Okay. I know that I am asking a hackneyed, overchewed question but I am posting this because my problem is not getting solved despite trying all the solutions provided on various links.
My constraint - I don't want to use a saved firefox profile to save the website's certificate.
Selenium server version - 2.0b3
Solutions tried -
1) http://seleniumhq.org/docs/05_selenium_rc.html#handling-https-and-security-popups
Browser launcher *firefox
Selenium started with trustAllSSLCertificates option.
Did not help. FF again asks to save the certificate.
2) http://blog.mogotest.com/2010/04/13/how-to-accept-self-signed-ssl-certificates-in-selenium/
Browser launcher *firefoxproxy
Selenium started with trustAllSSLCertificates option.
Did not help.
3) Selenium Testing HTTPs Trust All certificates working for FF but not IE
4) Besides that I tried creating my own cert_override.txt and populating the 5 fields as explained in https://developer.mozilla.org/En/Cert_override.txt but getting the value for the 5th field which is the certificate's serial number and the issuer name as a base64 encoded string is not straightforward as explained in http://tinyurl.com/ce4vn99.
5) Using the Remember Certificate Exception addon for Firefox http://sejq.blogspot.in/2009/01/remember-certificate-exception.html is yet another option but I have not been able to do a full silent install of it. When we drop the xpi file in the required directory, the next time Firefox starts, it will prompt saying that should it found the addon and should it go ahead and install. The addon won't just get reflected in the browser. If anyone can atleast help me with a FULL silent install of this, it would be great!
All I want is that this works in Firefox. I am not interested in IE and Google Chrome.
Any help in providing an answer and not just terming this as a duplicate would be greatly appreciated.
I would suggest an alternative to Selenium.
Have you tried Sahi? It's basically a very similar application, in that it allows scripted browser control, but for a lot of cases it seems to work better than Selenium.
From the Sahi FAQ page:
How does it compare to Selenium?
Sahi is easier to learn and use for testers. Sahi’s recorder works on all browsers. Sahi automatically waits for AJAX and page loads. It does not use XPaths, but uses more intuitive APIs like _in and _near. Sahi works well across frames, iframes, popup windows, sites with dynamic ids, https sites, 401 authentication sites etc. It has inbuilt HTML reports, and ability to run multiple scripts in parallel.
In my experience, this is accurate. There are certain types of browser event that Selenium struggles with, that Sahi handles much better.
I know that doesn't solve your problem with Selenium, and I know it's a pain if you've already written your tests in Selenium to re-do them in Sahi so it may not be the solution you're looking for, but if all else fails, it may be worth considering.
ps - you didn't mention anything about your development environment, but there is a PHP-based testing tool called Mink which integrates with both Sahi and Selenium -- ie you can write the a single test script and have it work in either. I don't know of any similar tool in other languages, but it might be of interest if it helps you migrate between the two.
So the solution turned out to be the 5th point mentioned above.
Here are the steps to solve the issue -
1) Download the Remember Certificate Exception xpi file from https://addons.mozilla.org/en-US/firefox/addon/remember-certificate-exception/
2) Unzip it to get a set of files. Keep them in a temporary folder. (temp_folder/extracted_files)
3) Open the install.rdf file and copy the content of em:id node present in the Description node.
4) Rename the temporary folder just created with this copied string.
5) Place this folder under the profile_name/extensions/ directory. Also delete the extensions.cache/.ini/.rdf files from your profile folder. These need to be deleted so as to prevent the user from being prompted that his profile has been changed and that there is a new addon to be installed. Only if the 3 files are deleted, it will be a fully silent install.
This can be automated using a script.
#!/bin/bash
mkdir /tmp/addon
cp -r ~/POC/remember_certificate_exception-1.0.0-fx.xpi /tmp/addon
unzip /tmp/addon/remember_certificate_exception-1.0.0-fx.xpi -d /tmp/addon
rm /tmp/addon/remember_certificate_exception-1.0.0-fx.xpi
folder_name=$(cat /tmp/addon/install.rdf | grep -m 1 "<em:id>" | cut -f2 -d ">" | cut -f1 -d "<")
mv /tmp/addon /tmp/$folder_name
cp -r /tmp/$folder_name ~/.mozilla/firefox/*.default/extensions
rm -f ~/.mozilla/firefox/*.default/extensions.
https://addons.mozilla.org/en-US/firefox/addon/skip-cert-error/
Use this addon. This will bypass the https errors. This is configurable as well
I've put together an example that shows how to use Selenium to test HTTPS endpoints -- without ignoring certificate validation errors. It shows how to setup the selenium clients with trusted root CAs that can be used to validate the server certificates presented by the HTTPS endpoints being tested. See https://github.com/JeNeSuisPasDave/Selenium-and-TLS
The example demonstrates Chrome and Firefox Selenium nodes. Chrome looks in the system trusted certificate store for root CA certs used for validation; Firefox looks in the cert8.db file within the current profile.
I think this approach is important because I think that instructing your test harness to ignore certificate errors is unnecessarily risky; doing so may eventually hide errors that you wish you had trapped before they got deployed to production.
I wrote an short post about this topic, https://develves.net/blogs/asd/2017-02-20-selenium-and-tls/, but you really just need the example repo linked above.
Related
For my final year uni project I am scanning firefox addons.
I need to download the .xpi for every possible extension, what is the best way to do this?
Thanks.
You could imagine sending GET requests to Mozilla website, e.g.
https://addons.mozilla.org/api/v4/addons/search/?app=firefox&appversion=83.0&page=1&page_size=50&type=extension
... then get .XPI files thanks to the URL you'll find in the "results" > "current_version".
And then do the same for page 2, ...
It should be easy to automatize (in Python or Bash for example), however you should program some sleep time between two requests in order to avoid overloading Mozilla's servers and / or being blacklisted.
I tried Googling this - and none of the answers was a sufficient match to my question.
I need a command line that will download a file through Safari.
The download must be triggered and directed from the command line - - or else I will not be able to integrate it into a broader script.
Due to the purpose of this script, the file must be downloaded. No browser window opened to the file - nothing of that sort. Simply download the file to the location that I direct in the command line.
The download must use Safari - because Safari is logged on to my Google account, while other programs (such as curl) are not, and therefore will not be able to download the file that I need downloaded.
Is there a way to do this?
You can authenticate with google using Curl, I think this would me much easier than trying to download something through safari, take a look at this guide.
I am in a corporate network and wanted to install some developer tools for Firefox. Unfortunately policies forbid that Firefox can access the internet directly, but there are other browsers available to go there. Now: how can I download an xpi-file directly without Firefox?
The problem when I access the addons-page for Firefox: the Download-Button is replaced with something similar to "only available in Firefox - download Firefox". Unfortunately I don't have other developer tools available yet, so I can not even inspect the site and look whether an actual link is available. But maybe there is some pattern, how the link could be derived? Or another site where the add-ons are listed?
I found two (and a half) ways overcoming that problem for now. One is simply using another device, that has firefox on it and copy the link from there (as also stated in the comment).
Another variant was to look in the source code of the add-on-page. Hidden within some json-data is the actual download-url, e.g.:
"url":"https:\u002F\u002Faddons.mozilla.org\u002Ffirefox\u002Fdownloads\u002Ffile\u002F<plugin- or download-id>\u002F<plugin-file-name>.xpi?src="
After transforming that url back (basically only replacing the \u002F to / (and any other special symbol)), I could download the xpi without problem.
I also found a page where you could copy&paste the add-on-page into it and it started a plugin download. However I do not know anything about that site otherwise (so use at your own risk). It's name was "XPI Downloader". A pity it doesn't just list the actual url to the add-on itself :-/
I'm using Capybara to navigate through a login on a website and then download a few files (I'm automating a frequent process that I have to do). There's a few things I tried that aren't working and I'm hoping someone might know a solution...
I have the two links I'm executing .click on, but while one file will start downloading (this is using the Chrome Selenium driver), capybara seems to stop functioning after that. Running .click on the other link doesn't do anything... I figured it's because it's not technically on the page anymore (since it followed a download link) but I tried revisiting the page to click the second link and that doesn't work either.
Assuming I can get that working, I'd really like to be able to download to my script location rather than my Downloads folder, but I've tried every profile configuration I've found online and nothing seems to change it.
Because of the first two issues, I decided to try wget... but I would need to continue from the session in capybara to authenticate. Is it possible to pull the session data (just cookies?) from capybara and insert it into a wget or curl command?
Thanks!
For #3 - accessing the cookies is driver dependent - in selenium it's
page.driver.browser.manage.all_cookies
or you can use the https://github.com/nruth/show_me_the_cookies gem which normalizes access across most of Capybaras drivers. With those cookies you can write them out to a file and then use the --load-cookies option of wget (--cookie option in curl)
For #1 you'd need to provide more info about any errors you get, what is current_url, what does "doesn't work" actually mean, etc
I would like to download the latest update 11 of JDK 7 from the Oracle page using the command/tool Wget, but I can't figure how ?
wget --no-check-certificate http://download.oracle.com/otn-pub/java/jdk/7u11-b21/jdk-7u11-macosx-x64.dmg
Oracle products requires licence agreement clicked before downloading, that's why it will not work with wget without special care.
There are several ways of downloading Oracle products with wget. Mostly you will come across to the method of copying cookie file to your server and use it with wget, but it doesn't seem to be working anymore.
The easiest way i have found to donwload an Oracle product through console using wget is the following steps.
Easiest way of downloading
Use any graphical browser (Firefox, Chrome, IE, etc.) on any machine to accept license agreement of the product you meant to download and start downloading the file
Cancel download right away, right click on download progress to copy download url
Use the link you have copied at step2 and just download with wget in a normal way
wget URL_YOU_HAVE_COPIED
Apparently there is a timeout duration before the URL gets invalid after you start copy on the browser. Not sure how much is that time. But it worked like a charm every i have used it.
Any easier methods anyone has ? Please let use know.