🍪 Cookies
Ddosify supports cookies in the following engine modes: distinct-user and repeated-user. Cookies are not supported in the default ddosify mode.
In repeated-user mode, Ddosify uses the same cookie jar for all iterations executed by the same user. It sets cookies returned at the first successful iteration and does not change them afterward. This way, the same cookies are passed through steps in all iterations executed by the same user.
In distinct-user mode, Ddosify uses a different cookie jar for each iteration, so cookies are passed through steps in one iteration only.
You can see a cookie example in the examples.
Initial / Custom Cookies
You can set initial/custom cookies for your test scenario using cookie_jar field in the config file. You can enable/disable custom cookies with enabled key. Check the example config.
| Key | Description | Example |
|---|---|---|
name | The name of the cookie. This field is used to identify the cookie. | platform |
value | The value of the cookie. This field contains the data that the cookie stores. | web |
domain | Domain or subdomain that can access the cookie. | app.getanteon.com |
path | Path within the domain that can access the cookie. | / |
expires | When the cookie should expire. The date format should be rfc2616. | Thu, 16 Mar 2023 09:24:02 GMT |
max_age | Number of seconds until the cookie expires. | 5 |
http_only | Whether the cookie should only be accessible through HTTP or HTTPS headers, and not through client-side scripts | true |
secure | Whether the cookie should only be sent over a secure (HTTPS) connection | false |
raw | The raw format of the cookie. If it is used, the other keys are discarded. | myCookie=myValue; Expires=Wed, 21 Oct 2026 07:28:00 GMT; Path=/ |
Cookie Capture
You can capture values from cookies from its name just like you do for headers and body and use them in your test scenario.
{
"iteration_count": 100,
"load_type": "linear",
"duration": 10,
"steps": [
{
...
"capture_env": {
"TEST" :{"from":"cookies","cookie_name":"test"}
}
}
]
}
Cookie Assertion
You can refer to cookie values as cookies.cookie_name while you write assertions for your steps.
Following fields are available for cookie assertion:
name: Name of the cookiedomain: Domain of the cookiepath: Path of the cookievalue: Value of the cookieexpires: Expiration date of the cookiemaxAge: Max age of the cookiesecure: Secure flag of the cookiehttpOnly: Http only flag of the cookierawExpires: Raw expiration date of the cookie
Examples
cookies.test.expires < time(\"Thu, 01 Jan 1990 00:00:00 GMT\")is a valid assertion expression. It checks if the cookie namedtesthas an expiration date beforeThu, 01 Jan 1990 00:00:00 GMT.cookies.test.path == \"/login\"is another valid assertion expression. It checks if the cookie namedtesthas a path value equal to/login.