Unable to use Selenium to automate Chase site login

I took your code and simplified the structure and ran the test with minimal lines of code as follows:

from selenium import webdriverfrom selenium.webdriver.common.by import Byfrom selenium.webdriver.support import expected_conditions as ECfrom selenium.webdriver.support.ui import WebDriverWaitoptions = webdriver.ChromeOptions()options.add_argument("start-maximized")options.add_argument("--disable-extensions")driver = webdriver.Chrome(chrome_options=options, executable_path=r'C:\Utility\BrowserDrivers\chromedriver.exe')driver.get("https://secure07c.chase.com/web/auth/#/logon/logon/chaseOnline?")WebDriverWait(driver, 20).until(EC.element_to_be_clickable((By.CSS_SELECTOR, "input.jpui.input.logon-xs-toggle.clientSideError"))).send_keys("jsmiao")driver.find_element_by_css_selector("input.jpui.input.logon-xs-toggle#password-input-field").send_keys("hello")driver.find_element_by_css_selector("button#signin-button>span.label").click()

Similarly, as per your observation I have hit the same roadblock with the error as:

It seems the click() on the element with text as Sign in does happens. Though the username / password lookup is initiated but the process is interupted. While inspecting the DOM Tree of the webpage you will find that some of the <script> tag refers to JavaScripts having keyword dist. As an example:

• <script src="https://static.chasecdn.com/web/library/blue-boot/dist/2.20.3/blue-boot/js/main-ver.js"></script>
• <script type="text/javascript" charset="utf-8" async="" data-requirecontext="_" data-requiremodule="blue-vendor/main" src="https://static.chasecdn.com/web/library/blue-vendor/dist/2.11.1/blue-vendor/js/main.js"></script>
• <script type="text/javascript" charset="utf-8" async="" data-requirecontext="_" data-requiremodule="blue/main" src="https://static.chasecdn.com/web/library/blue-core/dist/2.16.3/blue/js/main.js"></script>
• <script type="text/javascript" charset="utf-8" async="" data-requirecontext="_" data-requiremodule="blue-app/main" src="https://static.chasecdn.com/web/library/blue-app/dist/2.15.1/blue-app/js/main.js"></script>

Which is a clear indication that the website is protected by Bot Management service provider Distil Networks and the navigation by ChromeDriver gets detected and subsequently blocked.

Distil

As per the article There Really Is Something About Distil.it...:

Distil protects sites against automatic content scraping bots by observing site behavior and identifying patterns peculiar to scrapers. When Distil identifies a malicious bot on one site, it creates a blacklisted behavioral profile that is deployed to all its customers. Something like a bot firewall, Distil detects patterns and reacts.

Further,

"One pattern with Selenium was automating the theft of Web content", Distil CEO Rami Essaid said in an interview last week. "Even though they can create new bots, we figured out a way to identify Selenium the a tool they're using, so we're blocking Selenium no matter how many times they iterate on that bot. We're doing that now with Python and a lot of different technologies. Once we see a pattern emerge from one type of bot, then we work to reverse engineer the technology they use and identify it as malicious".

Reference

You can find a couple of detailed discussion in:

• Is there a way to use Selenium WebDriver without informing the document that it is controlled by WebDriver?
• Selenium webdriver: Modifying navigator.webdriver flag to prevent selenium detection
• Akamai Bot Manager detects WebDriver driven Chrome Browsing Context
• Is there a version of selenium webdriver that is not detectable?