Executing JS by webdriver in a browser

[Rohit Patwari]

I had question about same origin policy. Selenium Rc prevented it by using Rc server as a proxy.But when a webdriver talks to a browser. .say ff..it intreprets the client command and finally executes a javascript corresponding to the command...how does this not violate the same origin policy the.
Appreciate your reply.

[Shravan Kumar]

Hi Rohit Patwari,

As far as up to my knowledge, the Same Origin Policy is followed by every browser available in the market. I think you knew what this policy does. It will prevent the javascript code of one domain to access another domain's website code for security reason.

That means javascript of www.shravan.com can run or access the code inside "shravan" domain only but not or it cannot access or penetrate the code inside www.google.com because the origin is different.

Example, the application main window "www.domain1.com" cannot open a pop-up window of "www.domain2.com". You will get an error something like "permission to access denied" because of same origin policy.

Selenium RC cannot overcome this issue, so this is one of the reasons why Selenium RC is deprecated and Webdriver has been introduced. Webdriver uses separate browser driver for each browser, it attaches to the browser itself like chrome driver, firefox driver, IE driver.

When the requirement demands, we must avoid this same origin policy and test the application. By using proxy server, we can overcome this policy, Selenium server acts as client configured http proxy which presents between the browser and application and masks the application with fictional url.

DesiredCapabilities dc  = new DesiredCapabilities.firefox();

dc.setCapability(CapabilityType.PROXY,"your proxy");

Webdriver driver = new firefoxdriver(dc);

Hope this would help you.

If I made any mistakes or anything wrong in my explanation, please correct me.

Thank you,

On Sun, Mar 29, 2015 at 4:48 PM, Rohit Patwari <rohitp...@gmail.com> wrote:

I had question about same origin policy. Selenium Rc prevented it by using Rc server as a proxy.But when a webdriver talks to a browser. .say ff..it intreprets the client command and finally executes a javascript corresponding to the command...how does this not violate the same origin policy the.
Appreciate your reply.

--
You received this message because you are subscribed to the Google Groups "webdriver" group.
To unsubscribe from this group and stop receiving emails from it, send an email to webdriver+...@googlegroups.com.
To post to this group, send email to webd...@googlegroups.com.
Visit this group at http://groups.google.com/group/webdriver.
For more options, visit https://groups.google.com/d/optout.

--

with regards,

Shravan Kumar.T

[Rohit Patwari]

Thanks shravan.
Could someone please add to the explanation. I want to know that when a driver ( ff driver, ie driver etc ) runs a webdriver command,  it actually calls a js function. So how does that execution of js function not violate same origin policy?

[Shravan Kumar]

Hi Rohit Patwari,

May I know how the browser driver runs a webdriver command? I think you mean that in the reverse order. I think you are asking how a webdriver runs a browser driver.

I don't think that Webdriver calls a JS function to run the browser.

Selenium Rc only uses Javascript to inject the code into browser to drive the browser, so it's obviously violates "Same Origin Policy", that is why when we use Selenium Rc we sometimes get "Error Permission Denied" on the browser.

That is the reason they introduced Webdriver where webdriver doesn't use Javascript code at all to inject the code into browser driver to operate it. Instead, it makes direct calls to the browsers using each browser's native support which is available like "firefoxdriver", "chromedriver", "iedriver", etc. Observe the sentence "direct calls" means it doesn't inject any Javascript code or doesn't take any help at all from the server.

Where RC uses its selense commands that it will convert into Javascript command using RC server and injects the calls to the browser. Webdriver calls directly using native browser supports which are specifically available at the org's site.

Friends, please add some more explanation and correct me if I'm wrong,

Thank you Rohit Patwari,