jmeter-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Madhu Sekhar <madhuvchand...@gmail.com>
Subject Re: CSRF
Date Wed, 19 Jun 2013 15:02:59 GMT
Does the below value in the script change for every session/login?

'f3e8822f-3b26-
48fd-b1ff-6c80742fe28f

Thanks,
Madhu


On Wed, Jun 19, 2013 at 8:22 PM, nmq <nmq0607@gmail.com> wrote:

> Hi All
>
> I've run into an issue. Our development team made some changes yesterday
> and today I'm getting an error "Error 401--Unauthorized" response for an
> HTTP request.
>
> I examined the responses in Fiddler and I noticed this in the head tag.
>
> <script type="text/javascript">
> $.setCSRFNonce('f3e8822f-3b26-48fd-b1ff-6c80742fe28f');
> </script>
>
>  I did some research on what CSRF is and found all kind of info on Django.
> Also found a blog saying cookie manager should be able to handle this
> authentication, by combining two elements.... by setting the save.cookie
> property in jmeter to true and to reference the CSRF token in an HTTP
> request.
>
> I've tried this solution and it doesn't seem to work. I'm still getting the
> error.
>
> I've also been reading django documentation and trying to make sense of it
> all. I would appreciate it if someone can help out and explain in simple
> terms (I'm not a programmer) exactly how do I go about solving this issue.
>
> Any guidance would be highly appreciated.
>
> Thank you
> Sam
>



-- 
madhu kk

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message