fix: create render pages in background to avoid focus stealing#70
fix: create render pages in background to avoid focus stealing#70wangpi26 wants to merge 1 commit into
Conversation
In headful mode (e.g. --control-url attaching to a logged-in browser),
every new page created via stealth.Page() was opened in the foreground,
which activated the Chrome window and stole focus from the user's
active app on each page render.
Replace stealth.Page(b) with an explicit b.Page() using
TargetCreateTarget{Background: true}, then inject the same stealth.JS
anti-detection script via EvalOnNewDocument. Behaviour is identical
except pages now open in the background, so focus is no longer
disrupted during a crawl.
|
The failing Failure cause: Go standard library vulnerability GO-2026-5856 — "Invoking Encrypted Client Hello privacy leak in
The repo's This is a pre-existing issue from the Suggested fix (independent of this PR): bump |
Problem
In headful mode (e.g. attaching to a logged-in browser via
--control-url), every page created during a crawl opens in the foreground. This activates the Chrome window and steals focus from the user's active app on each page render, making the machine unusable for other work while kage runs.Root cause
Pool.Rendercreates each page viastealth.Page(b), which callsb.Page(proto.TargetCreateTarget{}). The zero-valueBackgroundfield defaults tofalse, so Chrome creates and activates the tab in the foreground.Fix
Replace
stealth.Page(b)with an explicit call that setsBackground: true, then inject the samestealth.JSanti-detection script viaEvalOnNewDocument. Behaviour is identical to before — the page is still a stealth page — except it now opens in the background and does not steal focus.This mirrors exactly what
stealth.Pagedoes internally, minus the one-line difference (Background: true).Verification
go build ./...andgo vet ./browser/pass.--control-urlattaching to a logged-in Chrome: pages now open in background tabs without stealing focus, and crawl results are unchanged.Impact
--control-url,--headful): pages no longer steal focus. This is particularly important when attaching to a browser that the user is actively using for authenticated crawls.