Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
devtools-protocol
Advanced tools
The devtools-protocol npm package provides a set of TypeScript definitions for the Chrome DevTools Protocol, which allows you to interact with the Chrome browser for tasks such as debugging, profiling, and inspecting web pages programmatically.
Page Navigation
This feature allows you to navigate to a specific URL and wait for the page to load. The code sample demonstrates how to use the Page domain to navigate to 'https://example.com' and wait for the load event.
const CDP = require('chrome-remote-interface');
(async function() {
const client = await CDP();
const { Page } = client;
await Page.enable();
await Page.navigate({ url: 'https://example.com' });
await Page.loadEventFired();
console.log('Page loaded');
await client.close();
})();
JavaScript Execution
This feature allows you to execute JavaScript code within the context of the web page. The code sample demonstrates how to evaluate a JavaScript expression to get the page title.
const CDP = require('chrome-remote-interface');
(async function() {
const client = await CDP();
const { Runtime } = client;
await Runtime.enable();
const result = await Runtime.evaluate({ expression: 'document.title' });
console.log('Page title:', result.result.value);
await client.close();
})();
Network Monitoring
This feature allows you to monitor network requests made by the web page. The code sample demonstrates how to listen for network requests and log the URLs of the requests.
const CDP = require('chrome-remote-interface');
(async function() {
const client = await CDP();
const { Network } = client;
await Network.enable();
Network.requestWillBeSent((params) => {
console.log('Request:', params.request.url);
});
await client.Page.navigate({ url: 'https://example.com' });
await client.Page.loadEventFired();
await client.close();
})();
Puppeteer is a Node library that provides a high-level API to control Chrome or Chromium over the DevTools Protocol. It is more user-friendly and provides additional features like taking screenshots, generating PDFs, and more. Puppeteer abstracts away many of the lower-level details of the DevTools Protocol, making it easier to use for common tasks.
Selenium WebDriver is a popular tool for automating web applications for testing purposes. It supports multiple browsers and provides a high-level API for interacting with web pages. While it does not use the DevTools Protocol directly, it offers similar functionalities for browser automation and testing.
Playwright is a Node library for browser automation that supports multiple browsers (Chromium, Firefox, and WebKit). It provides a high-level API similar to Puppeteer but with additional features like cross-browser testing. Playwright also uses the DevTools Protocol under the hood for Chromium-based browsers.
:warning:
This repository is related to Chrome DevTools Protocol, but does not track issues regarding its definition or implementation.
If you want to file an issue for the Chrome DevTools Protocol, please open an issue on https://crbug.com under component: Platform>DevTools>Platform
.
Use the protocol viewer for navigating the protocol.
TypeScript definitions for the protocol's types are available in 'types/protocol.d.ts'. Mappings from Commands and events to these types are available in either generated DomainApi
style in types/protocol-proxy-api.d.ts
or in simple name-to-type-interface style in types/protocol-mapping.d.ts
.
Also, this repo is published as the devtools-protocol
npm module.
FAQs
The Chrome DevTools Protocol JSON
The npm package devtools-protocol receives a total of 6,896,149 weekly downloads. As such, devtools-protocol popularity was classified as popular.
We found that devtools-protocol demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.