Say goodbye, only to find that never see. — Let’s wave goodbye to the once-great Fiddler.
preface
International practice. Let’s start with a story
Busy Man Art was recently working on a new requirement, and as a senior engineer, he was comfortable writing code and finished the development very quickly. Before the test, Art called in products and designs as usual for a product experience and design walkthrough. Before the experience, because of problems such as agent configuration and certificate authentication, Art spent a long time to help the product and design sister to get the environment experience, the scene was very awkward. After completing the product experience and design walkthrough, Art finally tested the requirements and began the test and verification process. In addition to re-reading the methods and rules of agent allocation with the test, Art must constantly communicate with the test to get the captured packet information of the bug recurrence during the process of solving the bug. For some occasional problems, even can not get captured packet records, all by guess. Fortunately, the experienced Art worked overtime to solve all the bugs and finally release the requirements. Wait, before the launch, Art got a call from his boss, who wanted to get a preview of some of the new features that had not yet been released. But it happened that the boss was not in the company, so there was no proxy access to the test environment, which puzzled Art. “So what?”
In our daily work, we often have to deal with the test environment, whether it is development, testing, experience, check and other links, often need to be carried out in the test environment. In the past, we used to use proxy tools to access the test environment. As the above story describes, there are a number of problems with the proxy approach:
- Agent installation and configuration is cumbersome (especially when HTTPS certificates are involved)
- Proxy rules are not replicable (everyone has to do it every time)
- Limited network (4G cannot access test environment, etc.)
- Different application scenarios have different proxy (applet, RN, etc.)
In order to solve these problems, we conducted a series of explorations and practices and proposed the Fastest solution, which implements an agent-free access test environment and provides rich functionality based on it.
Fastest
Fastest is an agent-free test environment platform that allows you to access your test environment without the need for proxy tools. In addition to the agent free feature, it also has a comprehensive variety of agent forwarding capabilities, a simple visual management platform and a variety of compatible scenarios, and under the multiple security protection, the whole scheme has good security and reliability.
The basic philosophy behind Fastest was to test domain names to achieve proxy-free access to the test environment, using the Whistle service deployed on the Fastest server to perform core functions such as forwarding and packet capture. More details about the specific principles and architecture of Our Fastest agent coordination platform are covered in the Technical Architecture section.
Multi-scenario support
With the continuous development of the front end, the form of the front end is no longer limited to Web pages, small programs, RN and other front-end carriers emerge in endlessly, but no matter what the scenario, access to the test environment is a common appeal.
As mentioned above, the basic principle of Fastest is to enable proxy-free access to the test environment by using the test domain, so we simply switch the entry resource to the test domain. Fastest provides a way to do this in different scenarios.
Android/iOS
For mobile pages (Android/iOS), using a Domain switching SDK, you can use the Fastest to access the test environment by switching the entry domain of all pages to the Fastest test domain.
Small program
Fastest supports both wechat applet and QQ applet. Fastest developed Fastestmp applet plug-in, which implements CGI agent address translation in applet.
After configuring and introducing the Fastestmp plug-in in your applinet, you can access your test environment through Fastest.
Fastest also offers an NPM package and supports both QQ applet and wechat applet.
H5
For regular H5 pages, you can also test domain switching using an NPM package fastest- Loader.
Hippy
Hippy is a cross-platform framework of Tencent. In our team, Hippy is mostly used in mobile QQ browser projects. In such projects, We often encounter the problem that Android phones can’t get around certificate verification, resulting in the failure of agent debugging.
Fasetest solution can be a good solution to this problem, easy to implement test environment proxy and debugging.
caught
With Fastest, how do we capture packets?
Because it enabled proxy forwarding by deploying the Whistle service on the server, Fastest inherited the packet capture functionality of Whistle in full, with improvements and extensions.
Real-time caught
Building on Whistle’s real-time packet capture capabilities, we provide a separate real-time packet capture page for each user based on user ID and environment ID filtering. On the real-time packet capture page, all requests related to the user are displayed, including the detailed information of the request and response, the Timeline of the request list, and the matching rules of the request, etc.
At the same time, the captured packet information can be exported on the real-time capture page. The format of the exported packet can be SAz and TXT. The captured packet file in SAZ format can be displayed on the capture page, and can also be directly opened on various agent tools, which is very convenient.
History caught
Sometimes we find problems in the test environment, but have missed the real-time capture of packets, if these problems are not necessary, then replicating them becomes a difficulty.
Fastest allows you to view historical packet capture information over a specified time range by entering a time range into the management platform. This solves the problem of backtracking packets.
Management platform
Fastest Businesses that join the Service divide their applications by domain name, and configure and manage them on the Fastest management platform.
Of course, unlike using the proxy tool, which allows everyone to access the test environment through a lot of front-end configuration work, with the Fastest, most users don’t have to pay attention to the specific configuration of the application. The configuration on the management platform works for everyone.
The plug-in system
We built a plugin mechanism based on the idea that test requests flowed in and out of the Fastest service, injecting code into the test page before the responses came back.
Take the Eruda plug-in for example. In the Fastest panel, enabling the Eruda plug-in enables the console function for the test page, allowing you to view and debug the page information directly on mobile.
security
! The Fastest program has now been recognized by corporate safety departments!
It is worth noting that under the Fastest solution, we were able to access the test environment from the Internet over the limitation of the network environment. Considering the instability and security of the test environment, we needed to limit and protect access to the test environment.
In terms of safety, Fastest protects in two ways.
Access layer
For the access layer, we cooperate with the security department of Tencent to access all test domain names to Sparta(service access layer system) in a unified way, and professional Sparta will complete the security verification of the access layer. Sparta(Service access layer system) provides portal (website vulnerability protection) and Hole (website vulnerability scanning) functions to ensure the security of the access layer.
At the same time, we maintain cooperation with security departments, develop short – and long-term cooperation plans, regularly Review the security of the entire system, and timely solve and repair possible security loopholes.
authentication
Fastest provides three dimensions of authentication, which allow users to authenticate their requests before accessing the test environment.
- OA authentication
- Whitelist authentication
- Token authentication
After OA authentication is enabled, pin+ Token authentication is required before the user can access the specified test environment. This ensures that the user is an internal employee. This strict authentication mode applies to 80% of scenarios.
In whitelist authentication, only users specified by the administrator can access the specified test environment. Users not in the whitelist cannot access the test environment.
In Token authentication, the administrator sets a Token for the test environment. Only users who pass the Token authentication can access the specified test environment.
The three dimensions of authentication ensure security and flexibility.
How to access
Join the Fastest and enjoy the agent-free configuration in just 4 steps! (Currently only available within Tencent, stay tuned ~)
Step 1: Create the project
Enter the workbench, click create new project, enter the application name, proxy domain name and original domain name, and click submit to create successfully.
Step 2: Create the test environment
Click the “Create Test Environment” button in the left sidebar, enter the agent environment name and description, and click “Submit” to create the environment successfully.
Step 3: Add rules
Click the button to add rules, enter matching rules and test environment, select status and weight, and click submit to create successfully.
Step 4: Access the test environment
Enter the address configured in the configuration in the browser, click the gear to enter the test environment you want to select.
Give it a try
!!!!! Just wanted to give it a try and see how it worked? !!!!!
No problem, we have a demo project to help you experience the Fastest without having to apply for a special domain. You can do it in the Try It menu on the Fastest management platform.
Access to guide
Want to officially access your business?
Fastest’s detailed access instructions will help you step by step to complete your access to The Fastest.
Which products are in use
Fastest has been used in a number of PCG and IEG products, and the pain points for proxy testing are widespread across BGS and divisions.
Finally, you are welcome to give us your comments and suggestions. You are also welcome to discuss how to improve the efficiency of the test agent.
Follow [IVWEB community] public number to get the latest articles every week, leading to the top of life!