3

我一直无法访问使用斜纹的 URL,并且找不到进一步调试问题的方法。我已经为“http”、“equiv-refresh”和“commands”启用了斜纹布的调试级别,但斜纹布仍然没有提供有关错误的任何详细信息。这是斜纹sh的输出:

    $ twill-sh

     -= Welcome to twill! =-

    current page:  *empty page*
    >> debug equiv-refresh 1
    DEBUG: setting equiv-refresh debugging to level 1
    current page:  *empty page*
    >> debug http 1
    DEBUG: setting http debugging to level 1
    current page:  *empty page*
    >> debug commands 1
    DEBUG: setting commands debugging to level 1
    current page:  *empty page*
    >> go https://auth.nbnco.net.au/okta/login

    ERROR: cannot go to 'https://auth.nbnco.net.au/okta/login'

    current page:  *empty page*

这是python脚本的输出:

    $ ./test.py
    Traceback (most recent call last):
      File "./test.py", line 13, in <module>
        go("https://auth.nbnco.net.au/okta/login")
      File "/usr/lib/python2.7/site-packages/twill/commands.py", line 109, in go
        browser.go(url)
      File "/usr/lib/python2.7/site-packages/twill/browser.py", line 91, in go
        raise TwillException("cannot go to '%s'" % (url,))
    twill.errors.TwillException: cannot go to 'https://auth.nbnco.net.au/okta/login'
4

1 回答 1

1

猜测:Twill 不会加载页面,因为验证页面的 SSL 证书时出现问题。

尝试使用 urllib2.urlopen 获取页面失败并出现以下错误:

>>> urllib2.urlopen('https://auth.nbnco.net.au/okta/login')
Traceback (most recent call last):
...                                                                                                       
urllib2.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)>

使用 curl 获取页面会产生以下输出:

$  curl https://auth.nbnco.net.au/okta/login > /dev/null
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.

该页面在 Firefox 和 Chromium 中加载没有错误,因此浏览器的证书处理对证书的处理方式不同。

站点 SSL 证书由 Symantec 颁发。这种行为可能与过去赛门铁克证书颁发问题有关,这导致 Chrome 和 Mozilla 宣布他们将在 2018 年不信任赛门铁克的 SSL 证书

我不认为你可以在 Twill 中做任何事情来解决这个问题。

于 2017-12-16T10:10:30.367 回答