PhantomJS


PhantomJS is a discontinued headless browser used for automating web page interaction. PhantomJS provides a JavaScript API enabling automated navigation, screenshots, user behavior and assertions making it a common tool used to run browser-based unit tests in a headless system like a continuous integration environment. PhantomJS is based on WebKit making it a similar browsing environment to Safari and Google Chrome. It is open-source software released under the BSD License.

History

PhantomJS was released January 23, 2011 by Ariya Hidayat after several years in development.
The first commit to the public project was in 2011.
The logo commonly used to pictorially refer to PhantomJS is a fluorescent blue ghost atop a black background. This refers to the lack of graphical user interface, or main body of the browser, making PhantomJS users seem like ghosts.
In March 2018, the development of PhantomJS was suspended due to lack of active contributions.

PhantomJS usage

The PhantomJS JavaScript API can be used to open web pages, take screenshots, execute user actions, and run injected JavaScript in the page context. For example, the following code will open Wikipedia and, upon loading, will save a screenshot to a file and exit.

console.log;
var page = require.create;
var url = 'http://en.wikipedia.org/';
page.open;

Tools using PhantomJS

CasperJS

Shortly after the release of PhantomJS, Nicolas Perriault wrote CasperJS, a suite of libraries on top of PhantomJS that extend its capabilities as a client for automated web page testing. CasperJS and PhantomJS have become valuable enough that similar projects have started to adopt the API as a standard way of interacting with headless browsers.

YSlow

developed a version of YSlow that leverages PhantomJS to gather performance metrics for websites.

Companies using PhantomJS

PhantomJS was made for programmatic control of web sites and has been used for many purposes from visual differencing of websites to automated testing of JavaScript frameworks.

Server rendering of client-side JavaScript

With the rise of client-side JavaScript and the SEO problems that practice presents, developers turned to PhantomJS as a way to pre-render static HTML for initial requests. Despite the performance impact of such an approach, it remained one of the simplest ways to improve SEO without rewriting a web application, spawning services trying to automate the process.

Malicious use of PhantomJS

Because PhantomJS is runnable without a UI, scriptable via JavaScript, and relatively adherent to modern browser specifications, it is commonly used as a way to automate attacks against web sites. PhantomJS mimics legitimate user traffic and can complicate attack mitigation technologies. PhantomJS can also be used to automatically verify logins across disparate web sites, compounding the problems that arise after a site is breached and usernames and passwords are leaked.