Getting CSRF token using Gatling and Laravel
1,344 views
Skip to first unread message
Bruce Marinello
Aug 21, 2018, 9:39:32 AM8/21/18
to Gatling User Group
Last week I downloaded Gatling 2.3 to see if it could solve my need to load test a Laravel framework web app. Assuming I can get past this current problem, my company might be interested in acquiring the Enterprise version. Attached is a Gatling recording of a single update activity, BookSuite.scala. Also attached is one of several attempts to enable load testing by saving the CSRF token to a variable and sending it with each request (aBookSuite.scala). In Laravel the token remains the same throughout the session.
Also attached is a full trace log of running aBookSuite (gatling.log).
If anyone can help me with grabbing the CSRF token variable, I would be very appreciative.
Regards,
Bruce
PS. Following is the console log:
C:\Users\Bruce\gatling\gatling-charts-highcharts-bundle-2.3.1\bin>gatling
GATLING_HOME is set to "C:\Users\Bruce\gatling\gatling-charts-highcharts-bundle-2.3.1"
JAVA = "java"
Choose a simulation number:
[0] RecordedSimulation
[1] computerdatabase.BasicSimulation
[2] computerdatabase.advanced.AdvancedSimulationStep01
[3] computerdatabase.advanced.AdvancedSimulationStep02
[4] computerdatabase.advanced.AdvancedSimulationStep03
[5] computerdatabase.advanced.AdvancedSimulationStep04
[6] computerdatabase.advanced.AdvancedSimulationStep05
[7] suitetest.BookSuite
[8] suitetest.TestProd1
[9] suitetest.TestProd2
[10] suitetest.aBookSuite
10
Select simulation id (default is 'abooksuite'). Accepted characters are a-z, A-Z, 0-9, - and _
Select run description (optional)
Simulation suitetest.aBookSuite started...
================================================================================
2018-08-21 09:05:59 5s elapsed
---- Requests ------------------------------------------------------------------
> Global (OK=7 KO=0 )
> request_0 (OK=1 KO=0 )
> request_1 (OK=1 KO=0 )
> request_2 (OK=1 KO=0 )
> request_3 (OK=1 KO=0 )
> request_4 (OK=1 KO=0 )
> request_5 (OK=1 KO=0 )
> request_6 (OK=1 KO=0 )
---- BookSuite -----------------------------------------------------------------
[--------------------------------------------------------------------------] 0%
waiting: 0 / active: 1 / done:0
================================================================================
================================================================================
2018-08-21 09:06:04 10s elapsed
---- Requests ------------------------------------------------------------------
> Global (OK=9 KO=0 )
> request_0 (OK=1 KO=0 )
> request_1 (OK=1 KO=0 )
> request_2 (OK=1 KO=0 )
> request_3 (OK=1 KO=0 )
> request_4 (OK=1 KO=0 )
> request_5 (OK=1 KO=0 )
> request_6 (OK=1 KO=0 )
> request_7 (OK=1 KO=0 )
> request_8 (OK=1 KO=0 )
---- BookSuite -----------------------------------------------------------------
[--------------------------------------------------------------------------] 0%
waiting: 0 / active: 1 / done:0
================================================================================
================================================================================
2018-08-21 09:06:09 15s elapsed
---- Requests ------------------------------------------------------------------
> Global (OK=9 KO=0 )
> request_0 (OK=1 KO=0 )
> request_1 (OK=1 KO=0 )
> request_2 (OK=1 KO=0 )
> request_3 (OK=1 KO=0 )
> request_4 (OK=1 KO=0 )
> request_5 (OK=1 KO=0 )
> request_6 (OK=1 KO=0 )
> request_7 (OK=1 KO=0 )
> request_8 (OK=1 KO=0 )
---- BookSuite -----------------------------------------------------------------
[--------------------------------------------------------------------------] 0%
waiting: 0 / active: 1 / done:0
================================================================================
================================================================================
2018-08-21 09:06:14 20s elapsed
---- Requests ------------------------------------------------------------------
> Global (OK=9 KO=0 )
> request_0 (OK=1 KO=0 )
> request_1 (OK=1 KO=0 )
> request_2 (OK=1 KO=0 )
> request_3 (OK=1 KO=0 )
> request_4 (OK=1 KO=0 )
> request_5 (OK=1 KO=0 )
> request_6 (OK=1 KO=0 )
> request_7 (OK=1 KO=0 )
> request_8 (OK=1 KO=0 )
---- BookSuite -----------------------------------------------------------------
[--------------------------------------------------------------------------] 0%
waiting: 0 / active: 1 / done:0
================================================================================
================================================================================
2018-08-21 09:06:19 25s elapsed
---- Requests ------------------------------------------------------------------
> Global (OK=9 KO=0 )
> request_0 (OK=1 KO=0 )
> request_1 (OK=1 KO=0 )
> request_2 (OK=1 KO=0 )
> request_3 (OK=1 KO=0 )
> request_4 (OK=1 KO=0 )
> request_5 (OK=1 KO=0 )
> request_6 (OK=1 KO=0 )
> request_7 (OK=1 KO=0 )
> request_8 (OK=1 KO=0 )
---- BookSuite -----------------------------------------------------------------
[--------------------------------------------------------------------------] 0%
waiting: 0 / active: 1 / done:0
================================================================================
================================================================================
2018-08-21 09:06:24 30s elapsed
---- Requests ------------------------------------------------------------------
> Global (OK=14 KO=0 )
> request_0 (OK=1 KO=0 )
> request_1 (OK=1 KO=0 )
> request_2 (OK=1 KO=0 )
> request_3 (OK=1 KO=0 )
> request_4 (OK=1 KO=0 )
> request_5 (OK=1 KO=0 )
> request_6 (OK=1 KO=0 )
> request_7 (OK=1 KO=0 )
> request_8 (OK=1 KO=0 )
> request_9 (OK=1 KO=0 )
> request_10 (OK=1 KO=0 )
> request_11 (OK=1 KO=0 )
> request_12 (OK=1 KO=0 )
> request_14 (OK=1 KO=0 )
---- Errors --------------------------------------------------------------------
> Failed to build request request_13: No attribute named 'stoken 1 (100.0%)
' is defined
---- BookSuite -----------------------------------------------------------------
[--------------------------------------------------------------------------] 0%
waiting: 0 / active: 1 / done:0
================================================================================
================================================================================
2018-08-21 09:06:29 35s elapsed
---- Requests ------------------------------------------------------------------
> Global (OK=14 KO=0 )
> request_0 (OK=1 KO=0 )
> request_1 (OK=1 KO=0 )
> request_2 (OK=1 KO=0 )
> request_3 (OK=1 KO=0 )
> request_4 (OK=1 KO=0 )
> request_5 (OK=1 KO=0 )
> request_6 (OK=1 KO=0 )
> request_7 (OK=1 KO=0 )
> request_8 (OK=1 KO=0 )
> request_9 (OK=1 KO=0 )
> request_10 (OK=1 KO=0 )
> request_11 (OK=1 KO=0 )
> request_12 (OK=1 KO=0 )
> request_14 (OK=1 KO=0 )
---- Errors --------------------------------------------------------------------
> Failed to build request request_13: No attribute named 'stoken 1 (100.0%)
' is defined
---- BookSuite -----------------------------------------------------------------
[--------------------------------------------------------------------------] 0%
waiting: 0 / active: 1 / done:0
================================================================================
Terminate batch job (Y/N)? y
Stéphane LANDELLE
Aug 21, 2018, 10:45:31 AM8/21/18
to gat...@googlegroups.com
Your CSRF token is your HTML in a meta tag: <meta name="csrf-token" content="4ZpisSABQAYnWZIGfVVBQoSRbbXnuK6WIe9ynjvE">
The best way to parse HTML is to use a CSS selector based check, such as css("meta[name = 'csrf-token']", "content"). There's a very similar example in the advanced tutorial.
Cheers,
--
You received this message because you are subscribed to the Google Groups "Gatling User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gatling+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Bruce Marinello
Aug 21, 2018, 11:29:05 AM8/21/18
to Gatling User Group
Thank you for your reply. I put the following code in my .scala file and received the same response error to request_13:
.exec(http("request_13")
.post("https://" + uri1 + ":443/49355629/requirements")
.headers(headers_7)
.check(css("meta[name=csrf-token]", "content").saveAs("stoken"))
.formParam("suiteRequest", "on")
.formParam("_token", "${stoken}"))
Console error:
Failed to build request request_13: No attribute named 'stoken 1 (100.0%)
' is defined
Regards,
Bruce
Flavio da Silveira Pepino
Aug 21, 2018, 11:35:19 AM8/21/18
to gat...@googlegroups.com
I don't know about the response body, but I guess if you want to use the variable stoken, you need to extract it in the previous request. Watch your response body via browser.
--
You received this message because you are subscribed to the Google Groups "Gatling User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gatling+u...@googlegroups.com.
Stéphane LANDELLE
Aug 21, 2018, 11:37:39 AM8/21/18
to gat...@googlegroups.com
Nah, the check is the be performed on the previous request! The one that returned the token you're trying to inject into this one.
--
You received this message because you are subscribed to the Google Groups "Gatling User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gatling+unsubscribe@googlegroups.com.
Bruce Marinello
Aug 21, 2018, 11:51:16 AM8/21/18
to Gatling User Group
Thanks again for your kind attention. I moved the saveAs up to the previous request, but am still getting the same error.
.exec(http("request_12")
.get("/success.txt")
.headers(headers_3)
.check(css("meta[name=csrf-token]", "content").saveAs("stoken")))
.pause(2)
.exec(http("request_13")
.post("https://" + uri1 + ":443/49355629/requirements")
.headers(headers_7)
.formParam("suiteRequest", "on")
.formParam("_token", "${stoken}"))
> Failed to build request request_13: No attribute named 'stoken 1 (100.0%)
' is defined
Regards,
Bruce
To unsubscribe from this group and stop receiving emails from it, send an email to gatling+u...@googlegroups.com.
Stéphane LANDELLE
Aug 21, 2018, 11:53:11 AM8/21/18
to gat...@googlegroups.com
Your logs don't match your code. You might be editing somewhere else/not saving/not properly recompiling.
To unsubscribe from this group and stop receiving emails from it, send an email to gatling+unsubscribe@googlegroups.com.
Flavio da Silveira Pepino
Aug 21, 2018, 12:12:20 PM8/21/18
to gat...@googlegroups.com
You need to record the navigation again.
First, disable a option in firefox, http://forums.mozillazine.org/viewtopic.php?f=9&t=3030018
Then you will get the correct requests.
Bruce Marinello
Aug 21, 2018, 1:55:19 PM8/21/18
to Gatling User Group
Success! Attached is the successful .scala file. I recorded the navigation using the suggested Firefox config change and things became much easier. The resulting recording was much shorter without all the "success" requests. I hope this will help all the other Laravel framework people out there when they look for similar help. Attached is the working script, bBookSuite.scala.
Flavio da Silveira Pepino
Aug 21, 2018, 5:20:10 PM8/21/18
to gat...@googlegroups.com
This is not a Lavarel's problem, it's a Firefox's matter.
Reply all
Reply to author
Forward
0 new messages