HI,
Is there any way I can find whether the cookies are disabled or not on the client browser. I have seen some posts saying to find using redirect URL, but there is no code how to do that . Can anyone please help me with a sample code to check this.
Please note that I want this to be done using Java only (no javascript please)
Thanks!
Srinivas
you could set a cookie on the startsite and try to read it on the following sites, if your cookie can't be read the user has either disabled them or has deleted your cookie
Related
I am trying to login to google with selenium and I keep getting the error that "This browser or app may not be secure."
The function I use to log in is:
async function loginToChrome(driver, username, password) {
await driver.get("https://accounts.google.com/signin");
await driver.sleep(1000);
let email_phone = await driver.findElement(
By.xpath("//input[#id='identifierId']")
);
await email_phone.sendKeys(username);
await driver.findElement(By.id("identifierNext")).click();
await driver.sleep(1000);
let passEl = await driver.findElement(By.xpath("//input[#name='password']"));
await passEl.sendKeys(password);
await driver.findElement(By.id("passwordNext")).click();
await driver.sleep(1000);
}
It is the same problem as
https://stackoverflow.com/questions/59433453/unable-to-log-into-google-account-in-selenium-chrome-driver
and
https://stackoverflow.com/questions/59276975/couldnt-sign-you-in-this-browser-or-app-may-be-insecure-python-selenium-chrome
I have tried using both the chrome and firefox web drivers and both don't work.
I have also tried doing .excludeSwitches(['enable-automation']) which also didn't help.
This made me think that maybe the sign-in page could detect that I was running in an automated environment.
I tried this solution that would hide that the app is running in a web driver: Can a website detect when you are using selenium with chromedriver?
I have also looked into the User-Agent to see if that was the problem but what I have found is that it is identical to my regular chrome one.
All of this has not worked which makes leaves me stuck. I have seen solutions that say to use an already created user profile from your normal installation of chrome, but this wouldn't work for my use case.
Has anyone found the solution to this? I have been searching for hours and have come up empty-handed.
EDIT:
It seems like this has been getting a lot of attention recently. I found a solution that allowed me to continue to use an automated client without having too many problems. Switching to Puppeteer.
Look into these packages:
"puppeteer",
"puppeteer-extra",
"puppeteer-extra-plugin-stealth"
EDIT 2:
I have seen this get a lot of attention recently. I found the code that I ended up using to login. I used puppeteer instead of selenium to do this
async function login(
page: Page,
username: string,
password: string,
backup: string
) {
await page.goto("https://accounts.google.com/");
await page.waitForNavigation();
await page.waitForSelector('input[type="email"]');
await page.click('input[type="email"]');
await page.waitForNavigation();
//TODO : change to your email
await page.type('input[type="email"]', username);
await page.waitForSelector("#identifierNext");
await page.click("#identifierNext");
await page.waitFor(1000);
await page.waitForSelector('input[type="password"]');
await page.click('input[type="password"]');
await page.waitFor(500);
//TODO : change to your password
await page.type('input[type="password"]', password);
await page.waitForSelector("#passwordNext");
await page.click("#passwordNext");
await page.waitForNavigation();
}
The followings work me as well:
1. try to login stackoverflow with your google account
2. once login, go to the email
here is solution
WebDriver driver;
System.setProperty("webdriver.chrome.driver", "chromeDriver/chromedriver.exe");
driver = new ChromeDriver();
GeneralClass te = new GeneralClass ();
driver.get("https://accounts.google.com/signin/oauth/identifier?client_id=717762328687-iludtf96g1hinl76e4lc1b9a82g457nn."
+ "apps.googleusercontent.com&as=JS6BM8cjL-8j9votansdkw&destination=https%3A%2F%2Fstackauth"
+ ".com&approval_state=!ChRoYWVvLUlNMk5hSXJWUGlaSVl2WBIfc3lSa0lueENpb29lSU5vbEVpbVNxcUZGaGNkSEJoYw%E2%88%99AJDr988AAAAAXlBKc7PzEomxSzgNqd4wLptVlf0Ny3Qx&oauthgdpr=1&xsrfsig=ChkAeAh8T8JNDxCf2Zah5fb_rQ55OMiF8KmMEg5hcHByb3ZhbF9zdGF0ZRILZGVzdGluYXRpb24SBXNvYWN1Eg9vYXV0aHJpc2t5c2NvcGU&flowName=GeneralOAuthFlow");
te.waitingForElementSendingKey(driver, By.id("identifierId"), "XXXXXXXX#gmail.com");
te.waitingForElementForClickOnly(driver, By.id("identifierNext"));
te.waitingForElementSendingKey(driver,By.name("password"), "PASSSWORD");
te.waitingForElementForClickOnly(driver, By.id("passwordNext"));
Thread.sleep(1500);
driver.get("https://mail.google.com/mail/u/0/#inbox");
Thanks
I just tried something out that worked for me after several hours of trial and error.
Adding args: ['--disable-web-security', '--user-data-dir', '--allow-running-insecure-content' ] to my config resolved the issue.
I realized later that this was not what helped me out as I tried with a different email and it didn't work. After some observations, I figured something else out and this has been tried and tested.
Using automation:
Go to https://stackoverflow.com/users/login
Select Log in with Google Strategy
Enter Google username and password
Login to Stackoverflow
Go to https://gmail.com (or whatever Google app you want to access)
After doing this consistently for like a whole day (about 24 hours), try automating your login directly to gmail (or whatever Google app you want to access) directly... I've had at least two other people do this with success.
PS - You might want to continue with the stackoverflow login until you at least get a captcha request as we all went through that phase as well.
One workaround that worked for me is creating a google account in the chrome instance started by the webdriver. Using this newly created account works for me, but I cannot tell what is exactly the difference between it and other google accounts.
Here's what worked for me:
I am using Puppeteer, but I'd bet it's the same for any automated scripts.
You must have a userDataDirectory so that the browser can use the same storage information.
You must initially run the script with headless: false so that you can get a browser to open. If you try to sign in on the current tab (the tab that was navigated automatically), then you will get that error on every sign-in attempt.
The trick (for me) was to open a new tab, navigate manually, try again.
Next time you run the script, you do not need to login.
Try using undetected_chromedriver library :
!pip install undetected_chromedriver
import undetected_chromedriver as uc
driver = uc.Chrome(executable_path='chromedriver.exe') #change for your path
driver.get('https://accounts.google.com/ServiceLogin')
#continue work code here...
It worked pretty well for me
This error message...
This browser or app may not be secure.
Try using a different browser. If you’re already using a supported browser, you can refresh your screen and try again to sign in.
...implies that the WebDriver was unable to authenticate the Browsing Context i.e. Browser session.
Potential reasons and solution
There can be diverse reason behind this error as follows:
#Raphael Schaad in the article "This browser or app may not be secure" error when trying to sign in with Google on desktop apps mentioned that, if an user can log into the same app just fine with other Google accounts, then the problem must lie with the particular account. The possible reason, it is the only account where user is using Two Factor Authentification.
Another pottential reason can be usage of Less secure apps. If an app or site doesn’t meet google-chrome's security standards, Google may block anyone who’s trying to sign in to your account from it. Less secure apps can make it easier for hackers to get in to your account, so blocking sign-ins from these apps helps keep your account safe.
Solution
In these cases the respective solution would be to:
Disable Two Factor Authentification for this Google account and execute your #Test.
Allow less secure apps
You can find a detailed discussion in Sign in to gmail account fails (selenium automation)
tl; dr
A couple of relevent documentation:
Sign in with a supported browser
I have a web application which is hosted at https://example.com. I would like to share a session cookie between the main domain https://example.com and sub-domain https://www.example.com. Thus, there should be no need for a user to re-login if they switch from one domain to another. How do I achieve this in springboot 2.2.6?
This is what I have tried:
I went to application.properties and set server.servlet.session.cookie.domain=.example.com
Now, this does not help. I get an error:
java.lang.IllegalArgumentException: An invalid domain [.example.com] was specified for this cookie
at org.apache.tomcat.util.http.Rfc6265CookieProcessor.validateDomain(Rfc6265CookieProcessor.java:210) ~[tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.tomcat.util.http.Rfc6265CookieProcessor.generateHeader(Rfc6265CookieProcessor.java:145) ~[tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.connector.Response.generateCookieString(Response.java:973) ~[tomcat-embed-core-9.0.33.jar:9.0.33]
If I set server.servlet.session.cookie.domain=example.com, then the cookie is not visible for http://www.example.com and if I set server.servlet.session.cookie.domain=www.example.com, then the cookie is not visible for http://example.com
I have read discussions about Rfc6265CookieProcessor and LegacyCookieProcessor, but I don't know the right way to fix this issue.
Springboot 2.2.6 uses tomcat version 9.0.*
So, how do I fix this issue?
EDIT:
I was trying the above changes on localhost only and not on production. Instead of accessing http://www.example.com, I was doing https://www.localhost and instead of accessing http://example.com, I was doing http://localhost
The right value is:
server.servlet.session.cookie.domain=example.com
What I was trying was that I was making changes on localhost and they were not working for me. I was modifying the values in chrome console manually and expecting to see cookies set on https://localhost with domain localhost to be visible in another tab for domain https://www.localhost and that was not happening.
I read the answer here: Share cookie between subdomain and domain and #Cesc 's comment on that answer which was :
I am not sure where to put this so I am choosing the comments of the
accepted answer. It took long time and failed experiments to prove the
above on my localhost, until it occurred to me that I should call the
localhost with a dot in the name. Like "localhost.com" or something
like that. Then all the "set cookies" behaviours started following the
explanations written here in this answer. Hoping this might help
somebody.
So, I tried my changes on production directly and they worked fine. I am still not able to get it to work on localhost. The way I access my website on localhost is:
https://localhost and https://www.localhost. Based on #Cesc 's comment, I probably need to access the website on localhost as https://www.localhost.com or https://localhost.com and then it will work. But, I have not tried that.
Rather than testing with 'localhost' on your dev machine, try using your machine's fully-qualified host name. I've had a similar challenge with testing authentication against our single-signon platform.
How can I parse HTML data like I were in other country?
I've tried to use proxy (code):
System.setProperty("http.proxyHost", "some proxy");
System.setProperty("http.proxyPort", "some port");
but it doesn't work properly. I still get data in my country language.
I've also tried using VPN, but when I do my program (Jsoup parser) doesn't download anything.
EDIT:
Thanks for your time, the marked answer helped me to solve the problem. The complete solution I found there .
That depends on the site you're trying to download. If the site is using IP geolocation, the only solution is to use appropiate proxy: https://stackoverflow.com/a/1433296/1608594
If the site is only using HTTP headers to determine language, you can send Accept-Language, Accept-Charset and Accept-Encoding headers with the proper values.
https://en.wikipedia.org/wiki/List_of_HTTP_header_fields#Request_fields
As far as I can determine I have followed the steps as detailed at https://ipp.developer.intuit.com/0010_Intuit_Partner_Platform/0200_DevKits_for_Intuit_Partner_Platform/Sample_Apps/Java_Sample_App_for_AggCat_Services/0010_Creating_the_App for running the java demo application.
After enabling the logs, I see following entries in the log output
DEBUG: com.intuit.aggcat.logger - Response code=401
DEBUG: com.intuit.aggcat.logger - OAuth access tokens = null
DEBUG: com.intuit.aggcat.logger - Could not get oAuth tokens: null
So I think server thinks I don't have permissions, however intuit developer website shows I have test access permissions for Customer Account Data API. Can someone please let me know what I am doing wrong.
By the way I think documentation at above link is cut off. Very Last statement says "run as" but does not say run as what
I would recommend that you try using the API explorer (developer.intuit.com/apiexplorer) with the same set of keys to verify that the keys and cert used are correct. If you are able to retrieve the tokens through the API Explorer, then you should be able to do the same through the Java sample app.
You should login to the sample app with the username "user"
I'm following Scott Davis' tutorials on developing grails apps, but whenever i try to run my app (or indeed his source code) i get "Firefox has detected that the server is redirecting the request for this address in a way that will never complete." Safari gives a similar error message as does Opera.
As i've tested the original authors source code which gives the same error i'm fairly confident it's nothing to do with the code.
Is this a problem with the web server on my machine? I use Mac OS Snow Leopard so i'm assuming it's apache that's generating this error.
Edit: Seems Grails as standard uses Jetty, so probably not Apache that is causing the problem. However also tested the app on Glassfish and i get the same error.
Anyone know what i can do to fix this?
Cheers
It depends on the code and Apache configuration you are using. I assume that the web server sends cyclic HTTP redirections, eg. from /root/ to /root (without the slash) and vice versa. This causes a redirection infinite loop.
Check your configuration on conditions that cause a HTTP redirect. For example, Apache automatically adds slashes to directory URLs in standard configuration (like the /root/ example above). I don't know Grails, so I cannot give you a hint on how URLs are processed within the app.
You can also use manual HTTP requests for debugging to see whats going on behind the scenes, using telnet on a terminal:
$ telnet localhost 80
GET / HTTP/1.0
I guess the response will be something like that:
HTTP/1.0 302 Found
Location: XXX
...
Now do a second request on the URL passed in the Location header and so on.
I was getting the same error a little while ago, heres how I fixed:
Try the same page on a different internet setup (it could be your ISP)
Open up Safari, Firefox or whatever your using and empty the cache and delete ALL your cookies
Reboot your computer and try again
It may work now, but if it doesn't:
open up Firefox and type 'about:config' (without the quotes) into the URL bar
You will get some little warning, just press OK
Type 'redirect' into the Filter box
You should see a listing for 'network.http.redirection-limit'
Double click the listing and type a large number (anything above 50 and lower than 200)
Press OK, quit and re-open FireFox
Basically all that does is make FireFox's tolerance for redirect loops higher which should fix your problem - but usually, just borrowing someone else's internet connection fixes it
Hope that all helps =)
Just carefully check your URLMappings configuration:
YOUR_APP/grails-app/conf/UrlMappings.groovy
Common case:
You configured request to be handled like this:
"/anything" (controller:"someController")
So without action, request will be handled by default one, "index". "index" action usually redirects to "list", and "list", in some cases redirect back to "index"
There is your loop.
Good luck