[Owasp-webscarab] Re: BeanShell Example

Laurent Hausermann laurent.hausermann at naema.org
Mon Aug 16 18:57:03 EDT 2004 

Hi,

Le dim 15/08/2004 à 21:35, Rogan Dawes a écrit :

[SNIP]

> response = fetchResponse(request);
> 
> Here you can see that there is an object "request", and an object 
> "response". You should not need to worry about the function 
> "fetchResponse", simply recognise that this connects to the server, and 
> gets the response. The response is implicitly returned at the end of the 
> script.

[SNIP]

> request.deleteHeader("HeaderName");
> response = fetchResponse(request);
> response.addheader("X-MyMarker", "I deleted HeaderName");
> 
> The best way to see what methods are available is to look at the 
> well-documented source for the following methods:
> 
> org.owasp.webscarab.model.Message (superclass for Request and Response)
> org.owasp.webscarab.model.Request
> org.owasp.webscarab.model.Response

[SNIP]

Many thanks Rogan for such a detailled email !

I understand now well the design and the philosophy for WebScarab. In
fact, I played with modifying the header,
and combined with "Intercept Request" I could do it "on the fly"...
really cool stuff.

I have also looked at the source code, and I realized that the code for
"getParameters" and "setParameters" was commented out... and I wanted to
make a script that rebuild parameter with some random number (in order
to test the cgi handling the request). 
Like this : 
import java.util.Random;
random_gen = new Random();
int random_num = random_gen.nextInt( 10 );
request.setMethod("POST");
request.addParameter("my_id", random_num);

Have you got a way to manipulate the POST parameters like this  with a
Bean Shell script ?

Moreover, I would add some features request : 
  o It would be great to have basic script loading/unloading feature.
The minimum, should be to load script from file and to have an history
window where
     you could rerun them. Some shortcut on script should be great also.
  o Is there any way to have interaction with WebScarab user like a
Popup window to ask for script parameters ?
  o Is there any "output" console, currently if you do a
"System.out.println", your output is on the application console. An
output window could be great.

I appreciate the "open" way you are designing and developping WebScarab,
go on !

Regards, 

Laurent








-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-webscarab/attachments/20040817/6d130a64/attachment.html

More information about the Owasp-webscarab mailing list