Proxy Sniffer V4.0-P Release Notes

Ingenieurbüro David Fischer GmbH Mühlemattstrasse 61, CH-3007 Bern, Switzerland

http://www.proxy-sniffer.com E-Mail: [email protected]

Proxy Sniffer Professional Edition V4.0-P

Release Notes

English Edition © 2007 by Ingenieurbüro David Fischer GmbH All Rights Reserved

http://www.proxy-sniffer.com/

Proxy Sniffer V4.0-P Release Notes

© 2007 by Ingenieurbüro David Fischer GmbH, Switzerland All Rights Reserved / 17

Table of Contents 1 V4.0 Release Notes ...................................................................................................................................................................................................... 4

1.1 Upgrade Instructions for Version 4.0-P ................................................................................................................................................................... 4 1.2 New Functionality ................................................................................................................................................................................................... 4

1.2.1 Proxy Sniffer Version 4.0-P ............................................................................................................................................................................. 4 1.2.1.1 GUI Improvements ................................................................................................................................................................................... 4 1.2.1.2 New Web Tool - Page Scanner ................................................................................................................................................................ 5 1.2.1.3 New Speed Test Tool ............................................................................................................................................................................... 5 1.2.1.4 Configurable HTTPS Settings while Recording Encrypted Web Pages .................................................................................................... 6 1.2.1.5 Support of HTML Header Cookies ............................................................................................................................................................ 6 1.2.1.6 Enhanced Response Test Configuration .................................................................................................................................................. 6 1.2.1.7 Reset of SSL Client Cache per Loop ........................................................................................................................................................ 7 1.2.1.8 Revised “Application Reference Manual” and “User’s Guide” ................................................................................................................... 7

Proxy Sniffer Version 4.0-K ........................................................................................................................................................................................... 8 1.2.1.9 Additional Detail Diagrams ....................................................................................................................................................................... 8

1.2.2 Proxy Sniffer Version 4.0-J .............................................................................................................................................................................. 8 1.2.2.1 Session Cutter .......................................................................................................................................................................................... 8 1.2.2.2 Load Test Plug-ins ................................................................................................................................................................................... 8 1.2.2.3 Extended Host Filter ................................................................................................................................................................................. 9 1.2.2.4 Automated ZIP Function when Starting a Load Test Program .................................................................................................................. 9 1.2.2.5 Binding an Exec Agent to a specific Network Interface ............................................................................................................................. 9

1.2.3 Proxy Sniffer Version 4.0-G ............................................................................................................................................................................. 9 1.2.3.1 Customizable PDF Report Branding ......................................................................................................................................................... 9 1.2.3.2 Data Export of Load Test Details .............................................................................................................................................................. 9 1.2.3.3 Additional Sampling Options per single URL call ...................................................................................................................................... 9 1.2.3.4 Additional Options for PDF Detail Reports .............................................................................................................................................. 10

1.2.4 Proxy Sniffer Version 4.0-F ........................................................................................................................................................................... 10 1.2.4.1 Support for NTLM V2 Authentication ...................................................................................................................................................... 10

1.2.5 Proxy Sniffer Version 4.0-C ........................................................................................................................................................................... 10 1.2.5.1 Support for the ISO 8859-1 Character Set for Response Content Tests ................................................................................................. 10

1.2.6 Proxy Sniffer Version 4.0-A ........................................................................................................................................................................... 10 1.2.6.1 Var Finder: automated handling of dynamically-exchanged session parameters by one mouse click ..................................................... 10 1.2.6.2 Search Overall and Var Handler: support of URL-encoded values ......................................................................................................... 11 1.2.6.3 Revised PDF Detail Report .................................................................................................................................................................... 11 1.2.6.4 New PDF Comparison Report ................................................................................................................................................................ 11 1.2.6.5 Improved Support for Comments / Annotations ...................................................................................................................................... 11 1.2.6.6 Scripting and Synchronizing Load Test Jobs .......................................................................................................................................... 11 1.2.6.7 Enhanced Support for Inner Loops ......................................................................................................................................................... 11



1.2.6.8 Initial Value of Variables ......................................................................................................................................................................... 12 1.2.6.9 Reading Lines from Input Files in Randomized Order ............................................................................................................................ 12 1.2.6.10 Improved Web Admin GUI...................................................................................................................................................................... 12 1.2.6.11 Support of LM V2 Authentication ............................................................................................................................................................ 12 1.2.6.12 SSL Test Utility ....................................................................................................................................................................................... 12

1.3 Removed Functionality ......................................................................................................................................................................................... 13 1.3.1 Proxy Sniffer Version 4.0-P ........................................................................................................................................................................... 13

1.3.1.1 Hidden URLs and Hidden Page Breaks.................................................................................................................................................. 13 1.3.1.2 Additional Option -singleuser .................................................................................................................................................................. 13

1.4 Upgrade Instructions for Version 4.0 .................................................................................................................................................................... 14 1.5 Compatibility – Version 3.8 / 4.0 ........................................................................................................................................................................... 14 1.6 Bug Fixes ............................................................................................................................................................................................................. 15

1.6.1 V4.0-N ........................................................................................................................................................................................................... 15 1.6.1.1 Alternating SSL Session ID during Recording ........................................................................................................................................ 15

1.6.2 V4.0-J............................................................................................................................................................................................................ 15 1.6.2.1 HTML Parsing of Form Parameters ........................................................................................................................................................ 15 1.6.2.2 Invalid Names for Input Files .................................................................................................................................................................. 15

1.6.3 V4.0-H ........................................................................................................................................................................................................... 15 1.6.3.1 Missing Decompression Algorithm “deflate” ........................................................................................................................................... 15

1.6.4 V4.0-E ........................................................................................................................................................................................................... 16 1.6.4.1 Creating PDF Detail Reports for Cluster Job Data failed ........................................................................................................................ 16

1.6.5 V4.0-D ........................................................................................................................................................................................................... 16 1.6.5.1 Delayed URL Calls for Responses with 1 Byte Size ............................................................................................................................... 16 1.6.5.2 Incorrect Form Index when Extracting Form Parameter ......................................................................................................................... 16

1.6.6 V4.0-C ........................................................................................................................................................................................................... 16 1.6.6.1 Missing Variable Assigners in generated Java Code .............................................................................................................................. 16

1.6.7 V4.0-B ........................................................................................................................................................................................................... 16 1.6.7.1 Cookies for Short Domain Names .......................................................................................................................................................... 16

1.6.8 V4.0-A ........................................................................................................................................................................................................... 17 1.6.8.1 Token Extractor ...................................................................................................................................................................................... 17 1.6.8.2 Expiration Year of Cookies ..................................................................................................................................................................... 17



1 V4.0 Release Notes

1.1 Upgrade Instructions for Version 4.0-P

Version 4.0-P is 100% compatible with older V4.0 versions; however, existing generated load test programs (Java classes) must be recompiled before they can be used in Version 4.0-P.

1.2 New Functionality

1.2.1 Proxy Sniffer Version 4.0-P

1.2.1.1 GUI Improvements

The following improvements to the Graphical User Interface (GUI) have been made in this release:

An additional "delete" icon has been added for each Page Break and each URL when displaying the recorded Web surfing session in the main menu. The new "delete page" menu supports the deletion of several pages, with or without page-dependent URLs. The new "delete URL" menu allows the deletion of multiple URLs selected by content type and HTTP status code, by host name and IP port, or by a text pattern. Both new "delete" dialogs display a preview of the pages, or the URLs, which will be deleted.

The URL filter settings which can be configured in the main menu will now be stored together with the recorded Web surfing session, and reapplied when the Web surfing session is restored.



When generating a load test program, the suggested Java class name now corresponds to the name of the last saved Web surfing session.

1.2.1.2 New Web Tool - Page Scanner

The new "Page Scanner" tool, which can be invoked from the Web Tools menu, browses and explores the Web pages of a Web server recursively, similar to a Web spider or a Web crawler (search engine).

1. Primary Purpose: the scan result can be used to create a "normal" Web surfing session, which can then be used to generate a load test program. This offers a simplified way to acquire a Web surfing session, instead of having to record (many) single Web pages manually. Note, however, that the Page Scanner tool can only be used to create Web surfing sessions which do NOT require HTML form-based authentication. This tool is not a replacement for recording Web surfing sessions for real Web applications.

2. Other Purposes: the Page Scanner tool allows the detection of broken links, and provides statistical data about the largest and slowest Web

pages. The tool supports the subsequent searching for text fragments in all scanned Web pages. The Page Scanner tool does not interpret JavaScript code, and does not submit forms. Only hyperlinks are considered. Cookies are automatically supported. All the usual non-form-based authentication methods against Web servers are supported by the Web Admin GUI version; specifically, “Basic Authorization”, NTLN Authentication, and X509 client certificates in PKCS#12 format.

1.2.1.3 New Speed Test Tool

The new "Speed Test Tool" can be used to determine the maximum possible network speed between a Web client and a Web Server. This tool can be started currently only from a command line, as no Web GUI integration is available. The tool contains an ultra-lightweight HTTP client, as well as an ultra-lightweight HTTP server. This measured network speed can be used as a baseline for the fastest possible response time for a real Web application server. Please read chapter 3.8 of the revised “Application Reference Manual” to learn more about the Speed Test Tool.

Please note that the Page Scanner tool may return no result, or may return an incomplete result, because some Web Sites or Web pages contain malformed HTML code, or because old, unusual HTML options have been used within the scanned Web pages. Although this tool has been intensively tested, we are not able to provide any warranty of error-free behaviour. Possible Web Site- or Web page-related errors may be impossible to fix because of divergent requirements, or because of complexity. The functionality and behavior of this tool is similar to other search engines, which have also similar restrictions.



1.2.1.4 Configurable HTTPS Settings while Recording Encrypted Web Pages

The “Personal Settings” menu has been enhanced such that various HTTPS settings used during the recording of encrypted Web pages are now configurable:

SSL Version: allows you to select the SSL protocol version (v2 / v3 / TLS).

SSL Session Cache enabled or disabled if enabled, keeps the same SSL session ID over multiple Web pages.

SSL Session Cache Timeout: lifetime of an SSL session within the session cache.

Enhanced Compatibility Mode: enables workarounds to support poorly-implemented SSL server libraries.

HTTPS Response Timeout: response timeout, applied per HTTPS URL call.

1.2.1.5 Support of HTML Header Cookies

Cookies which are set by HTML headers are now supported automatically. This is in addition to cookies which are received from HTTP response headers, which were already supported. Following is an example of HTML header cookies: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN">

<html>

<head>

<meta http-equiv="Set-Cookie" content="AnonymousUserId=567868123866; path=/appl">

<meta http-equiv="Set-Cookie" content="Language=EN; path=/appl">

</head>

<body>

…………………

</body>

</html>

1.2.1.6 Enhanced Response Test Configuration

The response test configuration menu has been enhanced such that the checked HTTP status code, and the checked content type (MIME type), of a URL call can now be altered, or indeed that the verification of the received HTTP status code and/or content type can even be disabled; however, this is not a recommended option). Furthermore, two search strings are now supported to check the received content, instead of only one. These two search strings can be logically combined by an AND or an OR condition. Special string patterns such as NOT conditions and variables are supported for both search strings.



1.2.1.7 Reset of SSL Client Cache per Loop

During a load test, simulated users retain the (user-specific) SSL Client Cache when a loop has been completed, and re-use the same SSL Client Cache when executing the next loop. This behavior can now be suppressed by entering the “Additional Option” -sslcreset when starting a load test. This option causes a new SSL Client Cache to be created at the start of each loop.

1.2.1.8 Revised “Application Reference Manual” and “User’s Guide”

The Application Reference Manual and the User’s Guide have been completely revised. In additional, a list of the most important installed files has been added to the Application Reference Manual.



Proxy Sniffer Version 4.0-K

1.2.1.9 Additional Detail Diagrams

Two new diagrams have been added to the “Load Test Result Detail” menu:

Completed Loops: shows the number of successfully-completed loops (web sessions) per minute, measured over all users.

SSL Cache Efficiency: shows the efficiency of the SSL client cache for the emulated users; that is, the percentage of re-used SSL sessions, compared against new created SSL sessions.

1.2.2 Proxy Sniffer Version 4.0-J

1.2.2.1 Session Cutter

The "session cutter" allows you to load one or more recorded web sessions into memory, and then to rearrange their web pages to create a new web session – much like editing a movie. This new functionality can be invoked directly from the Web Admin main menu - there is a new icon near "start/stop record".

1.2.2.2 Load Test Plug-ins

Proxy Sniffer now supports the use of load test plug-ins (pre-compiled Java classes), which can be loaded by the GUI via the Var Handler, into a recorded web surfing session in order to enhance the functionality of a load test program. Currently, two load test plug-ins are delivered when installing Proxy Sniffer:

PrxAbortFailedTestV10: aborts a test-run if, within a defined time interval in minutes, the failure rate of the executed loops is greater than a customizable threshold in percentage.

PrxGenericOutputFileV10: provides a generic output file to which up to 6 variables can be logged per line. These two plug-ins are delivered in form of Java source code, as well as in form of ready-to-use pre-compiled Java classes. All load test plug-ins are automatically distributed when starting a load test, and should not be installed manually on remote systems. If you are familiar with Java programming, you can write your own plug-ins to add enhanced functionalities to load test programs. The new load test plug-in interface is fully documented in the Proxy Sniffer Java API documentation.



1.2.2.3 Extended Host Filter

The host filter in the Web Admin main menu now supports entering several host names, separated by commas (,) . These host names can also start with an exclamation mark, indicating suppressed hosts.

1.2.2.4 Automated ZIP Function when Starting a Load Test Program

When a load test program is started in the Project Navigator needs to be zipped together with input files or plug-ins, the corresponding dialogue now offers an automated ZIP function, instead of displaying an error message.

1.2.2.5 Binding an Exec Agent to a specific Network Interface

The TCP/IP network server socket of an Exec Agent can now be bound to a specific network interface, instead of listening on all network interfaces. This can be done by using the new “-bind <network-address>” program argument.

1.2.3 Proxy Sniffer Version 4.0-G

1.2.3.1 Customizable PDF Report Branding

The report logo, the title, and the footer text of all PDF reports can now be customized to suit your requirements. The corresponding settings can be made in the Project Navigator -> Setup menu.

1.2.3.2 Data Export of Load Test Details

All measured details for a single test-run which are displayed in the Load Test Result Detail menu can now also be exported in the form of CSV-formatted files, or HTML tables.

1.2.3.3 Additional Sampling Options per single URL call

The sampling options for URL calls have been extended such that the following, optional, data can be collected per URL call during a test run:

Internal data of each URL call:

o Network connect time (TCP/IP socket open time)

o HTTP request transmit time

o HTTP response header wait time

o HTTP response header receive time

o HTTP response content receive time

The HTTP request header of each URL call



The HTTP request content of each URL call

The HTTP response header of each URL call

The HTTP response content of each URL call

After the test has completed, these additional data can be displayed, as well as exported as an HTML table.

1.2.3.4 Additional Options for PDF Detail Reports

The following 3 new options can now be selected when generating a PDF detail report:

Response time diagram per web page

Percentile statistic per URL

Response time diagram per URL

1.2.4 Proxy Sniffer Version 4.0-F

1.2.4.1 Support for NTLM V2 Authentication

The Microsoft-specific NTLM V2 protocol for user authentication is now supported – on Windows systems as well as on all Unix-like operating systems (Linux, Solaris, Mac OS X ..) .

1.2.5 Proxy Sniffer Version 4.0-C

1.2.5.1 Support for the ISO 8859-1 Character Set for Response Content Tests

Proxy Sniffer now supports checking the received content of a HTTP response by using the ISO 8859-1 character set, instead of using the “natural” character set of the operating system. This additional new option can be specified when generating the load test program, and is used when load tests are started on Unix systems running against a Windows-based web server, and whose HTTP content contains special characters such as umlauts.

1.2.6 Proxy Sniffer Version 4.0-A

1.2.6.1 Var Finder: automated handling of dynamically-exchanged session parameters by one mouse click

The Var Finder menu has been enhanced such that a new V-icon is displayed together with each detected session parameter. By clicking on the new V-icon, Proxy Sniffer tries automatically to extract and to assign the value of the dynamically-exchanged session parameter. This kind of automated handling works approximately in 50% of all cases, especially if the parameter value can be extracted from a hidden form field; for example, the Microsoft-specific __VIEWSTATE parameter. If the automated handling fails, the parameter must be extracted manually, as before.



1.2.6.2 Search Overall and Var Handler: support of URL-encoded values

The Search Overall menu, and the automated replacement of variable values in URL calls (Var Handler), will now search for the URL-encoded equivalent of a search pattern, in additional to the normal un-encoded search method. URL-encoding example: “Z$123 45“ = “Z%24123+45 “.

1.2.6.3 Revised PDF Detail Report

The PDF Detail Report has been completely revised. Among other things, response-time percentile diagrams per web page and detailed information about error snapshots have been added.

1.2.6.4 New PDF Comparison Report

Response-Time comparisons between several test runs can now be documented in a new PDF report.

1.2.6.5 Improved Support for Comments / Annotations

Single load test-runs can now be tagged with a comment which is stored inside the result file (*.prxres). These comments can now be displayed directly, using a preview-function, inside the Project Navigator directory listing, and are also displayed in the diagrams and reports for the load test result.

1.2.6.6 Scripting and Synchronizing Load Test Jobs

The new PrxJob utility allows you to use the Proxy Sniffer infrastructure with native Windows and Unix scripts (.bat / .sh, .ksh, .csh …). Multiple load test programs can be started as jobs at the same time or in sequences, on the local or on a remote Exec Agent, as well as on Exec Agent clusters. The synchronization of jobs, and the acquisition of the result files, is also supported. These scripts can be called directly from (external) operating system (OS) utilities and from the OS command prompt. In addition, the Web Admin allows you to start these scripts directly from the GUI. Documentation for the PrxJob utility can be found in the revised Application Reference Manual, chapter 4.

1.2.6.7 Enhanced Support for Inner Loops

Input Files and variables can now be defined at the inner loop level of a web surfing session (new scope: inner loop). Where inner loop iterations are controlled by a variable, the inner loop can now be executed zero times, which means that some users are able to skip (or omit) parts of the recorded web surfing session during the load test.



1.2.6.8 Initial Value of Variables

Stand-alone variables can now be initialized with special values, depending on the scope of the variable (global / user / loop / inner loop). Possible initial values are: simple value (constant), current user counter, (outer) loop counter - overall users or per user, inner loop counter, current system time in milliseconds since 1970, IP host name of Exec Agent, and IP address of Exec Agent (including IP multi-homing support).

1.2.6.9 Reading Lines from Input Files in Randomized Order

In addition to reading lines from Input Files sequentially, lines can now also be read in a randomized manner. This can be used to avoid the server-side caching of requests over several test-runs.

1.2.6.10 Improved Web Admin GUI

The "Save Session" menu and the "Analyse Load Tests Result Detail" menu has been enhanced. Generating and compiling load test programs can now also be done by repeatedly pressing the <enter> key, instead of having to use the mouse. When starting a zipped load test program, the zip file is re-zipped automatically if one of the original files is newer than the zip archive itself. The Project Navigator now supports the renaming of Java load test programs, and corrects the Java code of the renamed file automatically.

1.2.6.11 Support of LM V2 Authentication

In addition to NTLM V1, the LM V2 protocol is now also supported for authentication against Microsoft servers.

1.2.6.12 SSL Test Utility

An SSL test utility has been added to the Web Tools menu. This allows you to examine the SSL configuration of HTTPS servers.



1.3 Removed Functionality

1.3.1 Proxy Sniffer Version 4.0-P

1.3.1.1 Hidden URLs and Hidden Page Breaks

Hiding URLs, and hiding Page Breaks, in the main menu (instead of filtering URLs) is no longer supported.

1.3.1.2 Additional Option -singleuser

The “Additional Option” -singleuser is no longer supported when starting a load test.



1.4 Upgrade Instructions for Version 4.0

Before you upgrade from V3.8 to V4.0, it is recommended that you delete all old load test jobs. Please use the Jobs Menu, which can be invoked at the top of the Project Navigator window. After deleting old jobs, you must uninstall V3.8 and then install V4.0 into the same directory where V3.8 was installed. No data will be lost because the content of the MyTests directory will not be deleted.

1.5 Compatibility – Version 3.8 / 4.0

Data Files / Version 3.8 Compatibility to Version 4.0

Recorded Web Surfing Sessions (*.prxdat) incompatible (1)

Generated Load Test Programs (*.java, *.class, *.zip) compatible

Load Test Results (*.prxres) compatible

(1) Older data files can be loaded, but all Var Handler definitions will be stripped away because the inner data structure of the Var Handler has changed. This means that you must reapply all Var Handler definitions (input files, dynamic session handling, …) if you load a recorded web surfing session which was created with version 3.8.



1.6 Bug Fixes

1.6.1 V4.0-N

1.6.1.1 Alternating SSL Session ID during Recording

Previously, when recording encrypted HTTPS pages, the SSL session ID changed from URL call to URL call because the SSL client cache was disabled. This bug is now fixed. The SSL client cache parameters which are applied during recording can now be configured in the Personal Settings menu, such that the SSL session ID remains constant over the entire recorded Web surfing session.

1.6.2 V4.0-J

1.6.2.1 HTML Parsing of Form Parameters

The URL Details / Var Handler menu sometimes was not able to parse the recorded HTML code; therefore, the "Forms Extract" sub-window did not show the corresponding form parameters. For the same reason, the automated handling of dynamically-exchanged session parameters sometimes failed in the Var Finder menu. This bug is now fixed.

1.6.2.2 Invalid Names for Input Files

The file name of Input Files entered in the URL Details / Var Handler menu was not correctly checked, with the result that the compilation of the Java load test program could fail. This bug is now fixed.

1.6.3 V4.0-H

1.6.3.1 Missing Decompression Algorithm “deflate”

Compressed content was only automatically decompressed if the data had been received in “gzip” format, but not if the data had been received in “deflate” format. The “deflate” format is now also supported.



1.6.4 V4.0-E

1.6.4.1 Creating PDF Detail Reports for Cluster Job Data failed

Creating a PDF detail report for measured load test results collected by an Exec Agent cluster job sometimes failed, and no PDF detail report was generated. This bug occurred for the first time in version 4.0-C, and has been corrected in version 4.0-E.

1.6.5 V4.0-D

1.6.5.1 Delayed URL Calls for Responses with 1 Byte Size

When an HTTP response was received from the web server, and the response content length was set to exactly one byte, and HTTP V1.1 "keep-alive" was enabled, the URL call was delayed until the web server closed the network connection. This bug occurred during the recording of a web surfing session, as well as during the execution of a load test, and is now fixed.

1.6.5.2 Incorrect Form Index when Extracting Form Parameter

Incorrect Java code was sometimes generated for extracting a form parameter during the load test when a dynamically-exchanged variable (form parameter) was handled by using the automated variable handler functionality in the var finder menu. This bug occurred because the wrong index of the form within the received HTML page was sometimes chosen, when more than one form was received within the same HTML page. This bug is now fixed.

1.6.6 V4.0-C

1.6.6.1 Missing Variable Assigners in generated Java Code

Variable assignments to HTML form parameters where the parameter name contains special characters were not done when generating Java code for the load test programs. This bug is now fixed.

1.6.7 V4.0-B

1.6.7.1 Cookies for Short Domain Names

Cookies used in combination with short domain names had been incorrectly processed by the load test program. This bug is now fixed.



1.6.8 V4.0-A

1.6.8.1 Token Extractor

The text pattern-based token extractor (part of the Var Handler) did not work correctly during the load test if the value was extracted by using a positive or negative line offset and (only) if empty HTML/XML lines had been between the search pattern and the extracted value. This bug is now fixed.

1.6.8.2 Expiration Year of Cookies

The cookie specification defines that the year portion of a cookie expiration date should contain 4 digits (2006, 2007 ...); however, some web servers are incorrectly sending only two digits (06, 07 ..). The effect of this was that these cookies were immediately dropped by the load test program. This is now fixed, and an expiration year which contains only 2 digits is now supported.

Proxy Sniffer V4.0-P Release Notes

Documents

Transcript of Proxy Sniffer V4.0-P Release Notes