![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
puppeteer-extra-plugin-page-proxy
Advanced tools
Changelog
[2.0.0] - 2024-04-24
Readme
Plugin to use with puppeteer-extra for setting proxies per page basis.
Forwards intercepted requests from the browser to Node.js where it redoes the requests through a proxy and then returns the response to the browser.
Forked from puppeteer-page-proxy.
npm i puppeteer puppeteer-extra puppeteer-extra-plugin-page-proxy
import puppeteer from 'puppeteer-extra';
import puppeteerPageProxy from 'puppeteer-extra-plugin-page-proxy';
// Load the plugin but no proxy active
puppeteer.use(puppeteerPageProxy());
// Load and set a global proxy (for all the future pages)
puppeteer.use(puppeteerPageProxy('https://user:pass@host:port'));
Learn more about this concept here: cooperative-intercept-mode
puppeteer.use(
puppeteerPageProxy({
interceptResolutionPriority: 0
})
);
// After loading the plugin
puppeteer.use(puppeteerPageProxy());
// ... when you get a page
page1.useProxy('https://user:pass@host:port');
page2.useProxy('http://user:pass@host:port');
page3.useProxy('socks5://user:pass@host:port');
page4.useProxy('socks4://user:pass@host:port');
// Go back using the global proxy again
page1.useProxy(undefined);
// Stop using any proxy
page1.useProxy(null);
// Go back using the global proxy but with a different priority
page4.useProxy(undefined, {
interceptResolutionPriority: 1
});
page5.useProxy({
interceptResolutionPriority: 1
});
// After loading the plugin
puppeteer.use(puppeteerPageProxy({
onlyNavigation: true
}));
// ... or override on page level
page.useProxy('https://user:pass@host:port', {
onlyNavigation: true
});
import { getProxiedResponse } from 'puppeteer-extra-plugin-page-proxy';
page.on('request', (request)=> {
// ... your logic
const response = await getProxiedResponse(request, 'https://user:pass@host:port', {
// Optional overrides. See typings for detail.
});
request.respond(response);
// ... your other logic
});
It takes over the task of requesting content from the browser to do it internally via a requests library instead. Requests that are normally made by the browser, are thus made by Node. The IP's are changed by routing the requests through the specified proxy servers using *-proxy-agent's. When Node gets a response back from the server, it's forwarded to the browser for completion/rendering.
This happens when there is an attempt to handle the same request more than once. An intercepted request is handled by either HTTPRequest.abort(), HTTPRequest.continue() or HTTPRequest.respond() methods. Each of these methods 'send' the request to its destination. A request that has already reached its destination cannot be intercepted or handled.
Because direct requests from the browser to the server are being intercepted by Node, making the establishment of a secure connection between them impossible. However, the requests aren't made by the browser, they are made by Node. All https
requests made through Node using this module are secure. This is evidenced by the connection property of the response object:
connection: TLSSocket {
_tlsOptions: {
secureContext: [SecureContext],
requestCert: true,
rejectUnauthorized: true,
},
_secureEstablished: true,
authorized: true,
encrypted: true,
}
The warning can be thought of as a false positive.
FAQs
Unknown package
The npm package puppeteer-extra-plugin-page-proxy receives a total of 98 weekly downloads. As such, puppeteer-extra-plugin-page-proxy popularity was classified as not popular.
We found that puppeteer-extra-plugin-page-proxy demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.