Re: Any special tool for testing a web chat application?

Irene Abezgauz wrote:
> Barry - are there specific problems you are encountering? If you
> provide more information it may be easier to help.
>
> Other than that I agree with Rogan, the proxy intercepting a lot of
> spam is usually the biggest annoyance in applications that are alive
> and constantly updating. Paros also has a configurable intercept
> filter which you can easily use to solve that one.
>
> Irene

The big thing about the scripting is that it sounds like Barry WANTS to
be able to intercept the AJAXy traffic, in order to test how the chat
server behaves.

BUT, you probably won't have time to manually perform your changes
before the browser hits a timeout and tries to send it again, racking up
a queue of intercepts, and defeating everything that you are trying to do.

Using the scripting facility allows you to automate the changes that you
want to make, so that they happen "instantly", rather than taking
however long you take to manually make your changes.

Granted, writing the scripts to make your desired changes is not going
to be as quick as making a single manual change, but it makes reviewing
AJAXy apps a lot more feasible.

By the way, if you use the ScriptManager interface in WebScarab, you get
access to the BSF object store via bsf.lookupBean(), which you can use
to maintain state in your scripts. e.g. if you only want to make a
specific change once, to the next request that goes through, and none
after that.

See <http://www.owasp.org/index.php/Scripting_in_WebScarab> and
<http://marc.info/?l=owasp-webscarab&m=114562647419874&w=2>

Rogan