Selenium

Selenium tests can be integrated into your web security testing workflow for a complete system and security testing coverage. This setup depends on the Cohesion Proxy and having the correct proxy configuration in Selenium itself.

To set up the proxy, we simply need to define the scope and start the proxy server. Additional proxy configuration options are described in the proxy documentation.

$ cohesion proxy http://target/

The Selenium environment must be configured to use the proxy server. By default, the proxy is running on localhost port 9090.

To set up the Selenium environment we need to change the proxy settings for the selenium driver. For example, the following code is required to configure Firefox.

String PROXY = "localhost:9090";

Proxy proxy = new Proxy();

proxy.setHttpProxy(PROXY).setSslProxy(PROXY);

DesiredCapabilities cap = new DesiredCapabilities();

cap.setCapability(CapabilityType.PROXY, proxy);

WebDriver driver = new FirefoxDriver(cap);

More information about how to setup the selenium proxy settings is available from the official documentation here.

Caveats

Cohesion and Selenium run in separate processes and therefore it may be required to manage how and when they should exit or terminate the testing process. This configuration can be significantly simplified with the help of the "--exec" command-line option. For example:

$ cohesion proxy http://target --exec="./run-selenium.sh" --wait="http://target"

The command above will run the selenium tests as part of the proxy lifecycle. The tests will be terminated as soon as the proxy exists, therefore also managing the complete lifecycle of the selenium tests.