Corion / WWW-Mechanize-Chrome

automate the Chrome browser

Home Page:https://metacpan.org/release/WWW-Mechanize-Chrome

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

WWW::Mechanize::Chrome->new hangs when --remote-allow-origins= is not set

sni opened this issue · comments

Using WWW::Mechanize::Chrome 0.68 on debian 11 with chromium 111.

%> chromium --version
Chromium 111.0.5563.64 built on Debian 11.6, running on Debian 11.6

When using the basic example it hangs and using straces it reveils that chrome denies connection because of remote-allow-origin not set:

%> strace -s 1000 perl test.pl

poll([{fd=4, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{fd=4, revents=POLLOUT}])
write(4, "GET /devtools/browser/a414f313-72d9-4402-aa79-a3e90d0ff50b HTTP/1.1\r\nUpgrade: WebSocket\r\nConnection: Upgrade\r\nHost: 127.0.0.1:39039\r\nOrigin: http://127.0.0.1:39039\r\nSec-WebSocket-Key: 8nRsNY16bho1R/TEneonDQ==\r\nSec-WebSocket-Version: 13\r\n\r\n", 239) = 239
poll([{fd=4, events=POLLIN}], 1, -1)    = 1 ([{fd=4, revents=POLLIN}])
read(4, "HTTP/1.1 403 Forbidden\r\nContent-Length:241\r\nContent-Type:text/html\r\n\r\nRejected an incoming WebSocket connection from the http://127.0.0.1:39039 origin. Use the command line flag --remote-allow-origins=http://127.0.0.1:39039 to allow connections from this origin or --remote-allow-origins=* to allow all origins.", 8192) = 311

Adding --remote-allow-origins=* as launch_arg did the trick here.

Another annoying thing is chromium asking for access to the kdewallet. This can be disabled by add the launch_arg --password-store=basic.

So it works for me now, but you might want to extend your default launch options so it will work out of the box.

Thanks for your module.

Thanks for working this out @sni - I have the same problem and this has saved me many hours of debugging!

I'll release this soonish onto CPAN as well. Thanks for the diagnosis and report!

I can confirm that this same issue exists in macOS Monterey / Apple M1 / 111.0.5563.64 (Official Build) (arm64) as of March 2023. Strangely enough, It was NOT happening a month or two ago when I last used this module, and I don't remember updating anything, or otherwise doing/changing on my machine. I guess Chrome updated itself and implemented this new security policy.