我正在开发一个可收藏的网络应用程序,其中包括使用不同参数访问的五十种不同的网址模式。我的目标是让测试环境设置一个具有一些预定义值的数据库。稍后,我会有兴趣检查一切正常,例如:
我尝试了cUrl:
获取登录页面
curl -i http://localhost:8080/myapp/login
返回 200 代码。
授权POST
curl -i http://localhost:8080/myapp/login/post -X POST -d j_username="user"
-d j_password="pass" -c cookie.txt
正确执行登录并存储授权的cookie,但它返回 302已移动(因为我执行了重定向到主页,因为它是预期的。)
获取一些安全网址
curl -i http://localhost:8080/myapp/securedurl -b cookie.txt
安全资源已正确加入,但我使用了网址重写框架,因此强制重定向并再次返回 302 代码。
我处理 cUrl 的问题在于它的请求是否具体,因此我无法检查正确执行的重定向。即使我能让它们正常工作,我也需要解析每个响应以检查它们的代码。
所以我可能需要模拟浏览器行为来检查整个周期,而不是关注每个请求。
有关于此的任何想法吗?
答案 0 :(得分:4)
有趣的例子......
Swat DSL是一种轻松处理此类问题的工具,但仍在使用curl !是的,如你所说,curl是面向请求的,这是真的。有时它会出现问题。
Swat也使用curl(在引擎盖下),但swat允许顺序http(curl)请求 - 名为swat modules,它们只是可重用的 http请求。与最终用户一样,这是一个在许多倍数卷曲请求下分裂的单个用例:
让我将你的selenuim示例重写为swat:
$ mkdir -p myapp / login / post
$ nano myapp / login / post / swat.ini
swat_module=1 # this is reusable curl request
curl_params="-c ${test_root_dir}/cookie.txt -d j_username='%username%' -d j_password=%password%"
$ nano myapp / login / post / post.txt
# authentication post should succeed
200 OK
# should see http redirect code at headers
302
# this is where we are redirected upon successful login
generator: [ resource().'/HOME' ]
$ mkdir -p myapp / check_secured_urls
$ nano myapp / check_secured_urls / hook.pm
# this is a fake resource is not going to be requested
# spoofing server response
set_response('OK');
run_swat_module(
POST => '/login/post', {
username => 'j_username',
password => 'password1'
}
)
# GET secured urls
# we should succeed as we already authenticated
for my $uri ( qw{ FOO FOO/BAR FOR/BAR/BAZ } ) {
run_swat_module( GET => '/any_url', { uri => $uri } )
}
$ nano myapp / check_secured_urls / get.txt
# this is spoofed server response
OK
$ mkdir -p myapp / any_url /
$ nano myapp / any_url / get.txt
200 OK
# always should see this one?
# not very clear from your example
<title>MyApp Title</title>
$ nano myapp / any_url / swat.ini
swat_module=1 # this is reusable curl request
curl_params="-b ${test_root_dir}/cookie.txt"
$ nano myapp / any_url / hook.pm
# this is just adapter to GET ANY url:
# so we need dynamically set requested resource:
modify_resource( sub { module_variable('uri') } );
最后一个,检查没有现有页面返回404
$ mkdir myapp / sss
$ echo&#39; ignore_http_err = 1&#39; &GT;的myapp / SSS / swat.ini
$ echo&#39; try_num = 1&#39; &GT;&GT;的myapp / SSS / swat.ini
$ echo&#39; 404&#39; &GT;的myapp / SSS / get.txt
$ swat ./ localhost:8080
PS无需为安全URL实施check404,因为swat默认为您执行此操作。
披露 - 我是特警的作者。
答案 1 :(得分:1)
我最终使用Selenium Web Driver及其java API来进行测试。执行的步骤是:
我用这段代码执行它:
/*
* Constants declaring the urls to test
*/
private static final String[] URLS = { URL1, URL2, URL3 };
/*
* Here we've to check that the return page is 404. In my case this comparison works,
* however it may vary for different implementations of web applications
*/
private boolean check404(WebDriver driver) {
return driver.getPageSource().contains("404.xhtml");
}
@Test
public void test() throws InterruptedException {
WebDriver driver = new FirefoxDriver();
driver.get(APP_URL + "/login");
Assert.assertEquals(driver.getTitle(), "Login");
WebElement formName = driver.findElement(By.name("j_username"));
formName.sendKeys("user@gmail.com");
Thread.sleep(50);
WebElement formPassword = driver.findElement(By.name("j_password"));
formPassword.sendKeys("password1");
formName.submit();
Assert.assertTrue(driver.getCurrentUrl().equals(APP_URL + "/home"));
// Get some nonexistent url and check that returns 404 code
driver.get(MODULE_URL + "/sss");
Assert.assertTrue(check404(driver));
logger.info("Checking " + URLS.length + " of the application");
for (String url : URLS) {
driver.get(url);
logger.info("Checking " + url);
//I look for the title here, to verify it's properly loaded.
//This implementation may also vary
Assert.assertTrue(driver.getTitle().equals("MyApp Title"));
Assert.assertFalse(check404(driver));
}
driver.quit();
}