►
Description
On today's stream we took a look through some community messages on the Insomnia Community Slack. Primarily, we looked at https://insomnia.rest/plugins/insomnia-plugin-save-variables and found a way to simulate CSRF token refreshing in such a way that regular request chaining doesn't allow. Cool stuff!
A weekly stream focused on Insomnia's open source community.
Join us on the #stream channel over on the Insomnia community slack: https://chat.insomnia.rest
A
B
B
B
C
B
Yeah,
of
course
it
would
be
possible
yeah,
it
would
be
possible.
You
know
there's.
That
is
an
interesting
idea,
though,
like
what
is
what
is
a
way
that
you
could
have
insomnia
play
music
like.
C
The
first
thing
that
comes
to
my
mind
is
something
I
remember
seeing
like
on
on
a
presentation
a
few
years
ago,
and
I
think
it
was
about
you
know
using
some
sort
of
library
to
generate
frequencies
and
whatnot
and
play
sounds.
I
don't
know
I
think,
or
or
we
could
take,
but
like
the
the
far
route
and
connect
to
some
midi
thingy
over
over
the
api.
Like
I
think
I
have
this.
B
Raspberry
pi,
I
think
you
have
a
genuine
question
now
that
that's
come
from
this.
So
let
me
let's
share
my
screen
here
so
like
here,
so
I
am
on
the
beta.
Aren't
I
I'm
on
the
latest
beta
yeah,
okay.
So
the
question
is,
if
I
play
with
what
would
be
something
that
I
can
go
to
like
youtube,
we
have
stalin
here:
hey
stalin,
how's
it
going.
B
C
B
B
Okay,
sort
of
okay
where's,
the
where's,
the
setting
disable
json.
It's
not
enabled
so
has
this
got
some
kind
of.
B
There's
gotta
be
some
html5
magic,
whoa,
okay,
we're
in
full
on
streamer
mode,
I'm
just
curious
if
we
could
what
would
be
like
a
like
a
oh
man.
I've
seen
these
before
like
css
piano
somebody
here
is
this
a
thing,
but
it
doesn't
make
sound.
Oh,
let's
try
one
more
okay,
we're
going
to
give
up
on
this
very
soon.
If
anybody,
okay,
let's,
let's
try
last
try.
C
But
the
the
audio
is
coming
through
from
insomnia
right
same
way
would
come
from
a
browser.
B
Oh,
I
have
a.
I
have.
B
B
I
just
typed
css
piano,
because
I
know
people
like
do
that
kind
of
thing
they
make
like
a
little
synthesizer,
but
anyone
anyway,
hey
everybody.
Welcome
to
the
insomnia
street,
we're
gonna,
we're
gonna,
make
it
work.
Okay,
we're
gonna!
There
are
people
watching
like
stop.
Trying
to
make
the
sound
board
happen.
The
you
can
see
on
your
screen,
chat.insomnia.rest
you!
You
could
go
to
this
document.
If
you
go
to
our
community
slack
you'll
find
your
way
to
this
document.
B
It's
pinned
to
the
stream
channel
on
the
community
slack
and
on
this
we
talk
about
what
the
priorities
are
for
the
stream
like
what
the
stream
is
for
so
generally
for
live
requests.
That's
always
the!
Even.
If
you
come
in
in
the
middle
of
us
working
on
something
that's
a
high
priority,
then
we
have
things
on
the
github
for
insomnia
that
have
a
stream
label.
So
we'll
look
for
those
items.
We
have
a
community
slack
and
we
have
just
regular
github
issue
triage,
which
we've
done
before
it
was
kind
of
fun.
B
B
So
what
I
did
is
you
know
every
every
week
I
I
post
the
the
item
here
in
this
general
channel
of
our
insomnia
community
slack
for
what's
going
on,
and
I
notice
that
there's
a
lot
of
things
here
that
are
like
unanswered
questions
that
we're
not
responding
to
people
on
and
like
what
was
that
seven
or
so
in
a
row.
B
B
B
B
Okay,
well
felipe.
I
bet
you're
thinking,
one
of
the
things
that
I'm
thinking
it's
called
request,
method
or
method
drop
down.
D
A
B
Did
here,
method
drop
down
does
not
change
okay,
so
the
first
thing
comes
to
mind
is
a
bug
you
mentioned
we
recently
fixed
in
here.
Let's
try
to
link
this
person
to
the.
A
C
Exactly
you
can
just
click
on
on
one
on
like
the
beta
7
and
just
re-edit,
the
the
url.
If
you
want
to
direct
them
to
a
stable.
B
B
Is
it
further
with
a?
U
or
farther,
I
think
further
is
because
is
metaphorical
distance
right,
I
don't
know,
maybe.
C
B
C
B
B
C
I
don't
know
how
to
answer
that.
The
the
thing
is,
I'm
part
of
the
generation
that
learned
a
lot
of
english
from
cartoons,
video
games
and
all
that
sort
of
crap.
It
was
only
after.
It
was
only
recently
that
kids
need
to
learn
english
from
the
very
like
first
grade,
or
something
like
that,
because
officially
I
only
started
learning
english
like
from
the
fifth
grade
onwards,
something
like
that.
C
Consider
myself
a
native
speaker
by
far,
especially
if
my
brain
is
tired.
I
will
start
you'll
notice,
more
an
accent.
B
B
Okay,
so
where
was
okay
getting
lost
here?
Okay,
so
render
failure.
Unexpected
string-
and
I
didn't
see
anything
more
in
the
app
regarding
anything
with
that.
B
B
Yeah
unexpected,
no
there's,
not
even
a
thing
that
says
unexpected
and
has
a
parameter,
so
I
don't
know
where
that
could
have
come
from
okay.
Well,
let's
see
if
the
beta.
B
Please
let
us
know
okey-dokey
one
down
and
I'm
assuming
yeah.
I
think
will's
triaged,
that
one,
so
that's
good.
Okay,
hi
boiling
soup
pie
boiling
soup.
We
can
take
the
chat
thing
off
the
screen
here.
I
guess
so.
They
say
my
server
returns,
a
new
csrf
token,
with
every
request,
and
I
need
to
update
the
request
header
to
always
use
the
latest
token.
Is
there
a
way
to
script
this,
so
it
updates
automatically?
B
C
B
B
C
B
Well,
but
that's
the
thing
is:
is
that
that's
not
what's
happening,
it's
a
new
token
for
every
individual
request.
Oh
yeah,
so
maybe
request
chaining
actually
won't
work
here,
because
request
chaining
is
all
about
one
request,
feeding
information
into
another
request,
but
this
would
not
work
for
this
use
case,
because
each
request
requires
its
own
new
token.
C
Then
probably
I
would
solve
this
with.
I
think
one
of
the
plugins
that
stalin
mentioned
a
couple
streams
ago,
the
one
that
keeps
updating
a
variable,
something
like
that.
B
I
wonder
what
I
have
an
excel
draw:
oh
nothing,
because
I'm
in
the
insomnia
stream
account.
Okay,
that's
convenient!
Okay!
So
there's
like
a
there's,
a
request
that
happens.
A
C
A
B
A
I
have
a
request
and
then
I
have
a.
I
have
a
like
a
response
right.
What
is
this
copy?
Paste?
Okay,.
B
And
then
the
request
goes
to
the
server.
B
B
A
C
B
B
B
So
we're
assuming.
B
So
let's
make
this
red
or
something
okay,
so
so
the
response
contains
a
csrf
token.
Actually,
the
server
the
server
creates
a
csrf
token,
and
then
the
this
guy
passes
it
here
and
this
guy
passes
it
here.
So
what
I
think
is
happening
is
that
maybe
yeah
does
this
look
right
to
you.
C
B
Okay,
let's
see
what
these
say:
okay,
so
there's
a
there's,
a
thing
called
a.
I
can
explain
it
a
little
bit.
There's
a
thing
called
a
cross
site
request,
forgery
attack
and
what
that
means.
Is
you
make
a
request
to
a
server
pretending
to
be
someone
that
you're?
Not
I
can
do
my
favorite
thing
to
do
with
insomnia
is
actually
demonstrate.
Cross-Site,
request
forgery,
so
so
here
I'll
do
it
right
now.
So
there's
a
I
don't
know
this
thing
tokens!
B
Okay,
I
don't
know
what
this
is.
It
doesn't
really
matter,
it's
a
request
that
was
made
because
I'm
on
this
webpage,
port
port,
swig
swigger-
I
don't
know
ports,
I
don't
know
so.
Portswigger.Com
makes
a
request
with
my
web
browser.
I
can
copy
as
curl,
for
example,
on
this
request,
which
has
all
these
headers.
So
I
want
to
show
you
before
we
paste
it
into
insomnia.
I
want
to
show
you
what
we're
going
to
paste
we're
going
to
paste
a
thing
that
looks
like
this
okay.
B
This
is
a
this
is
a
curl
request
and
we
could
make
this
curl
request.
I
think.
Well,
ideally,
this
is
from
you
know,
google.
I
could
make
this
chrome
request
here
and
it's
going
to
return
me
some
data,
so
that's
technically
I
mean
you
would
need
to
have
a
server.
That's
sending
this.
I
guess
some
people
would
argue.
This
is
not
cross-site
request.
Forgery!
Yeah
technically,
but
you
know
I'm
a
client,
but
it
doesn't
doesn't
really
make
a
big
difference
in
that
respect.
B
B
So
there's
no
css
here,
okay,
but
this
is
the
page
that
I
was
just
looking
at
and
this
works
even
for
like
if
you're
logged
in
with
something
or
you
have
some
like
oauth
flow
that
you've
gone
through,
and
you
want
to
just
make
a
request
as
though
you're
from
the
browser
I
use
that
trick
all
the
time
to
investigate
stuff,
because
sometimes
you
may
hit
the
situation
where
it's
like.
B
Oh,
like
I
don't
want
to
do,
I
want
to
use
all
the
same
information,
but
I
want
to
use
like
csrf
tokens
like
get
token
or
something
like
you
know.
I
don't
know
it's
not
going
to
say
that
client
id
you
know
or
something
you
want
to.
You
want
to
do
something
else.
That's
slightly
different
from
what
the
website
actually
does.
This
is
effectively
you
know
hacking
right.
B
I
mean
we're
telling
we're
telling
the
server
that
we
are
someone
we're
not
we're
telling
that
we
came
from
a
place
that
we
didn't
come
so
you
can.
You
can
use
that
to
your
advantage
and
web
browsers
will
not
allow
you
to
make
such
a
request.
B
So
there's
no
way
with,
like
the
fetch
api,
for
example,
there's
no
way
for
here
oops,
let's
we
don't
need
to
preserve
log,
there's
no
way
for
here
for
me
to
say,
like
fetch
and
then
like
some,
you
know
some
url
and
then
for
me
to
say,
like
you
know,
origin,
you
know
or
to
say
that
I
came
from
somewhere
that
I
didn't
the
browsers
have.
B
B
Since
the
attacker
cannot
determine
or
predict
the
value
of
the
user
csrf
token,
they
cannot
construct
a
request
with
all
the
parameters
that
are
necessary
for
the
application
to
honor
the
request.
So
imagine
that
I'm
doing
this
thing
that
I
was
explaining
before
what
you
would
effectively
want
to
do.
If
you
were
trying
to
attack
someone
is
you
would
send
them
a
request
like
to
their
bank
or
something
that
would
be
the
api
recall
that
is
necessary
for
the
bank
to
like
transfer
money.
Let's
just
say,
like
a
really
easy.
B
B
I
have
no
way
to
get
that
token.
As
the
author
of
a
as
a
of
a
script
like
this,
and
because
I
have
no
way
to
make
that
I
mean
not,
I
wouldn't
say
I
have
no
way,
because
there
is,
you
know,
like
the
user
has
a
way
to
do
it.
B
Therefore
it's
possible,
but
it
makes
it
way
harder
like
way
way
way
harder
to
make
a
script
that
you
can
just
inject
on
a
page
to
attack
someone,
because,
ultimately
you
don't
have
the
token
that's
required
and
like
we
just
read,
the
server
will
reject
any
request.
That
is
either
missing
the
token
or
has
an
invalid
token.
B
So
let's
go
back
to
excalidraw.
So
this
is.
This
is
request
request
one:
okay,
that's
one
insomnia!
Then
what
happens
is
we
we?
We
can
copy
all
this
and
we're
gonna
send
here.
Let's
do
this,
so
let's
make
this
okay
so
csrf
token.
Let's
do
a
five
do
that
and
then.
B
C
B
B
B
We'd
also
need
like
a
white
one
of
these
guys
to
really
beat
the
the
model
here
all
right.
So
that's
that's!
What's
going
on.
I
guess
we
need
another
one
here
as
well.
B
C
A
B
B
B
B
B
B
C
B
B
Okay,
let's
try
it
do.
I
have
it
installed.
Let's
make
a
new
request:
plugins
save
variables.
I
do
okay,
so
we're
going
to
come
over
here,
mockman.org
echo
and
then
that
should
work
yeah.
It
does
and
then
we'll
come
over
here.
Let's
just
do
plain
text,
so
we
can
do
save
variable.
D
A
B
We
have
hey
robinson,
hey,
have
you
used
this
this
plugin
before
no
we're
trying
to
we're
trying
to
figure
it
out
so
stalin?
Can
you
can
you
walk
me
through
it
one
more
time?
I
think
so.
I
put
the
save
variable
here
in
the
in
the
header.
D
No,
what
I
meant
was
you
were
using
the
echo
right
yes,
but
you
were
not
sending
any
data
yeah.
B
Okay
I'll
say
like,
ultimately,
what
I
want
to
do
is
I
want
to
have
a
header,
okay,
okay,
watch,
this
csrf.
B
Js
eval,
so
let's
do
this,
we
can.
We
can
simulate
it
this
way
we
can
say
new
date,
yeah
sure.
That's
fine,.
B
Okay,
so
we'll
see
here
that
when
we
look
at
this
wow
there's
a
lot
of
stuff
time
stamp
is
gonna
be
csrf
thingy.
Is
this
like
an
invalid
okay.
B
Returns
a
list
of
headers
used
in
the
request
we
do,
but
why
doesn't
echo
sports
compression.
B
Oops
echo
body
and
content
type,
yeah,
you're
right
so
headers.
Do
this
see
x,
powered
by
is
that
right?
It's
not
there.
Okay,
let's
look
again.
B
I'm
sorry
this
is
small
for
anyone
looking
on
their
phone
later.
No,
yes,
it
was
there.
It
was
there
yeah,
it's
powered
by
that.
I
don't
see
it.
Just
stay.
Stop
in
the
middle
stop
x,
powered
by
second
one
down
there
you
go,
but
but.
B
Yeah
yeah,
no,
I
was
just
reading
sorry.
I
was
just
reading
to
myself
but
yeah.
Well,
we
could
do
header
with
the
name.
B
B
C
B
D
B
So,
oh
cuz,
it
okay,
that's
annoying!
Okay,
so
store
headers
at
name
dot
match
custom.
C
B
B
If
I
send
it
again,
I'm
going
to
get
different
values
every
time,
so
that's
good!
We
can
get
rid
of
this.
So,
oh,
maybe.
A
A
B
D
B
D
A
B
I
may
be
wrong
dependent
url
it
it
base64
encodes.
It.
D
C
Hold
up
on
the
screenshot
that
the
that
the
show
on
the
plugins
they
they
do
have
this
same
live
preview.
So
maybe
that's
just
an
internal
thingy
of
the
plugin
itself,
but.
B
So
so,
let's,
let's
save
this-
I'm
gonna
just
drop
it
somewhere
else.
Here
for
a
second
and
let's
clear,
let's
clear
this,
so
you
did
send
x,
save
variable.
B
So
if
I
send
this
again,
is
it
going
to
be
a
different
value,
so
e5
q
q
e5
qq?
No,
it's
not
it's
the
same
value,
so
I
don't
know.
Well
I
don't
know,
I
think
we
tried
I'm
not
sure
what
we
would
do
to
work
through
this.
I
guess
we
can
link
this
person
to
to
the
youtube.
B
A
C
Try
to
try
to
use
the
variable
still,
okay,
one.
A
C
C
Send
now
maybe
ch
change
instead
of
slash
headers
do
like
request,
slash
requests
or
first
to
see
like
the
both
the
headers
and
the
requests
request.
C
Now
go
into
the
the
post
data,
it
says
there
are
no
variable
with
name
my
value.
No
variables
have
been
set
yet
so
we
we
may
not
be
setting
it
right
in
the
headers.
C
Try
try,
instead
of
instead
of
putting
it
as
a
value
the
the
thingy
try
as
a
key
the
thing
that
I
think
stalin
mentioned
so
that
thing
you
put
it
in
the
key.
Instead,
okay
and
maybe
uncheck
that
one
for
now
and
try
again.
B
B
X,
custom:
I
bet
you
there's
like
console
output
for
this.
What
do
you
think.
B
D
D
Oh,
my
no,
where,
where
did
you
use
my
value,
can
you
show
me
that
right
here.
B
D
No,
that
is
setting
you
will
have
to
use
variable,
there's
another
function.
No,
that
should
be
there.
There's.
A
D
Function
called
variable
to
read
the
variable
variable.
Okay,
and
here
you
will
have
to
give
that
name.
So
it's
it's
an
object
so
because
we
are
putting
everything,
it's
full
object.
It's
not
json-based!
It's
an
object
right!
So
that's
why
now,
if
we
pass
yeah,
if
you
put
in
that,
okay
done,
send
it
once
more.
B
B
Oh,
it
doesn't
return
anything
anymore,
wait
a
second.
What.
B
B
D
D
Wait,
maybe
it
is
working
yeah,
it
is
sending
it.
Why,
don't
you
add
some
string
before
this
variable?
It's.
B
A
B
D
C
Yeah
but
notice
now
it's
always
the
same,
because
it's
only
using
the
same
value.
So
if
you
you
can
delete
that
you
can
delete
that
variable,
my
value,
the
yeah.
Okay!
C
It's
actually
editing
the
the
variable,
so
the.
A
B
B
I
don't
can
we
say
csrf
token.
Is
that
a
okay?
What
is
the
value
of
that
csrf
token?
Header?
Xcsrf
token?
Oh,
that's
also
laravel,
but
I
don't
care
about
laravel.
Okay,
it
looks
like
xcsrf
token
is,
is
something
that
somebody
uses.
So
let's
just
go
with
it.
So
then
we
want
to
do
here
we'll
do
like
uuid
v4
okay,
so
we
have
a
uuid
being
generated
every
time,
then
we're
going
to
come
come
in
here.
B
B
That's
pretty
cool
someone
clipped
this
video
yeah.
That
makes
sense.
Why
that's
happening!
So
that's
how
you
can
update
a
csf
csrf
token.
So
in
the
real
world
use
case
this,
this
would
not
be
present
because
it
would
be
sent
by
the
server,
and
you
would
actually
use
this
header
thing
here,
because
you're
grabbing
a
raw
value
of
a
header
value
of
a
response
header
we
just
happen
to
be
working
with
mockbin
and
it
doesn't
have-
doesn't
seem
to
have
a
way
to
spit
back
response
headers
to
echo
back
response.
B
B
What
does
that
stop?
Okay,
so
we
would
do
it
like
that
and
then
yeah
we
would
get.
We
would
get
the
value
out.
So
we
see
here
that
we
sent
my
thing
and
it
has
the
previous
value
so
one
last
time
it
starts
with
nine
f9.
The
previous
token
starts
with
knight
f9.
Here
we
go
the
new
one
that
we
sent
starts
with
nine
f9,
so
pretty
cool
and
it's
valid
json
okey,
dokey,
wow
computers,
work.
C
We
can
take
a
short
detour
here
and
I
can
try
to
spread
the
gospel
of
being
able
to
programmatically
set
environment
variables
and
how
that
is
a
killer
feature,
because
here
here's
the
thing.
Let
me
share
my
I
think
I
have
I
I
don't
wanna,
I'm
remembering
joe
in
the
last
stream
saying
I'm
not
sure
if
I'm
authorized,
because
I'm
gonna
be
using
the
competition,
but
here's
the
thing
that
I
like
about
how
they
have
this
setup.
Give
me
just
a
second,
because
I
have
a
ton
of
windows
open.
D
B
Oh
man
well
power
to
you.
I
would
I
would
not
last
very
long
above
100
degrees
for
any
length
of
time.
I
think
today.
B
D
Two
days
back
so
the
lowest
it
touched
was
around
14
14
15
highest.
It
went
to
almost
20
25.
It
was
a
hilly
station
illustration.
A
B
Well,
the
coldest
that
gets
here,
let's
see
like
the
coldest
it
would
ever
get
over
the
span
of
a
year,
would
be
negative
23
celsius.
B
B
B
How
are
you
robinson
where's?
What's
the
weather
like
for
you
today.
A
Me,
I'm
okay,
it's
pretty
bright.
A
B
Yeah
the
I
visited
some
friends
in
los
angeles
two
years
ago,
and
I
said
wow
that
was
so
nice
today
and
they're
like
it's
exactly
like
this.
Every
single
day,
every
day
of
the
year,
yeah
every
day
is
a
perfect
day.
I
guess
that
would
get
tiring
after
a
while
speaking
of
getting
firing
felipe.
What's
going
on,
you
gotta,
you
got
your
demo
going
or
what.
B
B
B
B
I
would
not
be
so
comfortable
without
seasons
yeah.
It's.
B
B
B
Yeah,
let's,
let's,
let's
just
leave
it
at
that
at
least
we
at
least
we
got
through
a
couple
and
we
learned
some
cool
stuff
and
that
example,
I
think,
is
pretty
valuable
that
we
showed
with
how
you
can
use
a
request
to
save
values
on
subsequent
requests
without
request
chaining
using
the
save
variable
plugin,
it's
pretty
neat
stuff,
and
there
you
go.
We
hear
you
hello,.
C
I
I
think
it
can
be
quick.
I
think
I
can.
I
can
show
what
I
want
to
the
idea
that
I
want
to
pass
that
I
think
it's
an
improvement
that
we
could
try
and
add
to
to
insomnia.
Hopefully
you
can
still
hear
me.
Let
me
know
yep,
okay,
here's
the
thing,
though,
all
that
dancing
around
that
we
were
doing
in
the
plug-in.
Can.
C
Yeah
sure
I
mean
the
their
ui
is
pretty
cumbersome.
I
don't
know
even
how
I
I'll
try
to
like.
I
can
slide
this
thing
down.
Okay,.
B
B
C
Holy
crap
anyway,
it's
been
a
while,
but
here's
the
thing
that
I
like
okay,
so
all
that
dancing
around
that
we
were
doing
in
theory
in
postman.
It
would
take
a
lot
very
little
step.
So,
for
instance,
you
could
in
and
like
they
have
this
concept
that
they
have
pre-requests
and
tests
and
whatnot
so
code
that
you
can
run
before
you
run
a
request
and
code
that
you
can
run
after
you
run
a
request
and
whatnot
you
don't
even
have
to
add.
You
know
tests
in
here
per
se,
but
here's
the
thing
here
programmatically.
C
I
can
interact
with
any
risk
with
a
response,
which
means
that
here
I
would
be
able
you
know
to
go
through
headers
and
get
some
some
some
value
like
the
csrf
thingy,
that
we
were
trying
to
do
and
set
it
up
on
my
environment
as
a
variable,
which
would
mean
that
here
I
could
add
some
if
statement
saying
if-
and
they
have
here
snippets
that
I
can
use
like
get
an
environment
variable.
C
If
the
the
same
variable
that
I
set
you
know
before
the
csrf
thingy
is
set,
I'm
gonna
append
it
to
say
to
some
to
some
value
where
I
want
to
substitute
something
before
I
send
the
request,
so
that.
B
C
You
can
you
can
you
can
also
do
that.
So,
for
instance,
that
that
would
mean
that
here
I
I
can
have
some
some
sort
of
logic
that
either
fetch
the
the
environment
variable
or
I,
in
this
case
I'm
setting
like
a
random
uid
and
whatnot.
But
that's
that's
the
thing
where
I
think
we
can,
where
I
think
we
can
improve,
because
they
don't
force
you
to
install,
even
though
you
know
the
their
ui.
As
of
now,
it's
even
more
cumbersome.
It
was
really
hard
for
me
to
find
out
things.
C
This
is
the
part
where
I'm
I'm
on
post,
but
but
but
you
know
notice
that
that
difference,
because
just
the
fact
that
you
can,
you
know
attach
to
the
logic
of
your
request.
You
can
start
thinking
about
there's
things
that
I
want
to
do
with
this
request.
Before
the
request
happens
and
also
after
request
happens,
it
gives
you
like
a
whole
set
of
new
things
that
you
can
do
which
in
insomnia,
in
this
case,
we
had
to
use
the
plugin
too.
So.
C
Yeah
yeah
and
a
ton
of
people
use
that
we
would
do
a
lot
of
crazy
stuff
just
with
this
kind
of
of
idea,
for
instance,
something
that
thing
of
I
want
to
define
a
function
that
I
want
to
reuse
on
all
my
requests.
Okay,
here's
what
we
did
at
one
point
we
convert.
C
We,
we
set
the
function
somewhere
as
text,
we
converted
javascript
to
text
and
we
saved
it
an
environment,
valuable
variable,
and
then
we
evaled
that
environment
variable
on
the
pre-request
in
order
to
have
x
or
on
the
test
in
order
to
have
access
to
that
function,
because
that's
also
one
thing
that
postman
does
really
bad
and
in
some
it
does
have
does
also
really
bad.
That
is
they
don't
allow
you,
as
a
user,
you
know
to
define
your
own
functions.
B
Well
seems
like
a
very
obvious
feature
to
me,
but
I
shouldn't
talk
because
we
don't
have
anything
quite
like
that.
B
Just
just
to
say
it
out
loud
to
people
who
don't
know
kong
and
don't
know
us.
Kong
is
an
open
source
company,
we're
very
prideful
about
that,
and
I
don't
think
there's
anybody
here.
Who's
like
has
ill
will
against
anyone
really,
including
our
competitors.
It's
just
not
how
we
roll
as
a
company.
B
It's
not
our
it's,
not
our
culture,
and
you
know
we
just
want
to
make
great
products
and
if
other
people
make
great
products
too,
that's
pretty
good
news,
because
then
it
means
that
we
can
all
kind
of
learn
from
each
other
and
move
faster,
we're
a
completely
open
source
project.
We
have
nothing
to
hide
and,
as
you
see
here
on
the
stream
we're
doing
these
things
in
the
open,
so
you
know
we
try
to
try
to
try
to
live
that
way
in
the
ways
that
we
make
our
products.
B
B
You
don't
see
us
on
stream
next
week.
You'll
know
why?
Okay,
just
joking!
Well,
thanks
for
coming
everyone,
it's
been
nice
to
hang
out
and
stalin
thanks
for
helping.
How
do
can
you
tell
me
your
name,
because
I
just
realized
I've
been
saying:
there's
like
a
bee,
that
I've
been
inserting
into
your
name,
yeah.
B
Sometimes
it's
rohington
or
hinton
yeah,
okay,
I've
been
saying
it
terribly
wrong.
I've!
Many
apologies
on
that.
It's
now
that
you
say
it,
it
seems
very
obvious,
but
I
had
to
overcomplicate
it.
That's
all
right!
B
Well,
thanks
for
joining
guys
and
we'll
see
you
all
next
week.