Brainstorm: think about static and dynamic properties check

[manmolecular]

No description provided.

[Cravtos]

Статичная проверка, фейковый ли юа у пользователя через eval.toString().length:

While on Firefox and Safari it returns 37, it returns 33 on Chrome, and 39 on Internet Explorer. Thus, in case a browser pretends to be Firefox in its user agent, but has a test that returns the 33, there is a chance it is a bot (or a user with a user agent spoofer)

[Cravtos]

A simple test consists to verify if the OS contained in the user agent is consistent with the value of navigator.platform, an attribute that returns the platform the browser is running on.

[Cravtos]

Попробовать red pills для детекта браузеров на виртуальных машинах

[Cravtos]

When querying for the list of plugins via the navigator.plugins object, the browser returns an array of plugins containing detailed information, such as their filename and the associated extension, which reveals some indication of the OS. On Windows, plugin file extensions are .dll, on macOS they are .plugin or .bundle and for Linux based OS extensions are .so

[Cravtos]

In the case of a stack overflow, Firefox throws an Internal Error and Chrome throws a RangeError. Besides the type of errors, depending on the browser, error instances may also contain different properties. While two of them—message and name—are standards, others such as description, lineNumber or toSource are not supported by all browsers. Even for properties such as message and name, which are implemented in all major browsers, their values may differ for a given error.

[Cravtos]

For example, executing null[0] on CHROME will generate the following error message ”Cannot read property ’0’ of null”, while FIREFOX generates ”null has no properties”, and SAFARI ”null is not an object (evaluating ’null[0]’)”.

[Cravtos]

Then, we consider the property navigator.productSub, which returns the build number of the current browser. On SAFARI, CHROME and OPERA, it always returns the string 20030107 and, combined with eval.toString().length, it can therefore be used to distinguish FIREFOX from SAFARI

[Cravtos]

In the case of a genuine fingerprint whose attributes have not been overridden in JavaScript, it should contain the substring native code. However, if a property has been overridden, it will return the code of the overridden function.

[Cravtos]

Since for a given browser, features evolve depending on the version, we can also check if the features available are consistent with browserVersionRef. Otherwise, this may indicate that the browser version displayed in the user agent has been manipulated.

[Cravtos]

Все выше скорее не про именно детект ботов, а про детект факта попытки клиента изменить информацию о себе