Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@cliqz-oss/firefox-client
Advanced tools
firefox-client
is a node library for remote debugging Firefox. You can use it to make things like fxconsole, a remote JavaScript REPL.
var FirefoxClient = require("firefox-client");
var client = new FirefoxClient();
client.connect(6000, function() {
client.listTabs(function(err, tabs) {
console.log("first tab:", tabs[0].url);
});
});
With node.js npm package manager:
npm install firefox-client
Enable remote debugging (You'll only have to do this once)
Open the DevTools. Web Developer > Toggle Tools
Visit the settings panel (gear icon)
Check "Enable remote debugging" under Advanced Settings
Listen for a connection
Open the Firefox command line with Tools > Web Developer > Developer Toolbar.
Start a server by entering this command: listen 6000
(where 6000
is the port number)
Follow the instructions in this Hacks video
A limited set of the API (Console
, StyleSheets
) is compatible with the Simulator 4.0. See the wiki instructions for connecting.
client.listTabs()
will list the currently open apps in the Simulator.
client.getWebapps()
will expose the webapps in the Simulator, where each app implements the Tab
API.
client.getWebapps(function(err, webapps) {
webapps.getApp("app://homescreen.gaiamobile.org/manifest.webapp", function (err, app) {
console.log("homescreen:", actor.url);
app.Console.evaluateJS("alert('foo')", function(err, resp) {
console.log("alert dismissed");
});
});
});
This latest version of the library will stay compatible with Firefox Nightly. Almost all of it will be compatible with Firefox Aurora as well.
A FirefoxClient
is the entry point to the API. After connecting, get a Tab
object with listTabs()
or selectedTab()
. Once you have a Tab
, you can call methods and listen to events from the tab's modules, Console
or Network
. There are also experimental DOM
and StyleSheets
tab modules, and an upcoming Debugger
module.
Almost all API calls take a callback that will get called with an error as the first argument (or null
if there is no error), and a return value as the second:
tab.Console.evaluateJS("6 + 7", function(err, resp) {
if (err) throw err;
console.log(resp.result);
});
The modules are EventEmitter
s, listen for events with on
or once
, and stop listening with off
:
tab.Console.on("page-error", function(event) {
console.log("new error from tab:", event.errorMessage);
});
Summary of the offerings of the modules and objects:
Methods: connect()
, disconnect()
, listTabs()
, selectedTab()
, getWebapps()
, getRoot()
Events: "error"
, "timeout"
, "end"
Properties: url
, title
Methods: reload()
, navigateTo()
, attach()
, detach()
Events: "navigate"
, "before-navigate"
Methods: evaluateJS()
, startListening()
, stopListening()
, getCachedLogs()
Events: "page-error"
, "console-api-call"
Properties: class
, name
, displayName
Methods: ownPropertyNames()
, ownPropertyDescriptor()
, ownProperties()
, prototype()
Methods: startLogging()
, stopLogging()
, sendHTTPRequest()
Events: "network-event"
Properties: url
, method
, isXHR
Methods: getRequestHeaders()
, getRequestCookies()
, getRequestPostData()
, getResponseHeaders()
, getResponseCookies()
, getResponseContent()
, getEventTimings()
Events: "request-headers"
, "request-cookies"
, "request-postdata"
, "response-start"
, "response-headers"
, "response-cookies"
, "event-timings"
Methods: document()
, documentElement()
, querySelector()
, querySelectorAll()
Properties: nodeValue
, nodeName
, namespaceURI
Methods: parentNode()
, parents()
, siblings()
, nextSibling()
, previousSibling()
, querySelector()
, querySelectorAll()
, innerHTML()
, outerHTML()
, setAttribute()
, remove()
, release()
Methods: getStyleSheets()
, addStyleSheet()
Properties: href
, disabled
, ruleCount
Methods: getText()
, update()
, toggleDisabled()
, getOriginalSources()
Events: "disabled-changed"
, "ruleCount-changed"
Methods: measure()
Methods: listRunningApps()
, getInstalledApps()
, watchApps()
, unwatchApps()
, launch()
, close()
, getApp()
, installHosted()
, installPackaged()
, installPackagedWithADB()
, uninstall()
Events: "appOpen"
, "appClose"
, "appInstall"
, "appUninstall"
fxconsole - a remote JavaScript console for Firefox
webapps test script - a sample usage of all webapps features
What do you need from the API? File an issue.
FAQs
Firefox remote debugging client
The npm package @cliqz-oss/firefox-client receives a total of 1,633 weekly downloads. As such, @cliqz-oss/firefox-client popularity was classified as popular.
We found that @cliqz-oss/firefox-client demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.