Selenium WebDriver Quick Start Guide
上QQ阅读APP看书,第一时间看更新

What is cross-site scripting (XSS)?

Another concept related to same-origin policy is cross-site scripting. Cross-site scripting refers to the situation where a website can be prone to attacks from hackers. A typical hacker injects one or more JavaScript codes into web pages that are being browsed. These JavaScript codes can be malicious, and can pull cookie information from websites, pertaining to be banks, for example. This way, the malicious script bypasses the same-origin policy control.

Selenium RC consists of two parts:

  • Selenium server
  • Client libraries

The following diagram shows the functioning of Selenium RC, where the RC Server sits in-between the libraries like Java and Python and sends instructions to Selenium Core, thereafter operating on the individual browser:

Image modelled from www.seleniumhq.org

The role of the Remote Control Server is to inject the Selenium Core in the respective browser. The client libraries send instructions in the form of requests to the RC Server, and the RC Server communicates this to the browser. After receiving a response, this is communicated back to the user by the RC Server.