jmeter-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From nmq <nmq0...@gmail.com>
Subject Re: CSRF
Date Wed, 19 Jun 2013 18:43:28 GMT
Yes, regex and cookies.

The information given in "Logging in" section of this blog helped a lot.
http://lincolnloop.com/blog/2011/sep/21/load-testing-jmeter-part-1-getting-started/

Regards
Sam


On Wed, Jun 19, 2013 at 2:35 PM, Madhu Sekhar <madhuvchandana@gmail.com>wrote:

> Is it from regex or any other matters?
>
> On Thursday, June 20, 2013, nmq <nmq0607@gmail.com> wrote:
> > I figured it out. Took a lot of googling and reading blogs, but I got it
> to
> > work.
> > Thanks for your help
> >
> >
> > On Wed, Jun 19, 2013 at 11:22 AM, Madhu Sekhar <madhuvchandana@gmail.com
> >wrote:
> >
> >> Then Did you Write a RegEx to Correlate in the script? if not Please do
> it.
> >>
> >> Thanks,
> >> Madhu
> >>
> >>
> >>
> >> On Wed, Jun 19, 2013 at 8:49 PM, nmq <nmq0607@gmail.com> wrote:
> >>
> >> > Yes, it changes.
> >> >
> >> >
> >> > On Wed, Jun 19, 2013 at 11:02 AM, Madhu Sekhar <
> madhuvchandana@gmail.com
> >> > >wrote:
> >> >
> >> > > Does the below value in the script change for every session/login?
> >> > >
> >> > > 'f3e8822f-3b26-
> >> > > 48fd-b1ff-6c80742fe28f
> >> > >
> >> > > Thanks,
> >> > > Madhu
> >> > >
> >> > >
> >> > > On Wed, Jun 19, 2013 at 8:22 PM, nmq <nmq0607@gmail.com> wrote:
> >> > >
> >> > > > Hi All
> >> > > >
> >> > > > I've run into an issue. Our development team made some changes
> >> > yesterday
> >> > > > and today I'm getting an error "Error 401--Unauthorized" response
> for
> >> > an
> >> > > > HTTP request.
> >> > > >
> >> > > > I examined the responses in Fiddler and I noticed this in the
head
> >> tag.
> >> > > >
> >> > > > <script type="text/javascript">
> >> > > > $.setCSRFNonce('f3e8822f-3b26-48fd-b1ff-6c80742fe28f');
> >> > > > </script>
> >> > > >
> >> > > >  I did some research on what CSRF is and found all kind of info
on
> >> > > Django.
> >> > > > Also found a blog saying cookie manager should be able to handle
> this
> >> > > > authentication, by combining two elements.... by setting the
> >> > save.cookie
> >> > > > property in jmeter to true and to reference the CSRF token in
an
> HTTP
> >> > > > request.
> >> > > >
> >> > > > I've tried this solution and it doesn't seem to work. I'm still
> >> getting
> >> > > the
> >> > > > error.
> >> > > >
> >> > > > I've also been reading django documentation and trying to make
> sense
> >> of
> >> > > it
> >> > > > all. I would appreciate it if someone can help out and explain
in
> >> > simple
> >> > > > terms (I'm not a programmer) exactly how do I go about solving
> this
> >> > > issue.
> >> > > >
> >> > > > Any guidance would be highly appreciated.
> >> > > >
> >> > > > Thank you
> >> > > > Sam
> >> > > >
> >> > >
> >> > >
> >> > >
> >> > > --
> >> > > madhu kk
> >> > >
> >> >
> >>
> >>
> >>
> >> --
> >> madhu kk
> >>
> >
>
> --
> madhu kk
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message