Versions Compared

Old Version 10

changes.mady.by.user ASF Infrabot

Saved on

compared with

New Version Current

changes.mady.by.user Felix Schumacher

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Markup corrected

...

Response Field to check: Body
Reference Name: VIEWSTATE
Wiki MarkupRegular Expression: id="_VIEWSTATE" value="(\[\\w/-_\].+)"
Template: $1$
Match No. : 1
Default Value: NOT FOUND

Response Field to check: Body
Reference Name: EVENTVALIDATION
Wiki MarkupRegular Expression: id="_EVENTVALIDATION" value="(\[\\w/-_\].+)"
Template: $1$
Match No. : 1
Default Value: NOT FOUND

Then in order to ensure these extracted values are passed in subsequent HTTP requests, for each request specify the following to be the Send Parameters for the Request:

Name: _VIEWSTATE
Value: ${VIEWSTATE}
Name: _EVENTVALIDATION
Value: ${EVENTVALIDATION}

...

Additional Note: (EmmanuelGuyot) What about the cases where VIEWSTATE is split into different part ? The field VIEWSTATEFIELDCOUNT is easy, but as _''_VIEWSTATExx fields number varies, is it possible to set a dynamic NAME in the Request ?

Additional Note: (SChauhanSonamChauhan) Concurring with FrankZimper - while testing an ASP.NET 2.0 site, the fields it used had two leading underscores. I used regexs to extract and pass three fields between ASP.NET pages: +PREVIOUSPAGE, +VIEWSTATE, __EVENTVALIDATION. These fields existed on all the ASP.NET pages, either cleanly stored in hidden HTML form fields, or in a couple of instances, strangely jammed in as invisible parts of the DOM using a weird, pipe-delimited syntax.

For extracting out hidden form fields, I used a simpler regular expression than the one abovein the article:
id="__+PREVIOUSPAGE"\s*value="(.*?)". (I'm reluctant to replace it though unless I know the reason for it). Note the '?' used to specify non-greedy regular-expression matching. For pages that had 'jammed-in' pipe-delimited data, I use this type of regular expression instead: |__+PREVIOUSPAGE|(.*?)|

Note the '?' used to specify non-greedy regular-expression matching. I'm reluctant to replace the one in the main article, unless I know the reason for it.

I normally strip the automatically-generated 'Browser-derived headers' HTTP Header Manager element from my scripts. I found that doing so with the ASP.NET site resulted in page load errors. I can only ASP.NET assume uses the Header referrer for some strange reason. So, you may have to keep the 'Browser-derived headers' in.