Understanding Modify Request body Rule

The Modify Request Body Rule in Requestly allows users to tweak the data sent in the request body before it’s sent to the server. This feature is crucial for developers and testers, giving them the power to simulate different situations, troubleshoot problems, and refine their web applications without having to directly change the main code.

Content Overview

Video Guide

Step-by-Step Guide

To fully utilize the feature, let’s walk through the setup process:

1. Setup: Start by installing Requestly extension in your browser and navigate to the Rules section.
2. Creating a Rule: Select the Modify Request Body option and define the conditions under which the rule should be applied.
3. Specify Modification: Choose how you want to modify the request body. static and programmatic.
4. Define Text: Enter the necessary text details based on your chosen modification method.
5. Save and Apply: Save the rule and ensure it’s applied, then proceed to test your modifications on the target webpage.

Options

Below are details related to each option present on the Insert Script Rule Screen:

• Source Condition: This condition helps identify the HTTP requests to which the rule should be applied. Users can specify conditions based on URL, Hostname, or Path using matching criteria such as Contains, Equals, Regex match, or Wildcard Match.
• Source Filters: Further refine the Source Condition using Source Filters, accessible via the filter icon next to the Source Condition field.
• Modify Request Body: Define how you want to modify the request body. Options include static and programmatic.

Use Cases

The Modify Request Body Rule offers a multitude of applications. Here are some scenarios where it proves particularly beneficial:

Testing Form Submissions

During development or testing phases, users can simulate various form submissions by modifying the request body. This enables thorough testing of form validation, error handling, and data processing mechanisms.

To simulate form submissions:

1. Create a new Modify Request Body rule .
2. Filter the form submission request you intend to modify
3. Adjust the request body to mimic various scenarios, such as different user inputs
4. Submit the modified form requests.
5. Verify the behaviour of form validation, error handling, and data processing to ensure they meet the desired requirements

Debugging API Calls

Troubleshooting issues with API calls becomes more efficient with the ability to tweak the request body on-the-fly. Developers can quickly identify and rectify issues without altering the application’s codebase.

To debug API calls:

1. Create a new Modify Request Body rule.
2. Filter the API call that needs debugging
3. Adjust the payloads as necessary to reproduce the issue.
4. Submit the modified API request.
5. Observe the response and debug any errors or unexpected behaviour encountered

Security Testing

By altering request parameters or payloads, security professionals can evaluate an application’s resilience to common vulnerabilities such as SQL injection or Cross-Site Scripting (XSS).

To conduct security testing:

1. Create a new Modify Request Body rule.
2. Identify the endpoints or functionalities susceptible to security vulnerabilities.
3. Inject malicious payloads to test for vulnerabilities like SQL injection or XSS .
4. Submit the modified requests and observe the application’s response.
5. Analyze how the application handles the modified requests and assess its resilience against security threats.

Troubleshooting

There are some cases where rules might not work as expected, visit our troubleshooting guide for more details.