(Originally sent to Corey Golberg author of webinject. Due to lack of time he has been unable to roll a new relase with my patch so I am publishing it here. -- rouilj) Hello: I am using your tool to create test cases for our web applications and running them under nagios. I noticed the following bug in the documentation: The case option is "verifypositivenext" not "verifynextpositive" as in the online documentation. The same is true for the negative case. As I was developing the test cases I added a few features. The attached patch file will implement the following in webinject 1.41 and also provides a Changelog of the changes with more info. The changes fall into the following categories: Nagios integration: New option -D that allows setting of config file options from the command line. Useful for using nagios variables to change URL based on the host being monitored. Useful to set up cases that are run in nagios mode using "-D reporttype=nagios" but by default run verbosely when run by hand. New config file setting nagioslog that enables logging of http responses and requests. Very useful when set to onfail to diagnose reason for failure. All die calls replaced by call to InternalError that send the error to stdout and exits with unknown state if reporttype=nagios. Dies or reports error to stderr in other report cases. Return messages for nagios and other report types include the errormessage or description1 argument for the testcase. Connection timeouts (caused by the timeout parameter) are no longer treated as critical and return a warning state in reporttype=nagios mode. Performance data now includes the number of test cases as well as the time to run. Logging changes: httplog file now has headers rather then footers for the output of each test case. The header also has the the test number and the pass/fail status. Makes it easier to find the log you are looking for. Configuration usability changes New config variables postbody...postbody5. The postbody case argument takes file=> for regular url encoded data as well. This is useful for passing login data (with -D postbody=/file/name) from external programs rather then recording it in the test files. The logrequest and logresponse case options can now handle the value "onfail". Each case can have it's own timeout option. Each case can be tagged with a keyword and only cases that have keywords matched by the regular expression in the "tags" config file option will be executed. Sort of a generalization of the xpath function. Other usability changes Default umask set to 077 to prevent http.log files and temp files with passwords and usernames from being readable. Result files are explicitly made world readable. Passing any arguments to webinject.pl makes it run in command line mode regardless of the executable name. (e.g. check_webinject -c .... will run in command mode rather than gui mode). All output files (http log, temp xml files, result reports, gnuplot data) are written to the directory/prefix specified with the -o flag. If -o is not specified, the directory where the config file is located is used. Bug fixes: Posting of xml data no longer generates an error if the postbody doesn't contain a 'file=>...' argument. Again thanks for a very useful tool. Hopefully you will find my changes acceptable and add them to the released code to improve the utility of your tool. Sincerely yours, -- -- rouilj John Rouillard System Administrator Renesys Corporation 603-643-9300 x 111