problems with parseresponse and CSRFToken
67 views
Skip to first unread message
mark.r...@gmail.com
Feb 21, 2019, 12:37:10 PM2/21/19
to WebInject
Hi,
I have some problems with parseresponse, it does not seem to catch my expression. If you could give me some pointers..
Test: /etc/webinject/testcases/something.xml - 1
Desc: Connecting to ApplicationGET Request: https://example.com/authentication/login
Passed HTTP Response Code Verification (not in error range)
Verify: 'Login'
Passed Positive Verification
Failed Parseresult, cannot find CSRFToken" value="(*)"
TEST CASE WARNED
Response Time = 0.062 sec
The coresponding case"
<case
id="1"
description1="Connecting to Icinga"
method="GET"
url="${LOGIN_URL}"
verifypositive="Login"
parseresponse='CSRFToken" value="|"'
/>
id="1"
description1="Connecting to Icinga"
method="GET"
url="${LOGIN_URL}"
verifypositive="Login"
parseresponse='CSRFToken" value="|"'
/>
The corresponding line in the body:
<input type="hidden" name="CSRFToken" value="934374329|906a74dff584557ebfefc946a5ff680175a475ee3f29792da70cfb94ee2b5a88" id="CSRFToken">
regards
Mark
Tim Buckland
Mar 2, 2019, 7:22:41 AM3/2/19
to webi...@googlegroups.com
What version of WebInject are you using? Where did you download it from? There looks to be an error in the regex judging by the error message, the error messages shows an incorrect regular expression.
--
You received this message because you are subscribed to the Google Groups "WebInject" group.
To unsubscribe from this group and stop receiving emails from it, send an email to webinject+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Mark Lamers
Mar 2, 2019, 1:08:10 PM3/2/19
to webi...@googlegroups.com
from https://github.com/sni/Webinject
It is WebInject version 1.94
The CSRFToken is a hidden token in the page.
I should get it from this line:
<input type="hidden" name="CSRFToken" value="934374329|906a74dff584557ebfefc946a5ff680175a475ee3f29792da70cfb94ee2b5a88" id="CSRFToken">
Thanks for any pointers
Mark
Tim Buckland
Mar 5, 2019, 2:52:56 PM3/5/19
to webi...@googlegroups.com
I can't figure out what is going wrong to be honest. I checked the code for version 1.94 of WebInject from sni and while there is an error in the code that displays the error message to STDOUT, the code that does the regex parse seems fine.
Are you sure you are getting exactly the right page and it isn't a redirect - do you see the correct html source code in http.log?
Mark Lamers
Mar 6, 2019, 2:59:57 AM3/6/19
to webi...@googlegroups.com
Yes I do. Thanks for your effort.
Lets switch to a more general question if you don't mind. Is Webinject still actively maintained? I'm testing the implementation on an Icinga2 environment for a medium size organization. The simpleness appeals us, so we favored above Selenium.
Thanks for your time and effort.
Mark
tim.buckland
Mar 6, 2019, 6:19:49 AM3/6/19
to webi...@googlegroups.com
Hi Mark,
We use WebInject heavily at my company - it is very fast and there is no need to worry about JavaScript async issus causing flakiness and also ChromeDriver vs Chrome versioning issues.
I maintain a heavily modified version of WebInject that has been renamed since due to all the differences.
You can find it here:
Is there a login page on the Internet similar to the one you are trying to create the test for?
Cheers,
Tim
Sent from my Samsung Galaxy smartphone.
Mark Lamers
Mar 6, 2019, 10:25:00 AM3/6/19
to webi...@googlegroups.com
Hi Tim,
Interesting news, i'm gonna checkout your repo soon.
Mark
Reply all
Reply to author
Forward
0 new messages