Headless browser is a web browser, which communicates with the user in the command-line mode, without a traditional graphical interface.
Headless browsers can automate the controls of a web page in an environment similar to some popular browsers. They are particularly useful for testing web pages because they correctly interpret HTML, style sheets and JavaScript execution with AJAX - such functions that are not always available during testing. In 2009, Google began using headless browsers to help its search engine index AJAX3 sites.
Headless Browsers Use Cases
Headless browsers can be used for:
- Web app tests automation.
- Web page screenshots.
- Automated tests for JavaScript libraries.
- Web scraping to data recovery.
- Website interaction automation.
Malicious Use Cases
Headless browsers can also be used to:
- Perform DDOS attacks against websites.
- Increase the number of views.
- Automatically search for sites for fraudulent use, for example, confidential identifiers.
List of Headless Browsers
Here is a list of browsers offering headless functions:
- PhantomJS - a headless browser using the WebKit engine for rendering its pages and JavaScriptCore for javascript execution. PhantomJS was originally developed in 2010.
- HTMLUnit - also headless, written in Java. HTMLUnit uses Rhino for the JavaScript.
- TrifleJS - a version of the scriptable Internet Explorer browser that uses the Trident rendering engine and the V8 JavaScript engine. TrifleJS uses the same API as PhantomJS and, works by using the WebBrowser object of the .NET WebBrowser framework to control the version of IE installed on the machine.
- Splash - it has HTTP API, Lua scripting and an IPython IDE. Splash is written in Python and uses the WebKit rendering engine.
- Weboob - a Python library.
Emulated Headless Browser
These browsers emulate the environment of a browser
- Zombie.js. a navigation environment for Node.js20,21.
- ENVJS. a navigation environment is written in JavaScript for the Rhino engine.
While they are able to support common browsing functions (HTML parsing, XHR, cookie support, etc.), they can not render and have limited support for DOM events. They usually run faster than a typical browser, but are unable to correctly interpret many sites.