Chrome 59 has removed support for https://user:[email protected] URLs.
I have a test which was using this feature which has now broken, so I'm trying to replace it with a version which waits for the authentication popup and fills in the details. But the following doesn't work on Chrome (which doesn't see the auth popup as an alert):
alert().authenticateUsing(new UserAndPassword("test", "test"));
The selenium-only version has the same issue:
WebDriverWait wait = new WebDriverWait(getDriver(), 10);
Alert alert = wait.until(ExpectedConditions.alertIsPresent());
alert.authenticateUsing(new UserAndPassword("test", "test"));
(based on the answer given here: How to handle authentication popup with Selenium WebDriver using Java)
I can see several workarounds for handling this in FireFox, but nothing for Chrome. Is there any alternative approach?
I'm sure Florent B's solutions are viable, but for retro-fitting an old test, I found that zoonabar's solution posted to this duplicate question is easier to implement, takes considerably less code, and requires no special preparation of the test box. It also seems that it would be easier to follow for new developers looking at the code.
In short: visiting any URL with credentials before visiting the URL under test (without credentials) will cause the browser to remember the credentials.
goTo("http://user:password@localhost"); // Caches auth, but page itself is blocked
goTo("http://localhost"); // Uses cached auth, page renders fine
// Continue test as normal
This may feel like a vulnerability in the browser which will be patched, but I think this is unlikely; the restriction has been imposed to avoid phishing risks (where the username chosen looks like a domain, e.g. "http://google.com:long-token-here-which-makes-the-real-domain-disappear@example.com/"), and this workaround for setting credentials doesn't pose the same risk.