jmeter-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From nmq <nmq0...@gmail.com>
Subject Re: CSRF
Date Wed, 19 Jun 2013 18:46:58 GMT
I'm hunting for a solution to this and if I can get a quicker answer here,
that would help.

This second cookie value (CSRF value) that I've retrieved is to be posted
with all my HTTP Samplers. The cookie being set at the header is being
managed by Cookie Manager so no issues there.

My questions is that is there a way to pass this parameter (CSRF value) for
all samplers instead of setting it under each HTTP Request individually?

Regards
Sam


On Wed, Jun 19, 2013 at 2:43 PM, nmq <nmq0607@gmail.com> wrote:

> Yes, regex and cookies.
>
> The information given in "Logging in" section of this blog helped a lot.
>
> http://lincolnloop.com/blog/2011/sep/21/load-testing-jmeter-part-1-getting-started/
>
> Regards
> Sam
>
>
> On Wed, Jun 19, 2013 at 2:35 PM, Madhu Sekhar <madhuvchandana@gmail.com>wrote:
>
>> Is it from regex or any other matters?
>>
>> On Thursday, June 20, 2013, nmq <nmq0607@gmail.com> wrote:
>> > I figured it out. Took a lot of googling and reading blogs, but I got it
>> to
>> > work.
>> > Thanks for your help
>> >
>> >
>> > On Wed, Jun 19, 2013 at 11:22 AM, Madhu Sekhar <
>> madhuvchandana@gmail.com
>> >wrote:
>> >
>> >> Then Did you Write a RegEx to Correlate in the script? if not Please do
>> it.
>> >>
>> >> Thanks,
>> >> Madhu
>> >>
>> >>
>> >>
>> >> On Wed, Jun 19, 2013 at 8:49 PM, nmq <nmq0607@gmail.com> wrote:
>> >>
>> >> > Yes, it changes.
>> >> >
>> >> >
>> >> > On Wed, Jun 19, 2013 at 11:02 AM, Madhu Sekhar <
>> madhuvchandana@gmail.com
>> >> > >wrote:
>> >> >
>> >> > > Does the below value in the script change for every session/login?
>> >> > >
>> >> > > 'f3e8822f-3b26-
>> >> > > 48fd-b1ff-6c80742fe28f
>> >> > >
>> >> > > Thanks,
>> >> > > Madhu
>> >> > >
>> >> > >
>> >> > > On Wed, Jun 19, 2013 at 8:22 PM, nmq <nmq0607@gmail.com>
wrote:
>> >> > >
>> >> > > > Hi All
>> >> > > >
>> >> > > > I've run into an issue. Our development team made some changes
>> >> > yesterday
>> >> > > > and today I'm getting an error "Error 401--Unauthorized"
response
>> for
>> >> > an
>> >> > > > HTTP request.
>> >> > > >
>> >> > > > I examined the responses in Fiddler and I noticed this in
the
>> head
>> >> tag.
>> >> > > >
>> >> > > > <script type="text/javascript">
>> >> > > > $.setCSRFNonce('f3e8822f-3b26-48fd-b1ff-6c80742fe28f');
>> >> > > > </script>
>> >> > > >
>> >> > > >  I did some research on what CSRF is and found all kind of
info
>> on
>> >> > > Django.
>> >> > > > Also found a blog saying cookie manager should be able to
handle
>> this
>> >> > > > authentication, by combining two elements.... by setting
the
>> >> > save.cookie
>> >> > > > property in jmeter to true and to reference the CSRF token
in an
>> HTTP
>> >> > > > request.
>> >> > > >
>> >> > > > I've tried this solution and it doesn't seem to work. I'm
still
>> >> getting
>> >> > > the
>> >> > > > error.
>> >> > > >
>> >> > > > I've also been reading django documentation and trying to
make
>> sense
>> >> of
>> >> > > it
>> >> > > > all. I would appreciate it if someone can help out and explain
in
>> >> > simple
>> >> > > > terms (I'm not a programmer) exactly how do I go about solving
>> this
>> >> > > issue.
>> >> > > >
>> >> > > > Any guidance would be highly appreciated.
>> >> > > >
>> >> > > > Thank you
>> >> > > > Sam
>> >> > > >
>> >> > >
>> >> > >
>> >> > >
>> >> > > --
>> >> > > madhu kk
>> >> > >
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> madhu kk
>> >>
>> >
>>
>> --
>> madhu kk
>>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message