Execute Actions after Login in Browser Based DAST
Part 2 of the implementation of DAST_AFTER_LOGIN_ACTIONS
in Browserker, a new comma separated list of actions to be executed after login. Example: "click[on=css:.remember-me],click[on=id:stay-signed-in]"
This issue describes implementing the execution of a login action.
Part 1 #426504 (closed)
Implementation Plan
- In
auth.Service.processLoginSteps
, after attempting login and before navigating to about:blank, ask the login actions to execute. Cookies recorded during this process should be captured as part of theAuthContext
- Add
Execute(loginCtx *browserk.Context, crawler browserk.Crawler, browser browserk.Browser) ([]*browserk.Navigation, error)
to each browserk.LoginAction. - The click action will need to create a new click navigation (see how
PathToLoginForm
works inauthenticator.LoginFormFinder
). The crawler will process the navigation. - Add relevant unit tests, integration tests and end to end tests using a login page with post login steps.
- Update end-to-end test to use this field, prefer modifying an existing test over adding a new one.
- In DAST
- Add configuration DAST_AFTER_LOGIN_ACTIONS and pass it on to Browserker.
- Upgrade Browserker
NOTE: Cookies generated/added based on the login actions are not in the scope of this issue and will be handled separately
Edited by Arpit Gogia