Headless detection by CDP side-effects

[Sirozha1337]

Hi, I've been using this library for quite some time and it seems to have trouble with properly configured Headless Browsers.

I've found an interesting technique here and it seems to be working well in my use case, catching some bots that weren't caught by the BotD.

Maybe it can be incorporated into the BotD library? What do you think?

Under the hood, Puppeteer leverages the Chrome DevTools Protocol (CDP) to instrument (headless) Chrome. By using a specially crafted challenge shown below, we can detect the use of CDP, and therefore the fact that a browser is automated:

var detected = false;
var e = new Error();
Object.defineProperty(e, 'stack', {
   get() {
       detected = true;
   }
});
console.log(e);