This is my response
<body onload="javascript:document.getElementById('idForm').submit()">
<form id="idForm" action="https://x.y-test.z:443/hpp-webapp/hentpasient.html?ticket=I6VZgglkX/Z2z1GJYY1TzIqAscCJbWPI5pPBLl38VCEHcD/qh9qSz MzAIVv 6H2fau4DFMQscbPqy1HhFkgvg==" method="POST"
target="_top">
and I want to regex (scala/gatling) the value of <ticket>.
Tried this:
.check(regex("<form id=\"idForm\" action=\"https://x.y-test.z:443/hpp-webapp/hentpasient.html?ticket=\"(.*?)\"").saveAs("jwtUncoded"))
But I get
> regex(<form id="idForm" action="https://x.y-z 1 (100,0%)
.no:443/hpp-webapp/hentpasient.html?ticket="(.*?)").find.exist...
When observing the output in Gatling I can see that the value of <ticket> sometimes has a space and sometimes not.
How can I regex this value?
regex("ticket=(.*?)\"")
Your own take has a wrong quote before the capture group.
.check(regex("ticket=(.*?)\"").saveAs("jwtUncoded"))
Related
I want to match only this specific url
https://www.facebook.com/princessaustine.alcantara.3/about?lst=100002159119314%3A100022260619396%3A1507039852
Here's the source code
<div class="hidden_elem"><code id="u_0_17"><!-- <div class="fbTimelineTopSectionBase _6-d _529n"><div class="_5h60" id="pagelet_above_header_timeline" data-referrer="pagelet_above_header_timeline"></div><div id="above_header_timeline_placeholder"></div><div class="fbTimelineSection fbTimelineTopSection"><div id="fbProfileCover"><div class="cover" id="u_0_13"><a class="coverWrap coverImage" data-referrerid="100022260619396" href="https://www.facebook.com/photo.php?fbid=118243868927633&set=a.117907638961256.1073741827.100022260619396&type=3" rel="theater" ajaxify="https://www.facebook.com/photo.php?fbid=118243868927633&set=a.117907638961256.1073741827.100022260619396&type=3&size=1440%2C1080&source=10&player_origin=profile&referrer_profile_id=100022260619396" data-ploi="https://scontent.fmnl4-1.fna.fbcdn.net/v/t31.0-8/22136852_118243868927633_2950847275004458372_o.jpg?oh=fbcb3c8abc2023b35a5a36fb2989d850&oe=5A821DA8" title="Cover Photo" id="u_0_12" data-cropped="1"><img class="coverPhotoImg photo img" src="https://scontent.fmnl4-1.fna.fbcdn.net/v/t31.0-8/c0.81.851.315/p851x315/22136852_118243868927633_2950847275004458372_o.jpg?oh=7d0222f3c38b31acb33a7b1ffba2ac9e&oe=5A797385" style="top:0px;width:100%" data-fbid="118243868927633" alt="Cover Photo, Image may contain: 1 person, sitting" /><div class="coverBorder"></div><img class="coverChangeThrobber img" src="https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/LOOn0JtHNzb.gif" alt="" width="16" height="16" /></a><div class="_2nlj _2xc6"><h1 class="_2nlv"><a class="_2nlw" href="https://www.facebook.com/princessaustine.alcantara.3"><span id="fb-timeline-cover-name" data-testid="profile_name_in_profile_page">Princess Austine Alcantara</span></a><span class="_2nly"></span></h1></div></div><div id="fbTimelineHeadline" class="clearfix"><div class="_50zj"><div class="actions _70j"><div class="_5h60 actionsDropdown" id="pagelet_timeline_profile_actions" data-referrer="pagelet_timeline_profile_actions"></div></div></div><div class="_70k"><ul class="_6_7 clearfix" data-referrer="timeline_light_nav_top" id="u_0_14"><li><a class="_6-6 _6-7" href="https://www.facebook.com/princessaustine.alcantara.3?lst=100002159119314%3A100022260619396%3A1507039852" data-tab-key="timeline">Timeline<span class="_513x"></span></a></li><li><a class="_6-6" href="https://www.facebook.com/princessaustine.alcantara.3/about?lst=100002159119314%3A100022260619396%3A1507039852" data-tab-key="about">About<span class="_513x"></span></a></li><li><a class="_6-6" href="https://www.facebook.com/princessaustine.alcantara.3/friends?lst=100002159119314%3A100022260619396%3A1507039852&source_ref=pb_friends_tl" data-tab-key="friends">Friends<span class="_gs6"><span id="u_0_10">7 Mutual</span></span><span class="_513x"></span></a></li><li><a class="_6-6" href="https://www.facebook.com/princessaustine.alcantara.3/photos?lst=100002159119314%3A100022260619396%3A1507039852&source_ref=pb_friends_tl" data-tab-key="photos">Photos<span class="_513x"></span></a></li><li><div class="_6a uiPopover _6-6 _9rx" id="u_0_15"><a class="_9ry _p" href="#" aria-haspopup="true" aria-expanded="false" rel="toggle" role="button" id="u_0_16">More<i class="_bxy img sp_AWfL8SqGWNa sx_41c408"></i></a></div></li></ul></div><div class="name"><div class="photoContainer"><div><a class="profilePicThumb" href="https://www.facebook.com/photo.php?fbid=116140922471261&set=a.116141002471253.1073741826.100022260619396&type=3&source=11&referrer_profile_id=100022260619396" rel="theater" id="u_0_11"><img class="profilePic img" alt="Princess Austine Alcantara's Profile Photo, Image may contain: 1 person, smiling, closeup" src="https://scontent.fmnl4-1.fna.fbcdn.net/v/t1.0-1/c0.0.160.160/p160x160/22050231_116140922471261_8103110572544919612_n.jpg?oh=d942ae339c7c9dc7c8add2e3dd34f6c4&oe=5A413CB6" /></a></div><meta content="https://scontent.fmnl4-1.fna.fbcdn.net/v/t1.0-1/p50x50/22050231_116140922471261_8103110572544919612_n.jpg?oh=e43d8f6e5cfb1387f1a5d864b7947225&oe=5A3CC115" itemprop="image" /></div></div></div></div></div>
I tried to use this regex code below but it also match other items inside. How can i match only that specific url? Thanks
The class is dynamic.
(?i)(?<=a class=".+" href=").*?(?=" data-tab-key="about)
If you want to match the href, you can use [^"]+ inside of href, this way you regex will not capture more than what you need as it will be stopped by ".
You can then create something like href="([^"]*?)" data-tab-key="about".
I'd suggest avoiding using regex to match html though.
Try..
(?i)a class=".+" href="\K.*?(?=" data-tab-key="about)
I believe you are struggling to get a variable length look behind to work, which is
(?<=a class=".+" href=")
.+ in the above is not a valid syntax as it introduces variable length in a look behind. This is not supported in any of the regex engines I know(I would be happy to know if I'm wrong here).
That said in-order to emulate a variable length look-behind one could use the \K flag which resets the starting point of the match to the current position(there by dropping all the the previously grabbed items out of the final match).
Demo regex is here.
I need to build a regex for extracting the value present under value field.
i.e "f70a8c3d0a6cbe2e235c7fd1dd27d052df7412ea"
HTML RESPONSE BODY :
Note: I have pasted just a minor part of the response....but formToken key is unique
<div class="hidden">
<input name="formToken type="hidden"
value="f70a8c3d0a6cbe2e235c7fd1dd27d052df7412ea"
/>
</div>
I wrote the below regex but it returned nothing:
regex("formToken" type="hidden" value="([^"]*)"/>).find(0).exists, found nothing
Can you try this?
regex("type="hidden".*value="(.*?)[ \t]*"/>).find(0).exists
Instead of a regex, you could use a css selector check which is probably way easier once you have ids or css classes to search for.
Thank you all....I was able to get formToken using css
.check(css("input[name='formToken']", "value").saveAs("formTokex"))
Works like this for me:
.exec(http("request_1")
.get("<<<<YOUR_URL>>>>>")
.check(css("form[name='signInForm']", "action").saveAs("urlPath"))
and later printing it:
println(session( "urlPath" ).as[String])
First of all, what is a viewstate?
In testautomation I probably need to correlate this value as it is unique for every user logging in?
How can I get the 'value' / token below using regex?
<div>
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTUxOTg3NDM2NGQYCAUkY3RsMDAkTWFpbk1lbnUkTWVudSRjdGwwMSRjdGwwMCRNZW51DxQrAA5kZGRkZGRkPCsABQACBWRkZGYC/////w9kBSRjdGwwMCRNYWluTWVudSRNZW51JGN0bDAzJGN0bDAwJE1lbnUPFCsADmRkZGRkZGQ8KwAEAAIEZGRkZgL/////D2QFJGN0bDAwJE1haW5NZW51JE1lbnUkY3RsMDQkY3RsMDAkTWVudQ8UKwAOZGRkZGRkZDwrAAcAAgdkZGRmAv////8PZAUkY3RsMDAkTWFpbk1lbnUkTWVudSRjdGwwNiRjdGwwMCRNZW51DxQrAA5kZGQCAmRkZDwrAAkAAglkZGRmAv////8PZAUkY3RsMDAkTWFpbk1lbnUkTWVudSRjdGwwMiRjdGwwMCRNZW51DxQrAA5kZGQCAmRkZDwrAAsAAgtkZGRmAv////8PZAUpY3RsMDAkRm9vdGVyUmVnaW9uJGN0bDAwJEZvb3RlckxpbmtzJExpc3QPD2ZkZAUTY3RsMDAkY3RsMDMkUnNzTGlzdA8PZmRkBSRjdGwwMCRNYWluTWVudSRNZW51JGN0bDA1JGN0bDAwJE1lbnUPFCsADmRkZGRkZGQ8KwAJAAIJZGRkZgL/////D2R3kjxauWd2eu+C/bmZz+/bI7YRkg==" />
Read this: RegEx match open tags except XHTML self-contained tags
then if you still want to have a go, use this:
(?<=input )(?:.*)(value\=\".*\")
Consider test.cfm file with the following content:
<html>
<body>
<cfif foo EQ bar>
<cfset test = "something" />
</cfif>
<p>Hello!</p>
</body>
</html>
When run in the browser, the source code of the output of this file will look like this:
<html>
<body>
<p>Hello!</p>
</body>
</html>
Is there any way to fix this?
Is there any way to fix this?
There's nothing to fix - the HTML is perfectly valid and functional.
If your issue is the size of request, use gzip encoding.
If your issue is reading the source for debugging/etc, use developer tools such as Firebug/etc.
However, general things you should be doing to improve maintainability (which at the same time also reduces whitespace output) are:
1) Move anything that isn't display logic out of your views.
2) Convert display logic to functions and custom tags as appropriate, which both make it easier to prevent/control output.
To prevent unwanted content being output, you can:
Wrap the entire section in cfsilent, to ensure nothing gets output.
Enable enablecfoutputonly attribute of cfsetting then only use cfoutput around things you want to be output.
Always set output=false on component and function tags.
When you want to selectively output some text, wrap non-tag non-output segments in CFML comments <!---...---> (e.g. useful for preventing newline output in custom tags)
(I never bother with cfprocessingdirective, everything mentioned above solves the issues better.)
If you have access to the CF Administrator, there is an option to suppress white space.
It is under 'Server Settings' --> 'Settings' its called 'Enable Whitespace Management'.
Try <cfprocessingdirective suppressWhiteSpace="true">
Reference: http://help.adobe.com/en_US/ColdFusion/9.0/CFMLRef/WSc3ff6d0ea77859461172e0811cbec22c24-76de.html
I have suffered a number of XSS attacks against my site. The following HTML fragment is the XSS vector that has been injected by the attacker:
<a href="mailto:">
<a href=\"http://www.google.com onmouseover=alert(/hacked/); \" target=\"_blank\">
<img src="http://www.google.com onmouseover=alert(/hacked/);" alt="" /> </a></a>
It looks like script shouldn't execute, but using IE9's development tool, I was able to see that the browser translates the HTML to the following:
<a href="mailto:"/>
<a onmouseover="alert(/hacked/);" href="\"http://www.google.com" target="\"_blank\"" \?="">
</a/>
After some testing, it turns out that the \" makes the "onmouseover" attribute "live", but i don't know why. Does anyone know why this vector succeeds?
So to summarize the comments:
Sticking a character in front of the quote, turns the quote into a part of the attribute value instead of marking the beginning and end of the value.
This works just as well:
href=a"http://www.google.com onmouseover=alert(/hacked/); \"
HTML allows quoteless attributes, so it becomes two attributes with the given values.