Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
github.com/x0rzkov/selenium
This is a WebDriver client for Go. It supports the WebDriver protocol and has been tested with various versions of Selenium WebDriver, Firefox and Geckodriver, and Chrome and ChromeDriver,
selenium
is currently maintained by Eric Garrido (@minusnine).
Run
go get -t -d github.com/tebeka/selenium
to fetch the package.
The package requires a working WebDriver installation, which can include recent versions of a web browser being driven by Selenium WebDriver.
We provide a means to download the ChromeDriver binary, the Firefox binary, the Selenium WebDriver JARs, and the Sauce Connect proxy binary. This is primarily intended for testing.
$ cd vendor
$ go run init.go --alsologtostderr --download_browsers --download_latest
$ cd ..
Re-run this periodically to get up-to-date versions of these binaries.
The API documentation is at https://godoc.org/github.com/tebeka/selenium. See the example and the unit tests for better usage information.
Any issues are usually because the underlying browser automation framework has a bug or inconsistency. Where possible, we try to cover up these underlying problems in the client, but sometimes workarounds require higher-level intervention.
Please feel free to file an issue if this client doesn't work as expected.
Below are known issues that affect the usage of this API. There are likely others filed on the respective issue trackers.
No longer supported.
There are a number of upcoming changes that break backward compatibility in an effort to improve and adapt the existing API. They are listed here:
The Version
constant was removed as it is unused.
The Log method was changed to accept a typed constant for the type of log to retrieve, instead of a raw string. The return value was also changed to provide a more idiomatic type.
Patches are encouraged through GitHub pull requests. Please ensure that:
A test is added for anything more than a trivial change and that the existing tests pass. See below for instructions on setting up your test environment.
Please ensure that gofmt
has been run on the changed files before
committing. Install a pre-commit hook with the following command:
$ ln -s ../../misc/git/pre-commit .git/hooks/pre-commit
See the issue tracker for features that need implementing.
Install xvfb
and Java if they is not already installed, e.g.:
sudo apt-get install xvfb openjdk-11-jre
Run the tests:
$ go test
There is one top-level test for each of:
There are subtests that are shared between both top-level tests.
To run only one of the top-level tests, pass one of:
-test.run=TestFirefoxSelenium3
,-test.run=TestFirefoxGeckoDriver
,-test.run=TestHTMLUnit
, or-test.run=TestChrome
.To run a specific subtest, pass -test.run=Test<Browser>/<subtest>
as
appropriate. This flag supports regular expressions.
If the Chrome or Firefox binaries, the Selenium JAR, the Geckodriver binary, or the ChromeDriver binary cannot be found, the corresponding tests will be skipped.
The binaries and JAR under test can be configured by passing flags to go test
. See the available flags with go test --arg --help
.
Add the argument -test.v
to see detailed output from the test automation
framework.
To ensure hermeticity, we also have tests that run under Docker. You will need an installed and running Docker system.
To run the tests under Docker, run:
$ go test --docker
This will create a new Docker container and run the tests in it. (Note: flags
supplied to this invocation are not curried through to the go test
invocation
within the Docker container).
For debugging Docker directly, run the following commands:
$ docker build -t go-selenium testing/
$ docker run --volume=$(pwd):/code --workdir=/code -it go-selenium bash
root@6c7951e41db6:/code# testing/docker-test.sh
... lots of testing output ...
Tests can be run using a browser located in the cloud via Sauce Labs.
To run the tests under Sauce, run:
$ go test --test.run=TestSauce --test.timeout=20m \
--experimental_enable_sauce \
--sauce_user_name=[username goes here] \
--sauce_access_key=[access key goes here]
The Sauce access key can be obtained via the Sauce Labs user settings page.
Test results can be viewed through the Sauce Labs Dashboard.
This project is licensed under the MIT license.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.