Command White List

The Whitelist feature permits restricting the set of WebDriver commands available to certain certain IPs. The Whitelist can be specified when launching the WebDriver via command line argument:
--whitelist=/path/to/wihtelist.xml

By default all commands for all client IPs are allowed.
Example whitelist XML:

<hosts>
    <!-- All requests originating from 172.32.191.8 allowed -->
    <host ip="172.32.191.8"/>

    <!-- Requests originating from 172.27.27.7 cannot modify size/position of windows or click on elements-->
	<host ip="172.27.27.7">
    	<deny url="/session/*/window/*/size" method="POST"/>
    	<deny url="/session/*/window/*/position" method="POST"/>
    	<deny url="/session/*/window/*/maximize" method="POST"/>
    	<deny url="/session/*/click" method="POST"/>
	</host>

    <!-- wildcard IP to apply to all addresses -->
	<host ip="*">
    	<allow url="/status" method="GET" />
	</host>
</hosts>

In this example:

• if nothing specified all command are allowed for requests originating from that IP (172.32.191.8)
• if allow is specified only the specified commands are allowed
• if deny is specified this command will be disallowed, all other allowed;
• in case allow and deny are specified for one IP, only deny will be effective, all other will be allowed;
• for all other IP all commands will be disallowed

Whitelist configuration files comply with this shema: whitelist.xsd