Posts Tagged ‘browser’

Take and save a screenshot capture with Selenium

January 3rd, 2015 No comments

As I recently discussed Selenium, it might be useful to know how to take screen captures during tests. I’ve found that putting the function into a java method makes usage a LOT easier… here are the relevant code bits (obviously this will not run on it’s own). Feel free to expand on it as needed as this is just a stub.

import org.openqa.selenium.OutputType;
import org.openqa.selenium.TakesScreenshot;
import org.openqa.selenium.WebDriver;
* @param driver {@code WebDriver}
* @param filename {@code String}
protected static void takeScreenshot(final WebDriver driver, final String suffix){
final String fn = "takeScreenshot("+ driver.getCurrentUrl() +","+suffix+")";
final String filename = "/tmp/screenshot_" + suffix + ".png";

LOGGER.debug("takeScreenshot("+ driver.getCurrentUrl() +","+filename+")");
final File scrFile = ((TakesScreenshot)driver).getScreenshotAs(OutputType.FILE);
// Now you can do whatever you need to do with it, for example copy somewhere
FileUtils.copyFile(scrFile, new File(filename));
LOGGER.debug("[EXEC] {} {}",filename, fn);
catch(final IOException ex){


Some other helpful Selenium methods

December 28th, 2014 No comments

Here are a few other helpful functions for use of Selenium testing scripts as you often need to click links, fill in fields, and submit forms.

import java.util.List;
import org.openqa.selenium.By;
import org.openqa.selenium.WebDriver;
import org.openqa.selenium.WebDriverException;
import org.openqa.selenium.WebElement;
* @param driver
* @param name
* @return
public static WebElement findElementByName(final WebDriver driver, final String name){
final By el =;
final WebElement wel = driver.findElement(el);
return wel;
* @param driver
* @param name
* @param value
public static void sendKeysByFieldName(final WebDriver driver, final String name, final String value){
final WebElement wel = findElementByName(driver, name);
* @param driver
* @param xpath
public static void clickByXpath(final WebDriver driver, final String xpath){
final By el = By.xpath(xpath);
//"el is {}", el);
final WebElement wel = driver.findElement(el);;
* @param driver
* @param linktext
public static void waitToClickLinkText(final WebDriver driver, final String linktext){
final WebDriverWait wait = new WebDriverWait(driver, 10);
final By el = By.linkText(linktext);
final WebElement wel = driver.findElement(el);;
* @param driver
* @param text
* @return
public boolean pageContainsText(final WebDriver driver, final String text){
final String xpathExpression = "//*[contains(text(),'" + text + "')]";
final List<WebElement> list = driver.findElements(By.xpath(xpathExpression));
return list.size() > 0;

Poodle.. or rather, what’s all the fuss with SSLv3

December 7th, 2014 No comments

The “Poodle” attack on websites and browsers was all over the media a few weeks ago, following in the shadow of Heartbleed.

Here’s what most users need to know… This is an vulnerability that exists in secure internet communication because…

  1. While most newer systems rely on TLS security, they still support older protocols (SSLv3 in particular for this issue)
  2. As secure communications generally attempt to find a “common” method, they will often “drop down” to older supported versions (even if they are now often considered insecure!)
  3. Most browser and server software (unless recently patched) will allow for this “drop down” in security.
  4. Most software provides a mechanism to disable this by the user or in configuration.
  5. Upgrading your software will usually remove these “problematic” vulnerabilities.

Simply put… for a consumer, it’s best to upgrade to a newer browser or find the appropriate configuration to disable SSLv3 if you are unable to upgrade. Server administrators generally should update their sofware on a regular basis for security items such as this one!

NOTE: Many CDN’s such as CloudFlare are proactive and block this vulnerability.

Technical details on the Poodle vulnerability (if you’re into that sort of thing!):

Instructions here are for Apache HTTPd 2.2.23 and newer, other servers will require a similar change:

  1. sudo vi /etc/apache2/mods-enabled/ssl.conf
  2. Change the following line from:
    SSLProtocol All -SSLv2
    SSLProtocol All -SSLv2 -SSLv3
  3. sudo service apache2 reload
  4. sudo service apache2 restart

Can be tested at the following websites:


“msapplication-config” and browserconfig.xml

November 15th, 2014 No comments

Windows-8/MSIE-11 introduced Tiles, as such server administrators may have started seeing HTTP 404 errors in their server logs as it attempts to look for a “browserconfig.xml” file at the root of a website domain. If you are inclined to use this file, you should definitely look into the documentation for how to best make use of it. Others may just wish to prevent the error from making “noise” in their log files.

To remove the error, add the following to your pages; alternately you COULD define the URL of your file as the ‘content’ attribute:

<meta name="msapplication-config" content="none" />

You can alternately place an empty /browserconfig.xml on your web server for each domain.

An common example of how to use this file is below:

<?xml version="1.0" encoding="utf-8"?>
<square70x70logo src="/mstile-70x70.png"/>
<square150x150logo src="/mstile-150x150.png"/>
<wide310x150logo src="/mstile-310x150.png"/>
<square310x310logo src="/mstile-310x310.png"/>
<TileImage src="/mstile-150x150.png" />


Install free “recognized” SSL certificates for Apache2

August 24th, 2014 No comments

Once you have your server running with a self-signed certificate you might find it useful to have a “real” certificate that does not warn users.

Many of the CA’s provide test certificates that are generally valid for 30-60 days, I’ve recently discovered StartSSL, that generates free certificates that are valid for a full year.

  1. Generating keys and certificates….

    NOTE: this process is rather involved and is documented better elsewhere, here’s what I needed to remember to get the keys and certificates.

    • save ssl.key (private)
    • save ssl.crt (pem encoded)
    • get file from control panel:
  2. Make sure that you move all three files to the /etc/apache2/ssl/ folder on the server.
  3. Edit the config file…
    sudo vi /etc/apache2/sites-available/default-ssl.conf

    Modify the values related to the keys and certs…

    SSLCertificateFile /etc/apache2/ssl/ssl.crt
    SSLCertificateKeyFile /etc/apache2/ssl/ssl.key
    SSLCertificateChainFile /etc/apache2/ssl/

  4. Reload the config and restart…

    sudo service apache2 reload
    sudo service apache2 restart
  5. Test it out…


Create self-signed SSL certificates for Apache on Ubuntu

August 23rd, 2014 No comments

To increase the security of your web applications, it is a standard process to enable HTTPS/SSL/TLS. Unfortunately, purchasing certificates can often be very expensive. Luckily, you can create a self-signed certificate for free for casual use or testing.

These steps are for Ubuntu, I wrote similar documentation for the Windows platform that you can find way back in my blog archives!

NOTE: As certificates generated in this manner are not verified by any recognized authority, many browsers will warn users (often in frightening language) about their insecurity. As stated above, these are best used only for internal use.

  1. First you will need to have apache2 installed, at a minimum you need to run:
    sudo apt-get install apache2
  2. Enable the SSL module:
    sudo a2enmod ssl

  3. Create the folder to store the keys and certificates:
    sudo mkdir /etc/apache2/ssl

  4. Generate a private key and certificate:

    sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

    Enter reasonable values for the fields in question.
    For FQDN Common Name enter * for wildcard support!

  5. Edit the config file:

    sudo vi /etc/apache2/sites-available/default-ssl.conf

  6. Un-comment or update the following lines:

    SSLCertificateFile /etc/apache2/ssl/apache.crt
    SSLCertificateKeyFile /etc/apache2/ssl/apache.key

  7. Enable to SSL website and restart:

    sudo a2ensite default-ssl.conf
    sudo service apache2 reload
    sudo service apache2 restart

  8. Test it out… provided your firewall routes port 443 to your server.


Preventing Blackberry browser from messing up your UI

August 10th, 2014 No comments

I’ve previously given steps to prevent phone numbers (and other elements) from being automatically reformatted by Skype Toolbar and IOS Safari, there is still a small segment of the user population that uses Blackberry devices that can similarly benefit from a little code.

The following stops auto detection and formatting of phone and email addresses on devices with the BlackBerry Browser.


<meta http-equiv="x-rim-auto-match" content="none" />


<meta name="x-rim-auto-match" http-equiv="x-rim-auto-match" forua="true" content="none" />


Skype toolbar meta tag… preventing Skype from messing up your UI

August 9th, 2014 No comments

I’ve previously documented the method used to prevent IOS devices from formatting numbers.

Users on other platforms, notably Windows, have Skype installed and it too can cause some headaches with your UI as it inserts elements to decorate phone numbers.

For users that have the Skype Toolbar enabled, the following META tag will prevent it from doing a lot of damage!



HTML cleartype meta tag?

August 3rd, 2014 No comments

This tag allows for activation of ClearType in Mobile IE for smoothing fonts.

<!--[if IEMobile]><meta http-equiv="cleartype" content="on" /><![endif]-->

NOTE: Future use of this approach is questionable, as MSIE10 dropped support of conditional comments, and HTML5 validators (in general) do not “like” the http-equiv values as they are not standardized


Preventing IOS/Safari from formatting numbers

August 2nd, 2014 No comments

There are many cases where your application may display numbers that “resemble” phone numbers, but are not, unfortunately Safari’s default behavior is for it to be “helpful” and format them into clickable/callable links for the user of Apple IOS devices.

Adding the following META tag can prevent that default behavior:

<meta name="format-detection" content="telephone=no" />

NOTE: I’ve seen some mention of using this method for ‘address=no’ and ‘email=no’, but have not looked into or verified those implementation yet!