WebHTMLViewer & ExecuteJavaScript

Andrew_Paul_Dickey · May 4, 2016, 8:44pm

Hello Forum,

I have a XOJO web app.
One of the web pages in my app contains a WebHTMLViewer which on ‘open’ loads an external website.
User credentials in my app and the external website are the same for each user.

My aim is to login to the site contained in the WebHTMLViewer on behalf of the user by completing and submitting a login form.

So once the page is loaded in the browser, I (from a button action) try just to complete a single field (just to test the process):
HTMLViewer1.ExecuteJavaScript(“document.getElementById(‘sign-in-email’).value = ‘example_user@exampledomain.com’;”) and several other variations which all result in error.

“Could not execute returned javascript: Unable to set property ‘value’ of undefined or null reference” or similar errors indicating I cannot access the DOM of the page in the WebHTMLViewer.

I am guessing this is an XSS (cross site scripting) issue.

I have two questions then.

1, is my aim still achievable with ExecuteJavaScript (perhaps utilising some secondary JS technique); and (if that is not possible),
2. is it possible to automate by simulating Click and KeyPressed events in the WebHTMLViewer.

Any assistance greatly appreciated.

Kind regards, Andrew

DerkJ · May 4, 2016, 9:35pm

What’s the html element type of “sign-in-email” ?

Michel_Bujardet · May 4, 2016, 9:41pm

Accessing elements inside an iFrame require some extra steps.
See http://www.dyn-web.com/tutorials/iframes/refs/iframe.php

Andrew_Paul_Dickey · May 4, 2016, 9:42pm

Thank you for your interest Derk,

<input type="text" id="sign-in-email" name="name" value="" size="60" maxlength="60" class="form-text required" />

Kind regards, Andrew

DerkJ · May 4, 2016, 9:52pm

[quote=264081:@Andrew Paul Dickey]Thank you for your interest Derk,

<input type="text" id="sign-in-email" name="name" value="" size="60" maxlength="60" class="form-text required" />

Kind regards, Andrew[/quote]

Hi Andrew,
As @Michel Bujardet suggested, are you using iframes? Those work differently.

I see no problem in the html tag.

Michel_Bujardet · May 4, 2016, 10:00pm

WebHTMLViewer is an iFrame.

This too may help : http://stackoverflow.com/questions/7570496/getting-the-document-object-of-an-iframe

DerkJ · May 4, 2016, 10:03pm

[quote=264085:@Michel Bujardet]HTMLViewer is an iFrame.

This too may help : http://stackoverflow.com/questions/7570496/getting-the-document-object-of-an-iframe[/quote]

In Web Edition, but desktop too ?

Michel_Bujardet · May 4, 2016, 10:04pm

No, not in Desktop. But the OP talks about a web app.

DerkJ · May 4, 2016, 10:07pm

I see now, i overlooked the “web app”.

The external website might have url based forms to login. Then you could request right into the login “form” so to speak by loading a url with query parameters. Perhaps you can give the url of the website you are trying to login to.

Andrew_Paul_Dickey · May 4, 2016, 10:20pm

Thanks Derk and Michel,

Michel beat me to it by confirming the HTMLWebViewer is an iFrame as I had suspected.

I have already attempted to login by passing params (with no success), but will test again.

Let me digest Michel’s references and try again.

I will keep you posted of how I go. Thank you for your assistance.

Kind regards, Andrew