PhantomJS

From Wikipedia, the free encyclopedia
Jump to: navigation, search
PhantomJS
Phantomjs-logo.png
Original author(s) Ariya Hidayat
Developer(s) Ariya Hidayat
Initial release January 17, 2011 (2011-01-17)
Stable release

2.1

/ January 23, 2016 (2016-01-23)
Development status Active
Written in C++
Type Headless browser
License BSD
Website phantomjs.org

PhantomJS is a scripted, headless browser used for automating web page interaction. PhantomJS provides a JavaScript API enabling automated navigation, screenshots, user behavior and assertions making it a common tool used to run browser-based unit tests in a headless system like a continuous integration environment. PhantomJS is based on WebKit making it a similar browsing environment to Safari and Google Chrome (before Chrome's fork of WebKit evolved into Blink). It is open-source software released under the BSD License.

History[edit]

PhantomJS was released January 23, 2011 by Ariya Hidayat after several years in development.[1]

The first commit to the public project was in 2011.[2] The project has maintained a steady level of weekly contributions from December 26, 2010 to present.[3] As of February 5, 2015, the project’s open source code repository is watched by 770 people and contributed to by 107 contributors. Also as of February 5, 2015, the project has 1376 open issues and 1252 closed issues.

The logo commonly used to pictorially refer to PhantomJS is a green ghost atop a black background. This refers to the lack of graphical user interface, or main body of the browser, making PhantomJS users seem like ghosts.

PhantomJS usage[edit]

The PhantomJS JavaScript API can be used to open web pages, take screenshots, execute user actions, and run injected JavaScript in the page context. For example, the following code will open Wikipedia and, upon loading, will save a screenshot to a file and exit.

console.log('Loading a web page');
var page = require('webpage').create();
var url = 'http://en.wikipedia.org/';
page.open(url, function (status) {
  console.log('Page loaded');
  page.render('wikipedia.org.png');
  phantom.exit();
});

Tools using PhantomJS[edit]

CasperJS[edit]

Shortly after the release of PhantomJS, Nicolas Perriault wrote CasperJS, a suite of libraries on top of PhantomJS that extend its capabilities as a client for automated web page testing. CasperJS and PhantomJS have become valuable enough that similar projects have started to adopt the API as a standard way of interacting with headless browsers.[4][5]

YSlow[edit]

Yahoo! developed a version of YSlow that leverages PhantomJS for to gather performance metrics for websites.[6]

Companies using PhantomJS[edit]

  • Twitter is using QUnit and PhantomJS for unit testing.[7]
  • LinkedIn is using PhantomJS based tools for performance testing.[8]
  • Netflix is using Sketchy, a headless browser built with PhantomJS to understand what it’s doing without having to visit the site.[9]
  • Time Warner Cable is using PhantomJS with CoffeeScript, Jasmine, and JUnit XML for Jenkins continuous integration.[10]

Other uses for PhantomJS[edit]

PhantomJS was made for programmatic control of web sites and has been used for many purposes from visual differencing of websites[11] to automated testing of JavaScript frameworks.[12]

Server rendering of client-side JavaScript[edit]

With the rise of client-side JavaScript and the SEO problems that practice presents, developers turned to PhantomJS as a way to pre-render static HTML for initial requests,.[13][14] Despite the performance impact of such an approach, it remained one of the simplest ways to improve SEO without rewriting a web application, spawning services trying to automate the process.[15]

Malicious use of PhantomJS[edit]

Because PhantomJS is runnable without a UI, scriptable via JavaScript, and is relatively adherent to modern browser specifications, it is commonly used as a way to automate attacks against web sites.[16] PhantomJS mimics legitimate user traffic and can complicate attack mitigation technologies. PhantomJS can also be used to automatically verify logins across disparate web sites[17] (Credential Stuffing), compounding the problems that arise after a site is breached and usernames and passwords are leaked.

See also[edit]

References[edit]

  1. ^ "don't code today what you can't debug tomorrow". ariya.blogspot.com. Retrieved 20 July 2015. 
  2. ^ "ariya/phantomjs". GitHub. Retrieved 20 July 2015. 
  3. ^ "Contributors to ariya/phantomjs · GitHub". GitHub. Retrieved 20 July 2015. 
  4. ^ Laurent Jouanneau. "FaQ - SlimerJS". slimerjs.org. Retrieved 20 July 2015. 
  5. ^ "trifleJS". trifleJS. Retrieved 20 July 2015. 
  6. ^ Marcel Duran. "YSlow - Official Open Source Project Website". yslow.org. Retrieved 20 July 2015. 
  7. ^ "Leo Lanese on Twitter". Twitter. Retrieved 20 July 2015. 
  8. ^ phegaro. "LinkedIn Mobile: How do we do it?". SlideShare. Retrieved 20 July 2015. 
  9. ^ Michael Mimoso. "Netflix Open Source Security Tools Solve Range of Challenges". threatpost.com. Retrieved 20 July 2015. 
  10. ^ "one year of wandering headlessly". ofilabs.com. Retrieved 20 July 2015. 
  11. ^ "Huddle/PhantomCSS". GitHub. Retrieved 20 July 2015. 
  12. ^ EisenbergEffect. "Docs - Testing with PhantomJS and Jasmine - Durandal". durandaljs.com. Retrieved 20 July 2015. 
  13. ^ "Short story about rendering HTML, client side vs server side". eshlox. Retrieved 20 July 2015. 
  14. ^ Aaron O'Connell (22 April 2014). "Sever-Side Rendering of Single Page Apps using PhantomJS and Node.js". 42floors.com. Retrieved 20 July 2015. 
  15. ^ "BromBone - SEO for your AngularJS, EmberJS, or BackboneJS website.". Brombone.com. Retrieved 20 July 2015. 
  16. ^ "DDoS Attack Used 'Headless' Browsers In 150-Hour Siege". Dark Reading. Retrieved 20 July 2015. 
  17. ^ "Logging in to Amazon using PhantomJS". GitHub Gists. Retrieved 20 July 2015. 

External links[edit]