In addition to the ability to perform static analysis on pages, FireEyes has the ability to perform automatic analysis of interactions through the use of scripting. In its simplest form, scripts can be recorded which consist just of following through multiple links on a website. The real power in this feature however, resides in its ability to perform analysis of interactions which require user input.
Why Record a Script?
A script created in FireEyes can be saved, shared with team members, and reused for regression testing in FireEyes. Scripts are especially useful when applied to scans in WorldSpace, for example:
To run a scan in WorldSpace of pages in a password-protected area, you need to create a login script to enter the secured area, or WorldSpace will not be able to access the pages. After the login script is recorded and uploaded to WorldSpace, you can add the script to a scan as a "Session establishment task."
FireEyes and WorldSpace evaluate the active DOM. For the most part, the algorithms do not evaluate hidden elements or dynamic content until those elements are activated. You may need to create a script to record keyboard or mouse interactions with dynamic features on the site to evaluate their accessibility. This is especially important when running scans in WorldSpace, as the scripts are the only way to expose hidden content to WorldSpace. Examples include:
- Dynamic forms
- Form validation messages
- Dynamic menus
- Interactive widgets
- AJAX interactions
- Search results pages
Sometimes parts of a multi-step process will be completely hidden or unavailable until they are activated by the successful completion of the earlier steps in the process. You may need to create a script to fill out forms and select the appropriate options to allow WorldSpace to reach the deeper levels of multi-step processes. Examples include:
- Adding an item to a shopping cart, entering account and shipping information, entering payment information, and purchasing the item.
- Booking a trip on an airline by entering dates and locations, selecting from among the options, entering account information, agreeing to the legal conditions, entering payment information, and completing the purchase.
- Completing a loan application by entering in personal information, adding financial data, choosing among available options, and submitting the application.
Learn more about use case scripts in FireEyes: