ChromeDriver ERR_SSL_PROTOCOL_ERROR,尽管--ignore-certificate-errors [英] ChromeDriver ERR_SSL_PROTOCOL_ERROR despite --ignore-certificate-errors
问题描述
我正在尝试使用硒和ChromeDriver在本地主机(没有HTTPS)上运行集成测试.
Chrome需要使用https证书,但是从此问题中,我了解到我可以使用arg --ignore-certificate-errors
我还添加了我的功能acceptInsecureCerts
,因为这似乎是适当的做法(解决方案
此错误消息...
This site can’t provide a secure connection app sent an invalid response. ERR_SSL_PROTOCOL_ERROR
...表示 ChromeDriver 无法在您的本地主机上启动/产生新的 WebBrowser ,即 Chrome浏览器会话.>
您是否正在根据chromeOptions()
添加argument
--allow-insecure-localhost
如下:
'goog:chromeOptions': {'args': ['--allow-insecure-localhost'],
'extensions': []}
但是,您的主要问题似乎在于功能,其中您已将platform
设置为 ANY
,如下所示:
{'acceptInsecureCerts': True,
'browserName': 'chrome',
'goog:chromeOptions': {'args': ['--ignore-certificate-errors'],
'extensions': []},
'platform': 'ANY',
'version': ''}
根据 WebDriver-W3C生活文档 platformName 在本节中提到,以下平台名称通常具有易于理解的语义,并且在匹配功能时,通过将其命名为众所周知的操作系统的有效同义词,可以实现最大的互操作性:
Key System
--- ------
"linux" Any server or desktop system based upon the Linux kernel.
"mac" Any version of Apple’s macOS.
"windows" Any version of Microsoft Windows, including desktop and mobile versions.
注意:此列表并不详尽.
从New Session返回功能时,返回更特定的platformName是有效的,从而允许用户正确标识WebDriver实现在其上运行的操作系统.
因此,与其在 desiredCapabilities 对象中传递"platform":"ANY"
,不如使用更具体的"platform":"linux"
是更可取的方法.
有关 ChromeDriver , Chrome 和 Selenium Client 版本的更多信息可以帮助我们以更好的方式分析问题.但是,根据 ChromeDriver 的历史记录, ChromeDriver 的最新发行版中解决了与证书错误相关的以下问题:
- 允许通过DevTools处理证书错误:无头chrome无法显示针对SSL证书错误的UI警告,已发布修复以暴露错误会作为DevTools事件发生,并控制通过DevTools命令执行的操作.
- 提供了处理Chromedriver/Selenium中无头证书错误的功能:较早的某些与安全相关的选项是通过用户界面版本的Chromium(如
--ignore-certificate-errors
)被静默忽略,只能通过devtools进行设置.因此,有必要在以浏览器为目标的DevTools客户端上覆盖和处理certificateError
事件.发布了修复,实现了使用新的DevTools方法来覆盖证书错误处理的功能在整个浏览器范围内,它也可以忽略无头模式下的证书错误. - 通过DevTools处理全局证书错误:以前允许使用DevTools处理单个目标/WebContents的证书错误,但是当创建新目标(例如,单击target = _blank链接)时,通常不可能在导航完成之前足够快地发送
Security.enable
/Security.setOverrideCertificateErrors
命令尝试过的.发布了修复,其中使用了一种更简单的忽略所有证书错误"模式,旧的覆盖命令支持新的setIgnoreCertificateErrors
命令,该命令还将在浏览器目标上公开安全域,以便于在整个浏览器中全局应用此覆盖.
结论
- 确保添加了以下参数/功能:
-
--allow-insecure-localhost
-
acceptInsecureCerts
-
--ignore-certificate-errors
-
- 使用
'chromedriverVersion': '74.0.3729.6'
时,请确保同时使用'chrome': '74.0'
(按照this question i understand that i can circumvent this using the arg--ignore-certificate-errors
I have also added to my capabilities
acceptInsecureCerts
, as this seems like the appropriate course of action (docs)The response from the chromedriver is still not what I was expecting:
This site can’t provide a secure connection app sent an invalid response. ERR_SSL_PROTOCOL_ERROR
My code is below:
from selenium import webdriver from selenium.webdriver.chrome.options import Options # make options (principally to ignore certificate) options = webdriver.ChromeOptions() options.add_argument('--ignore-certificate-errors') # add acceptInsecureCerts capabilities = options.to_capabilities() capabilities['acceptInsecureCerts'] = True print(capabilities) # see below driver = webdriver.Remote( command_executor=SELENIUM_HUB, desired_capabilities=capabilities ) print(driver.__dict__) # see further below app_login_url = 'http://app:8000/accounts/login/' driver.get(app_login_url)
My capabilities:
{'acceptInsecureCerts': True, 'browserName': 'chrome', 'goog:chromeOptions': {'args': ['--ignore-certificate-errors'], 'extensions': []}, 'platform': 'ANY', 'version': ''}
Here is my driver info, it looks like only the
acceptInsecureCerts
arg has been taken into account:{'_file_detector': <selenium.webdriver.remote.file_detector.LocalFileDetector object at 0x7fb42bde10f0>, '_is_remote': True, '_mobile': <selenium.webdriver.remote.mobile.Mobile object at 0x7fb42bb5e400>, '_switch_to': <selenium.webdriver.remote.switch_to.SwitchTo object at 0x7fb42bdd4898>, 'capabilities': {'acceptInsecureCerts': True, 'acceptSslCerts': True, 'applicationCacheEnabled': False, 'browserConnectionEnabled': False, 'browserName': 'chrome', 'chrome': {'chromedriverVersion': '74.0.3729.6 ' '(255758eccf3d244491b8a1317aa76e1ce10d57e9-refs/branch-heads/3729@{#29})', 'userDataDir': '/tmp/.com.google.Chrome.vc1ZvB'}, 'cssSelectorsEnabled': True, 'databaseEnabled': False, 'goog:chromeOptions': {'debuggerAddress': 'localhost:40815'}, 'handlesAlerts': True, 'hasTouchScreen': False, 'javascriptEnabled': True, 'locationContextEnabled': True, 'mobileEmulationEnabled': False, 'nativeEvents': True, 'networkConnectionEnabled': False, 'pageLoadStrategy': 'normal', 'platform': 'Linux', 'proxy': {}, 'rotatable': False, 'setWindowRect': True, 'strictFileInteractability': False, 'takesHeapSnapshot': True, 'takesScreenshot': True, 'timeouts': {'implicit': 0, 'pageLoad': 300000, 'script': 30000}, 'unexpectedAlertBehaviour': 'ignore', 'version': '74.0.3729.169', 'webStorageEnabled': True, 'webdriver.remote.sessionid': '1cf77f237e966bac6ca15d4d9c107423'}, 'command_executor': <selenium.webdriver.remote.remote_connection.RemoteConnection object at 0x7fb42be0cf98>, 'error_handler': <selenium.webdriver.remote.errorhandler.ErrorHandler object at 0x7fb427d08a20>, 'session_id': '1cf77f237e966bac6ca15d4d9c107423', 'w3c': False}
Why am i still seeing the
ERR_SSL_PROTOCOL_ERROR
?解决方案This error message...
This site can’t provide a secure connection app sent an invalid response. ERR_SSL_PROTOCOL_ERROR
...implies that the ChromeDriver was unable to initiate/spawn a new WebBrowser i.e. Chrome Browser session on your localhost.
As you are seeing this issue on your local host (with no HTTPS) as per this comment a blind fold solution would be to add the
argument
--allow-insecure-localhost
throughchromeOptions()
as follows:'goog:chromeOptions': {'args': ['--allow-insecure-localhost'], 'extensions': []}
However your main issue seems to be with the capabilities where you have set
platform
being set sANY
as follows:{'acceptInsecureCerts': True, 'browserName': 'chrome', 'goog:chromeOptions': {'args': ['--ignore-certificate-errors'], 'extensions': []}, 'platform': 'ANY', 'version': ''}
As per WebDriver - W3C Living Document the platformName section mentions, the following platform names are in common usage with well-understood semantics and, when matching capabilities, greatest interoperability can be achieved by honoring them as valid synonyms for well-known Operating Systems:
Key System --- ------ "linux" Any server or desktop system based upon the Linux kernel. "mac" Any version of Apple’s macOS. "windows" Any version of Microsoft Windows, including desktop and mobile versions.
Note:This list is not exhaustive.
When returning capabilities from New Session, it is valid to return a more specific platformName, allowing users to correctly identify the Operating System the WebDriver implementation is running on.
So instead of passing
"platform":"ANY"
within the desiredCapabilities object, a more specific"platform":"linux"
will be more desirable approach.You can find a relevant and related discussion in Curl error thrown for http POST to /session with params: {"desiredCapabilities":{"browserName":"chrome","platform":"ANY" with Selenium and PHPUnit
Some more information about the ChromeDriver, Chrome and Selenium Client vrsion would have helped us to analyze the issue in a better way. However as per ChromeDriver history the following issues related to handling of certificate errors were addressed in the last few releases of ChromeDriver:
- Allow handling certificate errors via DevTools: As the headless chrome cannot show a UI warning for SSL certificate errors a fix was released to expose the errors as DevTools events and control the action to take through a DevTools command.
- Provide ability to handle certificate errors in Chromedriver/Selenium for headless: Earlier certain security related options that was controlled via CLI switches in the UI version of Chromium (like
--ignore-certificate-errors
) were silently ignored and can only be set via devtools. So it was necessary to override and handlecertificateError
events on the browser-target DevTools client. A fix was released implementing the usage of the new DevTools method to override certificate error handling browser-wide which allowed ignoring certificate errors in headless mode too. - Global certificate error handling via DevTools: Previously DevTools allowed handling certificate errors for individual targets / WebContents, but when a new target was created (e.g. clicking on a target=_blank link), it was not often not possible to send the
Security.enable
/Security.setOverrideCertificateErrors
commands quickly enough before a navigation is attempted. A fix was published with a simpler "ignore all cert errors" mode instead deprecated the old override command in favor of a newsetIgnoreCertificateErrors
command which also exposes the Security domain on the browser target to facilitate applying this override globally for the whole browser.
Conclusion
- Ensure that the following arguments/capabilities are added:
--allow-insecure-localhost
acceptInsecureCerts
--ignore-certificate-errors
- As you are using
'chromedriverVersion': '74.0.3729.6'
ensure that you are also using'chrome': '74.0'
(as per ChromeDriver v74.0.3729.6 Release Notes) - Ensure that you are using the latest released Selenium v3.141.59 clients.
这篇关于ChromeDriver ERR_SSL_PROTOCOL_ERROR,尽管--ignore-certificate-errors的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!