ignoreHTTPSErrors is not working when request interception is on

[Khady]

Steps to reproduce

Tell us about your environment:

• Puppeteer version: ab9b34c
• Platform / OS version: debian stretch, nodejs 8.8
• URLs (if applicable): https://halva.khady.info

What steps will reproduce the problem?

Just launch this code to see the problem:

// https.js
'use strict';

const puppeteer = require('puppeteer');

const URL = "https://halva.khady.info/";

(async() => {
  const args = [
    "--disable-setuid-sandbox",
    "--no-sandbox",
  ];
  const options = {
    args,
    headless: true,
    ignoreHTTPSErrors: true,
  };
  const browser = await puppeteer.launch(options);
  const page = await browser.newPage();
  await page.setRequestInterception(true);
  page.on("request", (request) => {
    if (request.resourceType === "Image") {
      request.abort();
    } else {
      request.continue();
    }
  });
  await page.goto(URL, { timeout: 8000, waitUntil: "load" });
  const html = await page.content();
  console.log(html);
  await page.close();
  await browser.close();
})();

What is the expected result?

With the request interception disabled:

  // await page.setRequestInterception(true);
  // page.on("request", (request) => {
  //   if (request.resourceType === "Image") {
  //     request.abort();
  //   } else {
  //     request.continue();
  //   }
  // });

$ nodejs misc/https_headless.js 
<html><head><title>potkw</title></head>
<body>
Khady Khady roule roule

</body></html>

What happens instead?

$ nodejs misc/https_headless.js 
(node:23556) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): Error: Navigation Timeout Exceeded: 8000ms exceeded
(node:23556) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
^C

[ali-habibzadeh]

Same issue here

[Khady]

If you can use puppeteer without chrome headless, a solution seems to be the --ignore-certificate-errors flags. Unfortunately it doesn't work with chrome headless.

[Khady]

And actually the problem is here even if ignoreHTTPSErrors is set to false:

'use strict';

const puppeteer = require('puppeteer');

const URL = "https://halva.khady.info/";

(async () => {
  const args = [
    "--disable-setuid-sandbox",
    "--no-sandbox",
  ];
  const options = {
    args,
    headless: true,
    ignoreHTTPSErrors: false,
  };
  const browser = await puppeteer.launch(options);
  const page = await browser.newPage();
  await page.setRequestInterception(true);
  page.on("request", (request) => {
    if (request.resourceType === "image") {
      request.abort();
    } else {
      request.continue();
    }
  });
  await page.goto(URL, { timeout: 8000, waitUntil: "load" });
  const html = await page.content();
  console.log(html);
  await page.close();
  await browser.close();
})();

$ nodejs bhttps.js 
(node:321) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): Error: Navigation Timeout Exceeded: 8000ms exceeded
(node:321) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
^C

[vc1]

#1441 same as yours

use this

args: [
    '--ignore-certificate-errors',
    '--ignore-certificate-errors-spki-list '
]

[Khady]

This work only when you launch puppeteer with headless: false. See #1159 (comment)

BTW, the --ignore-certificate-errors-spki-list flag is not doing anything if you don't use the --user-data-dir flag according to this documentation.

[boligolov]

I have '--ignore-certificate-errors' in arguments and ignoreHTTPSErrors is TRUE, but receive ERR_CERT_AUTHORITY_INVALID error from Chromium. Url for example: 'https://ostin.com/ru/ru/'

[jsteel]

I have all those ignore flags on and interception on. I only get an ERR_CERT_AUTHORITY_INVALID when running the script against the box I'm on if it uses a self signed cert. If I hit the same box from another server, it works fine.

[aslushnikov]

Filed upstream: crbug.com/801426

[maZahaca]

Is there any progress?

[kevinmu]

I ran into the same problem, worked around it by doing the following:

const puppeteer = require('puppeteer');

async function visit() {
    const browser = await puppeteer.launch({
        args: [
            '--disable-setuid-sandbox',
            '--no-sandbox',
            '--ignore-certificate-errors',
        ],
        ignoreHTTPSErrors: true,
        headless: true,
    });

    // this initial visit is meant to bypass the certificate errors; don't intercept anything yet.
    var url = "SOME_URL_ON_THE_SAME_DOMAIN.com"
    const page = await browser.newPage();
    await page.setViewport({width: 1300, height: 1000});
    await page.goto(url); 

    // intercept requests; at this point we've already bypassed the certificate errors,
    // so the subsequent page visit will load.
    await page.setRequestInterception(true);
    await page.on('request', interceptedRequest => {
        console.log(interceptedRequest.url());
        interceptedRequest.continue();
    });

    // visit the actual page you want to do stuff on.
    var actualURL = "SOME_URL_ON_THE_SAME_DOMAIN.com/ACTUAL_PAGE"
    await page.goto(actualURL, {waitUntil: 'networkidle0'});
    await browser.close();
}

However, even with this work-around, I still think that the fix for this issue is super high priority. Thanks!

[leem32]

This is a major problemo. Hope it gets fixed soon.

[wrightm]

Any update on this front?

Looks like there is a solution using the chrome driver https://bugs.chromium.org/p/chromium/issues/detail?id=721739 and chrome 65/66 .

Capybara.register_driver :headless_chromium do |app|
      capabilities = Selenium::WebDriver::Remote::Capabilities.chrome(
        acceptInsecureCerts: true,
        binary: '/usr/bin/chromium-browser',
        chromeOptions: {
          'args' => ['--headless', '--disable-web-security', '--incognito',
                     '--no-sandbox', '--disable-gpu', '--window-size=1920,1080']
        })
      Capybara::Selenium::Driver.new(
        app,
        browser: :chrome,
        desired_capabilities: capabilities
      )
    end

I'll try and find sometime to figure how to apply this to puppeteer/chrome dev tools. If anyone gets there before me please post it up.

[c094728]

I'm having the same problem and the work-around given by kevinmu didn't work for me. It will run fine running on my linux virtualbox machine but will give a time-out running in a docker container.
I'm using a node:9 docker image. If I remove the {waitUntil: ['networkidle0']} it will run and not timeout on docker but then when I retrieve all the anchors from the page, most are missing because the ajax calls have not yet finished updating the page. I can put in a timed wait but that is not reliable

[vincentlong889]

Is there any progress?

[aslushnikov]

This bug will be fixed once Chromium completes migration onto Network Service.

As a workaround, network service could be enabled via a runtime flag --enable-feature=NetworkService.

Beware! NetworkService is not completed yet and doesn't pass all pptr tests.

Still, the following works for me:

const puppeteer = require('puppeteer');

const URL = "https://halva.khady.info/";

(async() => {
  const browser = await puppeteer.launch({
    args: ['--enable-features=NetworkService'],
    headless: true,
    ignoreHTTPSErrors: true,
  });
  const page = await browser.newPage();
  await page.setRequestInterception(true);
  page.on("request", (request) => {
    if (request.resourceType === "Image")
      request.abort();
    else
      request.continue();
  });
  await page.goto(URL, { timeout: 8000, waitUntil: "load" });
  const html = await page.content();
  console.log(html);
  await page.close();
  await browser.close();
})();

[vincentlong889]

When I use this args: --enable-feature=NetworkService
then --proxy-server=xxx is not working!

seems like I use '--no-sandbox'，and proxy is not working,
https://groups.google.com/a/chromium.org/forum/#!topic/network-service-dev/qr7yCQeoT4o

browser = await puppeteer.launch({
      ignoreHTTPSErrors: true,
      args: [
        '--no-sandbox',
        '--disable-dev-shm-usage',
        '--enable-features=NetworkService',
        '--proxy-server=' + proxyUrl
      ]
    });

[garris]

@aslushnikov thanks for he info — I will give this a try tomorrow. Good to know a fix is on the roadmap!

[fudali]

@aslushnikov

Thanks for the workaround with --enable-feature=NetworkService
It works for me, but I also can't use proxy now

[vincentlong889]

use google-chrome-unstable instead of puppeteer's chromium, setRequestInterception is working

const browser = await puppeteer.launch({
      executablePath: 'google-chrome-unstable',
      ignoreHTTPSErrors: true,
      args: ['--disable-dev-shm-usage']
    });

[bluepeter]

Side effect of using --enable-feature=NetworkService is that browser caching no longer appears to work.

[leem32]

Just tried --enable-feature=NetworkService with Puppeteer 1.6.2 and accompanying Chromium, but it's still not working.

I tested using the URL http://finishline.com which hangs when using with await page.setRequestInterception(true); and there was no difference using --enable-feature=NetworkService as without it. Puppeteer just hangs up until goto timeout ends,

browser launch:
browser = await puppeteer.launch({ args: ['--enable-features=NetworkService'], headless: true, timeout: 30000, ignoreHTTPSErrors: true });

goto:
await page.goto(url, { timeout: 60000, waitUntil: 'load' })

[fudali]

Why is it closed? Isn't it gonna be resolved?

[ntzm]

NetworkService seems to break setting and getting cookies as well

[maZahaca]

Wow Wow Wow. The original issue from Chromium was just fixed! Yay!

Let's get this stuff moving...

[maZahaca]

Hi @aslushnikov, any ETA for this to be released?

[aslushnikov]

@maZahaca: pptr 1.8.0 will be released on September, 6.

[vincentlong889]

Great job!

[bluepeter]

Note: this is still an issue for those of us trying to run on Linux. See: https://bugs.chromium.org/p/chromium/issues/detail?id=877075

[alexandrzavalii]

as @bluepeter mentioned its still an issue.
Its not working on google cloud which is Linux based
Any workarounds?

[webhype]

Why is this issue being "aggressively closed?" Nobody there uses Mac OS? Not one person tested this on Unix-style systems?

Not one of the above examples, with or without any special args[], works on Mac OS, not for secure sites nor for https sites. Puppeteer 1.17 & Chrome 76

[aslushnikov]

Why is this issue being "aggressively closed?" Nobody there uses Mac OS? Not one person tested this on Unix-style systems?

@webhype The core issue was fixed and we added a test to make sure it doesn't regress. We run all our tests continuously on Mac, Linux and Windows - so yes, we fix across the variety of environments, including UNIX-style systems.

Not one of the above examples, with or without any special args[], works on Mac OS, not for secure sites nor for https sites. Puppeteer 1.17 & Chrome 76

The https://halva.khady.info/ is down - so the example doesn't work any more. I just tried with https://expired.badssl.com/ instead and it worked.

If something doesn't work for you - please file a new issue with a script that reproduces the problem. We'll be happy to help!

[rodoabad]

@aslushnikov puppeteer-firefox has this issue still. Is there a separate thread for it?

[joelharkes]

Seems to still be an issue setRequestInterception(true) in docker as well when using the following setup:

  var executablePath = inDocker ?  : undefined;
  return launch({
    headless: true,
    ["--no-sandbox", "--disable-setuid-sandbox", "--disable-dev-shm-usage"] ,
    "/usr/bin/chromium-browser",
    defaultViewport: { width: 1000, height: 1600 },
    // dumpio: false,
    // ignoreHTTPSErrors: true
  });

[daddydrac]

I am having same problem with https site, while running puppeteer in docker

[javierfuentesm]

@aslushnikov puppeteer-firefox has this issue still. Is there a separate thread for it?

Did you find a solution? I still have the same problem with firefox

[JohnDotOwl]

What the shit, after so many bloody years, still the same issue.