据我所知,他们(OpenWPM)检查 JS 源以获取用于存储 cookie 的特定命令:
看一下test/test_extension.py
:
DOCUMENT_COOKIE_WRITE = (
JS_COOKIE_TEST_URL,
u'7',
u'9',
u'set_cookie',
u'',
u'set_cookie@' + JS_COOKIE_TEST_URL + ':7:9'
'\nonload@' + JS_COOKIE_TEST_URL + ':1:1',
u'window.document.cookie', u'set',
u'test_cookie=Test-0123456789; '
'expires=Tue, 31 Dec 2030 00:00:00 UTC; path=/')
[...]
def test_document_cookie_instrumentation(self):
db = self.visit(utilities.BASE_TEST_URL + "/js_cookie.html")
rows = db_utils.get_javascript_entries(db, all_columns=True)
captured_cookie_calls = set()
for row in rows:
item = (row['script_url'], row['script_line'], row['script_col'],
row['func_name'], row['script_loc_eval'],
row['call_stack'], row['symbol'], row['operation'],
row['value'])
captured_cookie_calls.add(item)
assert captured_cookie_calls == DOCUMENT_COOKIE_READ_WRITE