From 677224e7e9c058e1b6540d52ee080a7ab0bc64c0 Mon Sep 17 00:00:00 2001
From: Hillel Coren <hillelcoren@gmail.com>
Date: Fri, 23 Mar 2018 11:29:30 +0300
Subject: [PATCH] Add check for headless browsers

---
 app/Http/Middleware/StartupCheck.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/app/Http/Middleware/StartupCheck.php b/app/Http/Middleware/StartupCheck.php
index 3a3177d1078d..e5097c4c73b7 100644
--- a/app/Http/Middleware/StartupCheck.php
+++ b/app/Http/Middleware/StartupCheck.php
@@ -55,6 +55,12 @@ class StartupCheck
             return $next($request);
         }
 
+        // Check to prevent headless browsers from triggering activity
+        if (Utils::isNinja() && ! $request->phantomjs && strpos($request->header('User-Agent'), 'Headless') !== false) {
+            Utils::logError('[Headless Browser] ' . json_encode($request->headers->all()), 'PHP', true);
+            exit('Headless browsers are not supported');
+        }
+
         // Check if a new version was installed
         if (! Utils::isNinja()) {
             $file = storage_path() . '/version.txt';