i am trying to get cookies using phantomjs, but it appears to be incomplete?
at command line:
phantomjs --cookies-file=cookies.txt --debug=true test.js
test.js:
var page = require('webpage').create();
page.open('http://example.com', function (status) {
page.evaluate(function() {
document.cookie;
});
page.cookies;
phantom.cookies;
});
i compare cookies.txt with firebug cookies and LiveHttpHeaders, and see there are some cookies missing in the phantomjs saved file?
Related
I'm trying to use CasperJS for HTTP auth to an app then make a second request which if successful should trigger an XSS payload to send the cookies out. I know the auth works as the below code successfully triggers the XSS (I can see the outbound request), however no cookies are sent. I've found things like https://gist.github.com/alvises/6b159300a3f5f09de75f however I can't get anything to work so that cookies are sent with the second request (urlAfterLoggedIn). Could anyone shed any light please?
var casper = require('casper').create({verbose: true, logLevel: 'debug'});
var urlBeforeLoggedIn = "http://127.0.0.1:xxxx/login.jsp";
var urlAfterLoggedIn = "http://127.0.0.1:xxxx/xxxxxxxxxxx?edit=true&bookmarkID=2";
casper.start(urlBeforeLoggedIn)
casper.waitForSelector('form[method="post"]', function() {
casper.fillSelectors('form[method="post"]', {
'input[name="username"]': 'xxxxxxxxxxxxx',
'input[name="password"]': 'xxxxxxxxxxxxx'
}, true);
});
casper.thenOpen(urlAfterLoggedIn)
casper.run();
I'm working with Facebook js SDK "Go Live Dialog" for live streaming, every thing works fine until the last step when I want to publish the stream and I can't publish because there is a CORS error, it is:
XMLHttpRequest cannot load https://graph2.facebook.com/v2.5/10154376393778843?access_token=EAAOAPyi8mX....&suppress_http_code=1. Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values '*, https://www.facebook.com/', but only one is allowed. Origin 'https://www.facebook.com/' is therefore not allowed access.
the issue is due to graph2.facebook.com is sending CORS header twice:
Access-Control-Allow-Origin: *
Access-Control-Allow-Origin: https://facebook.com/
and Google Chrome accepts only one.
I opened it as a bug on facebook but until now their answers is to "disable CORS security" on my browsers, a bad solution if I want to make my app public for every one.
The code for the app is this:
<script>
window.fbAsyncInit = function() {
FB.init({
appId : '452751035113070',
xfbml : true,
version : 'v2.8'
});
};
(function(d, s, id){
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) {return;}
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/en_US/sdk.js";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));
</script>
<button id="liveButton">Create Live Stream To Facebook</button>
<script>
document.getElementById('liveButton').onclick = function() {
FB.ui({
display: 'popup',
method: 'live_broadcast',
phase: 'create',
}, function(response) {
if (!response.id) {
alert('dialog canceled');
return;
}
console.log('stream url:' + response.secure_stream_url);
FB.ui({
display: 'popup',
method: 'live_broadcast',
phase: 'publish',
broadcast_data: response,
}, function(response) {
console.log("video status: \n" + response.status);
});
});
};
</script>
also here here: https://plnkr.co/edit/Aq0hkCTh5suXfOl6qKuN?p=preview .
To make a real try you should start an streaming using wowza or similar, if not, the publish button is disabled and the problem occurs when I click the publish button.
did someone know how to handle it to allow all users to use the script and to force them to use other browsers or to disable the security options? or I need to wait until facebook fix it?
I Disable a Chrome extension and it works.
The extension is: JetBrains IDE Support 2.0.9
this is strange because every post talk about you can't have 2 CORS directives and I think the server keeps sending 2 directives or maybe the server send just 1 and this extensions modify the headers...I don't know, but now ir works.
I am using following js script to phantomjs on ember site running locally:
//test_phantomjs.js
require('phantomjs-polyfill');
var page = require('webpage').create();
page.open('http://localhost:4200/', function(status) {
console.log("Status: " + status);
if(status === "success") {
page.render('example.png');
}
phantom.exit();
});
The command I run the test this script is as follow:
phantomjs --remote-debugger-port=9001 --remote-debugger-autorun=yes test_phantomjs.js
I am suppose to get login form, but instead I am not getting the form just an empty page.
however if change the url to development ember app, then I get the full page with form fields.
How can I fix it for locally running ember app so I can test this with poltergeist?
I'm trying to creat a gulp task to run a test and automatically refresh when changes occur in any .js test file.
This is the code:
gulp.task('watch-test', function() {
// start live-reload server
plugins.livereload.listen({ start: true});
var filesForTest = [ 'bower_components/angular/angular.js',
'bower_components/angular-mocks/angular-mocks.js',
'src/app/blocks/testController.module.js',
'src/app/blocks/testController.js',
'src/test/spec/sillyControllerSpec.js']
return gulp.src(filesForTest)
.pipe(watch(filesForTest))
.pipe(plugins.jasmineBrowser.specRunner())
.pipe(plugins.jasmineBrowser.server({port: 8888}))
.pipe(plugins.livereload());
});
It watches the files, but I have to refresh manually the page at the browser.
Any idea what can I do?
I found this package that incluide jasmine + livereload
https://www.npmjs.com/package/gulp-jasmine-livereload-task
Hi im using an unoffical fb Coldfusion SDK i had to convert it all from using CFscript to conventional cffunctions because im still on CF7.
Everything seems to be working but im not sure why when trying to lookup the cookie on login at server side its not found. Its seems to be fine on Chorme but FF, IE and Opera all have the same issue.
On index.cfm i have a fb:login button, when pressed you get the log in screen, once successfully logged in, index.cfm refreshs runs my FacebookApp methods but returns a blank value for access_token when read from server side. This is because at server side i try to get the info from the cookie but the cookie has not been created. Ive also outputted the value of access_token but it returns as blank. When i press F5 about a second later I now see the value for my access_token in my output. At the same time if I use the js alert to display access_token in getLoginStatus i can see the value.
Ive read in some places for older browsers where the SDK is slow to load to use the channelURL param, which ive done but im still getting the same result as above.
Any suggestions what I can do? I tried adding js timeout to slow down the to getLoginStatus so it had time to read the cookie but ive not had any joy. Please help.
Top of the page i have this
<!doctype html PUBLIC "-//W3C//Dtd html 4.0 Transitional//EN">
<html xmlns:og="http://ogp.me/ns#" xmlns:fb="http://www.facebook.com/2008/fbml">
After the body tag i have the following
<div id="fb-root"></div>
<script>
window.fbAsyncInit = function() {
FB.init({
appId : 'xxxxxxxxxxxxxxxx',
cookie : true, // enable cookies to allow the server to access the session
oauth : true, // OAuth 2.0
status : true, // check login status
xfbml : true, // parse XFBML
channelUrl: document.location.protocol + './/www.sitename.com/fbchannel.html' //custom channel
});
// whenever the user logs in or logs out, we refresh the page
FB.Event.subscribe('auth.login', function(response) {
window.location.reload();
alert('login');
});
FB.Event.subscribe('auth.logout', function(response) {
window.location.reload();
//alert('logout');
});
FB.getLoginStatus(function(response) {
if (response.status == 'connected') {
// the user is logged in and connected to your
// app, and response.authResponse supplies
// the user's ID, a valid access token, a signed
// request, and the time the access token
// and signed request each expire
var uid = response.authResponse.userID;
var accessToken = response.authResponse.accessToken;
//alert('end');
// alert('login url called '+unescape(window.location.pathname));
// whenever the user logs in we refresh the page
//alert(accessToken);
} else if (response.status == 'not_authorized') {
// the user is logged in to Facebook,
//but not connected to the app
} else {
// the user isn't even logged in to Facebook.
}
});
};
(function() {
var e = document.createElement('script');
e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js';
e.async = true;
document.getElementById('fb-root').appendChild(e);
}());
</script>
Somewhere way below the stuff above i have my button
<fb:login-button scope="publish_stream,email" autologoutlink="true">Connect with FB</fb:login-button>
After spending DAYS on this trying to figure out the problem i came across this and its made my day, problem solved! Thanks chwk.