipcMain.on('create-view', async (_event, name, url, imageUrl, _zoom, useProxy) =
view.setBounds(getViewBounds());
attachDevToolsShortcut(view.webContents);
// Experimental: spoof chrome.* JS objects on every page so Google's
// "embedded browser" detector sees a real-Chrome-shaped global. Runs on
// dom-ready which is AFTER <head> scripts, so detection scripts that ran
// there have already seen the un-spoofed environment — this fix only
// helps if Google's gate is re-checked on form submit / later events.
// TLS fingerprint (JA3) is server-side and unaffected; if Google flags us
// there, no client-side spoof helps. Best-effort attempt only.
view.webContents.on('dom-ready', () => {
view.webContents.executeJavaScript(CHROME_SPOOF_JS).catch(() => {});
});
view.webContents.on('did-finish-load', () => {
removeLoader();
addChild(view);

2
package.json
View File

@@ -1,6 +1,6 @@
{
"name": "ESH-Media",
"version": "1.0.9",
"version": "1.0.10",
"private": true,
"main": "main.js",
"scripts": {