Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@wdio/firefox-profile-service
Advanced tools
WebdriverIO service that lets you define your Firefox profile in your wdio.conf.js
You want to run your Firefox browser with a specific extension or need to set couple preferences? Selenium allows you to use a profile for the Firefox browser by passing this profile as base64
string to the firefox_profile
property in your desired capabilities. This requires building that profile and converting it into base64
. This service for the wdio testrunner takes the work of compiling the profile out of your hand and lets you define your desired options comfortably from the wdio.conf.js
file.
To find all possible options open about:config in your Firefox browser or go to mozillaZine website to find the whole documentation about each setting. In Addition to that, you can define compiled (as *.xpi
) Firefox extensions that should get installed before the test starts.
The easiest way is to keep @wdio/firefox-profile-service
as a devDependency in your package.json
, via:
npm install @wdio/firefox-profile-service --save-dev
Instructions on how to install WebdriverIO
can be found here.
Setup your profile by adding the firefox-profile
service to your service list. Then define your settings in the firefoxProfile
property like this:
// wdio.conf.js
export const config = {
// ...
services: [
['firefox-profile', {
extensions: [
'/path/to/extensionA.xpi', // path to .xpi file
'/path/to/extensionB' // or path to unpacked Firefox extension
],
'xpinstall.signatures.required': false,
'browser.startup.homepage': 'https://webdriver.io',
legacy: true // only use for firefox <= 55
}]
],
// ...
};
If you have built a custom Firefox extension that you want to install in the browser make sure to set 'xpinstall.signatures.required':
false` as a profile flag since Firefox extensions are required to be signed by Mozilla.
To use custom unsigned extensions you will also need to use Firefox Developer Edition since the regular Firefox 48 and newer do not allow this.
Contains all settings as key-value pair. You can find all available settings on the about:config
page.
Add one or multiple extensions to the browser session. All entries can be either an absolute path to the .xpi
file or the path to an unpacked Firefox extension directory.
Type: String[]
Default: []
Create Firefox profile based on an existing one by setting an absolute path to that profile.
Type: String
Default: null
Set network proxy settings. The parameter proxy
is a hash whose structure depends on the value of the mandatory proxyType
key, which takes one of the following string values:
direct
- direct connection (no proxy)system
- use operating system proxy settingspac
- use an automatic proxy configuration set based on the value of autoconfigUrl
keymanual
- manual proxy settings defined separately for different protocols using values from the following keys: ftpProxy
, httpProxy
, sslProxy
, socksProxy
Type: Object
Default: null
Example:
Automatic Proxy:
// wdio.conf.js
export const config = {
// ...
services: [
['firefox-profile', {
proxy: {
proxyType: 'pac',
autoconfigUrl: 'http://myserver/proxy.pac'
}
}]
],
// ...
};
Manual HTTP Proxy:
// wdio.conf.js
export const config = {
// ...
services: [
['firefox-profile', {
proxy: {
proxyType: 'manual',
httpProxy: '127.0.0.1:8080'
}
}]
],
// ...
};
Manual HTTP and HTTPS Proxy:
// wdio.conf.js
export const config = {
// ...
services: [
['firefox-profile', {
proxy: {
proxyType: 'manual',
httpProxy: '127.0.0.1:8080',
sslProxy: '127.0.0.1:8080'
}
}]
],
// ...
};
Please set this flag to true
if you use Firefox v55 or lower.
Type: Boolean
Default: false
For more information on WebdriverIO see the homepage.
FAQs
WebdriverIO service that lets you define your Firefox profile in your wdio.conf.js
We found that @wdio/firefox-profile-service demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.