1
00:00:00,570 --> 00:00:05,910
All right, so now that we know how we can intercept the network records and stuff, but now in this

2
00:00:05,920 --> 00:00:10,950
lecture, are we going to see how we cannot actually intercept on a real website like how we are doing

3
00:00:10,950 --> 00:00:12,280
it at the moment over here?

4
00:00:12,300 --> 00:00:18,720
I mean, unless until the real website, you said some provision of white listings of the site, which

5
00:00:18,720 --> 00:00:21,540
you can make sure that you can intercept, you can do it.

6
00:00:21,540 --> 00:00:25,680
But if you don't really do that, then there is going to be some sort of errors, which I will show

7
00:00:25,680 --> 00:00:26,480
you what I really mean.

8
00:00:26,850 --> 00:00:34,080
So if I go to this particular website, let's say the automation website over here, you can see that

9
00:00:34,080 --> 00:00:40,020
we get a lot of details or here we can actually try to set these kinds of data like the learning part

10
00:00:40,020 --> 00:00:47,310
category on our own custom data, like instead of the UI ABCDE, we can change this to a user interface

11
00:00:47,610 --> 00:00:51,260
application programming interface testing, continuous integration and continuous delivery.

12
00:00:51,390 --> 00:00:58,340
Just try to jeopardize this particular UI so that it looks so crazy and not so probably not to do that.

13
00:00:58,350 --> 00:01:03,140
I'm actually going to go and open this XIKAR Jasen response.

14
00:01:03,740 --> 00:01:08,170
This is a new plugin that I installed just to show you what I really mean over here.

15
00:01:08,610 --> 00:01:17,100
So if I go to this JS on the homepage, the data, I can actually get the JS on file pretty easily from

16
00:01:17,100 --> 00:01:17,380
here.

17
00:01:17,430 --> 00:01:24,570
So if I just go all the way down, you can see that the learning part comes in and the one which I'm

18
00:01:24,570 --> 00:01:29,010
looking for is going to be these data, the learning part categories and stuff.

19
00:01:29,010 --> 00:01:36,180
So I can just copy this and I can create our own data like how we did for our this particular mock response

20
00:01:36,180 --> 00:01:36,590
object.

21
00:01:36,900 --> 00:01:43,560
So what I'm going to do is I'm just going to do the exact same thing this time and I'm going to go create

22
00:01:43,560 --> 00:01:45,740
a, uh, file.

23
00:01:45,750 --> 00:01:56,220
I'm call this network Inter Stepped a dart JS and this guy is going to do these things at the moment.

24
00:01:56,490 --> 00:02:03,600
But instead of the market response object of this one, I'm actually going to paste these data that

25
00:02:03,600 --> 00:02:05,880
I copied from the Jasen that I showed you.

26
00:02:06,240 --> 00:02:12,560
So this is the home path data, which is the header data and then the learning part category over here.

27
00:02:12,840 --> 00:02:19,920
And these are the data that I have modified for the title, have changed this from UI to user interface

28
00:02:20,100 --> 00:02:24,450
on API to API testing and CIC to do C.A.T. testing like that.

29
00:02:24,600 --> 00:02:29,940
So this way it looks a bit more different then compared to the original request, as you can see or

30
00:02:29,940 --> 00:02:30,140
hear.

31
00:02:30,160 --> 00:02:35,760
So I've completely modified that and I'm going to be doing the exact same thing like instead of the

32
00:02:36,500 --> 00:02:44,410
DB over here, you know that this particular thing is actually coming from APIs data bundle homepage.

33
00:02:44,460 --> 00:02:47,470
So this is where the data part is actually for us.

34
00:02:47,790 --> 00:02:50,760
So I need to use this part instead of this DB path.

35
00:02:51,120 --> 00:02:54,450
So I'm just going to copy paste this part over here.

36
00:02:54,600 --> 00:02:55,650
I'm going to stay with this.

37
00:02:56,070 --> 00:03:01,050
And these data remains the same application, Jason Mark response objects and stuff.

38
00:03:01,500 --> 00:03:06,750
And the site is steeps and it is going to be executed.

39
00:03:06,930 --> 00:03:08,220
Automation dot com.

40
00:03:08,730 --> 00:03:12,020
I'm going to save this and I'm just going to run that.

41
00:03:12,030 --> 00:03:15,640
So node network intercept error.

42
00:03:15,690 --> 00:03:18,940
Dargis And if I hit the enter, let's see what's going to happen.

43
00:03:19,320 --> 00:03:23,160
So this site is now going to show us an error message like that.

44
00:03:23,520 --> 00:03:25,110
So it says network error.

45
00:03:25,440 --> 00:03:32,790
So basically what's happening is the site is not loading for some reason and for some reason it's been

46
00:03:32,860 --> 00:03:33,480
already.

47
00:03:33,480 --> 00:03:35,420
We actually jeopardize that.

48
00:03:35,430 --> 00:03:39,330
If I go to the console, you can see that this is going to be an error message here.

49
00:03:39,450 --> 00:03:46,230
It tells you that access to the XML should be recognized at this API automation.

50
00:03:46,230 --> 00:03:51,900
Dotcom's APIs that straight up into the search homepage from Origin Exude Automation has been blocked

51
00:03:51,900 --> 00:03:53,340
by courts policy.

52
00:03:53,910 --> 00:03:59,970
No access control allowed origin header is present on the requested resource and failed to load the

53
00:03:59,970 --> 00:04:01,580
resource, blah.

54
00:04:02,070 --> 00:04:07,920
And now none of that resource is going to load on the site and you can see that the site is kind of

55
00:04:08,190 --> 00:04:08,690
loading.

56
00:04:09,180 --> 00:04:11,220
So something has gone wrong.

57
00:04:11,700 --> 00:04:13,200
This is what I was talking about, guys.

58
00:04:13,200 --> 00:04:15,540
The course is another way.

59
00:04:16,320 --> 00:04:20,190
It's a way to protect your site from the same origin policy.

60
00:04:20,520 --> 00:04:26,100
And this cause origin resource sharing is one of the most important thing that you need to be understanding,

61
00:04:26,190 --> 00:04:32,070
of course, is a mechanism that allows to resource on a Web page to be reconciled from another domain

62
00:04:32,070 --> 00:04:35,580
outside of the domain from which the first resource was served.

63
00:04:35,960 --> 00:04:42,660
A page may freely embed cross origin image, stylesheet script iframe and videos, but certain cross

64
00:04:42,660 --> 00:04:48,120
domain requests, notably Ajax requests, are forbidden by default by the same origin policy.

65
00:04:48,360 --> 00:04:49,430
This is super important.

66
00:04:49,440 --> 00:04:55,290
I mean, this is exactly the same thing applicable for many automation, destroying tool like selenium

67
00:04:55,290 --> 00:04:56,430
and even Cyprus.

68
00:04:56,430 --> 00:04:59,760
If you're trying to open a different website which is embedded within the same.

69
00:05:00,260 --> 00:05:05,030
It's going to show you some error because it's not following the court's policy like that, but yes,

70
00:05:05,030 --> 00:05:05,830
this is what it is.

71
00:05:06,080 --> 00:05:13,190
So cross origin resource sharing is the reason of being restricted from allowing you to inject some

72
00:05:13,190 --> 00:05:14,850
data on the original website.

73
00:05:14,870 --> 00:05:18,190
So this is going to be a security measure which is being done, which is really good.

74
00:05:18,800 --> 00:05:24,080
So, yeah, that is the reason we can't actually do it on the real website, guys, the network interception

75
00:05:24,080 --> 00:05:29,300
can only be done on a testing site like the fake I.D. over in our case, but not on the real website,

76
00:05:29,510 --> 00:05:34,430
but in the testing application and within your office or within your testing environment.

77
00:05:34,430 --> 00:05:40,190
You can do that by asking a developer to whitelist it so that you can still work with it.

78
00:05:40,670 --> 00:05:43,160
It is not going to accept that court, US policy and stuff.

79
00:05:43,490 --> 00:05:46,510
But yes, you can do it for the protection application.