Struggling to locate Submit button in Ember App

ICTU / zap2docker-auth-weekly

Zap baseline scanner in Docker with authentication

Apache License 2.0

104 stars 70 forks source link

Struggling to locate Submit button in Ember App #30

Closed andydkelly-ig closed 3 years ago

andydkelly-ig commented 3 years ago

Hi,

First of all thank you for making this - it's a great resource we've been using for over a year

I am now moving to implement the solution against an existing product we are not yet scanning and am hitting a brick wall authenticating. I have managed to fill in the Username and Password fields on the login screen, but the XPath for our Login button is //*[@id="login-button"]/button and as a result i can't find a way to get this to be detected. Any ideas how i can achieve this, or is it possible to add this as an option into the Python script for buttons?

Many Thanks

dicksnel commented 3 years ago

@andydkelly-ig I just recently commited a change that allows this parameter: auth.submitaction=submit

This will instruct the tool to perform a submit on the form in which the Username field is located. Can you try this?

andydkelly-ig commented 3 years ago

Will give it a go

dicksnel commented 3 years ago

By the way, you can also provide xpath in the auth.submit_field config param. So you could do: auth.submit_field='//*[@id="login-button"]/button'

andydkelly-ig commented 3 years ago

Sadly this didn't work with either of my apps (one is Ember and one is Angular) - it just cannot seem to find the button to submit. I can find and fill Username and Password but on both apps the login button doesn't appear as type button or submit.

I am not a front end dev, so this is all a little over my head.

On the Angular app the XPath for the login button is //*[@id="button-1022"] and on the Ember app it is //*[@id="login-button"]/button

I have tried adding these by ID and also by XPath as follows:

auth.submit_field='//*[@id="button-1022"]' auth.submit_field='//*[@id="login-button"]/button'

andydkelly-ig commented 3 years ago

I receive the error:

selenium.common.exceptions.NoSuchElementException: Message: Unable to locate element: //*[@type='submit' or @type='button']

dicksnel commented 3 years ago

@andydkelly-ig could you post a demo page or the HTML / DOM? So I can debug the issue.

andydkelly-ig commented 3 years ago

https://d3sa-preview.infogixsaas.com/editor is one of them

dicksnel commented 3 years ago

Cool, I'll take a look!

dicksnel commented 3 years ago

@andydkelly-ig can you pull the latest image, it should work now without providing any field name. Alternatively you can provide auth.username_field="ember4" auth.password_field="ember5" auth.submit_field="//button"

andydkelly-ig commented 3 years ago

Fantastic Dick, it's running now. Really appreciate the quick turnaround on this. Thank you very much 👍

dicksnel commented 3 years ago

Nice!