Exporting the isHeadless() function
Closed this issue · 2 comments
First of all, thank you for the great captcha solution you've built!
We're using FriendlyCaptcha for a multi-page questionnaire service where the user has to solve the captcha on the last page.
Sometimes these questionnaires can take a long time to complete. A tiny percentage of our users get false positives for the browser check (we haven't identified the cause yet), so it's frustrating for them to spend 20-30 minutes on the form and not be able to submit it because of the captcha error.
We'd like to be able to check users' browsers beforehand, so to be in sync with FriendlyCaptcha's approach it would have been very handy to have the isHeadless() function available to developers.
Something like this would be perfect, or you could come up with a better approach:
import { WidgetInstance, isHeadless } from "friendly-challenge";
I can work on a PR for this if you like.
Thanks in advance!
Hi Viktor,
Thank you for the kind words :)
The isHeadless browser check in this library is really rather minimal, the goal is to never have false positives with that clientside check (if there is a browser that does have false positives which is not automated: do let us know!). This check should only prevent the most basic headless bots in their tracks.
If you are using a version from before 0.9.10 (which is the last time there was a fix for false positives, do upgrade. This version was released in January 2023 (so a bit over a year ago).
Maybe instead of exporting it, you may just vendor the lines into your codebase directly. Vendoring here being a fancy word for copy-paste. This is all there is to it. Would that maybe be an option for your product?
Hi Guido,
Thanks for your quick reply.
We were indeed using a version prior to 0.9.10, so that must be the cause of the false positives.
As for copying the isHeadless function, I was afraid we'd have to manually keep it in sync with your implementation in case of future changes on your end. But it's understandable that you'd prefer to avoid exporting internals, so we'll follow your suggested approach for now.
Thank you very much!