Unable to open https, especially salesforce site in phantomjs - javascript

I have just started learning about headless testing and wanted to use it to test my application on salesforce.com. Salesforce is a https site and am unable to open it in phantomjs. I am using the loadspeed example to test it. I have also set the --ignore-ssl-errors argument but I still get the FAIL to load address error.
phantomjs "C:\myfolder\phantomjs
-1.9.2-windows\examples\loadspeed.js" https://test.salesforce.com --ignore-ssl-e
rrors=yes --ssl-protocol=any
another Observation:
If I try it with other https sites like https://github.com/, I am able to open those in phantomjs.
Please help in resolving this.

Your using phantomjs command in wrong way. You should use in the followinf order:
phantomjs [switchs] [options] [script] [argument]
as in your example it should be:
phantomjs --ignore-ssl-errors=yes --ssl-protocol=any "C:\myfolder\phantomjs
-1.9.2-windows\examples\loadspeed.js" https://test.salesforce.com
The other possibility is that you are trying to open an URL, which is secured by a login page, intended for users who have already logged in, therefor the server may returns 403 unauthorized response. If this is the case you can solve it by getting all the cookies on your browser for demo.saleforce.com and setting them on phantomjs.
Please note that there is no problem with SSL certificate of Salesforce, there is no point in turning off the SSL security. If you can't access the site without ignoring SSL error, then it's likely possible that your computer/internet connection have been compromised by some hackers. If this is the case they can just intercept your login information when you log in different websites.

Related

How to stop the localhost redirection to https automatically?

When i try to run the react project which is present in my localsystem it automatically opens in https connection whereas few of my api's are integrated in http. So it throws mixed content error. I cant update my code to https as of now.. Is there any way to make my browser open localhost in HTTP??
I tried open localhost using http but it shows "Your connection is not secure".. I tried few possible ways to resolve like changing security settings, But still it doesnt work.

Chrome Extension to solve Mixed Content?

I would extremely appreciate some help with the following issue:
I have a payment web app hosted in IIS and configured for SSL. I need to integrate a POS terminal (or pin-pad) with a static IP that's not SSL compatible. I can talk to it running the site without SSL (HTTP to HTTP), but not HTTPS to HTTP - obviously getting "Mixed Content ..." error as Chrome doesn't allow that. I don't need to care about other browsers, but I can't run my site HTTP and as mentioned terminal doesn't support HTTPS.
Now, before you mark it as duplicate - I've read:
sending request from https to http from chrome extension,
Chrome extension - Disable Blocking of Mixed Content
Since v38, Chrome extension cannot load from HTTP URLs anymore, workaround?.
And it looks like Chrome extension might provide a solution. I don't have any experience with Chrome extensions though, but comfortable with JavaScript. I would prefer to avoid chasing something that would result in a dead-end. So, my question is - am I on the right path? If so, how do I go about implementing this? How do I go about delegating the ajax post call to the extension?
Any thoughts, ideas, tips, suggestions would be highly appreciated!
If you are going to use chrome-extension, do you want everyone who visits your payment site install the extension first? If the answer is yes, then sure, chrome-extension can help with that. Take at the following guide:
Cross-Origin XMLHttpRequest, it tells you that background page can send request to http site, even if current page is https
chrome.webRequest.onBeforeRequest, it tells you that you could redirect a http(s) request.

Embedded Devices - Javascript Debugging

I work on embedded devices but am not able to install any software on them (e.g. programs like gdbserver are out). I need to monitor javascript events on those browsers. For example, if we run a web app on the EWB, the device it's on might have a keyboard pop-up. I need a way to see what triggers this event.
I am thinking along the lines of perhaps embedding something into the HTML or javascript that automatically reports any events back to a workstation somewhere.(I already have logs, but they are not live and it's difficult to pinpoint what happens - even beartailing them... wish I could have something like Firebug, but since it's embedded I can't)
Has anyone seen anything along those lines?
To get a debug connection to a web app or page running on a remote device:
Install vorlon using npm
Download ngrok
Start the vorlon server, the server port will probably be localhost:1337 and the following steps assume this
From a terminal/command prompt run ngrok with ngrok http 1337 and it should report an ip address for the other end of the tunnel, something like def01234.ngrok.io available via http and https.
Instead of the local script tag which vorlon suggests, use the remote ngrok address, e.g. <script src="https://def01234.ngrok.io/vorlon.js"></script>. ngrok exposes both http and https - as this is over the public internet I would strongly recommend using a secure connection.
Log onto the vorlon server on your local machine.
If the above test works you are going to want to do two more things:
Get an account at ngrok (or an alternative secure tunnel service) to get a fixed address.
Configure vorlon authentification according to the instructions on this page. By default it is insecure so ANYBODY with the exposed ngrok address could log onto the dashboard and mess with your embedded devices.

Casperjs/Phantomjs does not respect hosts file

I am trying to run tests against my vagrant box with lives at 192.168.0.100. In my hosts file I have 192.168.0.100 lc.mysite.com and the site loads fine and works normally at that url with chrome.
However, when I try and run my tests against it, the url fails and never loads anything. Remote urls work fine but the local ones are just failing.
How can I get casperjs to respect my hosts file? Or is it something else?
If you are using a self-signed SSL certificate (e.g. on your development box), set phantomjs option
--ignore-ssl-errors=true
From the documentation:
--ignore-ssl-errors Ignores SSL errors (expired/self-signed certificate errors): 'true' or 'false' (default)
Turns out it was due to the url being ssl and it kept failing. Using this answer solved my issue.
CasperJS/PhantomJS failing SSL handshakes on some sites even with --ssl-protocol=any

How may a web page that is loaded via https connect to a WebSocket server running on localhost?

I'm trying to create a web page that can connect to a client-local WebSocket server. The idea is to use the JavaScript client running in the browser as kind of a proxy to enable communication between the remote web server and the locally installed client application which implements the WebSocket service.
So basially, what I'd do is load a web page from https://example.com which includes some JavaScript that opens a new WebSocket to ws://localhost:1234/context.
This works fine as long as the web page is accessed via http. As soon as https is used, however, Firefox and Internet Explorer refuse to connect and the WebSocket constructor throws an exception (SecurityError, code 18).
Now, I already found advice from Mozilla stating that https sites should only use secure (wss://) WebSockets and plain http sites should only use plain WebSockets (link). But I don't really see the security issue when connecting to localhost from within an https context. Besides, this works like a charm for Chrome, Opera and Safari.
So the actual question is: Is there any way to work around this issue? Like introducing a non-https context inside the web page or something similar to get all browsers to connect to ws://localhost from within a https-delivered web page?
Thanks a lot in advance! I'm not exactly a web developer so this kind of browser-specific behaviour isn't really in my fields of expertise :)
You have to accept the cert first.
You can do this by simply going to https://localhost:1234/context, in your case. Once that's done, you can use the wss URL in your question.

Categories

Resources