Scribd
Upload
12 views

Set Route Param Csrf False RequestCSRF Token StackOverflow

The document discusses an issue with using JMeter to test Odoo 11 modules, specifically encountering a 'Bad request CSRF token' error during login. It suggests that while disabling CSRF protection is possible by setting csrf=False in routes, it is not recommended due to the need to redefine all routes. Instead, it advises implementing correlation in the JMeter script to extract and use the CSRF token correctly during the login process.

Uploaded by

syb
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
12 views

Set Route Param Csrf False RequestCSRF Token StackOverflow

The document discusses an issue with using JMeter to test Odoo 11 modules, specifically encountering a 'Bad request CSRF token' error during login. It suggests that while disabling CSRF protection is possible by setting csrf=False in routes, it is not recommended due to the need to redefine all routes. Instead, it advises implementing correlation in the JMeter script to extract and use the CSRF token correctly during the login process.

Uploaded by

syb
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

odoo performance using jmeter (Bad request CSRF token) - Stack Overflow 13/10/2021 21'02

odoo performance using jmeter (Bad request CSRF token)


Asked 2 years, 11 months ago Active 2 years, 11 months ago Viewed 553 times

I'm using JMETER to test my own odoo modules performance, but it cannot log and give
me an error of Bad request csrf token in web/login. however i search for it and i found
0 that already csrf=false in route, and this success in odoo 10 but now i'm using odoo 11
and this is not success. is any change happen for csrf token disable in odoo 11?

jmeter csrf odoo-11 csrf-token

Share Follow asked Nov 5 '18 at 5S53


Eman Seo Khal
21 1

1 Answer Active Oldest Votes

Looking into How to disable CSRF protection ticket:

0 the parameter is csrf=False to set on the route. However, it implies redefining


all routes, which I guess is not what you want...

I don't see an easy way to disable CSRF and this is not something I would
recommend anyway.

So my expectation is that you should implement "normal" correlation in your script, to


wit build it as follows:

\. Request #1 - open login page

Extract the CSRF token using a suitable JMeter PostProcessor


Join Stack_. Request #2 - perform the login. You will need to replace recorded token with what
Overflow
you extracted in the previous step
to learn,
share
Check out
SignHow to Load
up with email Test CSRF-Protected Web Sites article
Sign up with Google Sign upfor more
with detailed Sign up with Fa
GitHub
knowledge,
explanation and example implementation.
and build
your
career.

https://stackoverflow.com/questions/53149044/odoo-performance-using-jmeter-bad-request-csrf-token Page 1 sur 2


odoo performance using jmeter (Bad request CSRF token) - Stack Overflow 13/10/2021 21'02

Share Follow edited Jun 20 '20 at 9S12 answered Nov 5 '18 at 9S50
Community Bot Dmitri T
1 1 128k 3 60 111

https://stackoverflow.com/questions/53149044/odoo-performance-using-jmeter-bad-request-csrf-token Page 2 sur 2

You might also like