shader 隐身_如何超越隐身障碍

shader 隐身

by Mátyás Fodor

由MátyásFodor

如何超越隐身障碍 (How to outsmart incognito block)

Recently I came across several sites that showed a warning or paywall because I was using incognito mode. I think it is unfair. I should be allowed to use whatever browser and mode I want. This is a way to enforce their tracking tools. I know that incognito is not safe but it’s the bare minimum you can do to avoid ads to track you.

最近，我遇到了几个显示警告或收费墙的网站，因为我使用的是隐身模式。 我认为这是不公平的。 我应该被允许使用我想要的任何浏览器和模式。 这是一种实施其跟踪工具的方法。 我知道隐身模式并不安全，但这是避免广告追踪您的最低要求。

The whole thing took me about two hours and I learned a lot about browser extensions and hacking client-side code as an end user. I thought this might be worth sharing.

整个过程花了我大约两个小时的时间，并且我学到了很多有关浏览器扩展和作为最终用户入侵客户端代码的知识。 我认为这可能值得分享。

First, I had to look up how to detect private mode. As per my best knowledge, there’s no browser API to detect private mode directly, so I was pretty sure it is a sneaky little script. This StackOverflow answer gave me a hint, so I knew I’d have to look for webkitRequestFileSystem. I found this bit in one of those private loathing sites’ minified JavaScript code. Here’s the exciting part:

首先，我必须查找如何检测私有模式。 据我所知，没有浏览器API可以直接检测私有模式，因此我很确定这是一个偷偷摸摸的小脚本。 这个 StackOverflow答案给了我一个提示，所以我知道我必须寻找webkitRequestFileSystem 。 我在那些私人厌恶网站的缩小JavaScript代码之一中发现了这一点。 这是令人兴奋的部分：

I could test the module by pasting it in incognito and public browser window dev console and run:

我可以通过将其粘贴到隐身和公共浏览器窗口开发者控制台中并运行来测试该模块 ：

var module = {};incognito(null, module);module.exports.detectIncognito().then(console.log)

Bingo! This is it, I just have to find a way not to call the error callback in window.webkitRequestFileSystem(..). The easiest way is to monkey patch the function:

答对了！ 就是这样，我只需要找到一种不调用window.webkitRequestFileSystem(..)的错误回调的方法。 最简单的方法是对功能进行猴子修补：

(function(webkitRequestFileSystem) {  window.webkitRequestFileSystem = function(t, s, success, error) {    webkitRequestFileSystem(t, s, success, success);  }})(window.webkitRequestFileSystem);

If you’re not familiar with the technique, monkey patching is a way to add, modify, or suppress the default behavior of a piece of code at runtime without changing its original source code.

如果您不熟悉该技术，则猴子修补程序是一种在运行时添加，修改或抑制一段代码的默认行为的方式，而无需更改其原始源代码。

Detour 1: First I started writing my own chrome extension using Extensionizr. It’s a great tool generating Chrome extension boilerplate code. But in the end, I found an easier solution.

弯路1：首先，我开始使用Extensionizr编写自己的chrome扩展程序 。 这是生成Chrome扩展程序样板代码的好工具。 但是最后，我找到了一个更简单的解决方案。

Whenever it comes to customizing websites I use Tampermonkey (for example hiding job ads on Stack Overflow when I really shouldn’t spend time on looking for new positions). You don’t have to install a n+1th extension, and it provides a nice interface to manage your scripts. Ok, nice is probably an exaggeration, it’s ugly but handy.

每当涉及自定义网站时，我都会使用Tampermonkey (例如，当我真的不应该花时间寻找新职位时，在Stack Overflow上隐藏求职广告 )。 您不必安装第n + 1个扩展，它提供了一个不错的界面来管理脚本。 好吧，好的可能是夸张的，它很丑但是很方便。

So I added the monkey patch script I referenced above, already giggling how easy it was, but bummer, it didn’t work. I tried a few other things for example:

因此，我添加了我上面引用的猴子补丁脚本，已经咯咯地笑了一下，但是糟糕的是，它没有用。 我尝试了其他一些事情，例如：

window.foobar = 'baz';

But in the dev console, this property was absent from the window variable. It turned out content scripts are running in an isolated environment, they only share the DOM with the webpage’s scripts. I started to work with the referenced solution from SO. There was one very important thing though, I had to execute this code before the current page’s code. Here’s what I came up with:

但是在开发控制台中， window变量中没有此属性。 事实证明， 内容脚本在隔离的环境中运行，它们仅与网页脚本共享DOM。 我开始使用SO引用的解决方案。 但是有一件非常重要的事情，我必须在当前页面的代码之前执行此代码。 这是我想出的：

function injectScript(file_path, node) {        var element = document.createElement('script');        element.setAttribute('type', 'text/javascript');        element.setAttribute('src', file_path);        element.setAttribute('async', false);        node.appendChild(element);}injectScript(url, document.documentElement);

Detour 2: As I started with an extension, loading another JavaScript file was trivial. However it’s not the case with Tampermonkey scripts (at least I don’t know about it). So I decided to put my code in a GitHub gist, and tried to load the raw file. But then the browser was complaining about its MIME type. Finally I ended up using https://rawgit.com/, which was exactly the right tool for this.

绕道2：从扩展开始，加载另一个JavaScript文件非常简单。 但是，Tampermonkey脚本不是这种情况(至少我不知道)。 因此，我决定将代码放入GitHub要点，并尝试加载原始文件 。 但是随后浏览器抱怨其MIME类型。 最终，我最终使用了https://rawgit.com/ ，这是正确的工具。

I realized that I should add those few lines of monkey patch code as a string, and fill in the script element’s text with that. Here’s my final solution:

我意识到我应该将那几行猴子补丁代码添加为字符串，并在其中填写脚本元素的文本。 这是我的最终解决方案：

An important thing to know if you work with Tampermonkey in incognito mode: your changes made in incognito mode won’t appear in normal mode, and vice versa: you have to close all your private windows if you want to try your latest changes made in public mode.

重要的是要知道是否以隐身模式使用Tampermonkey：在隐身模式下所做的更改不会在正常模式下显示，反之亦然：如果要尝试在隐身模式下进行的最新更改，必须关闭所有私有窗口公共模式。

Be careful! If you decide to use my script, you have to know that this might (although not very likely) break some web pages. You can always turn these off in Tampermonkey. Use it at your own risk.

小心！ 如果决定使用我的脚本，则必须知道这可能 (虽然不太可能)破坏某些网页。 您随时可以在Tampermonkey中将其关闭。 需要您自担风险使用它。

翻译自: https://www.freecodecamp.org/news/disabling-browser-incognito-check-cc84288e89b3/

shader 隐身