Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pa11y Authentication Question #94

Closed
qaDream77 opened this issue Sep 22, 2015 · 6 comments
Closed

Pa11y Authentication Question #94

qaDream77 opened this issue Sep 22, 2015 · 6 comments

Comments

@qaDream77
Copy link

I got login working via phantomJS using the post method outlined at 1

How do i post via pa11y and how can i confirm that it actually logged me in because i always get the same amount of errors, warnings and notices so i am not sure if it successfully logged me in or not.

The reason i ask is because I have a login token which is created on session start to prevent cross site scripting, so how would i go about getting that token then doing a post?

EDIT: Using the config.json file to set

pa11y({
page: {
settings: {
j_username: 'testuser',
j_password: 'pwd1'
}
}
});

Doesn't do anything even on a login that doesn't have a login token. A working example would be amazing.

Edit 2: Is there any way to run pa11y from a .js file. Example usage: phantomjs pallyTest.js

the js file would contain the command to post and login and then run accessibility tests.

Thanks a lot for the help! Cheers.
@qaDream77 qaDream77 changed the title How to login and run accessibility test. Pa11y Authentication Question Sep 22, 2015
@rowanmanning
Copy link
Member

Hi @qaDream77, aside from setting a login token with cookies in the config, I don't think this is achievable yet. I'd like to add the ability to perform actions on the page before the run, would that solve your problem? Then you could write a script which fills out the login form and posts it before pa11y loads.

@qaDream77
Copy link
Author

That would probably solve the issue.

Just one thing to add is that a lot of companies and websites now are trying to prevent cross site scripting along with other security vulnerabilities, so not only would a post needs to be made with username and password but a unique session token would have to be fetched from a cookie or from a hidden form field and sent along with the username and password in the post.

If pa11y could be run as a selenium or phantom library, then it wouldn't need to worry about any of that. Because it would just execute on the currently loaded page.

@rowanmanning
Copy link
Member

I'm not going to have time to work on this right now, but I've opened a ticket which should solve this issue: #98. I'm tied up in the release of pa11y 3.0 at the moment, but will prioritise this afterwards.

@qaDream77
Copy link
Author

Looking forward to it! I am curious what features 3.0 will bring, is there a list anywhere and do you maybe have an estimated release date?

Cheers!

@rowanmanning
Copy link
Member

Yes, the PR for 3.0 outlines the features, it's mostly an API change though: #97. In terms of a release date, I'd say quite soon – I'm just waiting to hear back about a licensing change.

@rowanmanning
Copy link
Member

Going to close this as it'll be solved when #98 makes it in. I'll hopefully have time to work on that in the near future.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rowanmanning @qaDream77