Skip to content

Instantly share code, notes, and snippets.

@scottwillson

scottwillson/Tsung Rails authenticity_token

Created January 30, 2013 21:07
Show Gist options
  • Save scottwillson/4676993 to your computer and use it in GitHub Desktop.
Save scottwillson/4676993 to your computer and use it in GitHub Desktop.
Download ZIP
If you're using Tsung to test a Rails site that has CSRF protection, Tsung needs to parse the authenticity_token and submit it when POSTing. I could only find outdated examples. The snippet below works.
Raw
Tsung Rails authenticity_token
<request>
<dyn_variable name="authenticity_token" ></dyn_variable>
<http url="/registrations/new" version="1.1" method="GET"></http>
</request>
<request subst="true">
<http url="/registrations" method="POST" version="1.1"
contents="authenticity_token=%%_authenticity_token%%&amp;first_name=Jane"/>
</request>
@nirname
Copy link

nirname commented Jul 19, 2019 

  <request>
    <dyn_variable name="authenticity_token" xpath="/html/head/meta[@name='csrf-token']/@content" />
    <http url="/" version="1.1" method="GET"/>
  </request>

  <request subst="true">
    <http url='/' version='1.1'
       contents='authenticity_token=%%_authenticity_token%%&amp;first_name=Jane'
       content_type='application/x-www-form-urlencoded' method='POST' />
  </request>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment