CN111914262A - Test method, device, system, electronic equipment and storage medium - Google Patents

Test method, device, system, electronic equipment and storage medium Download PDF

Info

Publication number
CN111914262A
CN111914262A CN202010809723.1A CN202010809723A CN111914262A CN 111914262 A CN111914262 A CN 111914262A CN 202010809723 A CN202010809723 A CN 202010809723A CN 111914262 A CN111914262 A CN 111914262A
Authority
CN
China
Prior art keywords
test
tampering
result
information
target
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010809723.1A
Other languages
Chinese (zh)
Inventor
翁丛
田燕红
刘金凤
杨洋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN202010809723.1A priority Critical patent/CN111914262A/en
Publication of CN111914262A publication Critical patent/CN111914262A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3684Test management for test design, e.g. generating new test cases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3688Test management for test execution, e.g. scheduling of test suites
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Quality & Reliability (AREA)
  • Computing Systems (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The embodiment of the disclosure provides a test method, a test device, a test system, electronic equipment and a storage medium, which can be applied to the field of information security. The method comprises the following steps: receiving test request information from a client, wherein the test request information comprises a first webpage address identifier and request parameters; responding to the test request information, and determining whether a target test case meeting a matching condition exists in the plurality of target test cases, wherein the matching condition is that a second webpage address identifier included by the target test case is the same as the first webpage address identifier, and each target test case comprises a second webpage address identifier, tampering parameters and an expected test result; under the condition that the target test case meeting the matching condition is determined to exist, tampering is carried out on the request parameter according to the tampering parameter, and tampering information is obtained; sending the tampering information to an application server so that the application server can respond to the tampering information to obtain a first response result; and generating a real test result according to the first response result and the expected test result.

Description

Test method, device, system, electronic equipment and storage medium
Technical Field
The disclosed embodiments relate to the field of computer technologies, and in particular, to a test method, an apparatus, a system, an electronic device, and a storage medium.
Background
In order to ensure the normal operation of the system, the system is usually required to be tested, and the testing includes safety testing and automation testing. The security test mainly refers to the test of security vulnerabilities or risks existing in the system, such as stealing of sensitive information of others, malicious tampering of contents, malicious attack on an application server and the like.
In the related technology, a safety test tool is adopted for safety test, namely the safety test tool receives a test request sent by a client, and tampers parameters in the test request in a scanning mode to obtain tampering information, the tampering information is sent to an application server, a response result generated by the application server responding to the tampering information is received, and whether the test is successful or not is determined according to the response result.
In implementing the disclosed concept, the inventors found that there are at least the following problems in the related art: the related art for system test can generate some useless request and response data, thereby affecting the system performance and the test efficiency.
Disclosure of Invention
In view of this, the disclosed embodiments provide a testing method, device, system, electronic device and storage medium.
One aspect of the disclosed embodiments provides a test method, including: receiving test request information from a client, wherein the test request information comprises a first webpage address identifier and request parameters; responding to the test request information, and determining whether a target test case meeting a matching condition exists in a plurality of target test cases, wherein the matching condition is that a second webpage address identifier included by the target test case is the same as the first webpage address identifier, and each target test case comprises the second webpage address identifier, a tampering parameter and an expected test result; under the condition that a target test case meeting the matching condition exists in a plurality of target test cases, tampering the request parameter according to the tampering parameter to obtain tampering information; sending the tampering information to an application server so that the application server responds to the tampering information to obtain a first response result; and generating a real test result according to the first response result and the expected test result.
According to an embodiment of the present disclosure, the generating a real test result according to the first response result and the expected test result includes: if the expected test result is the same as the first response result, the true test result is a test pass; and if the expected test result is not the same as the first response result, the true test result is a test failure.
According to an embodiment of the present disclosure, the testing method further includes: and under the condition that the target test case meeting the matching condition does not exist in the plurality of target test cases, sending the test request information to the application server so that the application server generates a second response result according to the test request information and sends the second response result to the client.
According to an embodiment of the present disclosure, the testing method further includes: generating a plurality of original test cases according to preset conditions; and carrying out format conversion on each original test case to obtain a target test case.
According to an embodiment of the present disclosure, the receiving test request information from the client includes: and receiving test request information sent by the client through the proxy server.
According to an embodiment of the present disclosure, the sending the tampering information to the application server includes: and sending the tampering information to an application server through the proxy server.
Another aspect of the disclosed embodiments provides a test apparatus, including: the system comprises a receiving module, a sending module and a receiving module, wherein the receiving module is used for receiving test request information from a client, and the test request information comprises a first webpage address identifier and request parameters; a first response module, configured to determine, in response to the test request information, whether a target test case meeting a matching condition exists in a plurality of target test cases, where the matching condition is that a second webpage address identifier included in the target test case is the same as the first webpage address identifier, and each target test case includes the second webpage address identifier, a tampering parameter, and an expected test result; the tampering module is used for tampering the request parameters according to the tampering parameters under the condition that the target test cases meeting the matching conditions exist in the target test cases to obtain tampering information; the second response module is used for sending the tampering information to an application server so that the application server responds to the tampering information to obtain a first response result; and the generating module is used for generating a real test result according to the first response result and the expected test result.
Another aspect of the disclosed embodiments provides a test system, including: a management server to: receiving test request information from a client, wherein the test request information comprises a first webpage address identifier and request parameters; responding to the test request information, and determining whether a target test case meeting a matching condition exists in a plurality of target test cases, wherein the matching condition is that a second webpage address identifier included by the target test case is the same as the first webpage address identifier, and each target test case comprises the second webpage address identifier, a tampering parameter and an expected test result; under the condition that a target test case meeting the matching condition exists in the plurality of target test cases, tampering the request parameter according to the tampering parameter to obtain tampering information; sending the tampering information to an application server; and the application server is in communication connection with the management server, and is used for responding to the tampering information to obtain a first response result and sending the first response result to the management server. The management server is further configured to: and generating a real test result according to the first response result and the expected test result.
Another aspect of the disclosed embodiments provides an electronic device, including: one or more processors; a memory for storing one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method as described above.
Another aspect of the embodiments of the present disclosure provides a computer-readable storage medium having stored thereon executable instructions, which when executed by a processor, cause the processor to implement the method as described above.
Another aspect of embodiments of the present disclosure provides a computer program comprising computer executable instructions for implementing the method as described above when executed.
According to the embodiment of the disclosure, test request information from a client is received, the test request information comprises a first webpage address identifier and a request parameter, and in response to the test request information, if a target test case meeting a matching condition is determined to exist in a plurality of target test cases, the request parameter is tampered according to the tampering parameter to obtain tampering information, wherein the matching condition is that a second webpage address identifier included by the target test case is the same as the first webpage address identifier included by the test request information. And sending the tampering information to the application server so that the application server responds to the tampering information to obtain a first response result, and generating a test result according to the first response result and an expected test result. Because the second webpage address identification in the target test case corresponds to the test one by one, the targeted test is realized by determining whether the plurality of target test cases comprise the second webpage address identification which is the same as the first webpage address identification, so that the technical problem that the targeted test is difficult to realize is at least partially solved, the avoided content of the service layer can be filtered, and useless request and response data can not be generated, thereby improving the system performance and the test efficiency.
Drawings
The above and other objects, features and advantages of the present disclosure will become more apparent from the following description of embodiments of the present disclosure with reference to the accompanying drawings, in which:
FIG. 1 schematically illustrates an exemplary system architecture to which the application testing method of the present disclosure may be applied;
FIG. 2 schematically illustrates a flow chart of a testing method according to an embodiment of the present disclosure;
FIG. 3 schematically illustrates a schematic diagram of a testing method according to an embodiment of the present disclosure;
FIG. 4 schematically illustrates a flow chart of another testing method according to an embodiment of the present disclosure;
FIG. 5 schematically illustrates a schematic diagram of another testing method according to an embodiment of the present disclosure;
FIG. 6 schematically illustrates a block diagram of a testing device according to an embodiment of the present disclosure;
FIG. 7 schematically illustrates a block diagram of a test system according to an embodiment of the present disclosure; and
fig. 8 schematically shows a block diagram of an electronic device according to an embodiment of the disclosure.
Detailed Description
Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that the description is illustrative only and is not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present disclosure.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It is noted that the terms used herein should be interpreted as having a meaning that is consistent with the context of this specification and should not be interpreted in an idealized or overly formal sense.
Where a convention analogous to "at least one of A, B and C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B and C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.). Where a convention analogous to "A, B or at least one of C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B or C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.).
In the related art, the safety testing tool performs the safety test in a scanning manner. In the test process, a test address can be designated, and a test function to be tested is difficult to designate. And the safety testing tool carries out safety testing according to the characteristics of various vulnerabilities, namely parameters are tampered according to the characteristics of various vulnerabilities, and a testing result is determined according to the characteristics of various vulnerabilities. The characteristics of the vulnerability include changing the length of the request, decrypting or encrypting the parameters, adding invalid or illegal characters, adding cross-site scripts in the request, and the like.
In carrying out the concept of the present disclosure, the inventors found that there are at least the following problems in the related art: firstly, because the test address can be assigned, it is more difficult to assign the test function to be tested, i.e. the scan range is more difficult to locate accurately, therefore, some useless request and response data will be generated, and the system performance is further affected. Secondly, because the test is carried out according to the characteristics of various vulnerabilities, the related contents are various, some useless request and response data are generated, and the system performance is further influenced. In addition, because the functions which are avoided by the service layer are also tested, false alarm is easily caused in the process, and therefore, the testing efficiency is reduced. The function that the service layer has avoided is explained by taking an application program used by a user as an example:
the user has no usage rights for a certain function of the application. The user has no use right of the function, namely, the function of avoiding in a service layer. The above-mentioned reduction of the test efficiency can be understood as: when the user sends a test request, the function is also tested in the related art, but the user does not have the use right item of the function, so that the test for the function is unnecessary, false alarm is easily caused in the process, the false alarm needs to be analyzed manually, and some time is consumed, so that the test efficiency is influenced.
Based on the above, the inventors found that the cause of the above problems is: it is difficult to implement a pertinence test in the related art. In order to solve the above problem, an embodiment of the present disclosure provides a test method capable of implementing a pertinence test, specifically:
and matching the webpage address identifier in the received test request information from the client with the webpage address identifiers in a plurality of target test cases, wherein the plurality of target test cases can be generated in advance. The web page address identifier can be used as a basis for whether security testing is required. The web page address identification corresponds to the test one by one. Namely, each test is provided with a corresponding webpage address identifier, and the webpage address identifiers corresponding to different tests are different. For convenience of illustration, the webpage address identifier in the test request information may be referred to as a first webpage address identifier, and the webpage address identifier in the target test case may be referred to as a second webpage address identifier.
If it is determined that a target test case meeting the matching condition exists in the plurality of target test cases, where the matching condition may be that the second webpage address identifier included in the target test case is the same as the first webpage address identifier included in the test request information, it may be said that the security test is performed. On the basis, the request parameters in the test request information can be tampered according to the tampering parameters in the target test case, and the subsequent test operation is executed. The following description will be given with reference to specific examples.
The embodiment of the disclosure provides a test method, a test device, a test system and electronic equipment capable of applying the method. The test method, the test device, the test system and the electronic equipment of the embodiment of the disclosure can be applied to the field of information security in the aspect of test realization. The method includes a security test procedure. In the safety test process, test request information sent by a client side is received. Responding to the test request information, and tampering the request parameters in the test request information according to the tampering parameters in the target test cases under the condition that the target test cases meeting the matching conditions exist in the plurality of target test cases to obtain tampering information, wherein the matching conditions can be that the second webpage address identifier included in the target test cases is the same as the first webpage address identifier included in the test request information. And sending the tampering information to the application server so that the application server responds to the tampering information and generates a first response result. And generating a real test result according to the acquired first response result and an expected test result in the test request information.
Fig. 1 schematically illustrates an exemplary system architecture 100 to which a test method may be applied, according to an embodiment of the disclosure. It should be noted that fig. 1 is only an example of a system architecture to which the embodiments of the present disclosure may be applied to help those skilled in the art understand the technical content of the present disclosure, and does not mean that the embodiments of the present disclosure may not be applied to other devices, systems, environments or scenarios.
As shown in fig. 1, the system architecture 100 according to this embodiment may include terminal devices 101, 102, 103, a network 104 and a server 105. The network 104 serves as a medium for providing communication links between the terminal devices 101, 102, 103 and the server 105. Network 104 may include various connection types, such as wired and/or wireless communication links, and so forth.
The user may use the terminal devices 101, 102, 103 to interact with the server 105 via the network 104 to receive or send messages or the like. The terminal devices 101, 102, 103 may have installed thereon various communication client applications, such as financial applications, shopping applications, web browser applications, search applications, instant messaging tools, mailbox clients, and/or social platform software, etc. (by way of example only).
The terminal devices 101, 102, 103 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The server 105 may be a server providing various services, such as a management server and an application server (for example only) providing support for test requests issued by users using the terminal devices 101, 102, 103. The management server and the application server may perform processing such as analysis on the received test request and the like, and feed back a processing result (e.g., a real test result generated in response to the test request and the like) to the terminal devices 101, 102, and 103.
It should be noted that the testing method provided by the embodiment of the present disclosure may be generally executed by the server 105. Accordingly, the testing device provided by the embodiments of the present disclosure may be generally disposed in the server 105. The testing method provided by the embodiments of the present disclosure may also be performed by a server or a server cluster different from the server 105 and capable of communicating with the terminal devices 101, 102, 103 and/or the server 105. Accordingly, the testing apparatus provided by the embodiment of the present disclosure may also be disposed in a server or a server cluster different from the server 105 and capable of communicating with the terminal devices 101, 102, 103 and/or the server 105.
It should be understood that the number of terminal devices, web pages, and servers in fig. 1 are merely illustrative. There may be any number of terminal devices, web pages, and servers, as desired for implementation.
FIG. 2 schematically shows a flow chart of a testing method according to an embodiment of the present disclosure.
As shown in fig. 2, the method includes operations S210 to S250.
In operation S210, test request information is received from a client, where the test request information includes a first webpage address identifier and request parameters.
In an embodiment of the present disclosure, the management server may receive test request information from a client, where the client may be a terminal device, such as a smart phone, a tablet computer, a computer, and the like. The test request information may be generated by the client based on the test request, that is, the client obtains the test request, and the test request may include the first web page address identifier and the request parameter. The client can generate test request information according to the test request.
The first webpage address identifier can be used as a basis for whether security testing is required or not. The first web page address identifier may be a Uniform Resource Locator (URL). The request parameters may include the name and value of the request parameter. For example, in banking, the name of the request parameter may include a user name and a password. Wherein the user name has a value of 138 × xx × 95, and the password has a value of x.
It should be noted that the management server receives the test request information from the client, and may receive the test request information from the browser interface of the client for the management server, that is, the test request information may be sent to the management server through the browser interface of the client. It is also possible for the management server to receive test request information sent by the client via the proxy server. The setting may be performed according to actual conditions, and is not particularly limited herein.
It should be further noted that, in the security test process, the test request information may be generated based on the user identification information. The user flag information may include small text files (cookies), time domains (sessions), tokens (tokens), and the like. The test request information may be generated based on the user flag information, that is, the client may set other corresponding information to generate the test request information according to the acquired user flag information when not acquiring a complete user operation.
For example, if a security test needs to be performed on a storage operation currently, the client already obtains user identification information of the user, the client may set a corresponding deposit amount and a corresponding deposit account, and the client generates test request information according to the user identification information, the storage amount, and the storage account. In addition, the test request information may also be generated by the client based on the acquired complete user operation. The generation mode of the test request information may be set according to actual conditions, and is not particularly limited herein.
In operation S220, in response to the test request information, it is determined whether a target test case meeting a matching condition exists in the plurality of target test cases, where the matching condition is that a second webpage address identifier included in the target test case is the same as the first webpage address identifier, and each target test case includes the second webpage address identifier, a tampering parameter, and an expected test result.
In operation S230, in the case that it is determined that there is a target test case satisfying the matching condition in the plurality of target test cases, the request parameter is tampered according to the tampering parameter, so as to obtain tampering information.
In the embodiment of the present disclosure, in order to implement the targeted test, a mode of whether a target test case meeting a matching condition exists in a plurality of target test cases may be adopted, where the matching condition may be that a second webpage address identifier included in the target test case is the same as a first webpage address identifier included in the test request information, and the plurality of target test cases may refer to at least two target test cases, specifically:
the plurality of target test cases may be generated in advance and stored in the management server. Each target test case may include a second web page address identification, a tamper parameter, and an expected test result. The second webpage address identifier can be used as a basis for whether security testing is required or not. The second webpage address identification corresponds to the test one by one. That is, for each test, a corresponding second webpage address identifier is set, and the second webpage address identifiers corresponding to different tests are different. The second web page address identifier may be a uniform resource locator. The tamper parameters may include the name and value of the tamper parameter. The expected test result may include a test success or a test failure.
The management server analyzes the test request information to obtain a first webpage address identifier and a request parameter. The management server determines whether a target test case meeting the matching condition exists in the plurality of target test cases. And if the target test case meeting the matching condition exists in the plurality of target test cases, indicating that the safety test can be carried out. In this case, the management server may tamper the request parameter in the test request information according to the tamper parameter in the matching test case, so as to obtain the tamper information. The matching test case is a target test case meeting the matching condition, namely the second webpage address identifier in the matching test case is the same as the first webpage address identifier in the test request information. The tampering operation may include at least one of replacement, addition, and deletion.
In operation S240, the tampering information is sent to the application server, so that the application server responds to the tampering information, and a first response result is obtained.
In an embodiment of the disclosure, the management server may send the tampering information to the application server, so that the application server responds to the tampering information to generate a first response result. The application server may send the first response result to the management server. The first response result may include a test success or a test failure.
It should be noted that the management server may send the tampering information to the application server, and may send the tampering information to the application server through a browser interface of the client for the management server. The tamper information may also be sent to the application server via the proxy server for the management server. The setting may be performed according to actual conditions, and is not particularly limited herein.
Likewise, the application server may send the first response result to the management server, and may send the first response result to the management server for the application server through a browser interface of the client. The application server may also send the first response result to the management server through the proxy server. The setting may be performed according to actual conditions, and is not particularly limited herein.
In operation S250, a test result is generated according to the first response result and the expected test result.
In the embodiment of the disclosure, after obtaining the first response result and the expected test result, the management server may compare whether the first response result and the expected test result are the same. And generating a real test result according to the comparison result. Namely:
the management server may declare the test as passed if it determines that the first response result is the same as the expected test result, i.e. the test result is test pass. If it is determined that the first response result is not the same as the expected test result, it may indicate that the test failed, i.e., the test result is a test failure.
According to the technical scheme of the embodiment of the disclosure, test request information from a client is received, the test request information comprises a first webpage address identifier and a request parameter, the test request information is responded, if a target test case meeting a matching condition is determined to exist in a plurality of target test cases, the request parameter is tampered according to the tampering parameter, and tampering information is obtained, wherein the matching condition is that a second webpage address identifier included by the target test case is the same as the first webpage address identifier included by the test request information. And sending the tampering information to the application server so that the application server responds to the tampering information to obtain a first response result, and generating a test result according to the first response result and an expected test result. Because the second webpage address identification in the target test case corresponds to the test one by one, the targeted test is realized by determining whether the plurality of target test cases comprise the second webpage address identification which is the same as the first webpage address identification, so that the technical problem that the targeted test is difficult to realize is at least partially solved, the avoided content of the service layer can be filtered, and useless request and response data can not be generated, thereby improving the system performance and the test efficiency.
The method of fig. 2 is further described with reference to fig. 3 in conjunction with specific embodiments.
FIG. 3 schematically shows a schematic diagram of a testing method according to an embodiment of the disclosure.
As shown in fig. 3, it is now necessary to test the transaction function. Setting the user name of the user to be changed from M to R and the password of the user to be changed from N to S. And a certain target test case exists, the second webpage address in the target test case is marked as U, the tampering parameters comprise a user name R and a password S, and the expected test result is test failure.
The client generates test request information and sends the test request information to the management server. The test request information comprises a first webpage address identifier U, and the request parameters comprise a user name M and a password N.
The management server responds to the test request information and determines that a target test case meeting a matching condition exists in the plurality of target test cases, wherein the matching condition is that a second webpage address identifier included by the target test case is the same as a first webpage address identifier included by the test request information, and the first webpage address identifier and the second webpage address identifier are both U. And the management server tampers the request parameters according to the tampering parameters to obtain tampering information, and sends the tampering information to the application server.
And the application server responds to the tampering information, generates a first response result and sends the first response result to the management server, wherein the first response result is successful in testing.
And the management server generates a real test result according to the first response result and the expected test result. Since the first response result is not the same as the expected test result, the real test result is a test failure.
Optionally, on the basis of the foregoing technical solution, generating a true test result according to the first response result and the expected test result may include: if the expected test result is the same as the first response result, the test result is a test pass. And if the expected test result is not the same as the first response result, the test result is a test failure.
In an embodiment of the present disclosure, the first response result may be a test success or a test failure. The expected test result may be a test success or a test failure.
The management server may declare that the test is passed if it determines that the first response result is the same as the expected test result, i.e., that both the first response result and the expected test result are successful or failed.
If the management server determines that the first response result is not the same as the expected test result, that is, the first response result is a successful test and the expected test result is a failed test, or the first response result is a failed test and the expected test result is a successful test, the management server may indicate that the test fails.
If the obtained test result of the management server is that the test fails, the management server can analyze the test result manually.
Optionally, on the basis of the above technical solution, the method may further include: and under the condition that the target test case meeting the matching condition does not exist in the plurality of target test cases, sending the test request information to the application server so that the application server generates a second response result according to the test request information and sends the second response result to the client.
In the embodiment of the disclosure, if the management server determines that no target test case meeting the matching condition exists in the plurality of target test cases, it may be stated that the safety test is not required, and the automatic test may be performed. In this case, the management server may transmit the test request information to the application server, so that the application server generates a second response result in response to the test request information, and transmits the second response result to the client.
It should be noted that the automated test can be started through TestNG based on UI automated test cases generated by the Selenium test framework, and can be executed regularly through Jenkins. Automated testing may enable simulation of user operation of the browser. The browser can be arranged on the terminal equipment.
It should be noted that the management server may send the test request information to the application server, and may send the test request information to the application server for the management server through a browser interface of the client. The test request information may also be sent to the application server for the management server via the proxy server. The setting may be performed according to actual conditions, and is not particularly limited herein.
Likewise, the application server may send the second response result to the client, and may send the second response result to the client through a browser interface of the client for the application server. The second response result may also be sent to the client by the proxy server for the application server. The setting may be performed according to actual conditions, and is not particularly limited herein.
The automatic test can be combined with the existing UI automatic test case to achieve the purposes of daily regression test and core content quality guard.
Optionally, on the basis of the above technical solution, the method may further include: and generating a plurality of original test cases according to preset conditions. And carrying out format conversion on each original test case to obtain a target test case.
In an embodiment of the present disclosure, the preset condition may refer to a safety test requirement. The preset conditions may include the original format of the web page address identification, tampering parameters, and expected test results.
The management server can generate a plurality of original test cases according to preset conditions, wherein each original test case comprises a webpage address identifier in an original format, a tampering parameter and an expected test result. Optionally, the format of each original test case is. The management server analyzes each original test case and converts the original test case into a target test case in a target format. Optionally, the format of each target test case is. Accordingly, the content in the target test case is stored in the form of "object name. method".
As the target test case does not need to be programmed, the tester only needs to fill in the case template content and does not need to write the test case code in person, the upper-hand threshold is reduced, and the time consumption for writing case is reduced.
Optionally, on the basis of the above technical solution, receiving test request information from the client may include: and receiving test request information sent by the client through the proxy server.
Optionally, on the basis of the above technical solution, sending the tampering information to the application server may include: and sending the tampering information to the application server through the proxy server.
In an embodiment of the present disclosure, the management server may receive test request information sent by the client through the proxy server. And/or the management server may send the tamper information to the application server through the proxy server. In addition, the application server may transmit the first response result to the management server through the proxy server. The application server may also send the second response result to the client through the proxy server. The above indicates that the proxy server can be used to intercept and forward information between the client, the management server and the application server.
Compared with the mode of intercepting and forwarding information through the browser interface of the client, the mode of intercepting and forwarding by the proxy server is adopted, unified deployment can be achieved, different testing tools do not need to be developed for different browsers, and therefore testing cost is reduced.
FIG. 4 schematically shows a flow diagram of another testing method according to an embodiment of the disclosure.
As shown in fig. 4, the method includes operations S401 to S410.
In operation S401, a plurality of original test cases are generated according to preset conditions.
In operation S402, format conversion is performed on each original test case to obtain a target test case.
In operation S403, test request information sent by a client through a proxy server is received, where the test request information includes a first webpage address identifier and request parameters.
In operation S404, in response to the test request information, determining whether a target test case meeting a matching condition exists in the plurality of target test cases, where the matching condition is that a second webpage address identifier included in the target test case is the same as the first webpage address identifier, and each target test case includes the second webpage address identifier, a tampering parameter, and an expected test result; if yes, perform operation S405; if not, operation S406 is performed.
In operation S405, the request parameter is tampered according to the tampering parameter to obtain tampering information, and operation S407 is performed.
In operation S406, the tamper information is transmitted to the application server through the proxy server, so that the application server generates a second response result according to the test request information, and transmits the second response result to the client.
In operation S407, the tamper information is sent to the application server through the proxy server, so that the application server responds to the tamper information, and a first response result is obtained.
In operation S408, whether the expected test result is the same as the first response result; if yes, perform operation S409; if not, operation 410 is performed.
In operation S409, the test result is a test pass.
In operation S410, the test result is a test failure.
According to the technical scheme of the embodiment of the disclosure, because the second webpage address identifiers in the target test cases correspond to the tests one by one, the targeted test is realized by determining whether the target test cases meeting the matching condition exist in the plurality of target test cases, and the preset condition is that the second webpage address identifiers included in the target test cases are the same as the first webpage address identifiers included in the test request information, so that the technical problem that the targeted test is difficult to realize is at least partially solved, the avoided contents of the service level can be filtered, and useless request and response data can not be generated, thereby improving the system performance and the test efficiency. In addition, because the target test case does not need programming, a tester only needs to fill in the case template content and does not need to write test case codes in person, the upper-hand threshold is lowered, and the time consumption for writing case is reduced. Meanwhile, the automatic test can be combined with the existing UI automatic test case, so that the purposes of daily regression test and core content quality protection are achieved.
Yet another test method according to an embodiment of the present disclosure. The method includes operations S501 to S513.
In operation S501, the management server generates a plurality of original test cases according to preset conditions.
In operation S502, the management server performs format conversion on each original test case to obtain a target test case.
In operation S503, the client generates test request information and sends the test request information to the proxy server, where the test request information includes the first webpage address identifier and the request parameter.
In operation S504, the proxy server transmits the test request information to the management server.
In operation S505, the management server, in response to the test request information, determines that a target test case meeting a matching condition exists in the plurality of target test cases, where a preset condition is that a second webpage address identifier included in the target test case is the same as the first webpage address identifier, and each target test case includes the second webpage address identifier, a tampering parameter, and an expected test result; if yes, perform operation S506; if not, operation S507 is performed.
In operation S506, the request parameter is tampered according to the tampering parameter to obtain tampering information, and operation S508 is performed.
In operation S507, the test request information is transmitted to the application server, and operation S509 is performed.
In operation S508, the tamper information is transmitted to the application server, and operation S510 is performed.
In operation S509, the application server generates a second response result according to the test request information and transmits the second response result to the client.
In operation S510, the application server responds to the tampering information to obtain a first response result, and sends the first response result to the management server.
In operation S511, the management server determines whether the expected test result is identical to the first response result; if yes, go to operation S512; if not, operation S513 is performed.
In operation S512, the management server determines the test result as a test pass.
In operation S513, the management server determines that the test result is failed.
In an embodiment of the present disclosure, fig. 5 schematically illustrates a schematic diagram of another testing method according to an embodiment of the present disclosure.
According to the technical scheme of the embodiment of the disclosure, because the second webpage address identifiers in the target test cases correspond to the tests one by one, the targeted test is realized by determining whether the target test cases meeting the matching condition exist in the plurality of target test cases, wherein the matching condition is that the second webpage address identifiers included in the target test cases are the same as the first webpage address identifiers included in the test request information, so that the technical problem that the targeted test is difficult to realize is at least partially solved, the contents avoided by a service level can be filtered, and useless request and response data can not be generated, thereby improving the system performance and the test efficiency. In addition, because the target test case does not need programming, a tester only needs to fill in the case template content and does not need to write test case codes in person, the upper-hand threshold is lowered, and the time consumption for writing case is reduced. Meanwhile, the automatic test can be combined with the existing UI automatic test case, so that the purposes of daily regression test and core content quality protection are achieved.
FIG. 6 schematically shows a block diagram of a testing device according to an embodiment of the present disclosure.
As shown in fig. 6, the testing apparatus 600 may include a receiving module 610, a first responding module 620, a tampering module 630, a second responding module 640, and a generating module 650.
According to the technical scheme of the embodiment of the disclosure, the receiving module 610, the first responding module 620, the tampering module 630, the second responding module 640 and the generating module 650 are in communication connection.
The receiving module 610 is configured to receive test request information from a client, where the test request information includes a first webpage address identifier and a request parameter.
The first response module 620 is configured to determine, in response to the test request information, whether a target test case meeting a matching condition exists in the plurality of target test cases, where the matching condition is that a second webpage address identifier included in the target test case is the same as the first webpage address identifier, and each target test case includes the second webpage address identifier, a tampering parameter, and an expected test result.
And the tampering module 630 is configured to tamper the request parameter according to the tampering parameter to obtain tampering information when it is determined that the target test case meeting the matching condition exists in the plurality of target test cases.
The second responding module 640 is configured to send the tampering information to the application server, so that the application server responds to the tampering information to obtain a first response result.
A generating module 650, configured to generate a real test result according to the first response result and the expected test result.
According to the technical scheme of the embodiment of the disclosure, test request information from a client is received, the test request information comprises a first webpage address identifier and a request parameter, the test request information is responded, if a target test case meeting a matching condition is determined to exist in a plurality of target test cases, the request parameter is tampered according to the tampering parameter, and tampering information is obtained, wherein the matching condition is that a second webpage address identifier included by the target test case is the same as the first webpage address identifier included by the test request information. And sending the tampering information to the application server so that the application server responds to the tampering information to obtain a first response result, and generating a test result according to the first response result and an expected test result. Because the second webpage address identification in the target test case corresponds to the test one by one, the targeted test is realized by determining whether the plurality of target test cases comprise the second webpage address identification which is the same as the first webpage address identification, so that the technical problem that the targeted test is difficult to realize is at least partially solved, the avoided content of the service layer can be filtered, and useless request and response data can not be generated, thereby improving the system performance and the test efficiency.
Optionally, on the basis of the above technical solution, the generating module 650 may include a first generating unit and a second generating unit.
And the first generating unit is used for judging that the test result is passed if the expected test result is the same as the first response result.
And the second generating unit is used for judging that the test result is failed if the expected test result is not the same as the first response result.
Optionally, on the basis of the above technical solution, the test apparatus 600 may further include a third response module.
And the third response module is used for sending the test request information to the application server under the condition that the target test case meeting the matching condition does not exist in the plurality of target test cases, so that the application server generates a second response result according to the test request information and sends the second response result to the client.
Optionally, on the basis of the above technical solution, the testing apparatus 600 may further include an obtaining module and a converting module.
And the acquisition module is used for generating a plurality of original test cases according to preset conditions.
And the conversion module is used for carrying out format conversion on each original test case to obtain a target test case.
Optionally, on the basis of the foregoing technical solution, the receiving module 610 may include: and the receiving unit is used for receiving the test request information sent by the client through the proxy server.
Optionally, on the basis of the above technical solution, sending the tampering information to the application server may include: and sending the tampering information to the application server through the proxy server.
Any of the modules, units, or at least part of the functionality of any of them according to embodiments of the present disclosure may be implemented in one module. Any one or more of the modules and units according to the embodiments of the present disclosure may be implemented by being split into a plurality of modules. Any one or more of the modules, units according to the embodiments of the present disclosure may be implemented at least partially as a hardware Circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented by hardware or firmware in any other reasonable manner of integrating or packaging a Circuit, or implemented by any one of three implementations of software, hardware, and firmware, or any suitable combination of any of them. Alternatively, one or more of the modules, units according to embodiments of the present disclosure may be implemented at least partly as computer program modules, which, when executed, may perform the respective functions.
For example, any plurality of the receiving module 610, the first responding module 620, the tampering module 630, the second responding module 640, and the generating module 650 may be combined into one module/unit to be implemented, or any one of the modules/units may be split into a plurality of modules/units. Alternatively, at least part of the functionality of one or more of these modules/units may be combined with at least part of the functionality of other modules/units and implemented in one module/unit. According to an embodiment of the present disclosure, at least one of the receiving module 610, the first responding module 620, the tampering module 630, the second responding module 640, and the generating module 650 may be at least partially implemented as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented by hardware or firmware in any other reasonable manner of integrating or packaging a circuit, or implemented in any one of three implementations of software, hardware, and firmware, or in a suitable combination of any of them. Alternatively, at least one of the receiving module 610, the first responding module 620, the tampering module 630, the second responding module 640, and the generating module 650 may be at least partially implemented as a computer program module, which when executed, may perform a corresponding function.
It should be noted that the test apparatus portion in the embodiments of the present disclosure corresponds to the test apparatus portion in the embodiments of the present disclosure, and the description of the test apparatus portion specifically refers to the test method portion, which is not described herein again.
FIG. 7 schematically shows a block diagram of a test system according to an embodiment of the disclosure.
As shown in fig. 7, the test system 700 may include a management server 710 and an application server 720.
The management server 710 is configured to receive test request information from a client, where the test request information includes a first webpage address identifier and a request parameter; responding to the test request information, and determining whether a target test case meeting a matching condition exists in the plurality of target test cases, wherein the matching condition is that a second webpage address identifier included by the target test case is the same as a first webpage address identifier, and each target test case comprises a second webpage address identifier, a tampering parameter and an expected test result; under the condition that the matching conditions are met in the target test cases, tampering the request parameters according to the tampering parameters to obtain tampering information; and sending the tampering information to the application server.
The application server 720 is in communication connection with the management server, wherein the application server is configured to respond to the tampering information to obtain a first response result, and send the first response result to the management server.
The management server 710 is further configured to generate a real test result according to the first response result and the expected test result.
According to the technical scheme of the embodiment of the disclosure, the management server receives test request information from the client, the test request information comprises a first webpage address identifier and request parameters, and in response to the test request information, if a target test case meeting matching conditions is determined to exist in a plurality of target test cases, the request parameters are tampered according to the tampering parameters to obtain tampering information, wherein the matching conditions are that a second webpage address identifier included by the target test case is the same as the first webpage address identifier included by the test request information. And sending the tampering information to an application server, responding the tampering information by the application server to obtain a first response result, and generating a test result according to the first response result and an expected test result. Because the second webpage address identification in the target test case corresponds to the test one by one, the targeted test is realized by determining whether the plurality of target test cases comprise the second webpage address identification which is the same as the first webpage address identification, so that the technical problem that the targeted test is difficult to realize is at least partially solved, the avoided content of the service layer can be filtered, and useless request and response data can not be generated, thereby improving the system performance and the test efficiency.
Fig. 8 schematically shows a block diagram of an electronic device adapted to implement the above described method according to an embodiment of the present disclosure. The electronic device shown in fig. 8 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 8, an electronic device 800 according to an embodiment of the present disclosure includes a processor 801 that can perform various appropriate actions and processes according to a program stored in a Read-Only Memory (ROM) 802 or a program loaded from a storage section 808 into a Random Access Memory (RAM) 803. The processor 801 may include, for example, a general purpose microprocessor (e.g., a CPU), an instruction set processor and/or associated chipset, and/or a special purpose microprocessor (e.g., an Application Specific Integrated Circuit (ASIC)), among others. The processor 801 may also include onboard memory for caching purposes. The processor 801 may include a single processing unit or multiple processing units for performing different actions of the method flows according to embodiments of the present disclosure.
In the RAM 803, various programs and data necessary for the operation of the electronic apparatus 800 are stored. The processor 801, the ROM 802, and the RAM 803 are connected to each other by a bus 804. The processor 801 performs various operations of the method flows according to the embodiments of the present disclosure by executing programs in the ROM 802 and/or RAM 803. Note that the programs may also be stored in one or more memories other than the ROM 802 and RAM 803. The processor 801 may also perform various operations of method flows according to embodiments of the present disclosure by executing programs stored in the one or more memories.
System 800 may also include an input/output (I/O) interface 805, also connected to bus 804, according to an embodiment of the disclosure. The system 800 may also include one or more of the following components connected to the I/O interface 805: an input portion 806 including a keyboard, a mouse, and the like; an output portion 807 including a Display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and a speaker; a storage portion 808 including a hard disk and the like; and a communication section 809 including a web interface card such as a LAN card, a modem, or the like. The communication section 809 performs communication processing via a web page such as the internet. A drive 810 is also connected to the I/O interface 805 as necessary. A removable medium 811 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 810 as necessary, so that a computer program read out therefrom is mounted on the storage section 808 as necessary.
According to embodiments of the present disclosure, method flows according to embodiments of the present disclosure may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable storage medium, the computer program containing program code for performing the method illustrated by the flow chart. In such an embodiment, the computer program may be downloaded and installed from a web page through communication section 809 and/or installed from removable media 811. The computer program, when executed by the processor 801, performs the above-described functions defined in the system of the embodiments of the present disclosure. The systems, devices, apparatuses, modules, units, etc. described above may be implemented by computer program modules according to embodiments of the present disclosure.
The present disclosure also provides a computer-readable storage medium, which may be contained in the apparatus/device/system described in the above embodiments; or may exist separately and not be assembled into the device/apparatus/system. The computer-readable storage medium carries one or more programs which, when executed, implement the method according to an embodiment of the disclosure.
According to an embodiment of the present disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium. Examples may include, but are not limited to: a portable Computer diskette, a hard disk, a Random Access Memory (RAM), a Read-Only Memory (ROM), an erasable Programmable Read-Only Memory (EPROM) (erasable Programmable Read-Only Memory) or flash Memory), a portable compact Disc Read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the preceding. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
For example, according to embodiments of the present disclosure, a computer-readable storage medium may include the ROM 802 and/or RAM 803 described above and/or one or more memories other than the ROM 802 and RAM 803.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions. Those skilled in the art will appreciate that various combinations and/or combinations of features recited in the various embodiments and/or claims of the present disclosure can be made, even if such combinations or combinations are not expressly recited in the present disclosure. In particular, various combinations and/or combinations of the features recited in the various embodiments and/or claims of the present disclosure may be made without departing from the spirit or teaching of the present disclosure. All such combinations and/or associations are within the scope of the present disclosure.
The embodiments of the present disclosure have been described above. However, these examples are for illustrative purposes only and are not intended to limit the scope of the present disclosure. Although the embodiments are described separately above, this does not mean that the measures in the embodiments cannot be used in advantageous combination. The scope of the disclosure is defined by the appended claims and equivalents thereof. Various alternatives and modifications can be devised by those skilled in the art without departing from the scope of the present disclosure, and such alternatives and modifications are intended to be within the scope of the present disclosure.

Claims (10)

1. A method of testing, comprising:
receiving test request information from a client, wherein the test request information comprises a first webpage address identifier and request parameters;
responding to the test request information, and determining whether a target test case meeting a matching condition exists in a plurality of target test cases, wherein the matching condition is that a second webpage address identifier included by the target test case is the same as the first webpage address identifier, and each target test case comprises the second webpage address identifier, a tampering parameter and an expected test result;
under the condition that a target test case meeting the matching condition exists in the plurality of target test cases, tampering the request parameter according to the tampering parameter to obtain tampering information;
sending the tampering information to an application server so that the application server responds to the tampering information to obtain a first response result; and
and generating a real test result according to the first response result and the expected test result.
2. The method of claim 1, wherein said generating a true test result from said first response result and said expected test result comprises:
if the expected test result is the same as the first response result, the real test result is that the test is passed; and
and if the expected test result is not the same as the first response result, the real test result is a test failure.
3. The method of claim 1, further comprising:
and under the condition that the target test case meeting the matching condition does not exist in the plurality of target test cases, sending the test request information to the application server so that the application server generates a second response result according to the test request information and sends the second response result to the client.
4. The method of claim 1, further comprising:
generating a plurality of original test cases according to preset conditions; and
and carrying out format conversion on each original test case to obtain a target test case.
5. The method of claim 1, wherein the receiving test request information from a client comprises:
and receiving test request information sent by the client through the proxy server.
6. The method of claim 1, wherein the sending the tamper information to an application server comprises:
and sending the tampering information to an application server through the proxy server.
7. A test apparatus, comprising:
the system comprises a receiving module, a sending module and a processing module, wherein the receiving module is used for receiving test request information from a client, and the test request information comprises a first webpage address identifier and request parameters;
the first response module is used for responding to the test request information and determining whether a target test case meeting a matching condition exists in a plurality of target test cases, wherein the matching condition is that a second webpage address identifier included by the target test case is the same as the first webpage address identifier, and each target test case comprises the second webpage address identifier, tampering parameters and an expected test result;
the tampering module is used for tampering the request parameters according to the tampering parameters under the condition that the test cases meeting the matching conditions exist in the target test cases, so as to obtain tampering information;
the second response module is used for sending the tampering information to an application server so that the application server can respond to the tampering information to obtain a first response result; and
and the generating module is used for generating a real test result according to the first response result and the expected test result.
8. A test system, comprising:
a management server to:
receiving test request information from a client, wherein the test request information comprises a first webpage address identifier and request parameters;
responding to the test request information, and determining whether a target test case meeting a matching condition exists in a plurality of target test cases, wherein the matching condition is that a second webpage address identifier included by the target test case is the same as the first webpage address identifier, and each target test case comprises the second webpage address identifier, a tampering parameter and an expected test result;
under the condition that a target test case meeting the matching condition exists in the plurality of target test cases, tampering the request parameter according to the tampering parameter to obtain tampering information; and
sending the tampering information to an application server;
the application server is in communication connection with the management server, and is used for responding to the tampering information to obtain a first response result and sending the first response result to the management server;
the management server is further configured to:
and generating a real test result according to the first response result and the expected test result.
9. An electronic device, comprising:
one or more processors;
a memory for storing one or more programs;
wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method of any of claims 1-6.
10. A computer readable storage medium having stored thereon executable instructions which, when executed by a processor, cause the processor to implement the method of any one of claims 1 to 6.
CN202010809723.1A 2020-08-12 2020-08-12 Test method, device, system, electronic equipment and storage medium Pending CN111914262A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010809723.1A CN111914262A (en) 2020-08-12 2020-08-12 Test method, device, system, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010809723.1A CN111914262A (en) 2020-08-12 2020-08-12 Test method, device, system, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN111914262A true CN111914262A (en) 2020-11-10

Family

ID=73284795

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010809723.1A Pending CN111914262A (en) 2020-08-12 2020-08-12 Test method, device, system, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN111914262A (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112785439A (en) * 2021-03-19 2021-05-11 中国工商银行股份有限公司 Method and device for testing intelligent contracts deployed on block link points
CN113162937A (en) * 2021-04-25 2021-07-23 中国工商银行股份有限公司 Application safety automatic detection method, system, electronic equipment and storage medium
CN113204477A (en) * 2021-03-31 2021-08-03 北京达佳互联信息技术有限公司 Application testing method and device, electronic equipment and storage medium
CN113297088A (en) * 2021-06-08 2021-08-24 北京百度网讯科技有限公司 Test method, test device, electronic apparatus, and storage medium
CN113364808A (en) * 2021-06-30 2021-09-07 北京天融信网络安全技术有限公司 Industrial control firewall testing method, device, equipment and storage medium
CN113419968A (en) * 2021-08-20 2021-09-21 北京达佳互联信息技术有限公司 Application testing method and device, electronic equipment and storage medium
CN113656283A (en) * 2021-07-19 2021-11-16 厦门雅基软件有限公司 Project testing method and device, electronic equipment and computer readable storage medium
CN114389969A (en) * 2022-01-12 2022-04-22 北京百度网讯科技有限公司 Client test method and device, electronic equipment and storage medium
CN114841567A (en) * 2022-05-06 2022-08-02 支付宝(杭州)信息技术有限公司 Safety knowledge level testing method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8856211B1 (en) * 2010-09-30 2014-10-07 Amazon Technologies, Inc. Flexible network testing
CN109446071A (en) * 2018-09-26 2019-03-08 深圳壹账通智能科技有限公司 Interface test method, interface test device, electronic equipment and storage medium
CN110414242A (en) * 2019-08-02 2019-11-05 中国工商银行股份有限公司 For detecting the method, apparatus, equipment and medium of service logic loophole
CN110851308A (en) * 2019-10-21 2020-02-28 香港乐蜜有限公司 Test method, test device, electronic equipment and storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8856211B1 (en) * 2010-09-30 2014-10-07 Amazon Technologies, Inc. Flexible network testing
CN109446071A (en) * 2018-09-26 2019-03-08 深圳壹账通智能科技有限公司 Interface test method, interface test device, electronic equipment and storage medium
CN110414242A (en) * 2019-08-02 2019-11-05 中国工商银行股份有限公司 For detecting the method, apparatus, equipment and medium of service logic loophole
CN110851308A (en) * 2019-10-21 2020-02-28 香港乐蜜有限公司 Test method, test device, electronic equipment and storage medium

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112785439A (en) * 2021-03-19 2021-05-11 中国工商银行股份有限公司 Method and device for testing intelligent contracts deployed on block link points
CN113204477A (en) * 2021-03-31 2021-08-03 北京达佳互联信息技术有限公司 Application testing method and device, electronic equipment and storage medium
CN113204477B (en) * 2021-03-31 2024-01-12 北京达佳互联信息技术有限公司 Application testing method and device, electronic equipment and storage medium
CN113162937A (en) * 2021-04-25 2021-07-23 中国工商银行股份有限公司 Application safety automatic detection method, system, electronic equipment and storage medium
CN113297088A (en) * 2021-06-08 2021-08-24 北京百度网讯科技有限公司 Test method, test device, electronic apparatus, and storage medium
CN113297088B (en) * 2021-06-08 2023-11-07 北京百度网讯科技有限公司 Test method, test device, electronic equipment and storage medium
CN113364808A (en) * 2021-06-30 2021-09-07 北京天融信网络安全技术有限公司 Industrial control firewall testing method, device, equipment and storage medium
CN113364808B (en) * 2021-06-30 2022-09-16 北京天融信网络安全技术有限公司 Industrial control firewall testing method, device, equipment and storage medium
CN113656283A (en) * 2021-07-19 2021-11-16 厦门雅基软件有限公司 Project testing method and device, electronic equipment and computer readable storage medium
CN113419968A (en) * 2021-08-20 2021-09-21 北京达佳互联信息技术有限公司 Application testing method and device, electronic equipment and storage medium
CN114389969A (en) * 2022-01-12 2022-04-22 北京百度网讯科技有限公司 Client test method and device, electronic equipment and storage medium
CN114841567A (en) * 2022-05-06 2022-08-02 支付宝(杭州)信息技术有限公司 Safety knowledge level testing method and device

Similar Documents

Publication Publication Date Title
CN111914262A (en) Test method, device, system, electronic equipment and storage medium
CN109716343B (en) Enterprise graphic method for threat detection
US11665201B2 (en) Computer implemented system and method, and computer program product for reversibly remediating a security risk
US10032037B1 (en) Establishing application trust levels using taint propagation as a service
US20210234892A1 (en) Metadata-Based Detection and Prevention of Phishing Attacks
CN112703496B (en) Content policy based notification to application users regarding malicious browser plug-ins
CN108989369B (en) Method and system for limiting current of user request
US20190222587A1 (en) System and method for detection of attacks in a computer network using deception elements
KR20170101905A (en) Phishing page detection method and device
US20190238544A1 (en) Tracking and whitelisting third-party domains
CN113079164A (en) Remote control method and device for bastion machine resources, storage medium and terminal equipment
CN110764979A (en) Log identification method, system, electronic device and computer readable medium
CN113162937A (en) Application safety automatic detection method, system, electronic equipment and storage medium
CN113362173A (en) Anti-duplication mechanism verification method, anti-duplication mechanism verification system, electronic equipment and storage medium
CN114490264A (en) File monitoring method and device of application system, electronic equipment and storage medium
CN114301713A (en) Risk access detection model training method, risk access detection method and risk access detection device
CN114491489A (en) Request response method and device, electronic equipment and storage medium
CN110851754A (en) Webpage access method and system, computer system and computer readable storage medium
CN113158107A (en) Method and device for accessing notification bar message, electronic equipment and storage medium
US20230123342A1 (en) Vulnerability determination device, vulnerability determination method, and vulnerability determination program
CN113132303A (en) Information processing method and device executed by firewall
CN117176576A (en) Network resource changing method, device, equipment and storage medium
CN113946295A (en) Authority control method and device
CN114254621A (en) Document auditing method and device, electronic equipment and storage medium
CN116149876A (en) Resource sharing method and device, electronic equipment and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination