tests require Content-Security-Policy unsafe-eval allowed #1870
Comments
|
This is due to browser extension limitations. As of now you can work around it by using Selenium IDE v4 or side-runner to execute your recorded tests on websites with content security policy limitations. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
🐛 Bug Report
Trying to trigger a click (and maybe other events too) on a website that has some level of Content-Security-Policy restricting 'unsafe-eval', the test cannot be run due eval() called somewhere inside selenium-ide.
Why it requires eval()? Could this be solved by replacing code that does not require eval()?
To Reproduce
Error because Selenium called eval() somewhere that is not allowed by the website CSP.
Expected behavior
Test runs without error.
Project file
{ "id": "20abfcba-2009-4014-8ab4-bee83e21a16c", "version": "2.0", "name": "csptest", "url": "http://10.0.0.3", "tests": [{ "id": "a5ca51ca-2f96-49f7-91b6-336bb66ae272", "name": "clicktest", "commands": [{ "id": "5ada58e3-4d5d-47f3-8104-8aae63624e08", "comment": "", "command": "open", "target": "/", "targets": [], "value": "" }, { "id": "cc1ced3e-da5e-4694-9800-b9491ece38e3", "comment": "", "command": "click", "target": "id=mybutton", "targets": [ ["id=mybutton", "id"], ["css=#mybutton", "css:finder"], ["xpath=//button[@id='mybutton']", "xpath:attributes"], ["xpath=//button", "xpath:position"], ["xpath=//button[contains(.,'Click me')]", "xpath:innerText"] ], "value": "" }] }], "suites": [{ "id": "ddf355fa-29bf-4c88-80e5-d033467c741d", "name": "Default Suite", "persistSession": false, "parallel": false, "timeout": 300, "tests": ["a5ca51ca-2f96-49f7-91b6-336bb66ae272"] }], "urls": ["http://10.0.0.3/"], "plugins": [] }Environment
OS: macOS (x64 and aarch64)
Selenium IDE Version: 3.17.4
Browser: Firefox
Browser Version: Firefox 115.16.1esr (64-bit), Firefox 131.0.3 (aarch64)
The text was updated successfully, but these errors were encountered: