fix: enhance stealth mode with additional anti-detection measures

Add 7 new init scripts to cover WebGL fingerprinting, missing Chrome
APIs, permissions behavior, CDP artifacts, and HeadlessChrome UA string.
Enable Chromium's new headless mode (Channel: "chromium") when stealth
is active to use the full UI layer that is harder to detect.

Closes #58

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

stealth_test.go

@@ -1,6 +1,7 @@
 package extractor
 
 import (
+	"strings"
 	"testing"
 )
 
@@ -70,3 +71,100 @@ func TestStealthInitScripts(t *testing.T) {
 		t.Fatal("expected at least one stealth init script")
 	}
 }
+
+func TestStealthInitScripts_Count(t *testing.T) {
+	if len(stealthInitScripts) != 12 {
+		t.Fatalf("expected 12 stealth init scripts, got %d", len(stealthInitScripts))
+	}
+}
+
+func TestStealthInitScripts_WebGLSpoof(t *testing.T) {
+	found := false
+	for _, s := range stealthInitScripts {
+		if strings.Contains(s, "SwiftShader") || strings.Contains(s, "UNMASKED_RENDERER") || strings.Contains(s, "37446") {
+			found = true
+			break
+		}
+	}
+	if !found {
+		t.Fatal("expected a stealth script that spoofs WebGL renderer")
+	}
+}
+
+func TestStealthInitScripts_ChromeApp(t *testing.T) {
+	found := false
+	for _, s := range stealthInitScripts {
+		if strings.Contains(s, "chrome.app") && strings.Contains(s, "chrome.csi") && strings.Contains(s, "chrome.loadTimes") {
+			found = true
+			break
+		}
+	}
+	if !found {
+		t.Fatal("expected a stealth script that stubs chrome.app, chrome.csi, and chrome.loadTimes")
+	}
+}
+
+func TestStealthInitScripts_PermissionsQuery(t *testing.T) {
+	found := false
+	for _, s := range stealthInitScripts {
+		if strings.Contains(s, "permissions.query") && strings.Contains(s, "notifications") {
+			found = true
+			break
+		}
+	}
+	if !found {
+		t.Fatal("expected a stealth script that overrides permissions.query for notifications")
+	}
+}
+
+func TestStealthInitScripts_Notification(t *testing.T) {
+	found := false
+	for _, s := range stealthInitScripts {
+		if strings.Contains(s, "Notification") && strings.Contains(s, "requestPermission") {
+			found = true
+			break
+		}
+	}
+	if !found {
+		t.Fatal("expected a stealth script that stubs Notification constructor")
+	}
+}
+
+func TestStealthInitScripts_NavigatorConnection(t *testing.T) {
+	found := false
+	for _, s := range stealthInitScripts {
+		if strings.Contains(s, "connection") && strings.Contains(s, "effectiveType") {
+			found = true
+			break
+		}
+	}
+	if !found {
+		t.Fatal("expected a stealth script that stubs navigator.connection")
+	}
+}
+
+func TestStealthInitScripts_CDPCleanup(t *testing.T) {
+	found := false
+	for _, s := range stealthInitScripts {
+		if strings.Contains(s, "cdc_") && strings.Contains(s, "delete") {
+			found = true
+			break
+		}
+	}
+	if !found {
+		t.Fatal("expected a stealth script that cleans up CDP artifacts")
+	}
+}
+
+func TestStealthInitScripts_UserAgentStrip(t *testing.T) {
+	found := false
+	for _, s := range stealthInitScripts {
+		if strings.Contains(s, "HeadlessChrome") && strings.Contains(s, "userAgent") {
+			found = true
+			break
+		}
+	}
+	if !found {
+		t.Fatal("expected a stealth script that strips HeadlessChrome from user agent")
+	}
+}