Set request header and User Agent in Geb - geb

When using Geb, is it possible to set custom request headers and user agent when using the Browser API (and not the Direct Download API)?
While this is possible with the FirefoxDriver (see here), I am looking for a way of doing this with the WebKitDriver.

A possible solution is via a proxy.
BrowserMob has a standalone mode with REST api, or embedded in your test programmatically: https://github.com/webmetrics/browsermob-proxy . Useful when there are a lot of custom headers you want to test.
If you already have Apache, you can create another VirtualHost on a different port having that particular request header, and point your browser to that port before the test. Given that your header doesn't change between tests.
This might not be the direct solution to your question: modify request headers directly in Browser API, but it achieves the end result.

Related

Does GET endpoint triggers underlying APIs on request (with Postman or JMeter)

I'm creating load testing with JMeter.
We have A Single Page Application (React).
Let's say I need to check the endpoint
GET /foo
When you go to that endpoint via the browser it triggers API endpoints (javascript fetch) to retrieve data. Let's say 2 endpoints
GET /api/fooData, GET /api/fooCalendar
My question is: If I request GET /foo with JMeter (or Postman for instance), will it trigger the other endpoints behind the scene like a normal user flow, or I would need to manually check all the endpoints that are being triggered?
As per JMeter project main page:
JMeter is not a browser, it works at protocol level. As far as web-services and remote services are concerned, JMeter looks like a browser (or rather, multiple browsers); however JMeter does not perform all the actions supported by browsers. In particular, JMeter does not execute the Javascript found in HTML pages. Nor does it render the HTML pages as a browser does (it's possible to view the response as HTML etc., but the timings are not included in any samples, and only one sample in one thread is ever displayed at a time).
So you will have to create separate HTTP Request samplers for each JavaScript-driven calls. If the calls are made in parallel - it would be better to put them under the Parallel Controller as JMeter executes Samplers sequentially (upside down)

How can I set up HTTP Alternative Service in Apache?

I run a website on the clearnet using Apache and want the connection to be made via the .onion address when a user uses the clearnet URL in a Tor browser.
I know Facebook uses a standard called HTTP Alternative Service, but I don't know how I should implement it myself in Apache.
I found a solution, however can't verify if it actually works as intended.
One can add the header in the .htaccess file by adding
Header add Alt-Svc: h2="example.onion:80"
to the file.
This does in fact add the Alt-Svc header to the responses, however the standard specifies the URL shown to the user in the browser should remain unchanged, despite the connection actually happening on Alt-Svc.
Thus I have so far unable to verify whether the Tor Browser actually connects on the .onion as intended.

How can i use Jmeter as a normal browser?

I am using jmeter for performance testing
but jmeter only accept JS call they can not pass request like URL.
so my question is that how can i user jmeter as a normal browser for
load testing ?
As per JMeter project main page:
JMeter is not a browser, it works at protocol level. As far as web-services and remote services are concerned, JMeter looks like a browser (or rather, multiple browsers); however JMeter does not perform all the actions supported by browsers. In particular, JMeter does not execute the Javascript found in HTML pages. Nor does it render the HTML pages as a browser does (it's possible to view the response as HTML etc., but the timings are not included in any samples, and only one sample in one thread is ever displayed at a time).
It is possible to configure JMeter to behave more like a real browser when it comes to normal HTTP requests given you:
Tell JMeter to download embedded resources (scripts, styles, fonts, images, sounds, etc.) in parallel
Add HTTP Cache Manager to mimic browser cache when it comes to handling the aforementioned embedded resources
Add HTTP Cookie Manager to represent browser cookies
Add HTTP Header Manager to represent browser headers
JMeter will not automatically kick off the requests triggered by JavaScript as it doesn't have full JavaScript runtime so you will have to add a separate HTTP Request sampler per such a request. If you need to simulate several AJAX requests - consider putting them under the Parallel Controller as browsers execute AJAX request simultaneously

Intercept and modify traffic to and from tomcat

I have an application deployed on tomcat on my localhost. I want to intercept and modify the requests that the application makes and the responses that it receives. Is there a tool to do this? I have tried out Burp but i've only been able to intercept traffic to and from Firefox browser using it.
You could try using the OWASP Zed Attack Proxy.
It will be able to intercept any request from a browser than supports proxies (Firefox, IE, Chrome, Opera...)
I think you are talking about Servlet Filters that intercept the requests and responses to servlets (and are placed in a FilterChain).
As Vikdor said Servlet Filters should do the trick. You need to modify the web.xml of each application running on the tomcat, and write your filter code in java as a Filter.
If you want to do a simple task, like redirect an url or add a header you can use UrlRewriteFilter, for a more complex/custom task you should write your own code.

SWT Browser Plugin does not promt for proxy authentication

I have successfully configured my SWT Browser application to use the proxy by setting VM arguments -Dnetwork.proxy_host and -Dnetwork.proxy_port to the according values.
However the proxy needs authentication, but the username / password prompt does not open. Futhermore when registering an authentication listener, the listener is never triggered.
The problems occured with a Linux Debian 64 Bit distribution. When compiling the same application for windows, all works fine, i.e. the password promt opens. The SWT Browser is configured to use MOZILLA, not WEBKIT. Unfortunatelly I cannot test with WEBKIT as I am limited to a given environment.
Temp solution: When starting the Linux Mozilla Browser, the prompt comes up. If entering there correct values and afterwards starting the SWT Browser application, then no authentication is needed at all and internet access is possible. But this is not a good solution.
When I register a location listener with "addLocationListener" to look whats going on with url calls, then I can see that the initial url (for example www.google.de) results to call a certain http site of the proxy server. And this http site is a redirect to a https site of the proxy. Then the https site results in calling the http redirect page again. This is then an endless loop.
I would guess that somewhere in the JAVA code of the SWT Browser class there is a routine that calls setUrl with those pages (what results in an
endless loop) and skip to call any authentication listener for some reason.
Maybe someone has an idea whats going wrong in this authentication process?
I have no solution but a hint: I'm not sure what you mean by "Linux Mozilla Browser" - I know Firefox and Xulrunner. But your workaround suggests that profile information is shared somehow and that shouldn't happen.
I tried to find some information how to define the profile (where the web browser keeps its cache, config, SSL certificates, plugins, ...) but to no avail.
This entry in the FAQ shows how to set the proxy host: How do I set a proxy for the Browser to use?
Try to find a way to add the user/password information into the request sent to the proxy server. If that fails, create a local proxy which connects to the real proxy as upstream and which can authenticate itself.
Looking at the bug database, there is no support for Browser profiles: Flexible Mozilla profile support - new API request