Bug 44807 - Backslashes included in sessionid when using URLRewritingModifier
Summary: Backslashes included in sessionid when using URLRewritingModifier
Alias: None
Product: JMeter
Classification: Unclassified
Component: HTTP (show other bugs)
Version: 2.3.1
Hardware: PC Linux
: P2 normal (vote)
Target Milestone: ---
Assignee: JMeter issues mailing list
Depends on:
Reported: 2008-04-11 07:03 UTC by Jens Hoffrichter
Modified: 2008-04-16 16:54 UTC (History)
1 user (show)

Patch to fix the mismatching session id (955 bytes, patch)
2008-04-11 07:03 UTC, Jens Hoffrichter
Details | Diff
Updated patch for session id parsing, including unittest (2.22 KB, patch)
2008-04-16 08:10 UTC, Jens Hoffrichter
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Jens Hoffrichter 2008-04-11 07:03:50 UTC
Created attachment 21816 [details]
Patch to fix the mismatching session id


When trying to load-test an AJAX heavy web application I ran into the following error:

At some point during my test plan my sessionid was replaced by the sessionid followed by a backslash.

After a bit of digging I found out that this occurred when there was JavaScript of the following type in the page:

  sessionidvar = \'<sessionidvalue>\'; (for being used in an XMLHttpRequest)

I just added the backslash to the "terminating" characters for a normal sessionid (as I don't believe that it would be part of a sessionid anyway), and it worked just fine.

I include the patch to URLRewritingModified.java in here.

Comment 1 Sebb 2008-04-11 10:05:45 UTC
I tried adding a test for this, but the test failed with your patch.

What is the surrounding context for the assignment?
Comment 2 Jens Hoffrichter 2008-04-16 08:09:13 UTC
Some of the initial assumptions were wrong, I admit :)

I thought that is was because of a session variable passed in along JavaScript, but after some debugging I found out that it was because of a complete URL passed along in JavaScript (probably for a redirect), quote in single quotes, which posed the problem.

So if something like this in the response, the URLRewritingModifier might cause a problem:

newurl = \'/index.html?sessionid=blabla\';

I have created a unittest for that (testGrabSessionIdURLinJSON), and updated my patch to include the unit test.

Without my patch, the unit test fails, with the patch, it runs fine.

I hope this will help you to resolve the issue.


Comment 3 Jens Hoffrichter 2008-04-16 08:10:27 UTC
Created attachment 21823 [details]
Updated patch for session id parsing, including unittest
Comment 4 Sebb 2008-04-16 08:36:09 UTC
Can you provide a full URL showing the problem?

If necesary, change the host etc to anonymise the URL.

No need for a new test case, I can adjust as necesssary.
Comment 5 Jens Hoffrichter 2008-04-16 09:11:03 UTC
I'm not entirely sure (the page is quite long, it is hard to read.....), but I think the following line is the "offender":

<a href=\"#\" onclick=\"$(\'mailpreview_iframe\').src=\'/webmail/mail_download/?preview=1&fldr=INBOX&id=2&partid=1&mediatype=TEXT%2FPLAIN&encoding=7BIT&charset=us-ascii&textpreview=1&tempid=HUDXReOOE2y2QS2m\';\" title=\"Textnachricht anzeigen\">

Comment 6 Sebb 2008-04-16 12:04:34 UTC
I assume you are lookig for "tempid" here?
Comment 7 Jens Hoffrichter 2008-04-16 13:55:32 UTC
Yes, exactly. That is the session identifier.

It is configured as that, without any extra options except "cached" set on in the URLRewritingModifier.

Comment 8 Sebb 2008-04-16 16:54:47 UTC
OK, thanks for the patch.

I've added it to SVN: