如何创建设备和目标
HTTP/S 监控会检查单个 URL 的可用性、性能、适当内容和错误。 它支持所有流行的请求类型、Cookie、表单提交、自定义标头、密码保护站点(基本 HTTP/S 授权以及 Cookie/脚本授权机制)和超时阈值。
HTTP/S 监控验证安全证书、检查证书颁发机构并执行证书过期检查。 它可以配置为在证书到期日期临近时向您发送提醒。
您可以将 HTTP (S) 请求参数转换为 上下文参数 以传递值,例如,从监控设备中其他请求的响应中检索。 您可以为 URL、标头、请求正文和准备/发布脚本设置上下文参数。 有关详细信息,请参阅 如何在 HTTP (S) 请求中使用上下文参数。
批量导入
要一键为多个设备创建监控,请在“选择监控类型”页面上选择为 HTTP/S 监控类型提供的“批量导入”选项。 有关更多详细信息,请参阅 批量导入 |网页监控,HTTP/S和PING/ICMP设备 文章。
配置请求
URL
Enter the URL of the page you wish to perform the task on. It should be formatted as such: www.example.com. You can turn on a visually friendly input mode by clicking the Detailed switcher on the top of the section.
SSL/Certificate Check
Secure Socket Layer SSL Certificate Check is a standard aspect of HTTP(S) tests.
The following additional options are available:
- Authority: verifies whether a certificate chain contains a root certificate that is trusted, or not trusted.
- Common Name (CN): validates that an address you navigate to matches the address certificate the address was signed to.
- Date: verifies the certificate expiration date.
- Revocation: validates that the certificate’s chain of trust doesn’t contain a revoked certificate.
- Usage: verifies a certificate chain for the improper use of an intermediate certificate.
- Expiration Reminder in Days: a reminder that notifies (as an error) about certificate expiration.
- Client Certificate: client certificate name.
请求类型
In the Request Type field, you can select one of the most-commonly-used HTTP methods to send monitoring requests to a web page. If you need to send a payload with HTTP requests, provide it in the corresponding field (see the Request Body chapter for details). The payload can be specified and sent with all types of requests except Trace (RFC2616).
另请参阅:目标主机名或 IP 地址。
时间验证阈值(秒内)
输入系统在结束任务并返回错误之前应等待网页响应的最大秒数。
最大超时值限制为 70 秒。 如果未设置阈值,则将默认的 70 秒超时应用于任务。
网址重定向
If the Follow Redirects option is set to Yes, the system will follow the path of the URL that is sent with the 301 response and consider each redirect as a separate HTTP request. It enables you to follow the full redirect chain (all the links the request is redirected through) in the test results, including response times both for the initial URL and subsequent responses.
We recommend that you leave the Follow Redirects option activated if you need to test not only the initial URL, but all the URLs in the chain. For example, it can be useful to perform an SSL certificate check for each URL in a redirect chain.
In cases where you want to test an initial URL only, disable the Follow Redirects option.
Note that a default redirection limit is set at 10 redirects. If you want the system to execute a particular number of redirects (less than 10), you can specify the number of URLs you want to test in your redirect chain in the Prepare Script field:
string url; url = "http://wtatour.com/"; currentTask.TaskMaxRedirectAttempts = N;
Where N is the number of redirect locations we want to follow. To follow no redirects, simply set the number of redirect locations to 0.
内容验证
内容验证关键字用于确保网页的 HTML 源代码中存在特定文本或元素。要为网页内容验证选择正确的关键字,请访问网页的源代码并选择唯一表示内容的关键字或短语。如果您在浏览器中的网页上看到文本,但在 HTML 源代码中找不到它,则该文本可能未直接包含在原始 HTML 中,而是由 JavaScript 动态生成、从外部 API 加载或嵌入到 IFrames 中。如果要在 Web 页面内容验证中使用此类文本,请配置 单个 Web Page 设备以在实际浏览器窗口中设置性能监控。
访问 HTML 源
使用工具或脚本获取目标网页的 HTML 源。例如,在浏览器中打开网页,右键单击页面上的任意位置,然后选择“查看页面源代码”。
在 Keyword 字段中,您可以指定要在目标网页的 HTML 源代码中搜索的一个或多个单词或短语。 如果找不到预期的关键字,则任务将返回错误。
您可以在关键字字段中输入多个字符串。 这些值可以用逻辑表达式分隔:
{[("keyword1"&"keyword2")|!"keyword3"]}
其中:
{[ – 关键字表达式 start;
]} – 关键字表达式 end;
() – 分组括号;
& – 逻辑 AND;
|– 逻辑 OR;
!——逻辑 NOT;
”string“ – 一个关键字。
{["keyword"]}
授权
The HTTP authentication protocol is used to allow users to access content on some websites.
The following authentication schemes are available:
- Basic Authentication: This method encodes the username and password in base64 and sends them in the request header. It’s simple but not secure unless used with HTTPS.
- Digest Authentication: This scheme hashes credentials using a nonce (a random value) before sending them over the network, providing better security than Basic Authentication by preventing replay attacks.
- NTLM Authentication: A challenge-response mechanism developed by Microsoft, NTLM is used for securing credentials in Windows environments. It provides strong security by using multiple hashing and challenge-response protocols.
Once provided, login credentials will be passed along with the request header to the web server.
- Username: contains a username for HTTP/S authentication.
- User Password: contains a password for HTTP/S authentication.
Do not confuse HTTP authentication with other authentication schemes such as Bearer Authentication that involves bearer tokens and OAuth 2.0 that uses access tokens.
Read the articles on Basic Authentication Username and Password and Monitoring OAuth 2.0-based APIs for more information.
头
该选项允许添加任何其他自定义标题。 例如,您可以定义与内容类型标题中的请求一起发送的数据的 MIME 类型:
Content-Type: text/html
如果没有为请求指定内容类型标题,则请求将使用默认内容类型 应用程序/x-www-形式-ulencode 发送。
The default User-Agent header is set to:
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0; .NET CLR 1.1.4322; .NET CLR 1.0.3705; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) DMBrowser/2.1 (SV)
However, the user-agent string can be replaced with any other string. To do this, add a custom header with the name “user-agent” and the specific value needed.
请求正文
Dotcom-Monitor allows you to send payloads in HTTP(S) requests (except Trace requests). The content within the HTTP request body can be sent as “raw” data (JSON, XML, etc.) or static name-value collection (Form Data).
To work with a name-value collection, you can turn on the detailed input mode by using the Detailed switcher on the top of the section and provide request parameter names and values in the corresponding field.
To send “raw” data along with the request, such as a JSON object, enter your JSON payload in the input field. You can also dynamically change the request body. For example, if you need to send the current date and time as a part of your POST request or pass the current session ID in JSON payload to a remote server. Dotcom-Monitor enables dynamically changing HTTP request payload by using the Razor syntax and data masks.
-
Example. Dynamic JSON Body for HTTP Post Requests
To better understand how Dynamic JSON body works in the HTTP request, let’s have a look at the following example. Suppose we need to submit an order on a website and the submission transaction includes three basic steps executed sequentially:
- Login
- Check-in
- Order Submission
To set up a test with these steps executed sequentially, we need to create three HTTP tasks within one monitoring device (or load test, if load testing is taking place).
Let’s assume that we need to send the current time and a unique GUID in the JSON with the HTTP request to check in with the application. Also, to submit an order, a user session ID generated upon login and an order time is required by the application.
To implement this test, we first need to configure a login request with basic authentication parameters to the web application web server. Next, we need to configure an HTTP request to pass the actual check-in time and unique GUID along with a JSON body. For this example, we will enter the following string using the Razor syntax in the JSON body:
{ "CheckInTime": "@Model["CurrentTime"]", "GenGuid": "@Model["Guid"]" }Where @Model[“<Parameter Name>”] references a necessary context parameter name in the Razor expression.
We must declare the context parameters and specify how the Post Data should be processed in the Prepare Script field:
context.Guid = Guid.NewGuid().ToString(); // uniq random string context.CurrentTime = DateTime.Now.ToUniversalTime().ToString("yyyy-MM-dd\\Thh:mm:ss") + ".0Z"; // get current time in UTC ProcessPostDataByRazor(currentTask); // the call to process the Post Data content with the Razor engine
The result HTTP request will look similar to this:
03:15:23 POST https://www.dotcom-monitor.com/CheckIn { "CheckInTime": "2021-03-30T08:15:22.0Z", "GenGuid": "5c5e3d23-66fd-49d0-bd57-62c516aea7e7" }In the next step, we need to configure the HTTP request to submit an order. In order to do this, we will pass the order current time and session ID, along with the item’s model identification number, in the JSON body to the target endpoint. See the JSON body for this request below:
{ "OrderTime": "@Model["OrderTime"]", "VIEWSTATE": "@Model["Session"]", "ModelID": "2128506" }To pass a value of the current session ID variable, we need to retrieve it from the login page, called at the first login step, using the View State method. It can be coded in the prepare script. Additionally, to simulate a real user’s think time, we will set the order time variable with a three minute offset. Therefore, the Prepare Script field will contain the following strings:
context.OrderTime = DateTime.Now.AddMinutes(3).ToUniversalTime().ToString("yyyy-MM-dd\\Thh:mm:ss") + ".0Z"; // order time + 3 min context.Session = (Tasks["Login"] as Http).body["//INPUT[@ID='__VIEWSTATE']", "VALUE"]; // track state value from Login page ProcessPostDataByRazor(currentTask);
The resulting HTTP request will look similar to this:
03:15:45 POST https://www.dotcom-monitor.com/Order { "OrderTime": "2021-03-30T08:18:45.0Z", "VIEWSTATE": "<Server Generated ViewState>", "ModelID": "2128506" }
To learn how to configure an HTTP request with a dynamically changing payload, see How to Dynamically Change Payload in HTTP Request.
DNS 选项
DNS 选项功能允许用户选择在监控任务期间如何执行域名服务器 (DNS) 请求。
要指定解决主机名的模式,请在 DNS 解析模式 部分选择可用模式之一。 有关功能配置的更多详细信息,请参阅 DNS 模式选项。
自定义 DNS 主机部分允许设置 IP 地址到主机名的映射。 支持 IPv6 和 IPv4 DNS 解析。
要指定映射,请在相应的字段中输入 IP 地址和主机名。
例子:
192.168.107.246 example.com user.example.com userauth.example.com tools.example.com
192.168.107.246 example.com
192.168.107.246 user.example.com
192.168.107.246 userauth.example.com
另请参阅 :DNS 模式选项。
准备脚本和发布脚本
The fields can contain C# code, which can be used for specific POST, GET, URL data or for validating or publishing custom headers. Please see the Using Prepare Script and Post Script article or contact technical support for more details on usage.