Selenium drives a headless browser. It can essentially do anything with the browser that you can. And it’s quite possibly driving a browser that you’ve already used to login to sites. A malicious script could potentially wreak havoc.

To help mitigate this problem, the cx:selenium step can be configured with a whitelist:

<x:selenium xmlns:x="https://xmlcalabash.com/ext/ns/selenium"
            whitelist="http://localhost.*
                       https://testdata.xmlcalabash.com/.*"/>

With this configuration, the step will only accept URIs that match localhost or testdata.xmlcalabash.com.