The problem: toggle javascript support without restarting firefox (nor resorting to different driver) during cucumber test run.
If Firefox's prefutils were exposed to javascript in a web page, that would make it possible. But it is not the case.
So, is there a plugin that does it? Or is there another way to solve the problem? Or is there a good tutorial (that highlights the exposing bit) on how to make such a plugin?
Edit
On a second thought, how would javascript be of any help once it is disabled? Probably the whole idea is a bit screwed.
I assume that your tests run with normal web content privileges. In that case, they aren't going to be able to affect browser settings such as whether JavaScript is enabled (I assume that's what you mean by "toggle JavaScript support").
I'd implement a simple XPCOM component with a method to turn JS support on and off (by setting the appropriate pref). You can expose it as a JavaScript global property so that your tests can access it. See Expose an XPCOM component to javascript in a web page for more details. Package your component in an extension and make sure it is installed in the Firefox instance where your tests are running.
If you want to access the preferences API directly from your content script, you can add the following prefs to Firefox, either in about:config or by adding the following lines to prefs.js in your profile directory:
user_pref("capability.principal.codebase.p1.granted", "UniversalXPConnect UniversalBrowserRead UniversalBrowserWrite UniversalPreferencesRead UniversalPreferencesWrite UniversalFileRead");
user_pref("capability.principal.codebase.p1.id", "http://www.example.com");
user_pref("capability.principal.codebase.p1.subjectName", "");`
user_pref("signed.applets.codebase_principal_support", true);
Replace www.example.com with the domain that you want to grant the privileges to. Also add this line to your JS code before you call the preferences API:
netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
A local file (something loaded from file:///) is allowed to request additional privileges. Normally you would get a prompt asking whether you want to allow access - you can "auto-accept" the prompt by adding the following lines to prefs.js in the Firefox profile:
user_pref("capability.principal.codebase.p0.granted", "UniversalXPConnect");
user_pref("capability.principal.codebase.p0.id", "file://");
user_pref("capability.principal.codebase.p0.subjectName", "");
You page can then do:
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
var branch = Components.classes["#mozilla.org/preferences-service;1"]
.getService(Components.interfaces.nsIPrefBranch);
branch.setBoolPref("javascript.enabled", false);
This will definitely work if your page is a local file. Judging by the error message however, you are currently running code from about:blank. It might be that changing capability.principal.codebase.p0.id into about:blank or into moz-safe-about:blank will allow that page to get extended privileges as well but I am not sure.
However, none of this will really help if JavaScript is already disabled and you need to enable it. This can only be solved by writing an extension and adding it to the test profile. JavaScript in Firefox extensions works regardless of this setting.
That means you need Javascript to toggle enabling or disabling Javascript.
function setJavascriptPref(bool) {
prefs = Components.classes["#mozilla.org/preferences-service;1"]
.getService(Components.interfaces.nsIPrefBranch);
prefs.setBoolPref("javascript.enabled", bool);
}
Related
Basically I'm trying out Selenium webdriver (using FireFox) and right now I am trying to sign up to a Google account.
However, the strange thing is that whenever I run Selenium and let it use the (empty I assume?) Selenium FireFox profile Google seems to detect it and block me (asking for phone vertification).
This is even the case when I load up the selenium profile and manually sign up.
When I sign up manually (and don't use the selenium profile) I can sign up just fine.
Is the Selenium FireFox profile some how special which enables the servers to detect it?
EDIT: I'm trying to startup selenium with my default FF profile (however it keeps starting up in an empty profile) - here's the code:
OpenQA.Selenium.Proxy proxySetting = new OpenQA.Selenium.Proxy();
proxySetting.HttpProxy = proxy;
proxySetting.FtpProxy = proxy;
proxySetting.SslProxy = proxy;
FirefoxProfile profile = new FirefoxProfile("default");
profile.SetProxyPreferences(proxySetting);
profile.SetPreference("browser.privatebrowsing.autostart", true);
_driver = new FirefoxDriver(profile);
EDIT:
I managed to open the default firefox profile but now it doesn't use my proxy settings. How can I use the normal profile and still customize the profile proxies?
This post talks about an HtmlDriver tag being added to the HTML in the FirefoxDriver which would be a dead giveaway
Google is a strong supporter of Open Source, and even Selenium itself, however I don't think Google would particularly condone a Selenium script creating a bunch of spam accounts that probably would never be used, and just take space.
That being said, I believe that it would be possible potentially.
The only way that Google would be able to know you are using Selenium, is based on the Request Headers. It's possible either the User-Agent has something to do with Selenium, or one of the other Headers.
My solution would be to use something like Fiddler to listen to the requests that Firefox is sending, and then edit your Selenium scripts to account for, and change those requests so Google does not know that you are using Selenium.
This most likely goes against their terms of use, so exercise caution, and use this answer for educational purposes only.
Is there a chance, if you were using the complete path to your firefox profile directory? (e.g. C:\Users\???\AppData\Roaming\Mozilla\Firefox\Profiles\your_profile.default)
Does anyone know if there is a way to load any external executable javascript from a firefox add-on extension? I looked into scriptloader.loadSubScript, but it appears that it can only load from a local resource.
Any help would be appreciated.
You can always xhr for a file, save the contents to disk, then use scriptloader.loadSubScript with an add-on
this would violate the AMO policies though, so you wouldn't be able to upload the add-on to http://addons.mozilla.org
As #erikvold already pointed out, doing so would be a security hazard AND it also violates AMO rules (because it is a security hazard).
Consider your server gets compromised, or there is a way to MITM the connection retrieving the remote script (TLS bugs anyone :p), or you sell your domain and the new owner decides to ship a script to collect credit card information straight from a user's hard disk...
However, it is possible to run a remote script in an unprivileged environment, much like it would run in a website.
Create a Sandbox. The Sandbox should be unprivileged, e.g. pass an URL in your domain into the constructor.
Retrieve your script, e.g. with XHR.
Evaluate your script in the Sandbox and pull out any data it might have generated for you.
This is essentially what tools like Greasemonkey (executing user scripts) do.
Creating and working with Sandboxes in a secure fashion is hard, and the Sandbox being unprivileged prohibits a lot of use cases, but maybe it will work for your stuff.
Try using Components.utils.import .
Example :
const {Cc,Ci,Cu} = require("chrome");
Cu.import("url/path of the file");
Note :
js file which uses DOM objects like window, navigator, etc. will return error saying "window/navigator is undefined". This is simply because the main.js code does not have access to DOM.
Refer this thread for more information.
Extension Link: https://www.dephormation.org.uk/?page=81
This plugin is great. It has one problem though, on pages that use AJAX to make http requests, it switches the user agent for each request and confuses many ajax applications.
What I want to do is figure out where the preferences for this plugin are saved. Particularly, where all the User-Agent Strings that are currently being used are located. I would like to do this so that I could edit these settings outside of firefox before I open the browser so as to "hot swap" one user agent string for each browsing session at a time. I have looked through all kinds of .sqlite databases in my firefox profile but still haven't found the information.
I am using Watir-Webdriver with ruby to application test.
As Mr Palant said... simply changing general.useragent.override would achieve what you want.
Type about:config in the address bar, accept the warning, and filter on useragent and you'll see the setting.
I gather (but haven't tested) this preference may not affect the user agent presented to client side Javascript code. So if your Ajax code references navigator.useragent you might find the real user agent is returned despite your override setting.
Pete (author of SecretAgent).
www.secretagent.org.uk
PS See also
https://developer.mozilla.org/en/Document_Object_Model_%28DOM%29/window.navigator.userAgent
You don't need an add-on for that - changing general.useragent.override preference (create it if not present yet) is enough to set a different user agent string. In Firefox you can do it under about:config, when Firefox isn't running you can add this preference to the file prefs.js in the Firefox profile.
I know that with watir-WebDriver, I can make use of RubyBindings to have the browser load specific profiles or Firefox add-ons when I create a new browser instance. However, can I use Watir to actually use the add-on(s) I open?
The reason I ask is that I am trying to implement a web scraper to navigate to websites and record HTTP interactions. However, since Tamper Data already does the HTTP request/response logging I require, I'd rather use its functionality instead of having to redo it myself.
If this is not possible, I'm wondering if anyone knows a unit tester that will allow me to:
Open a Firefox browser & load Tamper Data
Navigate to specified pages
Click a button on Tamper Data's UI
You can't interact with extensions using bare watir/webdriver as far as i know, need to find a workaround ... Try something like rautomation - https://github.com/jarmo/RAutomation or autoit - http://www.autoitscript.com/site/
This works for me to launch firebug:
Win 7 & XP:
require 'watir-webdriver'
default = Watir::WebDriver::Firefox::Profile.new
If you are admin on your machine it will be the following... otherwise search and provide path:
default.add_extension("/Users/Administrator/AppData/Roaming/Mozilla/Firefox/Profiles/krqve9uc.firebug/extensions/firebug#software.joehewitt.com.xpi")
b = Watir::Browser.new(:firefox, :profile => default)
I have written a Firefox extension that catches when a particular URL is entered and does some stuff. My main app launches Firefox with this URL. The URL contains sensitive information so I don't want it being stored in the history.
I'm concerned about the case where the extension is not installed. If its not installed and Firefox gets launched with the sensitive URL, it will get stored in history and there's nothing I can do about it. So my idea is to use a bookmarklet.
I will launch Firefox with "javascript:window.location.href='pleaseinstallthisplugin.html'; sensitiveinfo='blahblah'".
If the extension is not installed they will get redirected to a page that tells them to install it and the sensitive info won't get stored in the history. If the extension IS installed it will grab the information in the sensitiveinfo variable and do its thing.
My question is, can the bookmarklet call a method in the extension to pass the sensitive info (and if so, how) or can the extension catch when javascript is being called in the bookmarklet?
How can a bookmarklet and Firefox extension communicate?
p.s. The alternative means of getting around this situation would be for my main app to launch Firefox and communicate with the extension using sockets but I am loath to do that because I've run into too many issues over the years with users with crazy firewalls blocking socket communication. I'd like to do everything without sockets if possible.
As far as I know, bookmarklets can never access chrome files (extensions).
Bookmarklets are executed in the scope of the current document, which is almost always a content document. However, if you are passing it in via the command line, it seems to work:
/Applications/Namoroka.app/Contents/MacOS/firefox-bin javascript:alert\(Components\)
Accessing Components would throw if it was not allowed, but the alert displays the proper object.
You could use unsafeWindow to inject a global. You can add a mere property so that your bookmarklet only needs to detect whether the global is defined or not, but you should know that, as far as I know, there is no way to prohibit sites in a non-bookmarklet context from also sniffing for this same global (since it may be a privacy concern to some that sites can detect whether they are using the extension). I have confirmed in my own add-on which injects a global in a manner similar to that below that it does work in a bookmarklet as well as regular site context.
If you register an nsIObserver, e.g., where content-document-global-created is the topic, and then unwrap the subject, you can inject your global (see this if you need to inject something more sophisticated like an object with methods).
Here is some (untested) code which should do the trick:
var observerService = Cc['#mozilla.org/observer-service;1'].getService(Ci.nsIObserverService);
observerService.addObserver({observe: function (subject, topic, data) {
var unsafeWindow = XPCNativeWrapper.unwrap(subject);
unsafeWindow.myGlobal = true;
}}, 'content-document-global-created', false);
See this and this if you want an apparently easier way in an SDK add-on (not sure whether SDK postMessage communication would work as an alternative but with the apparently same concern that this would be exposed to non-bookmarklet contexts (i.e., regular websites) as well).