第十期_接口测试_20190926

课前准备

  • curl
  • chrome devtool
  • 虚拟机6.0

接口测试认知

  • 传统的狭义的接口测试。http、rpc、tcp协议的接口测试
  • 泛接口体系。除了狭义接口测试之外,还包括sdk的测试、so、dll文件的api接口测试、数据库、消息管道的测试,各种协议测试

从上到下分析协议

  • chrome的networks
  • curl http协议的发送工具 -vv更清晰的理解http协议

协议

带参数GET请求


> GET /s?wd=mp3 HTTP/1.1
> Host: www.baidu.com
> User-Agent: curl/7.54.0
> Accept: */*
>

GET请求

* Connected to 47.95.238.18 (47.95.238.18) port 9080 (#0)
> GET /login.php HTTP/1.1
> Host: 47.95.238.18:9080
> Connection: keep-alive
> Pragma: no-cache
> Cache-Control: no-cache
> Upgrade-Insecure-Requests: 1
> User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
> Referer: http://47.95.238.18:9080/login.php
> Accept-Encoding: gzip, deflate
> Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7
> Cookie: sidebar_collapsed=false; PHPSESSID=2t919h4har1hc2mkd73j4hotq3; security=low

POST请求

* Connected to 47.95.238.18 (47.95.238.18) port 9080 (#0)
> POST /login.php HTTP/1.1
> Host: 47.95.238.18:9080
> Connection: keep-alive
> Pragma: no-cache
> Cache-Control: no-cache
> Origin: http://47.95.238.18:9080
> Upgrade-Insecure-Requests: 1
> Content-Type: application/x-www-form-urlencoded
> User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
> Referer: http://47.95.238.18:9080/login.php
> Accept-Encoding: gzip, deflate
> Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7

username=admin&password=123&Login=Login&user_token=19bc8471020e7261d1ba5d8beac416c7

session与cookie

  • cookie response header中的set-cookie字段与request header的cookie字段
  • session:PHPSESSID其实就是session,今天访问一次,明天访问一次。每次的回话通过session识别,session大多数是通过cookie传递的

以无痕模式访问网站


GET /login.php HTTP/1.1
Host: 47.95.238.18:9080
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7


HTTP/1.1 200 OK
Date: Thu, 26 Sep 2019 13:19:44 GMT
Server: Apache/2.4.25 (Debian)
Set-Cookie: PHPSESSID=ev2fqu53o7asqps4omhrol2uc3; path=/
Expires: Tue, 23 Jun 2009 12:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=ev2fqu53o7asqps4omhrol2uc3; path=/
Set-Cookie: security=low
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 699
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8

第二次访问

GET /login.php HTTP/1.1
Host: 47.95.238.18:9080
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7
Cookie: PHPSESSID=ev2fqu53o7asqps4omhrol2uc3; security=low


HTTP/1.1 200 OK
Date: Thu, 26 Sep 2019 13:21:27 GMT
Server: Apache/2.4.25 (Debian)
Expires: Tue, 23 Jun 2009 12:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 698
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8

TCP协议分析 tcpdump+wireshark

三次握手机制

四次挥手机制

课后作业1

跟百度发送请求,并把user-agent修改为你的个人署名

课后作业2

发起一次雪球的股票搜索,搜索阿里巴巴

关闭