Skip to content
Advertisement

Kibana has strict security requirements enabled that your current browser does not meet

I want to write automatic test which tests if there are logs in the kibana UI and I have a problem with sending a http request using java to kibana. From the browser everything is working fine but when I send HTTP request from Jsoup library (the same happens also with curl) the kibana shows me the following:

Please upgrade your browser This Elastic installation has strict
security requirements enabled that your current browser does not meet.

It looks like the kibana is executing some vulnerable js and if it is executed correctly it stops loading the kibana UI.

  <script>
            // Since this is an unsafe inline script, this code will not run
            // in browsers that support content security policy(CSP). This is
            // intentional as we check for the existence of __kbnCspNotEnforced__ in
            // bootstrap.
            window.__kbnCspNotEnforced__ = true;
          </script>
  <script src="/bundles/app/kibana/bootstrap.js"></script> 

Do you have any idea how to work around that from the code? I think that this security feature can be disabled from the kibana.yaml but I don’t want to disable it just for the test.

Advertisement

Answer

I gave up with such automatic test but I want to answer here one possible solution (I did not test it but it should work).

You can use Headless Chrome browser. It is running a chrome browser without UI which can be used with a chrome driver using selenium library. More info: https://www.scrapingbee.com/blog/introduction-to-chrome-headless/

User contributions licensed under: CC BY-SA
4 People found this is helpful
Advertisement