headless doesn't work. - Githubissues

Kalebu / alright

Python wrapper for WhatsApp web-based on selenium

https://www.youtube.com/watch?v=yitQTt-NukM

MIT License

368 stars 110 forks source link

headless doesn't work. #74

Closed Bennyelg closed 2 years ago

Bennyelg commented 2 years ago

When I change to headless this is what Im getting if I debug the browser.page_source (found it since wait_until wait forever)

WhatsApp WebWhatsApp WebWhatsApp works with Google Chrome 60+To use WhatsApp, update Chrome or use Mozilla Firefox, Safari, Microsoft Edge or Opera.Update Google ChromeWhatsApp works with Google Chrome 60+To use WhatsApp, update Chrome or use Mozilla Firefox, Safari, Microsoft Edge or Opera.Update Google Chrome

euriconicacio commented 2 years ago

Hi, @Bennyelg! First of all, thanks for the feedback. In fact, it seems that Selenium/WebDriver/ChromeDriver have a different treatment for Headless Chrome. We'll add to our backlog such treatment in short term.

However, as a Sr Security Engineer & Ethical Hacker, I may ask you: do you have any particular reason to use Headless Chrome? I mean, IIRC, it has been one of the happiest findings on the victim's client by an attacker. Just check the number of CVEs associated with it and you'll see what I am telling. I would strongly recommend another approach.

Well, just a singular thought/recommendation. We'll work on the requested update.

Regards,

Eurico Nicacio.

Bennyelg commented 2 years ago

Hi, My usage is a coroner case - I wrote an app that logged in into my bank account and provides me a whatssup report that sums up the relevant KPI's - that's because my wife struggling / not have enough power to enter the app they provide due to plenty of reasons. I want to do it on remote server and not on my laptop, and headless is critical.

euriconicacio commented 2 years ago

Sorry for asking this, but you're aware of the tens of vulnerabilities you have added to your bank account system, aren't you? I mean, I would double-check if this does not go against your bank data transfer policies, otherwise, you could have your bank account wiped out for some other reason and not be covered on insurance terms due to such an implementation.

Anyway, just another piece of advice. I have added options for headless here, please pull the current version of main or update your local code; this will be part of the next release. However, since you have stated the usage of alright alongside banking activities, we must say we do not endorse that.

In case of any issues, please get in contact.

Bennyelg commented 2 years ago

Heheh nah its run specificly by me and I am monitoring the flow, its just my basic options and its limited to "read only" user options.

Bennyelg commented 2 years ago

the headless solution is not working I already tried it when modified the class locally.

Bennyelg commented 2 years ago

@euriconicacio @Kalebu

euriconicacio commented 2 years ago

We have added to our backlog the consideration of such treatment in short term.