If the parameter value is randomly changes every time, needs to use the handler to hand over the correct value in order to perform the scan.
If you find the request with a low response matched rate in the Test access result, the page transition may have been failed. You should verify the parameter necessary for transition has correctly been handed over.
Let's see the process in detail in a sample application below.
The sample application processes "Data input" > "Data confirmation" > "Data registration", and sends a one-time token which generated randomly in a request of "Data registration".
If this token is a correct value, registration will be processed.
In the case of the sample application, the page transition will not go properly because the token parameter sends the old value logged in the proxy logs.
To correctly scan such a system, you need to use Handler and hand over the parameter value used as a token.
1. Identify the parameter that requires Handover
If there is a message that fails Test access, identify the parameters that require Handover among the request parameters sent.
In general, if a parameter meets following conditions, it does not require Handover.
Let's check the following sample application.
Looking at the "Data registration" request,
you can find that "token" and "comment" are sent as parameters.
Let's see if each parameter matches the above exclusion condition.
- Parameter name "token"
As "token" changes dynamically for each request,
you can determine that Handover is required.
You can see whether the value changes for each request by the following methods.
-Compare request contents by logging the same communication multiple times
-Check the difference in the corresponding parameters by running Test access.
- Parameter name "comment"
You can determine that Handover settings is not required since "comment" is a value entered by the user on "Inquiry - Iuput Screen",
which does not affect the page transition even if the same value logged in the proxy log is sent every time.
Once you identify the parameters that require Handover, confirm whether necessary parameter values are handed over by checking the Test access result.
2. Checking contents of Test access
Confirm that the parameters in the response of the transition source are correctly handed over during Test access. Check the content of the request and response by running Test access on the message ID ("Data registration" page) sending the target parameter (token).
The example of the sample application is described below.
- Response of “Data registration” page (Transition source page)
- Request of “Data registration” page(Sending token)
There is the difference in the token values in the above Test access result.
This means that the token value is not handed over
in the sample application as you see in the content of request/response.
So, you can see that you need to handover values using Pre processor Handler
during Test access.