Managing Cookies

Applies to LoadComplete 4.97, last modified on May 20, 2019

Cookies are small text strings set by the web server and stored on the client side. They maintain client-specific information.

Cookies can be of two types: persistent and session. Session cookies exist in memory during the web browser session. Persistent cookies have an expiration date and are stored in the <Windows>\System folder.

A cookie can be associated with a single web page, or with a number of pages, or the entire web site.

Why Cookie Handling Is Important?

As web servers use cookies to provide appropriate responses to client requests, simulating the same traffic by various virtual users may produce different results.

Imagine the following situation: a scenario includes five requests. Suppose that starting from the third request, the server uses cookies to provide the appropriate response to the requests. After running this scenario, your computer will contain cookies associated with the tested URL or web site. Now, if you run the same scenario again, the server will use cookies to respond to the first two requests and the responses may differ from responses generated during the first run.

Cookie Recording

To avoid possible problems with cookies:

  • (Recommended.) Activate the web browser’s private mode before the traffic recording.

    – or –

    Clear the cookies and the browser’s temporary files before recording traffic.

  • Configure LoadComplete to correlate cookies in recorded traffic automatically.

For more information, see Preparing LoadComplete.

Simulating Cookies

  • To ignore all cookies during the traffic simulation, enable the Do not use cookies option. This will have the same effect as disabling cookies in your Internet browser. Choose this mode if the web server under test does not use cookies or if the cookies do not store information that affects the server’s response significantly.

  • To use recorded cookies for all virtual users in tests, enable the Use recorded cookies option. This way, cookies will affect the server response and the server will produce the same responses that it produced during the recording.

    Note: The cookie expiration period can be short and the recorded cookies may expire by the time you start the test. In addition, the recorded cookies may become useless if developers change functionality for the web server under test. Therefore, choose this mode if the web server under test uses persistent cookies with long expiration periods and if the web server functionality is not to change.
  • To use actual cookies the server generates for virtual users during the test run, enable the Use real-time cookies option. This way LoadComplete will use cookies that match the actual state of the tested web server. However, when this mode is active, simulation of the same scenario by different virtual users may produce different results.

Cookie Correlation

By default, LoadComplete correlates cookies automatically. When the Use real-time cookies option is enabled, LoadComplete gets the cookies the server returns and uses them in subsequent requests.

In addition, you can configure LoadComplete to get specific cookies from responses and to insert them into requests:

You can also create custom correlation rules for cookies that your web application uses or correlate cookies in your scenarios manually.

Handling Cookies in Continuous Load Tests

If you use the continuous load feature, LoadComplete may restart virtual users during the test run. This happens if the current number of virtual users is less than the number required by the load profile settings.

Handling Cookies in Cross-Origin Resource Sharing (CORS) Requests

Cross-origin resource sharing (CORS) is a mechanism that allows a client-side web application running on one server to access resources residing on another server. CORS requests and responses use special headers to specify how the needed resources will be shared.

LoadComplete detects CORS requests by the Origin header.

Typically, CORS requests do not include cookies or user credentials. When simulating CORS requests, LoadComplete does not simulate cookies set by the tested web server in CORS requests:

A CORS request. LoadComplete will not simulate cookies the server sets in this request.

Click the image to enlarge it.

If your CORS requests include cookies (the web server must be configured to accept cookies in CORS requests), LoadComplete will detect them during traffic recording and will simulate them during the test run:

A CORS request with cookies. LoadComplete will simulate the recorded cookies.

Click the image to enlarge it.

Known Issue

Internet Explorer 11 does not send the Origin header in CORS requests. If you record your traffic in Internet Explorer 11, LoadComplete will not be able to recognize the recorded requests as CORS requests, and may not be able to simulate them correctly. As a workaround, you can do one of the following:

  • Record your scenarios in a web browser other than Internet Explorer 11.

— or —

  • Add the Origin header to the needed requests manually after the recording is over.

See Also

Creating and Configuring Load Tests
General Options (Simulating Category)
General Options (Recording Category)
Load Testing With LoadComplete

Highlight search results