Chrome浏览器允许通过WebDriver访问不安全的页面 [英] Chrome is allowing insecure pages via WebDriver

问题描述

Chrome使用带有Chrome驱动程序2.33和WebDriver 3.6.0的Chrome 62，Chrome允许页面加载错误的SSL证书-当页面打开时，URL栏中显示不安全"，但页面未加载- -较少的.如果我手动访问该页面，则会得到预期的阻止程序页面".

Using Chrome 62 with Chrome Driver 2.33 and WebDriver 3.6.0, Chrome allows pages to load with bad SSL certificates -- it says "Not Secure" in the URL bar when the page opens, but the page is loaded none-the-less. If I access the page manually, then I get the expected 'blocker page'.

但是，我希望Chrome像Chrome对人类用户一样，通过WebDriver拒绝该页面.

However, I want Chrome to reject the page via WebDriver just like Chrome does to human users.

不幸的是，我找不到其他人报告同样的问题(只是很多人报告的是完全相反的问题-即他们想允许通过WebDriver进行不安全的连接，但是Chrome一直在阻止它们！)

Unfortunately I cannot find anyone else reporting this same problem (just lots of people reporting the exact opposite problem -- i.e. they want to allow insecure connections via WebDriver, but Chrome keeps blocking them!).

我是否可以设置一个标志(或者如果WebDriver内部将一个传递给Chrome，则可以不设置标志)?

Is there a flag I can set (or prevent from being set if WebDriver is passing one to Chrome internally)?

const {Builder, Capabilities} = require('selenium-webdriver');

const driver = new Builder()
  .withCapabilities(Capabilities.chrome())
  .build();

driver.get('https://localhost/'); // Uses self-signed certificate.

推荐答案

默认情况下，chromedriver接受不受信任的证书.

By default, chromedriver accepts untrusted certificates.

要禁用此功能，您必须排除开关ignore-certificate-errors:

To disable this feature, you'll have to exclude the switch ignore-certificate-errors:

var webdriver = require('selenium-webdriver');

var driver = new webdriver.Builder()
  .withCapabilities({
    'browserName': 'chrome',
    'goog:chromeOptions': {
      'args': ['disable-infobars'],
      'excludeSwitches': ['ignore-certificate-errors'],
      'prefs': { }
    }
  }).build();

driver.get("https://self-signed.badssl.com/")

这篇关于Chrome浏览器允许通过WebDriver访问不安全的页面的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！