Interface test interview

1. What is the interface testing process of your company? (Do you feel familiar? I seem to have heard it somewhere)

We did the interface test in the XX project, mainly including XX interface, XX interface, XX interface and so on.
1. First, get the API interface document from the developer to understand the interface business, including interface address, request method, input parameters, output parameters, token authentication, return format and other information.
2. Then use Postman or Jmeter tools to perform interface testing. Generally, the steps to use Jmeter are as follows:
1. First, create a new thread group.
2. Then create a new HTTP request default value. (Enter the interface server IP and port)
3. Create a lot of HTTP requests, one request for one use case. (Enter the interface path, access method, parameters, etc.)
4. Then create an assertion and view the result tree.
3. Finally debug and execute the use case, and finally write the interface test report
4. In fact, we also encountered quite a lot of problems when we made the interface, and we solved them independently, such as the return value is garbled (modify the configuration file of jmeter to UTF-8 Encoding method), for example, you need to log in to get the token authentication code and this authentication code needs to be used in the following request (use the regular expression extractor to extract the value of the token, etc.

2. Please briefly describe the difference between cookie, session and token (do you feel that the whole is an interview question that has not changed for thousands of years)

(1) The cookie data is stored on the client's browser, and the session data is stored on the server. The token is the authentication code for the interface test. Generally, the token can only be obtained after logging in, and then the token parameter needs to be brought every time the interface is requested.

(2) The cookie is not very secure. Others can analyze the cookie stored locally and cheat the cookie. Considering security, the session should be used, and the session will be saved on the server for a certain period of time. When the number of visits increases, it will take up more performance of your server. Considering reducing server performance, cookies should be used

(3) Important information such as login information can be stored as a session; other information needs to be saved, which can be placed in a cookie

3. How to design test cases for interface testing? (must ask)

Interface testing generally considers changes in the form of input parameters and the business logic of the interface. Generally, the design of interface test cases adopts the equivalence class, boundary value, and scenario methods!

The idea of ​​interface test design test case is as follows:
1. Interface business logic test? (Positive example)
Interface logic test refers to the
test of whether the output value obtained under normal input conditions is correct according to the description of business logic, input parameters, and output value , which is to test whether the interface services provided to the outside world work normally.
2. Module interface test? (Counterexample)
Module interface test is a test to ensure the safety of data and the correctness of program logic under abnormal circumstances. ?
The module interface test mainly includes the following aspects: ?
1) Authentication code token exception (authentication code is empty <no authentication code>, wrong authentication code, expired authentication code).
2) Other parameters are abnormal.
1. Mandatory item check
2. Parameter length, type, and format exceptions:
General parameters: (numbers, strings, dates)
Parameter length: 6-18 digits. Or ID card, phone length.
Parameter types: numbers (precision), letters, Chinese, parameters with spaces, special characters.
Date format: date: year, month, day, year, month, day, hour, minute, second, date format (including /,-,:, etc.).
3) Error code exception coverage.
4) Other points of interest in the interface test.
When the interface has page turning, the abnormal value of the page number and page number is used to test the
addition, deletion, modification and query of the database. For example, after a post interface operation is completed, check whether the new data is consistent with the previous post through the list page interface. Consistent
Whether the image address returned by the interface can be opened, and whether the image size meets the requirements
When the output parameters are linked, it is necessary to verify whether the actual results returned by the two parameters meet the requirements.
All list page interfaces must consider sorting values
​​All functions must be compatible with older versions

4. Is the database compared during the interface test execution?

Sure, because the data returned by the interface comes from the database, and the operation of the data on the interface needs to perform in-depth database checks!

5. Tell me about your understanding of the HTTP protocol?

Hypertext transfer protocol, the port is 80, the characteristics (no memory function, fast) are composed of request and response. The request is composed of request header, request line, and request body; the response is composed of response header, response line, and response body. Previously, our company's interface used the https protocol.

https http+ssl protocol port 443 for secure hypertext transfer protocol

6. What is the difference between get and post requests?

Both get and post requests are a way for the client to submit a request to the server

get is a clear text transmission parameter, tending to request server resources. such as opening a website

Post transmission data is invisible, high security, and tends to submit data to the server, such as registration, etc.

7. What are the response status codes?

1xx: Instructions – Indicates that the request has been accepted and continues processing

2xx: Success – Indicates that the request has been successfully received, understood, accepted

3xx: Redirect – further action is required to complete the request

4xx: Client Error – The request has syntax errors or the request cannot be fulfilled

5xx: Server-Side Error – The server failed to fulfill a legitimate request

8. Are there many bugs found during interface testing? Can you give me a few chestnuts?

This question is actually very simple to come back to. As long as you have done interface testing, you can always find a few bugs. Just say 2-3 bugs you usually find. The interviewer asks this question mainly because he wants to know whether you have really done interface testing. After all, many small partners’ resumes are written fakely (if you don’t write it, you probably won’t have an interview opportunity. There is no way, in order to survive, you can Understand) For example, if you enter a negative number in the cash withdrawal input box on the page, you will definitely not be able to submit it (the front-end page will judge the amount). If I don’t go to the front-end, I will directly use the interface tool to send a request and enter a negative number. (Assuming that the server does not judge the withdrawal amount data) Balance = current balance (100) - withdrawal amount (-100), then withdrawal -100, the balance becomes 200, that is, the more withdrawals, the greater the balance.

9. What test points should be paid attention to in the interface test?

11.1) The image address is returned in the interface, and it is necessary to manually test the image (size, content)

11.2) When the interface completes the query function, the sorting display of the data returned

11.3) When testing the interface, pay attention to the default value and required items of the parameters

10. After the interface executes the test, return the results for comparison. Which part of the content is generally compared?

What must be compared before is to return the status code, and then compare and return other key content

11. Why carry out interface testing?

13.1) Interface testing is an integration test. The earlier the test is involved, the more problems can be found in the early stage of the project, and the lower the cost of repairing the problem

13.2) The interface test is very fast, and the UI automation executes a test case in about 10 seconds. If the interface test case is executed, the required time is milliseconds

12. What tools were used in the interface testing process?

postman or jmeter (5.1)

13. Have you ever used a packet capture tool before? How is it used?

I used the fiddler packet capture tool in the project before to capture HTTP protocol requests

After opening fiddler, the default browser is configured with a proxy on port 127.0.0.1 8888. After fiddler has set the filtering policy, open the website that needs to capture packets and operate, then you can capture packets

14. What is json data, and how do you usually parse json data?

A commonly used data message format for development, consisting of key-value pairs and arrays. You can use the tool bejson website, etc.

15. Postman, what kind of process do you use in your work?

1. Write a good use case

2. Build the url environment variable first in postman

3. Create new collection management according to the module to which the interface use case belongs

4. Enter test cases under different modules in the collection

5. When entering test cases, add assertions in the tests tab according to the expected results

6. Export to run through Newman

16. What is the use of setting environment variables in postman?

In previous projects, the environment for interface testing includes development environment, test environment, etc. For the convenience of testing, the environment variable is set in postman, and all interfaces will refer to the environment variable at that time, so that there is no need to switch environments every time Modify the host address of the system interface under test; click the environment variable management button in the upper right corner - create a new environment variable, and use { {variable name}} to call in the script

17. What is the meaning of association in interface testing? How to set association with postman?

Association is to intercept the return value of the previous interface and use it as a parameter of the next interface, allowing the interfaces to run in series

The steps to set up the association in postman are as follows:

1. First extract the information required by the next interface from the previous interface by means of regular expression extraction or json value extraction

2. Use the code that sets the global variable to save the retrieved value to the global variable

3. In the next interface, use { {global variable}} instead of the static value you want to replace

18. What types of protocol tests does postman support?

http and https protocols

19. What are the ways of postman parameterization?

Built-in variables, pre-scripts to write js scripts, import csv or json format files during batch operation

20. How does Newman execute postman scripts?

Newman run script name can also add parameters to generate html reports, etc.

21. What version did jmeter use before? How was it installed?

jmeter uses version 5.1.1, the installation is as follows:

First install jdk1.8 or above on the computer, then download the latest installation package from the official website, unzip it, and configure the environment variables. After configuration, the installation is complete

22. How to use jmeter for interface testing in the project?

1. Set the number of thread groups to 1 and the number of loops to 1

2. Configure the global variable URL through the configuration element - user-defined variable added

3. Add the default value of the configuration element http request, placed after the user-defined variable

4. Add transaction controllers to manage and organize test cases

5. Add http request in transaction control Add interface request information in test case

6. Add the corresponding assertion element to assert

23. How to set assertion in jmeter?

Right-click Request—Assertion—Response Assertion—Response Assertion Interface Input the items to be checked and compared. After setting the assertion, execute the interface test. If it passes, there will be no prompt when viewing the result tree. If the assertion fails, there will be red error. If the data returned by the interface is json data, you can also add json assertion

24. How to implement association in jmeter?

First intercept the parameter value required by the next interface from the previous interface through the regular expression extractor or jsonpath parser and save it to a variable, and then use ${variable name} to get it when writing an interface

25. What is the function of jmeter adding the HTTP request default value element?

After adding and setting, it is equivalent to setting the default value for all http request samplers. You don’t need to fill in the sampler such as host address, port, proxy, etc., you can use the http request default value to set

26. What are the ways of jmeter parameterization that can be realized?

1. Configuration Elements - User-defined variable elements can set global variables

2. In the function assistant dialog box, you can choose random strings, random dates, and random numbers as parameters

3. You can use a csv file as a parameter, and you can set it through the csv data set config element in the configuration element

27. What are the design points of interface test cases?

For this problem, we can analyze it from the composition of the interface. An interface mainly includes request address, request method, and request parameters. The request address and method are fixed.

Therefore, we should mainly start with the request parameters, mainly from the following aspects:

1. Number of parameter fields: required fields and optional fields

2. Parameter legality: input and output legal, illegal parameters

3. Boundary: request parameter boundary value, etc.

4. Fault tolerance: processing of large-capacity data, frequent requests, repeated requests (such as orders), abnormal network, etc.

5. Response data verification: assertion and data extraction are passed to the next-level interface

6. Logic verification: if the two requested interfaces have a strict order, it is necessary to test the order of the transfer

7. Performance: Simulate concurrent testing of interfaces, gradually increase pressure, and analyze bottleneck points

8. Security: Construct malicious character requests, such as: SQL injection, XSS, sensitive information, business logic (such as: skip some key steps; manipulate sensitive data without verification)

28. What is the difference between post and get?

This question should be a question that every interface tester can answer, but pay attention to the key points:

1. The parameters of the get method are in the URL, and the parameters of the post are in the body (essential difference)

2. The security of the get method is not as high as that of the post

3. The get method can be cached but the post cannot

4. The parameters transmitted in the URL of the GET request have a length limit, but the POST does not.

Of course, there are many other differences, but it is almost enough to answer these main ones.

29. Which packet capture tools do you use?

There are many kinds of packet capture tools, but the most commonly used ones by our technicians are nothing more than Fiddler, blue and white porcelain, and F12, so just choose the one you use most.

Of course, most of the interviewer's next questions will ask why you use the packet capture tool? Doesn't the company have an interface document?

30. What do you use the packet capture tool for?

For developers in medium and large companies, they will write a complete interface document, so when we do interface testing, can we compare it with the interface document? so for also

Friends who have no experience in real interface projects will be at a loss. Then our testers usually capture packets to verify whether the data we test is normal during the interface transfer process

Or to judge whether a certain problem is a front-end problem or a back-end problem.

31. How to judge whether a bug is a front-end problem or a back-end problem?

This is a question that many interviewers will ask, and it is also a knowledge point that our testers must master in order to prevent front-end developers and back-end developers from kicking each other at work.

In fact, it is easy to judge. We can first capture the packet and look at the request message, and then look at the interface document to see if there is any problem with the request message. If there is a problem, the data sent by the front end is wrong. The returned data is incorrect, that is after

The problem of terminal development, so that our testers can have their own judgments, instead of letting the developers argue with each other.

32. What does your company use for interface testing?

The tools used by each company for interface testing are different. Some will use postman to do some simple single-interface tests, but for a certain number of interface tests, postman is difficult to do, so many companies at this time At once

I will choose the open source jmeter to do it, because the script is relatively easy to manage and maintain.

But for many companies, jmeter can't meet their own requirements. At this time, testers will write their own test frameworks (that is, test development), and then design and complete the functions required by their companies through coding.

33. Do you know the interface testing framework?

Many friends will say that I will use unittest, pytest or testNG. In fact, these frameworks cannot meet the requirements of the company. It should be said that our framework is packaged and integrated on the unittest or pytest framework.

Mail system and test reports, logs, reruns and other functions, and then talk about the advantages of this design, which will make people think that this person understands the specific framework implementation process.

34. Where are your interface test cases?

It depends on what tools your company uses for interface testing. If it is postman and jmeter, the use cases are directly in their request files, but if you have your own framework, the use cases are generally in tables or tables. .

Original link:

https://www.cnblogs.com/zhangshaoning/p/12563860.html

Original link:

https://www.cnblogs.com/csmashang/p/12661361.html