Skip to content

Strip debug globals from stealth_inject.zig #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
hunterjsb wants to merge 54 commits into
base: main
Choose a base branch
from
Open

Strip debug globals from stealth_inject.zig #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
54 commits
Select commit Hold shift + click to select a range
19a2e69
feat: add browser identity spoofing and API stubs for anti-bot-detect…
hunterjsb Apr 1, 2026
82609f8
docs: rewrite README for StealthPanda identity
hunterjsb Apr 1, 2026
1246c1a
chore: remove upstream Lightpanda files irrelevant to fork
hunterjsb Apr 1, 2026
ec467ef
feat: add TLS fingerprint hardening with Chrome cipher suites and Cli…
hunterjsb Apr 1, 2026
a77ab90
fix: add drawImage/setLineDash/isPointInPath stubs and sendBeacon to …
hunterjsb Apr 1, 2026
c4ef34e
feat: add window.chrome stub and WebGL parameter spoofing (Phase 3)
hunterjsb Apr 1, 2026
15d5739
feat: real Canvas 2D rendering via z2d with PNG encoding (Phase 2)
hunterjsb Apr 1, 2026
98cec34
feat: CDP stealth injection and window.chrome stub (Phase 4)
hunterjsb Apr 1, 2026
e9cb0d9
fix: trigger iframe navigation on setAttribute("src", ...) for Turnstile
hunterjsb Apr 1, 2026
aedb159
fix: iframe JS context isolation for document.write and dynamic scripts
hunterjsb Apr 1, 2026
77a3bbe
fix: matchMedia returns true for basic queries, isSecureContext for H…
hunterjsb Apr 1, 2026
7555e15
fix: deduplicate iframe src changes to prevent widget destruction
hunterjsb Apr 1, 2026
f424e10
fix: event.source returns Window.Access for cross-origin postMessage
hunterjsb Apr 1, 2026
7decb97
fix: isSecureContext inherits from parent for about:blank iframes
hunterjsb Apr 1, 2026
cb9e7f9
feat: add window.origin, crossOriginIsolated + postMessage source fix
hunterjsb Apr 1, 2026
67d871f
fix: postMessage source uses getIncumbent for correct caller window
hunterjsb Apr 1, 2026
e2a4860
fix: event.source returns Window.Access for proper cross-origin handling
hunterjsb Apr 1, 2026
5342530
revert: event.source back to raw *Window (Access return type caused h…
hunterjsb Apr 2, 2026
4e91b92
feat: block unsupported_browser reject from Turnstile challenge iframes
hunterjsb Apr 2, 2026
19e8347
feat: block all unsupported_browser rejects via parent capture listener
hunterjsb Apr 2, 2026
206bebf
feat: force Turnstile implicit render via polling in stealth inject
hunterjsb Apr 2, 2026
eaf3e16
feat: intercept and respond to requestExtraParams from challenge iframe
hunterjsb Apr 2, 2026
3465d83
feat: pass rcV from init message in extraParams response
hunterjsb Apr 2, 2026
ba54abb
fix: event.source returns CrossOriginWindow for cross-origin postMessage
hunterjsb Apr 2, 2026
f99a780
debug: confirm extraParams postMessage is sent successfully
hunterjsb Apr 2, 2026
63db5be
refactor: simplify stealth inject — force render + native handler
hunterjsb Apr 2, 2026
c41a770
refactor: remove all reject blocking and force render — natural flow
hunterjsb Apr 2, 2026
22c8b26
fix: process shadow root children when host element becomes connected
hunterjsb Apr 2, 2026
25ec8b9
feat: restore reject blocking with shadow root child fix
hunterjsb Apr 2, 2026
eb76c91
fix: add shadow root child processing to parser path
hunterjsb Apr 2, 2026
41ec4d8
fix: always trigger iframeAddedCallback when src changes
hunterjsb Apr 2, 2026
a7358df
feat: deferred iframe.src trigger + restore isConnected check
hunterjsb Apr 2, 2026
2fa78a1
debug: verify message origin + widgetMap state for requestExtraParams
hunterjsb Apr 2, 2026
9a36921
debug: addEventListener wrapper to catch Turnstile handler errors
hunterjsb Apr 2, 2026
99a98cb
feat: move stealth inject to V8 context creation for earlier execution
hunterjsb Apr 2, 2026
aa0b6d8
fix: EventTarget.prototype wrapper catches Turnstile handler
hunterjsb Apr 2, 2026
d48dd35
debug: confirmed handler runs requestExtraParams but Ce.contentWindow…
hunterjsb Apr 2, 2026
0d7ae17
fix: single-fire deferred iframe.src trigger with contentWindow check
hunterjsb Apr 2, 2026
db68a34
debug: iframe.src setter runs in JS but never reaches Zig setSrc
hunterjsb Apr 2, 2026
cd92475
fix: add appendChild to DocumentFragment JsApi for shadow DOM iframes
hunterjsb Apr 2, 2026
1342cfc
Merge branch 'lightpanda-io:main' into main
hunterjsb Apr 2, 2026
db65b68
fix: error-swallowing appendChild for DocumentFragment
hunterjsb Apr 2, 2026
0ddde68
fix: add insertBefore/removeChild/replaceChild to DocumentFragment JsApi
hunterjsb Apr 2, 2026
43411d2
fix: proper error propagation in DocumentFragment.appendChild + PM lo…
hunterjsb Apr 2, 2026
a854f0e
fix: use page.origin for postMessage origin instead of location
hunterjsb Apr 2, 2026
e8509d7
debug: all challenge messages have wrong origin (parent instead of if…
hunterjsb Apr 2, 2026
ed5824a
fix: correct postMessage origin for cross-context iframe calls
hunterjsb Apr 2, 2026
7d16080
status: origin fix working, widgetStale after 125s
hunterjsb Apr 2, 2026
e725d5b
fix: error-swallowing appendChild + origin investigation continues
hunterjsb Apr 2, 2026
ff71c7e
fix: add appendChild/insertBefore/removeChild to ShadowRoot JsApi
hunterjsb Apr 2, 2026
b1a03b2
add logo to readme
hunterjsb Apr 2, 2026
95a2632
swap logo for better crop
hunterjsb Apr 2, 2026
c1c8b16
strip debug globals from stealth inject
hunterjsb Apr 2, 2026
297a980
red panda logo
hunterjsb Apr 2, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 0 additions & 34 deletions .github/workflows/cla.yml
View file
Open in desktop

This file was deleted.

79 changes: 0 additions & 79 deletions .github/workflows/e2e-integration-test.yml
View file
Open in desktop

This file was deleted.

Loading