ZAP Chrome flags

235 views
Skip to first unread message

Hammad Ali

unread,
Aug 15, 2023, 8:28:11 AM8/15/23
to ZAP User Group
Hi, Is there an option to start chrome with custom flags, for zap via python there is option zap.selenium.set_option_chrome_binary_path("/path/to/google-chrome") When I start via wrapper to launch chrome via zap python with custom flags, it crashes exec google-chrome \ --no-first-run \ --no-default-browser-check \ --no-sandbox \ --disable-gpu \ --headless \ --mute-audio \ --hide-scrollbars \ --no-zygote

Hammad Ali

unread,
Aug 15, 2023, 8:36:04 AM8/15/23
to ZAP User Group

These are the logs we are running zap via docker container and using python zap.

| 1692098040696 | 38822 [ZAP-AjaxSpiderApi] WARN  org.zaproxy.zap.extension.spiderAjax.SpiderThread - Failed to start browser chrome-headless

| 1692098040696 | com.google.inject.ProvisionException: Unable to provision, see the following errors:|

| 1692098040696 | 1) [Guice/ErrorInCustomProvider]: SessionNotCreatedException: Could not start a new session. Response code 500. Message: disconnected: Unable to receive message from renderer|

| 1692098040696 | (failed to check if window was closed: disconnected: not connected to DevTools) |

| 1692098040696 | (Session info: chrome=x.x.x.x)|

| 1692098040696 | Host info: host: x.x.x.x, ip: x.x.x.x|

| 1692098040696 | Build info: version: '4.10.0', revision: 'c14d967899'|

| 1692098040696 | System info: os.name: 'Linux', os.arch: 'amd64', os.version: '4.14.255-311-248.529.amzn2.x86_64', java.version: '11.0.18'|

| 1692098040696 | Driver info: ChromeDriver|

| 1692098040696 | Command: [null, newSession {capabilities=[Capabilities {acceptInsecureCerts: true, browserName: chrome, goog:chromeOptions: {args: [--proxy-bypass-list=<-loopb..., --ignore-certificate-errors, --headless=new], binary: /usr/bin/google-chrome, extensions: []}, proxy: Proxy(manual, http=127.0.0....}]}]|

| 1692098040696 | at ConfigurationModule.configure(ConfigurationModule.java:47)|

| 1692098040696 | \_ installed by: CoreModule -> ConfigurationModule|

| 1692098040696 | at CrawlerContext.<init>(CrawlerContext.java:33)|

| 1692098040696 | \_ for 1st parameter|

| 1692098040696 | at Crawler.<init>(Crawler.java:75)|

| 1692098040696 | \_ for 1st parameter|

| 1692098040696 | at CrawlTaskConsumer.<init>(CrawlTaskConsumer.java:30)|

| 1692098040696 | \_ for 3rd parameter|

| 1692098040696 | while locating CrawlTaskConsumer|

| 1692098040696 | Learn more:|

| 1692098040696 | https://github.com/google/guice/wiki/ERROR_IN_CUSTOM_PROVIDER|

| 1692098040696 | 1 error|

| 1692098040696 | ======================|

| 1692098040696 | Full classname legend: |

| 1692098040696 | ======================|

| 1692098040696 | ChromeDriver:               "org.openqa.selenium.chrome.ChromeDriver"|

| 1692098040696 | ConfigurationModule:        "com.crawljax.di.ConfigurationModule"|

| 1692098040696 | CoreModule:                 "com.crawljax.di.CoreModule"|

| 1692098040696 | CrawlTaskConsumer:          "com.crawljax.core.CrawlTaskConsumer"|

| 1692098040696 | Crawler:                    "com.crawljax.core.Crawler"|

| 1692098040696 | CrawlerContext:             "com.crawljax.core.CrawlerContext"|

| 1692098040696 | SessionNotCreatedException: "org.openqa.selenium.SessionNotCreatedException"|

| 1692098040696 | ========================|

| 1692098040696 | End of classname legend:|

| 1692098040696 | ========================

| 1692098040696 | at com.google.inject.internal.InternalProvisionException.toProvisionException(InternalProvisionException.java:251) ~[?:?]

| 1692098040696 | at com.google.inject.internal.InjectorImpl$1.get(InjectorImpl.java:1103) ~[?:?]|

| 1692098040696 | at com.crawljax.core.CrawlController.call(CrawlController.java:66) ~[?:?]|

| 1692098040696 | at com.crawljax.core.CrawljaxRunner.call(CrawljaxRunner.java:37) ~[?:?]

| 1692098040696 | at org.zaproxy.zap.extension.spiderAjax.SpiderThread.run(SpiderThread.java:271) ~[?:?]

| 1692098040696 | at java.lang.Thread.run(Thread.java:829) ~[?:?]

| 1692098040696 | Caused by: org.openqa.selenium.SessionNotCreatedException: Could not start a new session. Response code 500. Message: disconnected: Unable to receive message from renderer

| 1692098040696 | (failed to check if window was closed: disconnected: not connected to DevTools)

| 1692098040696 | (Session info: chrome=114.0.5735.90)

| 1692098040696 | Host info: host: '169.254.139.45', ip: '169.254.139.45'

| 1692098040696 | Build info: version: '4.10.0', revision: 'c14d967899'

| 1692098040696 | System info: os.name: 'Linux', os.arch: 'amd64', os.version: '4.14.255-311-248.529.amzn2.x86_64', java.version: '11.0.18'

| 1692098040696 | Driver info: org.openqa.selenium.chrome.ChromeDriver

| 1692098040696 | Command: [null, newSession {capabilities=[Capabilities {acceptInsecureCerts: true, browserName: chrome, goog:chromeOptions: {args: [--proxy-bypass-list=<-loopb..., --ignore-certificate-errors, --headless=new], binary: /usr/bin/google-chrome, extensions: []}, proxy: Proxy(manual, http=127.0.0....}]}]

| 1692098040696 | at org.openqa.selenium.remote.ProtocolHandshake.createSession(ProtocolHandshake.java:140) ~[?:?]

| 1692098040696 | at org.openqa.selenium.remote.ProtocolHandshake.createSession(ProtocolHandshake.java:96) ~[?:?]

| 1692098040696 | at org.openqa.selenium.remote.ProtocolHandshake.createSession(ProtocolHandshake.java:68) ~[?:?]

| 1692098040696 | at org.openqa.selenium.remote.HttpCommandExecutor.execute(HttpCommandExecutor.java:163) ~[?:?] 

| 1692098040696 | at org.openqa.selenium.remote.service.DriverCommandExecutor.invokeExecute(DriverCommandExecutor.java:196) ~[?:?]

| 1692098040696 | at org.openqa.selenium.remote.service.DriverCommandExecutor.execute(DriverCommandExecutor.java:171) ~[?:?]

| 1692098040696 | at org.openqa.selenium.remote.RemoteWebDriver.execute(RemoteWebDriver.java:531) ~[?:?] 

thc...@gmail.com

unread,
Aug 15, 2023, 8:40:34 AM8/15/23
to zaprox...@googlegroups.com
Hi.

Which Docker images are you using? The ZAP Docker images do not include
Chrome by default.
https://github.com/zaproxy/zaproxy/issues/4427


Answering the original question, it's currently not possible to pass
custom flags to the browsers.

Best regards.
>> *zap.selenium.set_option_chrome_binary_path("/path/to/google-chrome")*

Hammad Ali

unread,
Aug 15, 2023, 8:58:12 AM8/15/23
to ZAP User Group

chrome is installed as part of building Docker Image.

Hammad Ali

unread,
Aug 15, 2023, 9:15:57 AM8/15/23
to ZAP User Group
Thanks for the response even if i start google-chrome which is properly installed and is at path /usr/bin/google-chrome it is unable to start any particular thing I need to check
1692104637004,"31863 [ZAP-AjaxSpiderApi] WARN  org.zaproxy.zap.extension.spiderAjax.SpiderThread - Failed to start browser chrome-headless
1692104637004,"com.google.inject.ProvisionException: Unable to provision, see the following errors:
1692104637004,"1) [Guice/ErrorInCustomProvider]: SessionNotCreatedException: Could not start a new session. Response code 500. Message: unknown error: Chrome failed to start: crashed.
1692104637004,"(unknown error: DevToolsActivePort file doesn't exist)
1692104637004,"(The process started from chrome location /usr/bin/google-chrome is no longer running, so ChromeDriver is assuming that Chrome has crashed.)
1692104637004,"Host info: host: '169.254.189.121', ip: '169.254.189.121'
1692104637004,"Build info: version: '4.10.0', revision: 'c14d967899'
1692104637004,"System info: os.name: 'Linux', os.arch: 'amd64', os.version: '4.14.255-311-248.529.amzn2.x86_64', java.version: '11.0.18'
1692104637004,"Driver info: ChromeDriver
1692104637004,"Command: [null, newSession {capabilities=[Capabilities {acceptInsecureCerts: true, browserName: chrome, goog:chromeOptions: {args: [--proxy-bypass-list=<-loopb..., --ignore-certificate-errors, --headless=new], binary: /usr/bin/google-chrome, extensions: []}, proxy: Proxy(manual, http=127.0.0....}]}]
1692104637004,"at ConfigurationModule.configure(ConfigurationModule.java:47)
1692104637004,"\_ installed by: CoreModule -> ConfigurationModule
1692104637004,"at CrawlerContext.<init>(CrawlerContext.java:33)
1692104637004,"\_ for 1st parameter
1692104637004,"at Crawler.<init>(Crawler.java:75)
1692104637004,"\_ for 1st parameter
1692104637004,"at CrawlTaskConsumer.<init>(CrawlTaskConsumer.java:30)
1692104637004,"\_ for 3rd parameter
1692104637004,"while locating CrawlTaskConsumer
1692104637004,"Learn more:
1692104637004,"https://github.com/google/guice/wiki/ERROR_IN_CUSTOM_PROVIDER
1692104637004,"1 error
1692104637004,'"======================
1692104637004,"Full classname legend:
1692104637004,'"======================
1692104637004,"ChromeDriver:               ""org.openqa.selenium.chrome.ChromeDriver""
1692104637004,"ConfigurationModule:        ""com.crawljax.di.ConfigurationModule""
1692104637004,"CoreModule:                 ""com.crawljax.di.CoreModule""
1692104637004,"CrawlTaskConsumer:          ""com.crawljax.core.CrawlTaskConsumer""
1692104637004,"Crawler:                    ""com.crawljax.core.Crawler""
1692104637004,"CrawlerContext:             ""com.crawljax.core.CrawlerContext""
1692104637004,"SessionNotCreatedException: ""org.openqa.selenium.SessionNotCreatedException""
1692104637004,'"========================
1692104637004,"End of classname legend:
1692104637004,'"========================
1692104637004,"at com.google.inject.internal.InternalProvisionException.toProvisionException(InternalProvisionException.java:251) ~[?:?]
1692104637004,"at com.google.inject.internal.InjectorImpl$1.get(InjectorImpl.java:1103) ~[?:?]
1692104637004,"at com.crawljax.core.CrawlController.call(CrawlController.java:66) ~[?:?]
1692104637004,"at com.crawljax.core.CrawljaxRunner.call(CrawljaxRunner.java:37) ~[?:?]
1692104637004,"at org.zaproxy.zap.extension.spiderAjax.SpiderThread.run(SpiderThread.java:271) ~[?:?]
1692104637004,"at java.lang.Thread.run(Thread.java:829) ~[?:?]
1692104637004,"Caused by: org.openqa.selenium.SessionNotCreatedException: Could not start a new session. Response code 500. Message: unknown error: Chrome failed to start: crashed.
1692104637004,"(unknown error: DevToolsActivePort file doesn't exist)
1692104637004,"(The process started from chrome location /usr/bin/google-chrome is no longer running, so ChromeDriver is assuming that Chrome has crashed.)
1692104637004,"Host info: host: '169.254.189.121', ip: '169.254.189.121'
1692104637004,"Build info: version: '4.10.0', revision: 'c14d967899'
1692104637004,"System info: os.name: 'Linux', os.arch: 'amd64', os.version: '4.14.255-311-248.529.amzn2.x86_64', java.version: '11.0.18'
1692104637004,"Driver info: org.openqa.selenium.chrome.ChromeDriver
1692104637004,"Command: [null, newSession {capabilities=[Capabilities {acceptInsecureCerts: true, browserName: chrome, goog:chromeOptions: {args: [--proxy-bypass-list=<-loopb..., --ignore-certificate-errors, --headless=new], binary: /usr/bin/google-chrome, extensions: []}, proxy: Proxy(manual, http=127.0.0....}]}]
1692104637004,"at org.openqa.selenium.remote.ProtocolHandshake.createSession(ProtocolHandshake.java:140) ~[?:?]
1692104637004,"at org.openqa.selenium.remote.ProtocolHandshake.createSession(ProtocolHandshake.java:96) ~[?:?]
1692104637004,"at org.openqa.selenium.remote.ProtocolHandshake.createSession(ProtocolHandshake.java:68) ~[?:?]
1692104637004,"at org.openqa.selenium.remote.HttpCommandExecutor.execute(HttpCommandExecutor.java:163) ~[?:?]
1692104637004,"at org.openqa.selenium.remote.service.DriverCommandExecutor.invokeExecute(DriverCommandExecutor.java:196) ~[?:?]
1692104637004,"at org.openqa.selenium.remote.service.DriverCommandExecutor.execute(DriverCommandExecutor.java:171) ~[?:?]
1692104637004,"at org.openqa.selenium.remote.RemoteWebDriver.execute(RemoteWebDriver.java:531) ~[?:?]
1692104637004,"at org.openqa.selenium.remote.RemoteWebDriver.startSession(RemoteWebDriver.java:227) ~[?:?]
1692104637004,"at org.openqa.selenium.remote.RemoteWebDriver.<init>(RemoteWebDriver.java:154) ~[?:?]
1692104637004,"at org.openqa.selenium.chromium.ChromiumDriver.<init>(ChromiumDriver.java:107) ~[?:?]
1692104637004,"at org.openqa.selenium.chrome.ChromeDriver.<init>(ChromeDriver.java:87) ~[?:?]
1692104637004,"at org.openqa.selenium.chrome.ChromeDriver.<init>(ChromeDriver.java:82) ~[?:?]
1692104637004,"at org.openqa.selenium.chrome.ChromeDriver.<init>(ChromeDriver.java:71) ~[?:?]
1692104637004,"at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriverImpl(ExtensionSelenium.java:1004) ~[?:?]
1692104637004,"at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriver(ExtensionSelenium.java:896) ~[?:?]
1692104637004,"at org.zaproxy.zap.extension.selenium.internal.BuiltInSingleWebDriverProvider.getWebDriver(BuiltInSingleWebDriverProvider.java:63) ~[?:?]
1692104637004,"at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriverImpl(ExtensionSelenium.java:773) ~[?:?]
1692104637004,"at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriver(ExtensionSelenium.java:573) ~[?:?]
1692104637004,"at org.zaproxy.zap.extension.selenium.ExtensionSelenium.getWebDriver(ExtensionSelenium.java:546) ~[?:?]
1692104637004,"at org.zaproxy.zap.extension.spiderAjax.SpiderThread$AjaxSpiderBrowserBuilder.get(SpiderThread.java:485) ~[?:?]
1692104637004,"at org.zaproxy.zap.extension.spiderAjax.SpiderThread$AjaxSpiderBrowserBuilder.get(SpiderThread.java:453) ~[?:?]
1692104637004,"at com.google.inject.util.Providers$GuicifiedProvider.get(Providers.java:121) ~[?:?]
1692104637004,"at com.google.inject.internal.ProviderInternalFactory.provision(ProviderInternalFactory.java:86) ~[?:?]
1692104637004,"at com.google.inject.internal.InternalFactoryToInitializableAdapter.provision(InternalFactoryToInitializableAdapter.java:57) ~[?:?]
1692104637004,"at com.google.inject.internal.ProviderInternalFactory.circularGet(ProviderInternalFactory.java:60) ~[?:?]
1692104637004,"at com.google.inject.internal.InternalFactoryToInitializableAdapter.get(InternalFactoryToInitializableAdapter.java:47) ~[?:?]
1692104637004,"at com.google.inject.internal.SingleParameterInjector.inject(SingleParameterInjector.java:40) ~[?:?]
1692104637004,"at com.google.inject.internal.SingleParameterInjector.getAll(SingleParameterInjector.java:60) ~[?:?]
1692104637004,"at com.google.inject.internal.ConstructorInjector.provision(ConstructorInjector.java:113) ~[?:?]
1692104637004,"at com.google.inject.internal.ConstructorInjector.construct(ConstructorInjector.java:91) ~[?:?]
1692104637004,"at com.google.inject.internal.ConstructorBindingImpl$Factory.get(ConstructorBindingImpl.java:296) ~[?:?]
1692104637004,"at com.google.inject.internal.SingleParameterInjector.inject(SingleParameterInjector.java:40) ~[?:?]
1692104637004,"at com.google.inject.internal.SingleParameterInjector.getAll(SingleParameterInjector.java:60) ~[?:?]
1692104637004,"at com.google.inject.internal.ConstructorInjector.provision(ConstructorInjector.java:113) ~[?:?]
1692104637004,"at com.google.inject.internal.ConstructorInjector.construct(ConstructorInjector.java:91) ~[?:?]
1692104637004,"at com.google.inject.internal.ConstructorBindingImpl$Factory.get(ConstructorBindingImpl.java:296) ~[?:?]
1692104637004,"at com.google.inject.internal.SingleParameterInjector.inject(SingleParameterInjector.java:40) ~[?:?]
1692104637004,"at com.google.inject.internal.SingleParameterInjector.getAll(SingleParameterInjector.java:60) ~[?:?]
1692104637004,"at com.google.inject.internal.ConstructorInjector.provision(ConstructorInjector.java:113) ~[?:?]
1692104637004,"at com.google.inject.internal.ConstructorInjector.construct(ConstructorInjector.java:91) ~[?:?]
1692104637004,"at com.google.inject.internal.ConstructorBindingImpl$Factory.get(ConstructorBindingImpl.java:296) ~[?:?]
1692104637004,"at com.google.inject.internal.InjectorImpl$1.get(InjectorImpl.java:1100) ~[?:?]
1692104637004,"... 4 more
1692104637004,"31926 [ZAP-AjaxSpiderApi] INFO  org.zaproxy.zap.extension.spiderAjax.SpiderThread - Stopping proxy...
1692104637011,"31933 [ZAP-AjaxSpiderApi] INFO  org.zaproxy.zap.extension.spiderAjax.SpiderThread - Proxy stopped.
1692104637011,"31933 [ZAP-AjaxSpiderApi] INFO  org.zaproxy.zap.extension.spiderAjax.SpiderThread - Finished Crawljax: API - Context: Context

Richard Smith

unread,
Feb 19, 2024, 10:57:41 AM2/19/24
to ZAP User Group

Did you ever find a way around this issue with selenium? 

Simon Bennetts

unread,
Feb 19, 2024, 11:00:39 AM2/19/24
to ZAP User Group

Cheers,

Simon
Reply all
Reply to author
Forward
0 new messages