I try to use the perl script to automate the interaction with a website.
I use module WWW::Mechanize to realize my design. But, the website [https] shows session expired.
Can anyone help me with this problem.
First you need to try to login to the same site via browser but with Javascript disabled.
If you'll get same error page this mean that some cookies (or some redirects) are added via Javascript so you need to add these cookies manually from your code.
Any way i recommend you to install HttpFox for Mozilla Firefox and record you login session after that you can find what's wrong with the target site.
Did you
my $browser = new WWW::Mechanize;
$browser->cookie_jar({});
?
Related
Can I manually disconnect a chrome window from refreshing automatically when I change my code.
Basically I want to disconnect the websocket connection using devtool or some other way. I tried offline checkbox, but its not helping.
This will come handy for a HTML developer for him to compare the HTML changes done from a developer tool and to the original one.
Right-click the WS connection in the Network panel then select Block Request URL. Based on the websocket.org echo demo, it seems to provide the effect you're looking for.
Have you tried setting the hot module reload to false? There is mention of it in the docs.
I am trying to send emails using smtp in an Adobe AIR application, I am unable to make the code work with gmail but it works with my hosted email without TLS/SSL so my assumption is that TLS/SSL is the issue.
I am using SMTPMAiller from http://www.bytearray.org/?p=27
with latest as3cryptolib I can fine.
I do not want to use a server side script.
Please respond only if you have a working code/application that works with gmail in present.
Thank you
Edit: My question is if you have already this working in present what libraries and what versions are you using, I am sure my libraries are too old.
I managed to send emails from gmail.yahoo using SMTP and SSL using this library airxmail
I had a few problems though, I was trying to log the code using event listeners to understand what is going wrong but adding a specific listener caused problems, I reported it here . For logging I suggest using what the author recommends(the mx.Log).
Other issue was caused by the not clear documentation from the first example I found, there was some code that needed to run for SSL only and other code that needed to run for TLS only.
I did not had time or need to test TLS so I am not sure if it works, code is not yet in production so maybe I will find more issues later.
I created a wrapper class, my needs is to have a test function when a user will add his email credentials and settings, then have the ability to send more then one email, I will show my main code here , use at your own risk.
I tried adding my sample here but SO code formatted did not like it, here is a gist I hope it will help.
I'm getting this chrome flag when trying to post and then get a simple form.
The problem is that the Developer Console shows nothing about this and I cannot find the source of the problem by myself.
Is there any option for looking this at more detail?
View the piece of code triggering the error for fixing it...
The simple way for bypass this error in developing is send header to browser
Put the header before send data to browser.
In php you can send this header for bypass this error ,send header reference:
header('X-XSS-Protection:0');
In the ASP.net you can send this header and send header reference:
HttpContext.Response.AddHeader("X-XSS-Protection","0");
or
HttpContext.Current.Response.AddHeader("X-XSS-Protection","0");
In the nodejs send header, send header reference :
res.writeHead(200, {'X-XSS-Protection':0 });
// or express js
res.set('X-XSS-Protection', 0);
Chrome v58 might or might not fix your issue... It really depends to what you're actually POSTing. For example, if you're trying to POST some raw HTML/XML data whithin an input/select/textarea element, your request might still be blocked from the auditor.
In the past few days I hit this issue in two different scenarios: a WYSIWYG client-side editor and an interactive upload form featuring some kind of content preview. I managed to fix them both by base64-encoding the raw HTML before POSTing it, then decoding it on the receiving PHP page. This will most likely fix the issue and, most importantly, increase the developer's awareness level regarding the data coming from POST requests, hopefully pushing him into adopting effective data encoding/decoding strategies and strengthen their web application from XSS-type attacks.
To base64-encode your content on the client side you can either use the native btoa() function, which is supported by most browsers nowadays, or a third-party alternative such as a jQuery plugin (I ended up using this, which worked ok).
To base64-decode the POST data you can then use PHP's base64_decode(str) function, ASP.NET's Convert.FromBase64String(str) or anything else (depending on your server-side scenario).
For further info, check out this blog post that I wrote on the topic.
In this case, being a first-time contributor at the Creative forums, (some kind of vBulletin construct) and reduced to posting a PM to the moderators before forum access it is easy for one to encapsulate the nature of the issue from the more popular answers above.
The command was
http://forums.creative.com/private.php?do=insertpm&pmid=
And as described above the actual data was "raw HTML/XML data within an input/select/textarea element".
The general requirement for handling such a bug (or feature) at the user end is some kind of quick fixit tweak or twiddle. This post discusses the option of clearing cache, resetting Chrome settings, creating a new_user or retrying the operation with a new beta release.
It was also suggested that one launches a new instance with the following:
google-chrome-stable --disable-xss-auditor
The launch actually worked in this W10 1703 Chrome 061 edition after this modified version:
chrome --disable-xss-auditor
However, on logging back in to the site and attempting the post again, the same error was generated. Perhaps the syntax wants refining or something else is awry.
It then seemed reasonable to launched Edge and repost from there, which turned out to be no problem at all.
This may help in some circumstances. Modify Apache httpd.conf file and add
ResponseHeader set X-XSS-Protection 0
It may have been fixed in Version 58.0.3029.110 (64-bit).
I've noticed that if there is an apostrophe ' in the text Chrome will block it.
When I update href from javascript:void(0) to # in the page of POST request, it works.
For example:
login
Change to:
login
I solved the problem!
In my case when I make the submmit, I send the HTML to the action and in the model I had a property that accept the HTML with "AllowHTML".
The solution consist in remove this "AllowHTML" property and everything go OK!
Obviously I no longer send the HTML to the action because in my case I do not need it
It is a Chrome bug. The only remedy is to use FireFox until they fix this Chrome bug. XSS auditor trashing a page, that has worked fine for 20 years, seems to be a symptom, not a cause.
I'm attempting to load a page that does a call to ADFS for authentication purposes. On the page load, there is a redirect and then popup to enter credentials.
HTTPS must be used.
Chrome must be used as the testing browser.
So, when loading the page everything is working fine, but I'm forced to manually enter credentials when running the test. After inputting the credentials everything is fine, but is there a way to leverage Watir to input this for me? I've tried popping the username:password into the link already with no success, and since I really need to use Chrome the Firefox plugins are moot.
require 'watir-webdriver'
b = Watir::Browser.new :chrome
b.goto 'https://internalUAT.clientwebsite.com/'
b.link(:text => 'HR Dashboard').click
I'm not allowed to post images due to reputation constraints, but please visit
https://i.imgur.com/ExVt8fp.png
for a screenshot.
When you try passing credentials with the https://user:pass#foo.com technique, do you have any unusual characters in the username or password? (Maybe you have a DOMAIN\username domain prefix?)
If so you might want to make sure any such characters in the credential string are properly escaped.
If that's not the problem, and there's no other way to disable the auth prompt for your tests, then your best bet (IMO) is to write a separate script (or thread) that uses RAutomation (or some other UI automation library of your choosing) to enter your credentials and click the Log In button.
See https://github.com/jarmo/RAutomation
The test cases in the following file contain examples of using RAutomation's send_keys method, which could prove useful:
https://github.com/jarmo/RAutomation/blob/master/spec/window_spec.rb
For the record, it looks like RAutomation may have been used by watir-classic for dialog handling:
https://github.com/watir/watir-classic/blob/master/lib/watir-classic/modal_dialog.rb
http://www.rubydoc.info/github/watir/watir-classic/Watir/ModalDialog
I want some particular urls like "springer.com" to automatically convert to "springer.com.proxy1.mycollege.edu". The second url takes me to springer site through my college library gateway; I am able to access some parts that would otherwise be restricted.
Is there some way to convert the url as above automatically in firefox 3?
Could use your hosts file to trick firefox into looking for springer.com in the right place.
http://en.wikipedia.org/wiki/Hosts_file
You can use Greasemonkey for such task.
One way to solve your problem is to run a web proxy like Squid, configure authentication against your campus LDAP directory, and use a Proxy auto-config file to make the browser go through your proxy.