1, https protocol ca need to apply for a certificate, generally less free certificates, thus requiring a fee.
2, http is the hypertext transfer protocol, information is transmitted in the clear, https is encrypted with a security ssl transfer protocol.
3, http and https use is completely different connections, with the port are not the same, the former is 80, which is 443.
4, http connection is very simple, is stateless; is constructed by the HTTPS protocol SSL + HTTP encrypted transmission protocol, a network authentication protocol, the http protocol than security. HTTPS works, we all know that HTTPS can encrypt information, so as not to acquire sensitive information by third parties, so a lot of banking sites or e-mail, and so a higher level of security services will adopt HTTPS protocol.
The client has the following steps when using HTTPS to communicate with the server Web, as illustrated in FIG. (1) customers to use https URL to access the Web server requires an SSL connection to the Web server. After (2) Web server receives a client request, the certificate information will be the site (the certificate contains the public key) transmit a copy to the client. (3) the client browser and the Web server security level began to negotiate SSL connection, which is encrypted information level. (4) the client browser, depending on the security level agreed to establish a session key, and then use the site's public key to encrypt the session key and send it to the site. (5) Web server using their own private key to decrypt the session key. (6) Web server using the communication between the client and the encrypted session key.
Fourth, despite the advantages of HTTPS HTTPS is not absolutely safe, master authority root certificate to master organizational encryption algorithm can also be an intermediary form of attack, but HTTPS is still under the existing framework of the safest solutions, mainly in the following benefits:
(1) using the HTTPS protocol may authenticate the user and the server, transmits the data to ensure that the correct client and server;
(2) HTTPS protocol is constructed by SSL + HTTP encrypted transmission protocol, a network authentication protocol, the http protocol than security, to prevent data from being stolen during transmission, changes to ensure data integrity.
(3) HTTPS under the existing framework is the most secure solution, though not absolute security, but it greatly increases the cost of the middleman attack.
(4) Google search engine algorithm was adjusted in August 2014, saying "Compared to the same HTTP sites using HTTPS encrypted site's ranking in search results will be higher."
Fifth, the shortcomings of HTTPS HTTPS Although there is a great advantage, but relatively speaking, still shortcomings at:
(1) HTTPS protocol handshake time consuming, it can cause pages to load prolonged nearly 50%, 10% to 20% of the power consumption;
(2) HTTPS connection cache as good as HTTP efficient, increases data overhead and power consumption, even existing security measures will also be affected;
(3) SSL certificates need the money, the more powerful the higher cost certificates, personal sites, small sites generally do not use is not necessary.
(4) SSL certificate is usually required to bind IP, can not bind multiple domain names on the same IP, IPv4 resources are unlikely to support this consumption.
Encryption range (5) HTTPS protocol is relatively limited, in hacker attacks, denial terms of service attacks, hijacking and other servers will not achieve any effect almost. The most critical, SSL certificate credit chain system is not safe, especially in certain countries can control the CA root certificate, the man in the middle attacks as possible.
Six, http If you need to switch to HTTPS sites switch from http to https in the end how to achieve it?
It should be page all the links, such as js, css, images, etc. by the link http changed to https. For example: http: //www.baidu.com changed https://www.baidu.com BTW, here http although the switch to https, it is recommended to retain http. So we can do when switching compatible http and https, the specific implementation is to remove the head of the page http link, which can automatically match head http and https head. For example: the http://www.baidu.com changed //www.baidu.com. Then when the user enters http access from the entrance page, the page is http, if the user is entering the access from the entrance https page, the page even if the https. He mentioned key difference between UI and API level testing testing? UI (User Interface) refers to test graphical interface, such as how users interact with the application, testing, application elements, such as fonts, images and layout. UI test basically focused on the look and feel of the application. And the API communication may be achieved between two separate software systems. Implementation of the API software system can be included Please elaborate UI interface testing and test test test activities are the coordination function or subroutine execution of another software system?
Emphases Interface test case what?
1) Required field: request parameters required, optional
2) legitimacy: Input Output legal, illegal parameter
3) the boundary: boundary request parameter values, etc.
4) fault tolerance: high-capacity data frequently requested, repeat request (such as: Order), exception processing such as network
5) data check response: asserted, data is transmitted to the next stage extraction interfaces ...
6) check logic: The two interfaces requested strict order, the order of the case turned to be tested
7) Performance: Simulation of concurrent test interfaces, gradually pressurizing choke point analysis
8) Security: malicious character configuration requests, such as: SQL injection, XSS, sensitive information, the business logic (eg: skip some key steps; unverified manipulate sensitive data) Parameter Type * Test each lawful (type of illegal easy to miss NULL type) * upper and lower limits for each test parameter ranges without lawful circumstances test parameters * empty * Taiwan before and after the test parameters defined * conformance test each parameter (here easy deadly the BUG, if the program is not handled properly, could lead to the collapse) * If two requests have strict order, need to test turned the situation sequential abstract class and interface What is the difference? In the Java language, abstract class and interface supports two mechanisms abstract class definition. It is the existence of these two mechanisms, it gives a powerful object-oriented Java capability. When the interface between the abstract class and has very similar in terms of support for the abstract class definition, and even interchangeable, so many developers making abstract class defines appears randomly selected for the abstract class and interface. In fact, there are still a lot of difference between them, even for their choice reflects the understanding of the nature of the problem areas for the understanding of design intent is correct and reasonable. Abstract class Interface can not instantiate the class one of the inheriting relationship, a class can only be used once inheritance. Can implement multiple interfaces via multiple inheritance to inherit a class can implement multiple interface data members may have their own static and can not be modified which must be static final, generally defined method can not in this private, non-abstract methods must be implemented not have private, default public, abstract type variable can have private, default friendly type, its value can be redefined in subclasses, may be reassigned can not have private, default public static final type, and must for its the initial value, not redefine the implementation class can not change its value. Design philosophy represents the "is-a" relationship represents the "like-a" relationship implementation needs to inherit, use extends to use implements abstract class and interface in the Java language are used to abstract class (abstract class in this article is not translated from the abstract class, it represents an abstraction, and abstract class for the Java language used to define abstract class One method) is defined, then what is the abstract class, the use of abstract class can bring us any good of it? With declarative method to achieve it without the class is called abstract class (abstract class), which is used to create a manifestation of some of the basic class, and as such a statement, but the class can not be achieved in this class Case. You can not create instance of abstract class. However, you can create a variable whose type is an abstract class and points it to a specific sub-class. Constructor can not have abstract or abstract static methods. Abstract subclass of class to provide implementation for all of their abstract methods of the parent class, it is an abstract class. Instead, the method is implemented in a subclass. We know the behavior of other classes can implement these methods in the class. Interface (interface) is a variant of the abstract class. In the interface all methods are abstract. Multiple inheritance can be obtained by implementing this interface. All interface methods are abstract, not a program body. The interface can only define static final member variables. And subclasses to achieve a similar interface, not inherit behavior from the interface definition in addition to the realization. When implementing special class interface, which the definition of (the procedure of giving) all such interface. Then, a method that may be implemented on any call interface of the object class interface. As an abstract class, which allows the use of interface name as the reference variable type. The usual dynamic binding will take effect. Reference can be converted to interface type, or conversion from interface type, instanceof operator can be used to determine whether an object class implements the interface. Interface can be inherited interfaces. Abstract class can implement (implements) interface is an abstract class can inherit entity classes, but only if the entity class must have explicit constructor. Interface is more concerned about "what functions can be achieved," regardless of "how to achieve it." 1. Both are the same point A. abstract classes are not instantiated. B. interface implementation class and subclass abstrct class have already declared abstract method must be achieved.
2. The need to achieve a different point A. interface, use the implements, and abstract class needs to inherit, use extends. B. A class can implement multiple interface, but a class can only inherit an abstract class. C. interface emphasize specific functions, and abstract class emphasize affiliations. Although the interface implementation class D. abstrct class and subclass must implement the corresponding abstract methods, but of different forms. Each of the interface methods are abstract, just a declaration (declaration, there is no method body), the implementation class must implement. Abstract class and subclass can be selectively implemented. This choice has two meanings: First Abastract class not all the methods are abstract, and only those methods have abstract of the crown is abstract, a subclass must implement. No abstract of those methods must be defined in the method body in Abstrct class.
Second, abstract subclass of class during inherit it, either direct inheritance of non-abstract method can also be covered; and for abstract methods, you can choose to implement, can also restated its approach to abstract way, without the need to achieve, to stay to its subclasses to achieve, but these must be declared as an abstract class. Both abstract class, of course, can not be instantiated. E. abstract class is the interface to the Class intermediary. The method interface is completely abstract, the method can only be declared, and can only be declared pulic, the method can not be declared private and protected, and can not define method body, we can not declare instance variables. However, interface but can declare a constant variable and difficult to find such examples in the JDK. But the constant variable in interface in violation of its role as an interface exists purposes, but also confused the different values of the class interface. Indeed, if desired, it can be placed in the appropriate abstract class or the Class. abstract class played a role in connecting the interface and the Class. In one aspect, abstract class is abstract, can declare abstract methods to standardize subclasses must implement the functions; on the other hand, it can define a default method bodies, for direct use or subclasses covered. In addition, you can also define your own instance variables for subclasses to use through inheritance. The need to coordinate specific interface before 3. interface applications A. class and class, and do not care about how its implementation. B. As can identify the presence of specific functions, it can be pure identify what interface methods are not. C. needs to be a set of classes as a single class, but the caller only through contact with the interface this set of classes. D. need to implement a number of specific functions, but there may be no link between any of these functions.
4. abstract class applications sentence, in the case of both the need for a unified interface and requires an instance variable or the default method, you can use it. The most common are:
A. defines a set of interfaces, but do not want to force each implementation class must implement all of the interfaces. Can abstract class defines a set of method bodies and may even be empty method body, then selected by the method of the subclass of interest to cover their own.
B. some instances, the interface does not rely purely satisfy the compatibility between the class and class, the class must also represents the state variable to distinguish between different relationship. abstract intermediary role can satisfy it.
C. specification a set of methods coordinated, some of which is independent of the common, state, can be shared, without subclass are implemented; and various other methods it takes to accomplish a specific subclasses according to their specific state function.
Interface automated testing process? The basic interface functions to automate the testing process: needs analysis -> Use Case Design -> script development -> test execution -> Result analysis POST and GET What is the difference?
1. GET answer when the browser fallback is harmless, and POST will submit the request again.
2. GET URL address generated can be saved as a bookmark, and not POST.
3. GET request will be actively cache browser, POST will not, unless manually.
4. GET request url only encoding, and support a variety of encoding POST.
5. GET request parameters are intact in the browser history, and the POST parameters will not be retained.
6. GET request parameters transmitted in the URL is the length restricted, but no POST.
7. GET less secure than POST, because the parameters directly exposed on the URL, it can not be used to transmit sensitive information.
8. GET URL passing parameters, POST request on the Body.
9. GET generate a TCP packet, POST generates two TCP packets.
10. GET URL request transmission parameters has length limitations, and there is no POST request length limit
11. GET request parameter can only ASCII code, so the Chinese need URL encoding, mass participation and POST requests do not have this restriction;
12. GET generates a TCP packet; generating the POST two TCP packets.