c# - How to extract the X-XSRF_TOKEN in a web performance test -


i had written web performance test earlier working fine. developers have added csrf token validation (to prevent csrf attack on website). after test has started fail (error, bad request). dug , found server generating xsrf-token on login request has passed in every request there after. extract token need parse response login request. how can it?

my coded tests looks this:

webtestrequest request4 = new webtestrequest("https://servertest:8080/webconsole/account/login"); request4.method = "post"; request4.headers.add(new webtestrequestheader("accept", "application/json, text/plain, /")); request4.headers.add(new webtestrequestheader("referer", "https://servertest:8080/webconsole/index.html#/")); stringhttpbody request4body = new stringhttpbody(); request4body.contenttype = "application/json;charset=utf-8"; request4body.insertbyteordermark = false; request4body.bodystring = "{\"username\":\"pkdomain\\administrator\",\"password\":\"sqa@123\"}"; request4.body = request4body; yield return request4; request4 = null;

        webtestrequest request5 = new webtestrequest("https://servertest:8080/webconsole/scripts/home/pages/home-view.html");         request5.thinktime = 4;         request5.headers.add(new webtestrequestheader("accept", "text/html"));         request5.headers.add(new webtestrequestheader("referer", "https://servertest:8080/webconsole/index.html#/"));         yield return request5;         request5 = null;

i believe xsrf-token returned in cookie. assuming true in case set-cookie header field contains value , required cookie must extracted , saved context parameter. subsequently context parameter can used wherever needed.

i suggest create sandbox .webtest file, steps below convert coded test , copy useful lines real test.

in more detail steps are:

add extract http header extraction rule set-cookie header field request returns xsrf-token value. save extracted value context parameter of choice, give name in 1 of properties of extraction rule; see image below.

add call of plugin below first request after 1 above extraction rule. extracts required field cookie header field. image below shows setting properties of call. (you might change plugin postrequest , add same request 1 extraction rule.)

public class extractcookiefield : webtestrequestplugin {     public string allcookiescp { get; set; }      public string fieldwantedcp { get; set; }      public string savedfieldcp { get; set; }      // expected called allcookiescp containing text similar to:     //     someheader=639025785406236250; path=/; xsrf-token=somestring; secure; httponly      public override void prerequestdatabinding(object sender, prerequestdatabindingeventargs e)     {         string allcookiestext = e.webtest.context[allcookiescp].tostring();          foreach (string namevaluepair in allcookiestext.split(';'))         {             string[] nameandvalue = namevaluepair.split(new char[] { '=' }, 2);              if (nameandvalue[0].trim() == fieldwantedcp)             {                 string sessiontokenid = nameandvalue[1].trim();                 e.webtest.context[savedfieldcp] = sessiontokenid;                 e.webtest.addcommenttoresult(string.format("setting {{{0}}} '{1}'", savedfieldcp, sessiontokenid));                 return;             }         }          // dropping out of loop means field not found.         throw new webtestexception(string.format("cannot extract cookie field '{0}' '{1}'", fieldwantedcp, allcookiestext));     } }

the value of xsrf-token should in context parameter specified in savedfieldcp property of plugin call.

this image shows add extraction rule dialogue , setting context parameter extracted header field saved, ie cookievalues. show add plugin , setting 3 properties. after plugin runs, assuming successful, token value should saved context parameter xsrftoken. parameter values can modified in .webtest file via properties panels of extraction rule , plugin. values should seen simple variables , strings in coded webb test.

properties panels extraction rule , plugins


-

Comments

Post a Comment

Popular posts from this blog

java - Jasper subreport showing only one entry from the JSON data source when embedded in the Title band -

Image
i having issues populating data in subreport in title band of main report. data populated correctly in subreport in detail band of main report. trying find wrong in json query. appreciated. json sample data source (expenses.json) { "expenses": { "date": "8 sep 2016", "accounts": [ { "title": "xyz corp (111)", "accountname": "xyz corp", "accountnumber": "111", "transactions": [ { "date": "21 jun 2016", "name": "gas", "price": "17.50" }, { "date": "12 may 2016", "name": "shopping", "price": "111.99" }, { "date": "30 apr 2016", "name"
Read more

mapreduce - Resource manager does not transit to active state from standby -

one spark job running more 23 days , caused resource manager crash. after restarting resource manager istance (there 2 of them in our cluster) both of them stayed in standby state. and getting error: error org.apache.hadoop.yarn.server.resourcemanager.resourcemanager failed load/recover state org.apache.hadoop.yarn.exceptions.yarnexception: application id application_1470300000724_40101 present! cannot add duplicate! we not kill 'application_1470300000724_40101' yarn resource manager not working. killed instances unix level on nodes dint work. have tried rebooting nodes , still same. somewhere 1 entry of job still there , preventing resource manager elected active. using cloudera 5.3.0 , can see issue has been addressed , resolved in cloudera 5.3.3. @ moment need workaround past now. to resolve issue can format rmstatestore executing below command: yarn resourcemanager -format-state-store but careful clear application history executed befor
Read more

serialization - Convert Any type in scala to Array[Byte] and back -

i have following question: i have variable value in program declared value. i want convert value byte array.. how can serialize byte array , back? found examples related other types such double or int, not any. this should need. it's pretty similar how 1 in java. import java.io.{bytearrayinputstream, bytearrayoutputstream, objectinputstream, objectoutputstream} object serialization extends app { def serialise(value: any): array[byte] = { val stream: bytearrayoutputstream = new bytearrayoutputstream() val oos = new objectoutputstream(stream) oos.writeobject(value) oos.close stream.tobytearray } def deserialise(bytes: array[byte]): = { val ois = new objectinputstream(new bytearrayinputstream(bytes)) val value = ois.readobject ois.close value } println(deserialise(serialise("my test"))) println(deserialise(serialise(list(1)))) println(deserialise(serialise(map(1 -> 2)))) println(deserialise(seri
Read more