以无法检测的方式检查 WebSocket 帧 [英] Inspecting WebSocket frames in an undetectable way

问题描述

如何以网页无法检测到的方式读取 Chrome 扩展程序或 Firefox 插件中网页的 WebSocket 框架?

How I can read WebSocket frames of a web page in a Chrome extension or Firefox add-on, in a way that cannot be detected by the page?

检查来自 Chrome 开发工具扩展的 WebSockets 框架 提出了一个类似的问题，但开发 NPAPI 插件不再有意义，因为它很快就会被删除.

Inspect WebSockets frames from a Chrome Dev Tools extension formulates a similar question, but developing a NPAPI plugin no longer makes sense because it will soon be removed.

推荐答案

Rob W 的方法有一个替代方案，可以完全屏蔽与页面的任何交互(对于 Chrome)

There is an alternative to Rob W's method that completely masks any interaction with the page (for Chrome)

也就是说，你可以拿出一些重炮，使用​​chrome.debugger.

Namely, you can take out some heavy artillery and use chrome.debugger.

请注意，使用它会阻止您打开相关页面的开发工具(或者，更准确地说，打开开发工具会使其停止工作，因为只有一个调试器客户端可以连接). 此后已得到改进:可以附加多个调试器.

Note that using it will stop you from opening Dev Tools for the page in question (or, more precisely, opening the Dev Tools will make it stop working, since only one debugger client can connect). This has been improved since: multiple debuggers can be attached.

这是一个相当低级的 API；您需要自己使用调试器协议构建您的查询.此外，1.1 文档中没有相应的事件，您需要查看 开发版本.

This is a pretty low-level API; you'll need to construct your queries using the debugger protocol yourself. Also, the corresponding events are not in the 1.1 documentation, you'll need to look at the development version.

您应该能够接收这些 WebSocket 事件并检查它们的 payloadData:

You should be able to receive WebSocket events like those and examine their payloadData:

{"method":"Network.webSocketFrameSent","params":{"requestId":"3080.31","timestamp":18090.353684,"response":{"opcode":1,"mask":true,"payloadData":"Rock it with HTML5 WebSocket"}}}
{"method":"Network.webSocketFrameReceived","params":{"requestId":"3080.31","timestamp":18090.454617,"response":{"opcode":1,"mask":false,"payloadData":"Rock it with HTML5 WebSocket"}}}

这个扩展示例应该提供一个起点.

事实上，这是一个起点，假设 tabId 是您感兴趣的标签:

In fact, here's a starting point, assuming tabId is the tab you're interested in:

chrome.debugger.attach({tabId:tab.id}, "1.1", function() {
  chrome.debugger.sendCommand({tabId:tabId}, "Network.enable");
  chrome.debugger.onEvent.addListener(onEvent);
});

function onEvent(debuggeeId, message, params) {
  if (tabId != debuggeeId.tabId)
    return;

  if (message == "Network.webSocketFrameSent") {
    // do something with params.response.payloadData,
    //   it contains the data SENT
  } else if (message == "Network.webSocketFrameReceived") {
    // do something with params.response.payloadData,
    //   it contains the data RECEIVED
  }
}

我已经测试了这种方法(链接示例如上修改)并且它有效.

I have tested this approach (with the linked sample modified as above) and it works.

这篇关于以无法检测的方式检查 WebSocket 帧的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！