Skip to content
GitLab
Closed
Issue created by Administrator@rootContributor

Triggering event fails when element contains non-ascii characters

Created by: Logima

When scanning a page which contains an element with onclick-event and non-ascii characters, following message appears:

Worker: Could not trigger 'click' on: <a href="otherpage.html" title="Non-ascii characters: \u00E4\u00F6" onclick="console.log(1)">

Every failed trigger causes a 5-second delay. This also seems to cause AutoThrottle to kick in when scanning larger site with many similar cases.

Minimal example:

index.html with content:

<!DOCTYPE html>
<html>
<body>
<a href="otherpage.html" title="Non-ascii characters: äö" onclick="console.log(1)">other page</a>
</body>
</html>

saved as UTF-8. Hexdump of this file:

00000000: 3c21 444f 4354 5950 4520 6874 6d6c 3e0a  <!DOCTYPE html>.
00000010: 3c68 746d 6c3e 0a3c 626f 6479 3e0a 3c61  <html>.<body>.<a
00000020: 2068 7265 663d 226f 7468 6572 7061 6765   href="otherpage
00000030: 2e68 746d 6c22 2074 6974 6c65 3d22 4e6f  .html" title="No
00000040: 6e2d 6173 6369 6920 6368 6172 6163 7465  n-ascii characte
00000050: 7273 3a20 c3a4 c3b6 2220 6f6e 636c 6963  rs: ...." onclic
00000060: 6b3d 2263 6f6e 736f 6c65 2e6c 6f67 2831  k="console.log(1
00000070: 2922 3e6f 7468 6572 2070 6167 653c 2f61  )">other page</a
00000080: 3e0a 3c2f 626f 6479 3e0a 3c2f 6874 6d6c  >.</body>.</html
00000090: 3e0a                                     >.

Scanned using:

./bin/arachni --checks - --browser-cluster-pool-size 1 --http-request-concurrency 1 --output-verbose --output-debug 2 http://hostname:8000/

[2016-10-20 15:34:52 +0300 - 5.4] [!] [browser#fire_event:587] Worker: Element '<a href="otherpage.html" title="Non-ascii characters: \u00C3\u00A4\u00C3\u00B6" onclick="console.log(1)">' could not be located for triggering 'click'.
[2016-10-20 15:34:52 +0300 - 0.0] [!] [browser#fire_event:589] Worker: 
[2016-10-20 15:34:52 +0300 - 0.0] [!] [browser#fire_event:590] Worker: [Selenium::WebDriver::Error::TimeOutError] timed out after 5 seconds ({"errorMessage":"Unable to find element with css selector 'a[href=\"otherpage.html\"][title=\"Non-ascii characters: \\u00C3\\u00A4\\u00C3\\u00B6\"][onclick=\"console.log(1)\"]'","request":{"headers":{"Accept":"application/json","Accept-Encoding":"gzip;q=1.0,deflate;q=0.6,identity;q=0.3","Connection":"close","Content-Length":"151","Content-Type":"application/json; charset=utf-8","Host":"127.0.0.1:57504","User-Agent":"Ruby"},"httpVersion":"1.1","method":"POST","post":"{\"using\":\"css selector\",\"value\":\"a[href=\\\"otherpage.html\\\"][title=\\\"Non-ascii characters: \\\\u00C3\\\\u00A4\\\\u00C3\\\\u00B6\\\"][onclick=\\\"console.log(1)\\\"]\"}","url":"/element","urlParsed":{"anchor":"","query":"","file":"element","directory":"/","path":"/element","relative":"/element","port":"","host":"","password":"","user":"","userInfo":"","authority":"","protocol":"","source":"/element","queryKey":{},"chunks":["element"]},"urlOriginal":"/session/94fafcb0-96c1-11e6-904a-cb29570c7c36/element"}} (org.openqa.selenium.NoSuchElementException))
[2016-10-20 15:34:52 +0300 - 0.0] [!] [browser#fire_event:590] Worker: /home/user/arachni-dev-19.10.16/system/gems/gems/selenium-webdriver-3.0.0/lib/selenium/webdriver/common/wait.rb:73:in `until'
[2016-10-20 15:34:52 +0300 - 0.0] [!] [browser#fire_event:590] Worker: /home/user/arachni-dev-19.10.16/system/gems/bundler/gems/arachni-a5bd657e3856/lib/arachni/browser.rb:584:in `fire_event'
[2016-10-20 15:34:52 +0300 - 0.0] [!] [browser#fire_event:590] Worker: /home/user/arachni-dev-19.10.16/system/gems/bundler/gems/arachni-a5bd657e3856/lib/arachni/browser.rb:544:in `trigger_event'
[2016-10-20 15:34:52 +0300 - 0.0] [!] [browser#fire_event:590] Worker: /home/user/arachni-dev-19.10.16/system/gems/bundler/gems/arachni-a5bd657e3856/lib/arachni/browser_cluster/jobs/dom_exploration/event_trigger.rb:38:in `run'
[2016-10-20 15:34:52 +0300 - 0.0] [!] [browser#fire_event:590] Worker: /home/user/arachni-dev-19.10.16/system/gems/bundler/gems/arachni-a5bd657e3856/lib/arachni/browser_cluster/job.rb:109:in `configure_and_run'
[2016-10-20 15:34:52 +0300 - 0.0] [!] [browser#fire_event:590] Worker: /home/user/arachni-dev-19.10.16/system/gems/bundler/gems/arachni-a5bd657e3856/lib/arachni/browser_cluster/worker.rb:80:in `run_job'
[2016-10-20 15:34:52 +0300 - 0.0] [!] [browser#fire_event:590] Worker: /home/user/arachni-dev-19.10.16/system/gems/bundler/gems/arachni-a5bd657e3856/lib/arachni/browser_cluster/worker.rb:244:in `block in start'

When adding <meta charset="utf-8" /> the output changes slightly, but still isn't working:

Worker: Element '<a href="otherpage.html" title="Non-ascii characters: \u00E4\u00F6" onclick="console.log(1)">' could not be located for triggering 'click'.

I'm using latest nightly (a5bd657e).