jmeter-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Madhu Sekhar <>
Subject Re: CSRF
Date Wed, 19 Jun 2013 15:02:59 GMT
Does the below value in the script change for every session/login?



On Wed, Jun 19, 2013 at 8:22 PM, nmq <> wrote:

> Hi All
> I've run into an issue. Our development team made some changes yesterday
> and today I'm getting an error "Error 401--Unauthorized" response for an
> HTTP request.
> I examined the responses in Fiddler and I noticed this in the head tag.
> <script type="text/javascript">
> $.setCSRFNonce('f3e8822f-3b26-48fd-b1ff-6c80742fe28f');
> </script>
>  I did some research on what CSRF is and found all kind of info on Django.
> Also found a blog saying cookie manager should be able to handle this
> authentication, by combining two elements.... by setting the save.cookie
> property in jmeter to true and to reference the CSRF token in an HTTP
> request.
> I've tried this solution and it doesn't seem to work. I'm still getting the
> error.
> I've also been reading django documentation and trying to make sense of it
> all. I would appreciate it if someone can help out and explain in simple
> terms (I'm not a programmer) exactly how do I go about solving this issue.
> Any guidance would be highly appreciated.
> Thank you
> Sam

madhu kk

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message