I have been facing issue with JMeter recently where I needed to understand if JMeter supports SharePoint Application?
I am stuck at the recording of a simple Login-Logout page where ADID Authentication is involved, whenever I try to record in the following manner it gets stuck on the ADID Popup only:
Hit HomePage
ADID Pop-up window (here when I enter valid credentials it just asks for the same thing)
Can anyone guide me if there is something that needs to be done in order to work it with JMeter?
You need to
Figure out what authentication method is being used under the hood, like Basic, NTLM, or Kerberos. Just ask around or inspect request/response headers using your browser developer tools or a 3rd-party sniffer tool like Wireshark
Add HTTP Authorization Manager and properly configure it for the required authentication type, see Windows Authentication with Apache JMeter article for example setup
You can also use an alternative recording solution like JMeter Chrome Extension, but you will still need the HTTP Authorization Manager in order to properly replay the recorded script
Related
Could someone please help me, I need to log in to my google account using Puppeteer or Playwright. Is there a way to do it ?
Most of the cases Google prevents login for headless browsers/bots. You may see some similar message when you try it:
Couldn't sign you in
For your protection, you can't sign in from this device.
Try again later, or sign in from another device.
You need to make sure that you are able to login with your script in "headful" mode by giving the credentials (with page.click and page.type like a real user would) and submitting the form.* If it works headful but you need it to work in headless mode then you can use puppeteer-extra package with puppeteer-extra-plugin-stealth. Examples can be get from puppeteer-extra docs. FYI: pptr-extra uses older puppeteer 2.x as its base, you may loose some functionalities even if it can be used together with the original puppeteer library.
*If there will be a need to handle two-factor authentication that makes the task more complex. You can be sure Google does its best to prevent bots from logging in.
+ You can test your puppeteer Chromium instance if it is detected as headless browser here: https://arh.antoinevastel.com/bots/areyouheadless
For security considerations I am wondering if Chrome extensions had access to an app. I design a Chrome App which handles sensitive data. As far as I understand it, that app runs in a sandboxed environment which should be fairly isolated. If a user had by mistake installed a malicious Chrome extension, would that extension be able to intercept/modify any of the sensitive data in the app?
Please note that I do not consider other ways of interceptions outside of the Chrome environment, e.g. some virus that allows someone to get root access or alike. I would just like to understand to what degree a Chrome app is more susceptible to interception than a standard stand-alone application.
Sebastian
On one hand, extensions cannot touch your app's windows (as in, inspection / script injection) in the default environment, even with "debugger" permission. Your "local" data should be safe.
On the other, I tested it and conclude that webRequest API will catch all XHRs you send.
This includes headers for both request and response, and request body. Response body is currently not available for inspection; however, a malicious extension can perform a redirect, modify your request or cancel it.
This was deemed a security issue; as of Chrome 45, extensions can no longer intercept traffic from other extensions and apps. Hosted apps were accidentally included too, but it's a bug that will be fixed soon - traffic from hosted apps will be open to webRequest as normal.
I don't know any other possibility for an extension to snoop on an app (without any anomalous chrome://flag configuration).
Extensions or other apps cannot access data inside other extensions or apps. An exception may be data in the syncFileSystem api, since an extension could be granted access to the user's Gdrive.
I am using chrome and I see this line when hovering over a link
steam://run/17730
An example exists at the link below, click play game which opens a dialog and then hover over "Yes I have steam".
http://store.steampowered.com/app/17730/
This appears to be a restful command to a client application using an application specific protocol, in this case the "Steam game management service"
My question is this
if it is not a local command what is it?
If it is a local command, how could I implement something like this using say a Bill:// protocol.
I can't find anything on this so this may be tagged incorrectly, I apologize for that.
It seems that steam has registered a protocol with the browser which communicates with the local steam process. The following link might get you started with registering your own protocol in firefox at least:
https://support.steampowered.com/kb_article.php?ref=2087-MZES-9065
I would guess that there are similar links on the steam support site for other browsers.
The other part of this is probably going to be writing a simple local web server that can receive and respond to these requests. I'm not sure what language you are working in but an example for C# is the following: http://www.codeproject.com/Articles/36517/Communicating-from-the-Browser-to-a-Desktop-Applic. Best of luck!
Accessing an application manually works fine, creating a manual script with web_add_header works fine, but when just hitting record in vugen with the http protocol the webpage gets "page cannot be displayed".
What can cause this? I assume it has something to do with security?
Can I change some settings in vugen to make this work?
I don't know that this will solve your problem, but I have seen somewhat similar behavior when dealing with security certificates on SSL enable pages. Try installing or re-installing the security certificate for the site in IE before you try recording the script.
Take a look at your credentials in the system and your browser vendor/version. Make sure that you have admin rights and that you are using a 32 bit browser (VUGEN is a 32 bit application) is one supported for your version of LoadRunner
I have a chrome packaged app that I update form time to time - when I'm creating an update I want to send email to subscribed customers with a link the that extension -that will launch it.
Anyone knows if there is a chrome url scheme i can use?
Currently this is not possible, but there is an API proposal and an implementation being developed for a chrome-app://appid URL schema that would do pretty much what you describe.
Follow the status here
I also want to be able to do this. It seems that one possible solution is to install both an extension and a packaged app, and have the extension register a context menu that then communicates with the app, or something similar.