ZAP: Execute Script - scripting

I try to execute the community script "Extender/HTTP Message Logger.js". I first double click on the script to make it open in the scripting console. However, in the scripting console, the "Execute" button is disabled and I see no other way how to make it run.
What am I missing?

I think you're missing the message beneath the script which says:
Extender scripts add new functionality, including graphical elements
and new API end points.
Enabling a script installs it and disabling a script uninstalls it.
So you just need to enable the script (by right clicking it and selecting 'Enable') and then it will start working.

The actual issue was that I didn't read the script's code carefully: be default the script only logs JSON messages as defined on lines 17 and 43 and following. In order to log all the sent and received HTTP messages, I simply changed the isMessageToLog(log) function to always return true. After redeploying the script (disabling and enabling) it would log all HTTP messages.

Related

How can I run some code in the event that a watched folder does not exist?

I have a Mule 4 flow that uses the [File] On New or Updated File event source. This element is configured to wait for file changes within a specific folder.
When I deploy my flow, and the deployed application does not have access to the specified folder, a log message is generated and the flow terminates. However, I'd like to add some additional processing in this case. (I'd like to log a message to an alternative event log).
I tried adding an On Error Propagate element to the flow, but this is not triggered when the error occurs - I think this is because the error is a system error rather than a messaging error.
If I could add a step before the On New or Updated File element, then I could check for the existence of the folder, and execute that extra code there - but I see no way to do that either.
Well, I was able to do something that "works". I created another flow that runs on a (long) timer, which runs immediately and checks for the existence of the folder by attempting to list its contents. If that fails, then the On Error ... block of that flow is reached, because in this case the error is treated as a messaging error rather than a system error.
Not an ideal solution, but a solution nonetheless.
May I suggest that you monitor folder which should contain none existing folder?
For exmple you want to monitor /one/two/three/abc.txt. three does not exist. Watch two for new and updated files.

Remote debug Idea doesn't works for openresty

I am using mobDebug. If run a lua script from command line everything works.
But when I run them from openresty the Idea doesn't stop. It only writes "Connected/ Disconnected"
Configs:
location / {
access_by_lua_block {
local client = require("client")
}
client.lua:
local mobdebug = require("mobdebug");
mobdebug.start()
local lfs = require("lfs")
print("Folder: "..lfs.currentdir())
modebug debug_hook is not invoked for needed lines, set_breakpoints don't invoked.
Idea Debug Logs, but nothing occures:
Idea catch debug from terminal client.lua; But it miss it from running nginx.
THIS IS NOT AN ANSWER. It's just that I am experiencing basically the same problem, and comment space is too small to fit all the relevant observations I would like to share:
I was actually able to stop immediately after mobdebug.start() in code running in nginx, and to step-debug - but only in code called directly from init_by_lua_block. This code of course executes once during the server startup or config reload.
I was never able to stop in worker code (e.g. rewrite_by_lua_*). mobdebug.coro() didn't help, and mobdebug.on() threw about "attempt to yield across C-call boundary"
I was only ever able to stop one time, on next statement after mobdebug.start(); once I hit |> (Resume program), it won't stop on any further breakpoints.
Using mobdebug.loop() is not a correct way to do this, as it's used for live coding, which is not going to work as expected with this setup. mobdebug.start() should be used instead.
Please see an example of how this debugging can be setup with ZeroBrane Studio here: http://notebook.kulchenko.com/zerobrane/debugging-openresty-nginx-lua-scripts-with-zerobrane-studio. All the details to how paths to mobdebug and required modules are configured should still be applicable to your environment.

How can I capture dynamic value in Load Runner that appears in the Request header section?

A dynamic value that appears in the subsequent web requests appears in the Request Header throughout the script. I am unable to correlate this value as it is not available in response header / body section. How can I now correlate this value?
I have tried recording using VUGEN - HTML & URL Mode. I have also used Fiddler as well as HAR files exported via Chrome Developer Tools. None of them have any additional request/responses that could have been potentially missed while recording with VUGen or other tools.
The dynamic value appears in the Request Header like this :
Reference:
https://*****/suite/sites/ecase-case-worker/page/home/start-process/iUBVQU4qoHEAl9UkPVyXKjTxMt3bz-olj7yCJ6dulSOHbmIIDal?parameters=**855b2a7b-a175-49e6-9ee0-7b7f37667197**
The "855b2a...." value appears throughout the script in different places like this below :-
web_custom_request("iUBVQU4qoHEAl9UkPVyXKjTxMt3bz-olj7yCJ6dulSOHbmIIDal",
"URL=https://****/suite/rest/a/sites/latest/ecase-case-worker/page/home/startProcess/iUBVQU4qoHEAl9UkPVyXKjTxMt3bz-olj7yCJ6dulSOHbmIIDal?cacheKey=**855b2a7b-a175-49e6-9ee0-7b7f37667197**",
I have manually verified in the application that it this value keeps changing every single time "Create application" link is clicked. Is there a way to capture this dynamically changing value?
If this is not sent to you from the server, as a correlated value, then what remains is that the value is generated on the client, likely as a part of a JavaScript function output.
Speak with the developer of your application about the location of the generation of this value. If it is locally generated then simply execute the JavaScript inside of your HTTP script or reproduce the algorithm in C for native inclusion in a C HTTP virtual user. You have some alternate paths as well, which includes the newer JavaScript based virtual user, Truclient (which runs a full browser), Citrix, RDP or GUI virtual users.
With Truclient, Citrix, RDP or GUI you are simply going to run a full browser and inherit the JavaScript execution and inclusion of the key value as a part of full stack execution.
The Fiddler recording helped in identifying the correlation value as it was hidden in one of the EXTRARES references, which wasn't captured anywhere by the VUGen. The request had to be subsequently added manually into the script to pick up the dynamic value in it's response.

How to prompt user in a Gherkin test?

We are using Gherkin/Behave (in Python) to test an embedded application. The Gherkin code is executed on a server while the actual activity is performed by an application on the device, communicating over the network. The application on the device needs to be started manually.
I need a test to reboot the device. I can get the test application to perform a reboot, but then I need the code on the server to prompt the user to restart the test app so that the test can continue with subsequent steps. However I cannot get the Python code in the "steps" file to output any text.
I appreciate that Gherkin/Behave is meant to provide fully automated testing, but real world restrictions apply here.
for formatter in context._runner.formatters:
formatter.stream.write("Your message here\n")
formatter.stream.write("\n")
The extra newline is needed because Behave prints a description of the step first, then overwrites it in green if it passed. The extra newline ensures that this overwrite overwrites a blank line rather than your text.
Note that when I tested this I was using the default "pretty" formatter. I don't know how well it will work with other formatters.

SoapUI with Groovy Script calling multiple APIs

I am using SoapUI with Groovy script and running into an issue when calling multiple APIs. In the system I am testing one WSDL/API handles the account registration, and returns an authenticator. I then use that returned authenticator to call a different WSDL/API and verify some information. I am able to call each of these WSDLs/APIs separate but when I put them together in a Groovy Script it doesn't work.
testRunner.runTestStepByName("RegisterUser");
testRunner.runTestStepByName("Property Transfer");
if(props.getPropertyValue("userCreated") == "success"){
testRunner.runTestStepByName("AuthenticateStoreUser");
To explain the first line will run the TestStep "RegisterUser". I then do a "Property Transfer" step which takes a few response values from "RegisterUser" - the first is "Status" to see if it succeeded or failed, second is the "Authenticator". I then do an if statement to check if "RegisterUser" succeeded then attempt to call "AuthenticateStoreUser". At this point everything looks fine. Though when it calls "AuthenticateStoreUser" it shows the thinking bar then fails like a timeout, and if I check the "raw" tab for the request it says
<missing xml data>.
Note, that if I try the "AuthenticateStoreUser" by itself the call works fine. It is only after calling "RegisterUser" in the Groovy Script that it behaves strange. I have tried this with a few different calls and believe it is an issue calling two different APIs.
Has anyone dealt with this scenario, or can provide further direction to what may be happening?
(I would have preferred to simply comment on the question, but I don't have enough rep yet)
Have you checked the Error log tab at the bottom when this occurs? If so, what does it say and is there a stacktrace you could share?