Headless browser

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

A headless browser is a web browser without a graphical user interface.

Headless browsers provide automated control of a web page in an environment similar to popular web browsers, but they are executed via a command-line interface or using network communication. They are particularly useful for testing web pages as they are able to render and understand HTML the same way a browser would, including styling elements such as page layout, colour, font selection and execution of JavaScript and Ajax which are usually not available when using other testing methods.[1][2]

Use cases[edit]

Headless browsers are used for:[3][4]

  • Test automation in modern web applications.
  • Taking screenshots of web pages.
  • Running automated tests for JavaScript libraries.
  • Scraping web sites for data.
  • Automating interaction of web pages.

Google stated in 2009 that using a headless browser could help their search engine index content from websites that use Ajax.[5]

Malicious[edit]

Headless browsers can also be used to:

There is no indication, however, that headless browsers are used more frequently than non-headless browsers for malicious purposes, like DDoS attacks, SQL injections or cross-site scripting attacks. A study of browser traffic in 2018 found no preference by malicious actors for headless browsers.[10]

List of headless browsers[edit]

This is a list of browsers providing a complete or near-complete headless implementation.

  • Google Chrome – since version 59 Chrome supports headless mode in Linux, macOS and Windows[11][10]
  • Firefox – headless mode is available on Linux since version 55.[12] Version 56 added support for headless mode on Windows and macOS[13]
  • PhantomJS – a headless web browser using the WebKit layout engine for rendering web pages and JavaScriptCore for executing scripted tests. PhantomJS was originally developed by Ariya Hidayat in 2010 and has gained a wide following and extensive development ecosystem. However, the project has since been archived and is no longer under active development.[14][15][16][17][18][19]
  • HtmlUnit – a headless browser written in Java. HtmlUnit uses the Rhino engine to provide JavaScript and Ajax support as well as partial rendering capability.[20][21]
  • TrifleJS – a headless Internet Explorer scriptable browser using the Trident layout engine for rendering pages and the V8 JavaScript engine for executing scripted tests. TrifleJS uses the same API language as PhantomJS and works by using the .NET WebBrowser object to control whatever version of Internet Explorer is installed on the machine.[4][22]
  • Splash – a headless web browser with an HTTP API, Lua scripting support and a built-in IPython (Jupyter)-based IDE. Splash is written in Python and uses the WebKit layout engine. Development started at ScrapingHub in 2013; it is partially funded by DARPA.[23][24]
  • SimpleBrowser – a lightweight, highly capable, headless web browser with a scriptable .NET Standard API. SimpleBrowser written in C#, supporting .NET Standard 2.0.[25]

Simulated[edit]

These are browsers that simulate a browser environment. While they are able to support common browser features (HTML parsing, cookies, XHR, some JavaScript, etc.), they do not render the DOM and have limited support for DOM events. They usually perform faster than full browsers, but they are unable to correctly interpret many popular websites.[26][27][28]

  • Zombie.js – a simulated browser environment for Node.js.[29]
  • ENVJS – a simulated browser environment written in JavaScript for the Rhino engine.[30]
  • Edbrowse (limited DOM support)

Scriptable[edit]

These are browsers that may still require a user interface, but they have programmatic APIs and are intended to be used in ways similar to traditional headless browsers.

Test Automation[edit]

Many test automation software and frameworks also include headless browsers as part of their testing apparati.[10]

  • Capybara uses headless browsing, either via WebKit or Headless Chrome to mimic user behavior in its testing protocols.[32]
  • Jasmine uses Selenium by default, but can use WebKit or Headless Chrome, to run browser tests.[33]

See also[edit]

References[edit]

  1. ^ "What is a headless browser?". arhg.net.
  2. ^ "Quick Start". phantomjs.org.
  3. ^ "PhantomJS - PhantomJS". phantomjs.org.
  4. ^ a b "trifleJS".
  5. ^ "Official Google Webmaster Central Blog: A proposal for making AJAX crawlable". Official Google Webmaster Central Blog.
  6. ^ "Headless Browser Botnet Used in 150 hour DDoS attack". Business 2 Community.
  7. ^ "Headless Web Traffic Threatens Internet Economy". ecommercetimes.com.
  8. ^ "Headless browsers: legitimate software that enables attack". ITProPortal.
  9. ^ "Credential stuffing". owasp.org.
  10. ^ a b c Bekerman, Dima (2018-11-28). "Headless Chrome: DevOps Love It, So Do Hackers, Here's Why | Imperva". Blog. Retrieved 2021-02-22.
  11. ^ "Getting Started with Headless Chrome". developers.google.com.
  12. ^ "Headless mode - browser support". developer.mozilla.org.
  13. ^ "Firefox 56 release notes". developer.mozilla.org.
  14. ^ "PhantomJS - PhantomJS". phantomjs.org.
  15. ^ "FAQ". phantomjs.org.
  16. ^ "Google Groups". google.com.
  17. ^ "Commits · ariya/phantomjs · GitHub". GitHub.
  18. ^ "ariya/phantomjs". GitHub.
  19. ^ "Archiving the project: suspending the development · Issue #15344 · ariya/phantomjs". GitHub. Retrieved 2018-12-05.
  20. ^ Mike Bowler. "HtmlUnit – Welcome to HtmlUnit". sourceforge.net.
  21. ^ "Platform (Vaadin 7.3.4 API)". vaadin.com. 6 November 2014.
  22. ^ "Home". GitHub.
  23. ^ "scrapinghub/splash". GitHub.
  24. ^ "Archived copy". Archived from the original on 2015-05-28. Retrieved 2015-05-28.CS1 maint: archived copy as title (link)
  25. ^ SimpleBrowserDotNet/SimpleBrowser, SimpleBrowserDotNet, 2021-02-10, retrieved 2021-02-22
  26. ^ "assaf/zombie". GitHub.
  27. ^ "ヘルペスが口や目からうつる?感染した時の症状と病院の治療方法とは". www.envjs.com. Archived from the original on 2015-02-23. Retrieved 2015-03-13.
  28. ^ "JavaScriptMVC - EnvJS". javascriptmvc.com.
  29. ^ "Zombie". labnotes.org.
  30. ^ Resig, John (29 January 2018). "env-js: A pure-JavaScript browser environment" – via GitHub.
  31. ^ Laurent Jouanneau. "SlimerJS". slimerjs.org.
  32. ^ Silva, Francisco (2019-05-29). "From capybara-webkit to Headless Chrome and ChromeDriver". Blog | Imaginary Cloud. Retrieved 2021-02-22.
  33. ^ Bintz, John. "jasmine-headless-webkit -- The fastest way to run your Jasmine specs!". johnbintz.github.io. Retrieved 2021-02-22.