Form is sent as "GET" instead of "POST"

[romaricdrigon]

What are you trying to achieve? (Expected behavior)

On our app, we have a login form with method="post". It should be submitted by HTTP POST.

How could the issue be reproduced? (Steps to reproduce)

This form will be sent as "GET" under Chrome headless, which causes our authentication system to crash.

How could the issue be reproduced? (Steps to reproduce)

Chromedriver output was not supra helpful in debugging this, but using a fork of php-webdriver 1.7.1 solved the issue (I needed Symfony 5 compatibility). So I wonder from where the issue is coming.

Details

• Php-webdriver version: latest from community branch
• PHP version: 7.4.0
• Selenium server version: /
• Operating system: Debian (dockerized)
• Browser used + version: Chromium 78.0.3904.108 + Chromedriver 78.0.3904.70 or 78.0.3904.105 (both have the issue)

The form HTML:

    <form method="post">
        <h2 class="h3 mb-3 font-weight-normal">{{ 'login.title'|trans }}</h2>

        <p>{{ 'login.intro'|trans }}</p>

        <div class="form-group">
            <label for="inputEmail">{{ 'emailOrUsername'|trans([], 'messages') }}</label>
            <input type="email" value="{{ last_username }}" name="email" id="inputEmail" class="form-control" placeholder="Email" required autofocus>
        </div>

        <div class="form-group">
            <label for="inputPassword">{{ 'password'|trans([], 'messages') }}</label>
            <input type="password" name="password" id="inputPassword" class="form-control" placeholder="Password" required>
        </div>

        <input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">

        <button class="btn btn-lg btn-primary" type="submit" id="login_submit">
            {{ 'login.button'|trans }}
        </button>
    </form>

[OndraM]

Hi, I' mot sure this is related to php-webdriver - at least I cannot say from the information you provide.

You said you were able to fix the issue by using Symfony 5? How?

Could you please provide more exact steps to reproduce (include the code you execute, and isolate the issue to some other more simple form? (like here: https://the-internet.herokuapp.com/login , which is also form with method=post).

[romaricdrigon]

Using 1.7.1 instead of community branch helped (sorry if that's not clear, that's unrelated to SF5). The issue does sound unrelated to php-webdriver, though it is surprising that changing php-webdriver version changes behavior.

I will try to reproduce it.

[OndraM]

Oh, thats a different story. So yes, this is possible :smile: , because in W3C mode (which is implemented in commnunity branch), there is not native "submit" feature of WebDriver protocol, and we are emulating it using javascript polyfill. And there may be a bug :thinking: . Cc @dunglas?

[OndraM]

Ok, so I digged it up a bit, and found following:

• In JsonWire mode (the only one supported in php-webdriver 1.7.1 and older) there is native "submit" method of the protocol, which we use.
• In W3C mode, where the submit command is no longer part of the protocol, we emulate the submit method using javascript.
• However if you submit form using javascript method, it does not include value of submit button. This is however correct behavior, not a bug.

Your login system probably depends on "submit" value of the POST form. This is something you should not do, it is probably a bug in your application. In Symfony, you should (see Symfony manual) detect whether form was submitted like this:

$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
...
}

You are probably doing it some other way, and this causes the issue.

So you options are:

• Fix the way you detect form submission in you Symfony app. This is the root cause, the following options are just o workaround for a bug in your app!
• Fall back to JsonWire protocol, and keep the old submit behavior (however - this is only temporary solution). You can find here how to disable the W3C protocol and fall back to to JsonWire OSS protocol.
• Do not use submit() method on the form itself (or some of its element), but rather click on the submit button:

  $submitButton = $driver->findElement(WebDriverBy::name('submit'));
  $submitButton->click();

  Now the value of submitt button will be sent, for reasons explained in the Stackoverflow answer linked above.

[romaricdrigon]

Thank you very much for the investigation, but actually that's not it. i'm using a Symfony "Guard", the check which fails boils down to this: 'user_login' === $request->attributes->get('_route') && $request->isMethod('POST');. Dumping $request object, method is indeed GET. Behavior using Chrome manually (ie., not headless, not automated) is correct.

I'm working right now on a reproduceable test case (using example.php as a model). I would appreciate you reopen this issue.

[OndraM]

Sure, please provide the reproducible example including the php-webdriver you call and I will have a look 🙂.

[romaricdrigon]

Will do. Still, I would appreciate your please re-open this issue, as other persons could join the conversation. If I can't reproduce it you will still be able to close it, but right now it looks like you were disappointed to be wrong in what you supposed and to act with some bad faith.

Anyway, issue seems unrelated to form action - but instead to form input filling. I will reopen another issue when I get the exact cause.

[OndraM]

@romaricdrigon Sorry, I didn't mean it this way.

Yes, please open new issue if you find something new. There definitely is some change of behavior on php-webdriver coming with the W3C protocol (because of the way eg. submit is now handled) - would be great if you can isolate the issue. The W3C implementation is experimental and any feedback is valuable :+1: .