There are generally two types of interfaces:
1. The interface inside the program
2. External interface of the system
External interface of the system: For example, if you want to obtain resources or information from other websites or servers, others will definitely not share the database with you. He can only provide you with a method they wrote to obtain data. You quote him to provide The interface can use the method he wrote, so as to achieve the purpose of data sharing.
The interface inside the program: the interaction between methods and methods, the interaction between modules and modules, the interface thrown inside the program, such as the bbs system, there are login modules, post modules, etc., then you must log in before you post, then this The two modules have to interact, and it will throw an interface for the internal system to call.
Classification of interfaces:
1. webservice interface
2. http api interface
The webService interface is transmitted through the HTTP protocol through the soap protocol. The request message and the return message are in xml format. When testing, we use tools to call and test.
The http api interface is based on the http protocol, and the method of calling is distinguished by the path. The request messages are in the form of key-value, and the returned messages are generally json strings. There are methods such as get and post, which are also the two most commonly used. request method.
JSON is a universal data type that all languages recognize.
The difference between get request and post request:
1. GET uses URL or Cookie to pass parameters. Whereas POST puts data in BODY.
2. The URL of GET will be limited in length, and the data of POST can be very large.
3. POST is safer than GET because the data is not visible on the address bar.
4. Generally, get requests are used to obtain data, and post requests are used to send data.
In fact, of the above points, only the last point is more reliable. The first post request can also put the data in the url. In fact, there is no length limit for the get request. The post request seems to have implicit parameters. It's a little more secure, but that's only for novice users. Even if you make a post request, you can capture the parameters by capturing packets. (The only difference is this, the above 3 differences are all inaccurate)
Why do interface testing:
1. The lower a bug is found, the lower the repair cost.
2. The front-end can be changed at will, the interface has been tested, and the back-end does not need to be changed. The front-end and back-end are developed by two groups of people.
3. Check the security and stability of the system. The front-end parameters are not credible. For example, when shopping on JD.com, the front-end price cannot be passed in -1 yuan, but -1 yuan can be passed in through the interface.
http status code:
1, 200 2 all indicate that the request was sent successfully, the most common is 200, which means that the request is ok, and the server also returns.
2. 300 The beginning of 3 represents redirection, the most common is 302, which redirects the request to another place.
3. 400 400 means that the request sent by the client has a syntax error, 401 means that the accessed page is not authorized, 403 means that there is no permission to access this page, and 404 means that there is no such page.
4. 500 5 means the server is abnormal, 500 means the server is abnormal, 504 means the server timed out and no result is returned.
How to test the webservice interface:
It does not require you to spell the message, it will give a webservice address, or wsdl file, import it directly in soapui, you can see all the interfaces in this webservice, and there are messages, directly fill in the parameter call, and see the return result That's it.
Weather forecast wsdl address: http://www.webservicex.net/globalweather.asmx?wsdl
The difference between cookie and session:
1. The cookie data is stored on the client's browser, and the session data is stored on the server.
2. Cookies are not very secure. Others can analyze the cookies stored locally and perform cookie deception
Sessions should be used for security reasons.
3. The session will be saved on the server for a certain period of time. When the number of visits increases, it will take up the performance of your server.
Cookies should be used in view of mitigating server performance.
4. The data saved by a single cookie cannot exceed 4K. Many browsers limit a site to save a maximum of 20 cookies.
5. So my personal suggestion:
Store important information such as login information as session
other information If you need to keep it, you can put it in a cookie