This is the fifth day of my participation in the August More text Challenge. For details, see:August is more challenging
The problem
To solve
At the end
The problem
When we want to verify how a Web service handles illegal URL passthroughs, we need to use certain methods. It is impossible to manually try one test case by one test case, which wastes time and is inefficient. Is there any good way? That’s what we want to talk about today.
To solve
The solution is to automate your Restful API testing. Speaking of automated testing tools, we can think of PostMan, APIPost, JMeter, etc. Learning tools require some time and cost to use. What other methods are recommended? The answer is yes. If you’re good at shell scripting, you can always use your own automated test scripts.
First, let’s break down the problem. If we want to implement this automated test script, we need to do three things.
First, select the tool to send the HTTP request. In this case, select curl. Curl is one of the most popular network testing tools. It is very powerful and has dozens of command-line arguments. If used skillfully, it can completely replace Postman, APIPost and other graphical interface tools.
Second, to simulate URL invalid parameters, we use /dev/urandom and head tools. /dev/urandom is a tool for generating pseudo-random numbers on Linux systems, and head is used to control the display of URL parameters.
Third, fast implementation of THE API interface test, we used a large loop and low sleep scheme to control the request sending.
According to the three parts mentioned above, we have implemented a very simple test script, which is coded as follows:
#! /bin/bash
step=1 # Increase stride length
wait= 0.1# Number of seconds in the interval
for((i=0; i<6000; i=(i+step)));do
ran=$(cat /dev/urandom | head -n 10 | head -c 10)
echo $ranThe curl http://172.31.232.99:3000/$ran
sleep $wait
done;
exit 0
Copy the codeTo visually show what the simulated URL parameters look like, print them out on the console and execute the script with the following command:
sh url_test.sh
Test run results :(only part of the output is listed because it is too much)
! ????? h? ? e? curl: (3) URL using bad/illegal format or missing URL ????? H? m curl: (3) URL using bad/illegal format or missing URL =????? 9 curl: (3) URL using bad/illegal format or missing URL curl: (3) URL using bad/illegal format or missing URL -@V?? r: curl: (3) URL using bad/illegal format or missing URL L? %??'? Ӥ?
Failed to decode param '
/ L Ð % ´'because a O'</h1><h2></h2><pre></pre></div></div></div><script src="/javascripts/jquery.min.js"></script><script src="/layui/layui.js"></script><script src="/javascripts/cms.js"></script></body></html>? q?? 6?? curl: (3) URL using bad/illegal format or missing URL"?????? p curl: (3) URL using bad/illegal format or missing URLCopy the codeCurl does its own filtering for invalid URL parameters. Not all requests with URL parameters will be sent.
At this point, our automated test scripts are done and run satisfactorily, quickly and efficiently, without the need for human intervention. After the script is executed, we can view the error log from the server.
If there is a bug, we will fix it according to the log content, perfect!
At the end
Ok, today on the simulation of URL parameter request automation script, is not very simple. I am Liuzhen007, Chinese Bond, a Chinese can knock code bond, welcome everyone to pay attention to me.
