loadrunner Hi all, I've recorded a HTTP Protocol script...

  • perf-test.com need your contributions to build up a strong repository of performance engineering resources.

C

Cody Maverick

Guest
Hi all, I've recorded a HTTP Protocol script on filling a form for DRIVING LICENSE in a GOVERNMENT Web Site with a captcha image at the bottom of the form. When i replay the script with different different parameters of mandatory field, does it really insert the raw data into the server on each iteration?. And it doesn't throw an error because the captcha gets changed each time the page gets refreshed.
 
Sort by date Sort by votes
Actually, I'm curious to the answer to this. Without using say TruClient or knowing the sequence from the server side, is there a way to do this? This would normally require grabbing the server side session information so you can realtime match it up right? That's how we've done it at least and then we can control what the response should be per session by accessing it with a hidden call to the server to extract it. Normal users would never do this however and we block that completely for non testing codebases.
 
Upvote 0 Downvote
Wow, that sounds like a gap in security. I've seen similar assumed authentication in the past but it was quickly changed once we spotted it during PT script creation. A little late in the cycle yes....
 
Upvote 0 Downvote
You must log in or register to reply here.
Top Bottom
Back