You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Testing ASP.NET Web pages will require two hidden fields (_VIEWSTATE and _EVENTVALIDATION) to be passed for subsequent requests to a web page once the hidden fields have been set in the body. This can be achieved by creating two post Processor elements of the type 'Regular Expression Extractor' and then setting the details of the Regular Expressions as follows:

Response Field to check: Body

Reference Name: VIEWSTATE

Regular Expression: id="VIEWSTATE" value="([
w/-].+)"

Template: $1$

Match No. : 1

Default Value: NOT FOUND

Response Field to check: Body

Reference Name: EVENTVALIDATION

Regular Expression: id="EVENTVALIDATION" value="([
w/-].+)"

Template: $1$

Match No. : 1

Default Value: NOT FOUND

Then in order to ensure these extracted values are passed in subsequent HTTP requests, for each request specify the following to be the Send Parameters for the Request:

Name: _VIEWSTATE

Value: ${VIEWSTATE}

Name: _EVENTVALIDATION

Value: ${EVENTVALIDATION}

Additional Note: (FrankZimper) When testing an ASP.NET 2.0 site I had to add an additional leading underscore to the id fields in the regexes. Is the number of underscores dependent on the version of ASP.NET?

Additional Note: (EmmanuelGuyot) What about the cases where VIEWSTATE is split into different part ? The field VIEWSTATEFIELDCOUNT is easy, but as _''_VIEWSTATExx fields number varies, is it possible to set a dynamic NAME in the Request ?

Additional Note: (SChauhan) Concurring with FrankZimper - while testing an ASP.NET 2.0 site I had to add an additional leading underscore to the id fields in the regexes. I used a simpler regular expression. Note the two underscores, and the '?' to denote non-greedy matching
<tt> id="__PREVIOUSPAGE"\s*value="(.*?)"</tt>

Also, some pages did not use a 'proper' hidden field and seemed to 'jam-in' data into a pipe-delimited string. For these pages, I had to use this regular expression instead:
<tt> |__PREVIOUSPAGE|(.*?)|</tt>

Lastly, I used a these regexs for the PREVIOUSPAGE, VIEWSTATE, and EVENTVALIDATION fields (all prefixed with two underscores).

  • No labels