1, the body of the request: the data content
Four formats:
a,application/x-www-form-urlencoded
Processing the data sequence number, in the form of key-value pairs
Transmitting key1 value1 & key2 value2 = = manner to the server
b,multipart/form-data
Upload all the data in the form, including file
c, text string: raw
text / plain plain text, the browser does not resolve
text / html html, the browser automatically resolve
text / xml or application / xml encoding format which can be developed
application / json, news theme is JSON string of series
4, binary format: binary
2. Why do interface testing
a, to make up for the deficiencies of traditional UI test
Many systems do not interface provides only interface functions, can not be tested by way of the interface
You just can test the functionality of the front page of the test, the server and the functions you how much coverage?
> Some multi-function interface service fees are normal?
> Each field returned for each interface is correct
Exception handling> distal bypass check, whether it is necessary interfaces (length, non-empty)
When the code does not update the APP, while the service-side code updates directly through the interface automated testing to quickly know whether the impact of APP's function
b, security 1'OR '1' = '1
Interface field returned, contains redundant information (such as user id, token sensitive fields, etc.)
User password, other users private information transmission need to be encrypted transmission
Whether there is anti-Interface brush mechanism
3, GET request and the POST request of the difference
a, GET request is not the request body, POST request body has requested
B, parameters (required data transfer) in the GET request to the URL transmission, the size is limited
POST request parameters can be passed in the URL, but also in the z body (unlimited size) can be placed on request
c, GET relatively poor security
> Parameter plaintext
> The data are browser cache
Different uses d, Design
GET used to query - not a small operation data, parameter volume
POST is used to insert, update data - high security requirements, the amount of data
GET like cars, delivery can, but limited capacity
POST like trucks, stock box (request body), transport capacity and high safety