npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

secure-puppeteer

v0.1.3

Published

Puppeteer utility class to provide access to an isolated world.

Downloads

31

Readme

Isolated World Accessor for Puppeteer

image

Abstract

The goal is to provided clean, optional access to Puppeteer's internal _secondaryWorld.

My prior solution to this was fully isolating all execution by patching the concrete Puppeteer library, which you can find here: Harden Puppeteer

A full global patch remains my preferred method as it catch anything Puppeteer may execute in the background, but there are many scenarios where a full patch isn't viable or required.

This package provides a way to access the internal _secondaryWorld which Puppeteer automatically isolates each context change.

Installation

Install the secure-puppeteer package with npm, yarn, or pnpm.

$ npm install secure-puppeteer

Option 1 - Inject isolation into a new page:

import { secure, SecurePage } from "secure-puppeteer"

const page: SecurePage = secure(await browser.newPage())

Option 2 - Access the isolation manager directly.

import { isolate, IsolationManager } from "secure-puppeteer"

const iso: IsolationManager = isolate(await browser.newPage())
// Option 2(b) - Fully extract isolated world:
const { world } = iso.modules()

Example

This example can be found in the ./examples directory.

import puppeteer from "puppeteer"

import { secure, Browser, ElementHandle, SecurePage } from "secure-puppeteer"
  ;(async () => {
  const browser: Browser = await puppeteer.launch()
  const page: SecurePage = secure(await browser.newPage())
  await page.goto("https://prescience-data.github.io/execution-monitor.html")
  const element: ElementHandle | null = await page.secure.$(".example-input")
  if (element) {
    await element.type("This is a test...", { delay: 8 })
  } else {
    throw new Error(`Could not find element ".example-input"`)
  }
})()

Limitations

As mentioned above, this will not necessarily catch everything. For full isolation, my current recommendation is patching the base files as I develop this out over time.

Which is to say; make sure you test this fully before using it, and don't get overconfident:

image

Verifying Isolation

You can run a test against a basic execution monitor page set up here: https://prescience-data.github.io/execution-monitor.html (or use that as a base to design your own!).

If working correctly, there should be no visibility of whatever you execute via the page.secure.<method> tools.

image

Community Support

Please only use the issue tracker for bugs, rather than questions.

For any questions or support you can check out the community Discord channel here: https://scraping-chat.cf