I am interested in doing some Gatling performance testing but am a bit unsure of how to do this considering Magento's use of form keys to prevent CSRF. I know there are a number of people out there who have used Gatling for load testing but in my own brief testing and with my understanding of Magento's forms, a valid form key needs to be provided for many requests. Checkout is a great example, but I believe in 1.8 and 1.13 add to cart URLs are also protected with a form key.
Is there a way to create orders and simulate a checkout process using Gatling with Magento's form keys? If not, is there a "standard" or easy way of disabling form keys on the frontend?
I know that testing EE 1.13 with Gatling is certainly possible, this Magento knowledge base article talks about Gatling + EE 1.13 (http://www.magentocommerce.com/knowledge-base/entry/ee113-performance-and-scalability-white-paper). They are placing orders as well, but again it's unclear to me as to how they are actually doing this.
Any information on how Gatling might be used to test adding products to cart, checkout, etc, would be incredibly helpful.
Best Answer
To perform accurate tests you will need to be making the request that generates and sends a valid token back to the client, so you just need to extract the value from that request before submitting the form.
I'm not familiar with Gatling, but this link gives an example of capturing/sending a CSRF token.