search

processone / tsung

Tsung is a high-performance benchmark framework for various protocols including HTTP, XMPP, LDAP, etc.
http://www.process-one.net/en/tsung/
GNU General Public License v2.0
2.54k stars 406 forks source link

Set dynamic variable to a cookie? #294

Open xiaotianrandom opened 6 years ago

xiaotianrandom commented 6 years ago

I want to get the session cookie from a login response. Is there a way to get a cookie and use it in subsequent requests?

I notice that dynvars can read response headers via <dyn_variable name="..." header="..."/>. But this is not appropriate for cookies, because there may be multiple Set-Cookie headers. These headers are concatenated by mochiweb_headers:get_value, making subsequent parsing failed.

For example, POST /api/login on my website sets the following cookies on a successful login:

Set-Cookie:sessionid=AAA; expires=Tue, 27-Feb-2018 10:30:05 GMT; HttpOnly; Max-Age=28800; Path=/
Set-Cookie:csrftoken=BBB; expires=Tue, 26-Feb-2019 02:30:05 GMT; Max-Age=31449600; Path=/

And my config looks like:

<request>
    <dyn_variable name="sessionid" header="Set-Cookie/sessionid"/>
    <http url="/api/login" method="POST" contents="username=user&amp;password=pass"/>
</request>

It fails to set the dynvar sessionid to AAA. The reason is that mochiweb_headers:get_value concatenates the two headers by ", ":

csrftoken=BBB; expires=Tue, 26-Feb-2019 02:30:05 GMT; Max-Age=31449600; Path=/, sessionid=AAA; expires=Tue, 27-Feb-2018 10:30:05 GMT; HttpOnly; Max-Age=28800; Path=/

and the subsequent parse_header(SubV, ";") gets an item Path=/, sessionid=AAA instead of sessionid=AAA.

xiaotianrandom commented 6 years ago

I change ", " to "; " in the line https://github.com/processone/tsung/blob/v1.7.0/src/lib/mochiweb_headers.erl#L257 to workaround this issue. But this is only a hack.

tisba commented 6 years ago

Maybe there should be a dedicated way to access response cookies which takes into account.

I was also wondering if it would be a good idea, to have some sort of mechanism to ask tsung's cookie jar for information. This way we could also get a value, that represents what tsung understood.

That said, I haven't fully understood how Set-Cookie/sessionid works at all ^^ Still reading the cookie handling code…

axelson commented 4 years ago

@xiaotianrandom do you have an example of how you worked around this?

xiaotianrandom commented 4 years ago

You can find my patch to work around this here. Note that it's only a hack and not thoroughly tested.

axelson commented 4 years ago

Okay thanks, that work-around/hack is working for me.