[Bug] Stealth plugin iframe.contentWindow leads to FingerprintJS detection

[daniellionel01]

Describe the bug

When visiting the browser detection https://fingerprint.com/products/bot-detection/, it detects an automation if the "iframe.contentWindow" evasion is enabled.

I went through all available evasions and toggled them, until I got a passing result. The only evasion that I had to disable was "iframe.contentWindow".

Code Snippet

const puppeteer = require('puppeteer-extra')
const stealth = require('puppeteer-extra-plugin-stealth')

const plugin = stealth()
plugin.enabledEvasions.delete('iframe.contentWindow')
chromium.use(plugin)

(async () => {
  const browser = await puppeteer.launch({
     args: [
      "--disable-blink-features=AutomationControlled" // this flag is important to avoid detection
    ]
  })
  
  const page = await browser.newPage()
  await page.goto("https://fingerprint.com/products/bot-detection/")
})()

Versions

System:
OS: macOS 15.0.1
CPU: (10) arm64 Apple M2 Pro
Memory: 861.64 MB / 16.00 GB
Shell: 5.9 - /bin/zsh
Binaries:
Node: 18.19.1 - ~/.nvm/versions/node/v18.19.1/bin/node
npm: 10.8.3 - ~/.nvm/versions/node/v18.19.1/bin/npm
pnpm: 9.6.0 - ~/Library/pnpm/pnpm
bun: 1.1.28 - ~/.bun/bin/bun
npmPackages:
playwright-core: 1.48.1 => 1.48.1
playwright-extra: 4.3.6 => 4.3.6
puppeteer-extra-plugin-stealth: 2.11.2 => 2.11.2