Current time: 04-30-2017, 09:19 AM Hello There, Guest! (LoginRegister)

Post Reply 
 
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Trying to test login of a page but cant get past captcha
04-08-2017, 03:59 PM
Post: #1
Trying to test login of a page but cant get past captcha
Hi,

I am trying to get some page performance metric for a website that requires login. The submit login form seems to be working but i see captcha "i am not a robot" . how can i overcome this and make sure that i am actually logged in?
Find all posts by this user
Quote this message in a reply
04-11-2017, 02:05 AM
Post: #2
RE: Trying to test login of a page but cant get past captcha
I am not sure that this is possible. The point of having a captcha is to defeat automated logins.

The only safe mechanism I can think is to host an internal WPT instance. On your application, you'll have to set a rule to disable captcha for internal addresses and then script the test script.

If this is not feasible, you may want to explore turning off captcha from only WPT IP addresses and probably add some kind of an indication like a custom HTTP header. When a request is from a WPT IP and has the header, your application could drop the captcha and you can continue with the login. This is still a security hole. So please check with your teams before proceeding.

Follow me on twitter: @rakshay
Visit this user's website Find all posts by this user
Quote this message in a reply
04-11-2017, 04:17 AM
Post: #3
RE: Trying to test login of a page but cant get past captcha
(04-11-2017 02:05 AM)akshayranganath Wrote:  I am not sure that this is possible. The point of having a captcha is to defeat automated logins.

The only safe mechanism I can think is to host an internal WPT instance. On your application, you'll have to set a rule to disable captcha for internal addresses and then script the test script.

If this is not feasible, you may want to explore turning off captcha from only WPT IP addresses and probably add some kind of an indication like a custom HTTP header. When a request is from a WPT IP and has the header, your application could drop the captcha and you can continue with the login. This is still a security hole. So please check with your teams before proceeding.

Thanks! i was able to get it working on my private instance after disabling captcha
Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 2 Guest(s)