I am creating and running automated test scripts for certain web application. In one of the scenarios I have, I have to work with a proxy. By the way, I am using robot framework plus selenium for my test scripts. So what I did, I created a separate browser profile which selenium runs. The problem is I can't interact with the credentials pop-up (asking for my username and password) using robot framework and selenium. Is there a way where I can configure the proxy username and password to be included in the browser profile? Or is there a way where robot framework and selenium can interact with the authentication window? Any suggestions in solving or ending up with a workaround for this issue anyone?
Thanks!
Robot Framework SeleniumLibrary uses Selenium RC internally. Proxy authentication can be defined when Selenium server is started, see http://seleniumhq.org/docs/05_selenium_rc.html#proxy-configuration for details.
So, if you start the server manually, just follow the above instructions. If you are using Start Selenium Server keyword, you can give those parameters as arguments:
| Start Selenium Server | -Dhttp.proxyHost=proxy.com | -Dhttp.proxyPort=8080 | -Dhttp.proxyUser=username | -Dhttp.proxyPassword=password |
I couldnt get this working with my proxy, so i set up a squid proxy, which connects to the parent using the credentials and offers a local free proxy to work with.
For me this is the most easy setup / solution.
Though its late to answer but I thought it will add value to previous answers.
There is a one more simple and quickest way, If it helps then great!
If you are running selenium server from cmd then
Start cmd with admin rights (run as administrator) so server is also started with admin rights,
Now run application, It may ask for username and password again but don't worry - just fill username and password or click cancel (in case of site running on localhost), and it will work like. (now it works as if it is passing username and password to browser or application)
Also if don't want to fill authentication details manually every time then in your script include this code:
System.setProperty("http.proxyHost", ");
System.setProperty("http.proxyPort", "proxyPort");
System.setProperty("http.proxyUser", "proxyUser");
System.setProperty("http.proxyPassword", "proxyPassword");
System.setProperty("http.nonProxyHosts", "proxyExceptions");
I just had a intuition and it worked like charm:-)
Hope this quickest way saves time and efforts both for someone!
Authorization popup can be handled in the next way:
http://user:password#securedsite.com (In case your site is: http://securedsite.com)
Related
So I'm working on a web server to host a website to talk to a teradata database, but every now and then when I send a request from the website back to the server, it will do nothing until I focus the console and press any key. Does anyone know why this is and how I can fix it?
I'm using XMLHttpRequests on the website and using the default Nodejs http package on the server side. Let me know if you need more information about it that I haven't included here.
As it turns out this was an issue with CMD/Powershell select mode.
I'm running a Dash/Flask app on Windows Server 2019 with IIS. I installed IIS with CGI, installed wfastcgi in the app's virtual environment, ran wfastcgi-enable as an administrator and specified the FastCGI application as a route handler in web.config using the virtual environment's python executable and wfastcgi.py file, etc.
That all went smoothly and the app is up and running. The app redirects to '/' to login if the user is logged out. This all works perfectly when I run the app on Flask's built-in server, but only works periodically (i.e. sometimes the user is no longer logged in, after the redirect, or refreshing the page logs out the user by chance) in this IIS/fastcgi setup. I use flask-login to login and authenticate users, following closely the example given here: https://github.com/RafaelMiquelino/dash-flask-login.
I also tried to configure flask-login's remember me functionality to persist the login after browser close, but this didn't change the mentioned issues.
Has anyone else experienced this? I'm open to any ideas on why I'm experiencing this strange (session?) behavior with IIS and FastCGI.
Thanks!
EDIT:
Moreover, I did some more tests and found that it is not only random logouts, but also some kind of "random logins":
1. User logs in at login page and is redirected to the "real" content located under /success: Message: User could not be authenticated.
2. Reloading the webpage "/success" without any further action: User is authenticated and can see the content. After repeated reloading the same user is randomly authenticated or not.
Try to increase the iis application pool recycling and ideal time out value.
increase fast cgi ideal time out:
Make sure you set app.secret_key to some secret key. yo could get key by following below code:
import os
os.urandom(24)
Use the following command to quickly generate a value for Flask.secret_key (or SECRET_KEY):
$ python -c 'import os; print(os.urandom(16))'
b'_5#y2L"F4Q8z\n\xec]/'
Refer this link for more detail:
flask-login invalidates session randomly after authentication
https://flask-login.readthedocs.io/en/latest/
I am developping web applications using the Xpages framework from the IBM Lotus Notes technology.
My users don't use the embedded Notes Client browser, but use a regular modern browser (Firefox, Chrome) to browse Notes applications.
Everything is ok when the user has an internet connexion, he can access the application on the online server through his favorite browser.
However some of my applications need to be used Offline, in local. When a user works in local, he opens the IBM Notes Client, go to his workspace and click to open an application locally. Then, the Notes Client runs a http server on a random port and open the application with the embedded Notes Client browser.
What I want to achieve is to be able to open the application on a regular browser (Firefox, Chrome), by just using the default system browser and not the embedded Notes Client browser.
Here is what I tried without success :
With window.location.href I get the port where the local http server runs and the path to the page that is opened in the embedded Notes Client browser. I get this kind of result :
127.0.0.1:54428/xsp/Gfn/CoffeShop.nsf/xp_home.xsp?OpenXPage&&xspRunningContext=Notes
So I just keep the interesting part :
127.0.0.1:54428/xsp/Gfn/CoffeShop.nsf/xp_home.xsp
Now I need to pass the session id has a parameter of this http request so the browser will have the right to access the application. I get the session ID with the following :
facesContext.getExternalContext().getRequest().getSession().getId()
From this I get an ID and I build my complete http request :
127.0.0.1:54428/xsp/Gfn/CoffeShop.nsf/xp_home.xsp?SessionID=ID-fae7aca8f062023972fe35e5909b0106f44ba2ae
But when I try this into a regular browser, instead of getting the page I get an error 500. If I look at the log of the server, I see the following error message :
Exception Thrown
javax.servlet.ServletException: The request is not coming from a trusted Rich Client part
But I am sure my ID is correct. I tried to investigate this on the internet but no success for now, I would be happy if someone has an idea about what do I miss? Or maybe another way to open a local application in the default system browser?
Thank you!
In short, you can't. This is disabled by security restrictions.
But maybe you should think again about a XPiNC application: With 9.0.1, the underlying XULRunner component was upgraded and supports now HTML5 and a lot of the "newer" features.
It matches Firefox 10.0.6, here are the HTML5 test results:
https://html5test.com/s/555ae51ca555ac7b.html
The only reasonable action you have at you disposal is to install Domino designer on the clients. Then you get the nhttp task that serves to a standard browser (you might get away analysing what nhttp needs and only install that part).
The caveat there: the local nhttp does not support authentication. So you need to hack around it (e.g. copy data back and forth between the local NSF and the properly secured one).
Alternative you could try the approach I took with vert.x (should work with any Java container, but then you won't have any XPages, just raw Domino data.
Danielle pushed that forward with the Crossworlds Project - which might be what you need.
Stephan says it as it is: the way you are considering is just going to cause you huge headaches.
If offline capacity is a must, have you thought about creating a pure Notes-Client application? That would certainly be far easier.
I'm trying to automate some datascraping from a website. However, because the user has to go through a login screen a wget cronjob won't work, and because I need to make an HTTPS request, a simple Perl script won't work either. I've tried looking at the "DejaClick" addon for Firefox to simply replay a series of browser events (logging into the website, navigating to where the interesting data is, downloading the page, etc.), but the addon's developers for some reason didn't include saving pages as a feature.
Is there any quick way of accomplishing what I'm trying to do here?
A while back I used mechanize wwwsearch.sourceforge.net/mechanize and found it very helpful. It supports urllib2 so it should also work with HTTPS requests as I read now. So my comment above could hopefully prove wrong.
You can record your action with IRobotSoft web scraper. See demo here: http://irobotsoft.com/help/
Then use saveFile(filename, TargetPage) function to save the target page.
I'm thinking about exploring the idea of having our client software run as a service on a high port and listen for simple http GET requests from 127.0.0.1. The theory is that I would be able to access this service via js from a web page that is served from my site.
1) User installs client software that installs itself as a service and waits for authenticated requests on 127.0.0.1:8080
2) When the user hits my home page js on the page makes an xhtml request to 127.0.0.1:8080 and asks for the status
3) The home page then makes another js request back to my web server sending the status that it received.
This would allow my users to upload/download and edit files on a USB attached device in real-time from a browser. Polling could be the fallback method which is close to what we do today.
Has anyone done this and what potential pitfalls are there? Will this even work?
I can't see any potential pitfalls. I do have a couple of points however.
1/ You probably want to make sure your service only accepts incoming connection from the local machine (127.0.0.1). Otherwise, anyone could look at your JavaScript and figure out that it's talking to [your-ip]:8080. They could then try that themselves from a remote site (security hole).
2/ I wouldn't use port 8080 as it's commonly used for other things (alternate HTTP servers, etc.). Make it configurable and choose a nice high random-type value.
3/ I'm not sure what you're trying to do with point 3 but I think you're trying to send the status back to the user. In which case, why wouldn't the JavaScript on your home page just get the status in a single session and output/update the HTML to be presented to the user? Your "another js request back to my web server" doesn't make sense to me.
You may not be able to do a xml http request to 127.0.0.1 as XMLHTTPRequest is usually limited to the same domain as the main content is being served from. I'm not sure if this restriction applies if the server is on the client's machine. That being said, you could still create a <script> tag that had the src pointing to 127.0.0.1, and have the web server return some Javascript to run. If you only need a simple response, this could work well.
I think it is much better for you to avoid implementation of application logic in JavaScript and html. Once user clicks button on a web page JavaScript should send request to your service and allow it do the rest of the work.
You could have problems with step 1 (Client installs itself) depending on your target user base.
You will need a customised install for each supported environment (Win2K, Vista, Linux, MAC OS 9.0/10.0 etc.).
If your user is on a locked down at work PC this simply wont be allowed.
To some users this might look distressingly similar to a trojan unless you explicitly point out you will be installing software that runs as a service.
You didnt mention an unistall procedure. Users resent "Adobe" like software which installs itself and provides no sensible un-install options
Ohterwise the approach is sound, and, there are are couple of commercial products out there that use exactly this approach!