Handling CSRF prevention tokens / dynamic data in JMeter

In today’s web technologies a common defensive mechanism against csrf attacks is to use a synchronizer token. This token is unique for each request and thus it blocks us from using the recorded JMeter test session off the shelf. The solution is to identify and extract the token from the html form. Identification can be […]

Read more