Sensitive CDP Methods
Sensitive CDP methods are certain Chrome DevTools Protocol commands that can lead to detection issues. These may result in more CAPTCHAs and lower success rates for your operations.
While your browser is running, we keep track of all CDP commands sent to the remote browser. If our system spots any sensitive method, we'll add a warning event to your run, pointing out the exact command used.
List of CDP Methods
Runtime.enable
This command always leads to detection. You can read more about this in our blog post How to fix Runtime.Enable CDP detection of Puppeteer, Playwright and other automation libraries?.
We strongly suggest all customers use rebrowser-patches with their CDP driver (Puppeteer or Playwright), or avoid using Runtime.enable altogether if you're working with raw CDP.
Page.setBypassCSP
Sometimes you might want to use this command to make script execution easier or to get rid of an annoying error. It works fine, but based on our experience, some websites and anti-bot systems can easily test for this option. If it's enabled, that's a really big red flag in your fingerprints.
Emulation.setUserAgentOverride
This command changes your user agent. Since Rebrowser uses real browsers on real hardware, you don't need to change the user agent. We run various browser versions on different devices, giving you plenty of variety.
Changing the user agent can raise red flags with anti-detection systems. For example, if our browser is Chrome v128, but your software changes the user agent to Chrome v115, websites can easily test for newer features and spot the mismatch. This is a clear sign of tampering.
Emulation.setTimezoneOverride
We suggest using the timezone option in your profile settings to set the timezone. You can also use the 'auto' value to let Rebrowser set the timezone based on your proxy server's location.
Emulation.*
Any commands from the Emulation.* domain of CDP could increase your risk of being spotted by anti-bot systems. While these can be useful in some cases, we want to stress again: Rebrowser uses real browsers on real hardware. This gives you the best chance of being trusted by websites. You don't need to fake or change any internal settings of remote browser.