CN102136964A - Website testing method and system - Google Patents

Website testing method and system Download PDF

Info

Publication number
CN102136964A
CN102136964A CN2010105593556A CN201010559355A CN102136964A CN 102136964 A CN102136964 A CN 102136964A CN 2010105593556 A CN2010105593556 A CN 2010105593556A CN 201010559355 A CN201010559355 A CN 201010559355A CN 102136964 A CN102136964 A CN 102136964A
Authority
CN
China
Prior art keywords
website
test
identification information
testing
http packet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2010105593556A
Other languages
Chinese (zh)
Other versions
CN102136964B (en
Inventor
张华�
蒙琳
郑明忠
李莉
舒敏根
郭利江
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Information Technology Co Ltd
Original Assignee
China Mobile Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Shenzhen Co Ltd filed Critical China Mobile Shenzhen Co Ltd
Priority to CN 201010559355 priority Critical patent/CN102136964B/en
Publication of CN102136964A publication Critical patent/CN102136964A/en
Application granted granted Critical
Publication of CN102136964B publication Critical patent/CN102136964B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention relates to a website testing method, which comprises the following steps of: 1, logging in a testing website, and acquiring identification information in a message transmitted by the testing website; and 2, transmitting an access request to the testing website according to the identification information to acquire website testing data. The invention also discloses a website testing system, which comprises an acquisition module and a testing module, wherein the acquisition module is used for logging in the testing website, and acquiring the identification information in the message transmitted by the testing website; and the testing module is used for transmitting the access request to the testing website according to the identification information to acquire the website testing data. In the website testing method and the website testing system provided by the invention, a verification code is not required in a way of forging website login information by utilizing the website identification information, and a developer is not required to regulate a code of the website, so low cost is ensured, and security risks are avoided.

Description

A kind of website method of testing and system
Technical field
The present invention relates to the website field tests, more particularly, relate to a kind of website method of testing and system that utilizes website logo information to carry out the website test.
Background technology
In order to protect privacy of user, nearly all website all uses the identifying code technology to improve the safe coefficient of user profile.Along with the development of technology, the identifying code verification technique is tending towards complicated, and computer can't automatically identify all identifying codes, brings big difficulty to automatic test when therefore guaranteeing information security, and follow-up test job also can't launch.For this situation, take following way to solve this problem that identifying code brings usually: 1, the contact developer masks identifying code; 2, the contact developer provides the generic validation sign indicating number.By top two kinds of methods, can avoid the problem of identifying code.
But from top two kinds of methods as can be known, avoiding identifying code depends on the developer and adjusts code.For a system that has reached the standard grade, carry out the improvement cost height for test, and transformation can bring certain security risk, two kinds of methods are all not too suitable in the case.
Summary of the invention
The technical problem to be solved in the present invention is, at the website method of testing of prior art and system because avoid the defective of the high and security risk of cost that the identifying code problem brings.Provide a kind of utilize website logo information forge the website the mode of log-on message walk around the website method of testing and the system of identifying code, this website method of testing and system do not need the developer to adjust the website code, low, the no security risk of cost.
The technical solution adopted for the present invention to solve the technical problems is: construct a kind of website method of testing, comprising step: S1, land the test website, obtain the identification information in the message that sends described test website; S2, send access request to obtain the website test data to described test website according to described identification information.
In the method for testing of website of the present invention, described step S1 comprises: S11, login test website, obtain the HTTP packet that all this machine network interface cards receive, whether send, produce judged result from described test website according to the described HTTP packet of the Host determined property of described HTTP packet; S12, according to described judged result, obtain the identification information in the message that sends described test website.
In the method for testing of website of the present invention, described step S12 comprises: when Cookie is used in described test website, obtain described identification information in the cookie information from heading; When Cookie is not used in described test website, from the Accept information of heading, obtain described identification information.
In the method for testing of website of the present invention, described step S2 comprises: S21, according to described identification information structure HTTP packet; S22, send access request to obtain the website test data to described test website according to described HTTP packet.
In the method for testing of website of the present invention, described step S21 comprises: when Cookie is used in described test website, use described identification information to constitute Cookie attribute information in the heading of described HTTP packet; When Cookie is not used in described test website, use described identification information to constitute Accept attribute information in the heading of described HTTP packet.
The present invention also constructs a kind of Website testing system, comprising: acquisition module: be used to land the test website, obtain the identification information in the message that sends described test website; And test module: be used for sending access request to obtain the website test data to described test website according to described identification information.
In Website testing system of the present invention, described acquisition module comprises: judging unit: be used for login test website, obtain the HTTP packet that all this machine network interface cards receive, whether send according to the described HTTP packet of the Host determined property of described HTTP packet, produce judged result from described test website; And acquiring unit: be used for according to described judged result, obtain the identification information in the message that sends described test website.
In Website testing system of the present invention, when Cookie is used in described test website, obtain described identification information in the cookie information of described acquiring unit from heading; When Cookie was not used in described test website, described acquiring unit obtained described identification information from the Accept information of heading.
In Website testing system of the present invention, described test module comprises: structural unit: be used for according to described identification information structure HTTP packet; And test cell: be used for sending access request to obtain the website test data to described test website according to described HTTP packet.
In Website testing system of the present invention, when Cookie was used in described test website, described structural unit used described identification information to constitute Cookie attribute information in the heading of described HTTP packet; When Cookie was not used in described test website, described structural unit used described identification information to constitute Accept attribute information in the heading of described HTTP packet.
Implement website of the present invention method of testing and system, have following beneficial effect: utilize website logo information forge the website the mode of log-on message walk around identifying code, do not need the developer to adjust the website code, low, the no security risk of cost.
The workload that identification information obtains is reduced as elementary screening in the source of judging the HTTP packet.Adopt different identification information getting method and using method for using different test website with not using Cookie.
Description of drawings
The invention will be further described below in conjunction with drawings and Examples, in the accompanying drawing:
Fig. 1 is the flow chart of first preferred embodiment of website of the present invention method of testing;
Fig. 2 is the flow chart of second preferred embodiment of website of the present invention method of testing;
Fig. 3 is the flow chart of the 3rd preferred embodiment of website of the present invention method of testing;
Fig. 4 is the structural representation of first preferred embodiment of Website testing system of the present invention;
Fig. 5 is the structural representation of second preferred embodiment of Website testing system of the present invention;
Fig. 6 is the structural representation of the 3rd preferred embodiment of Website testing system of the present invention.
Embodiment
In order to make purpose of the present invention, technical scheme and advantage clearer,, the present invention is further elaborated below in conjunction with drawings and Examples.Should be appreciated that specific embodiment described herein only in order to explanation the present invention, and be not used in qualification the present invention.
In the flow chart of first preferred embodiment of website of the present invention method of testing shown in Figure 1, described website method of testing starts from step 100; Proceed to step 101 after the step 100, land the test website, obtain the identification information in the message that sends described test website; Subsequently, to next step 102, send access request to obtain the website test data to described test website according to described identification information; This method ends at step 103 at last.When adopting this website method of testing to carry out the website test, initial landing test website, from the message that the test website is returned, read identification information after landing successfully, when carrying out the website test subsequently, the identification information that application is obtained sends access request (project of test) to the test website, obtains the data of returning the website and tests to carry out the website.Can avoid every test when carrying out the website test so all needs the input validation sign indicating number, does not need the developer to adjust the website code, has avoided transforming the expensive and security risk that cause the website for adjusting the website code.
In the flow chart of second preferred embodiment of website of the present invention method of testing shown in Figure 2, described website method of testing starts from step 200; Proceed to step 201 after the step 200, whether login test website obtains the HTTP packet that all this machine network interface cards receive, send from described test website according to the described HTTP packet of the Host determined property of described HTTP packet, produces judged result; Subsequently, to next step 202,, obtain the identification information in the message that sends described test website according to described judged result; Subsequently, to next step 203, send access request to obtain the website test data to described test website according to described identification information.This method ends at step 204 at last.After landing the test website, this machine network interface card will receive outside HTTP packet, wherein have from the test website and send, also have and send from non-test website, whether the Host determined property HTTP packet according to the HTTP packet that receives sends from the test website, as sending the identification information that then from the HTTP packet, obtains in the message, as not being to send and then abandon this HTTP packet from the test website from the test website.Being provided with like this can significantly reduce the workload that identification information obtains, and avoids obtaining wrong identification information.
In the flow chart of the 3rd preferred embodiment of website of the present invention method of testing shown in Figure 3, described website method of testing starts from step 300; Proceed to step 301 after the step 300, land the test website, obtain the identification information in the message that sends described test website; Subsequently, to next step 302, according to described identification information structure HTTP packet; Subsequently, to next step 303, send access request to obtain the website test data to described test website according to described HTTP packet.This method ends at step 304 at last.Forge website log-on message by the feasible website logo information of can utilizing of identification information structure HTTP packet, thereby walk around the process of input validation sign indicating number, make that the website automatic test is carried out.
Preferred embodiment as website of the present invention method of testing, when Cookie is used in described test website, obtain described identification information in the cookie information from heading, use described identification information to constitute Cookie attribute information in the heading of described HTTP packet; When Cookie is not used in described test website, from the Accept information of heading, obtain described identification information, use described identification information to constitute Accept attribute information in the heading of described HTTP packet.At the website two kinds of settings using Cookie and do not use Cookie may be set, adopt obtaining and using method of different identification informations.
When Cookie is used in described test website, obtain described identification information in the cookie information from the heading of testing the HTTP packet that sends the website, be generally: JSESSIONID=xxx, information is identification information after the SESSIONID parameter.
Carry out website when test, use described identification information to constitute Cookie attribute information in the heading of described HTTP packet, specific as follows:
GET/user_details.jsp?HTTP/1.1
Accept:image/gif,image/jpeg,image/pjpeg,image/pjpeg,
Accept-Language:zh-cn
Accept-Encoding:gzip,deflate
Host: website IP:8080
Connection:Keep-Alive
Cookie: get access to sign and write herein
When Cookie is not used in described test website, from the Accept information of the heading of the HTTP packet that sends of test website, obtain described identification information, is identification information generally among the Accept: http://www.xxx.com/xxx/xx.xx? JSESSIONID=xxxx, information is identification information after the JSESSIONID parameter.
Carry out website when test, use described identification information to constitute Accept attribute information in the heading of described HTTP packet, specific as follows:
GET/user_details.jsp? JSESSIONID=gets access to sign and writes HTTP/1.1 herein
Accept:image/gif,image/jpeg,image/pjpeg,image/pjpeg,
Accept-Language:zh-cn
Accept-Encoding:gzip,deflate
Host: website IP:8080
Connection:Keep-Alive。
So promptly realized website test to the automation of use and the different test website of not using Cookie.
The present invention also constructs a kind of Website testing system, and in the structural representation of first preferred embodiment of Website testing system of the present invention shown in Figure 4, described Website testing system comprises acquisition module 1 and test module 2.Acquisition module 1 is used to land the test website, obtains the identification information in the message that sends described test website; Test module 2 is used for sending access request to obtain the website test data according to described identification information to described test website.When adopting this website test macro to carry out the website test, at first acquisition module 1 lands the test website, from the message that the test website is returned, read identification information after landing successfully, when carrying out the website test subsequently, test module 2 is used the identification information that obtains and is sent access request (project of test) to the test website, obtains the data of returning the website and tests to carry out the website.Can avoid every test when carrying out the website test so all needs the input validation sign indicating number, does not need the developer to adjust the website code, has avoided transforming the expensive and security risk that cause the website for adjusting the website code.
In the structural representation of second preferred embodiment of Website testing system of the present invention shown in Figure 5, acquisition module 1 comprises judging unit 11 and acquiring unit 12.Whether judging unit 11 is used for login test website, obtains the HTTP packet that all this machine network interface cards receive, send from described test website according to the described HTTP packet of the Host determined property of described HTTP packet, produces judged result; Acquiring unit 12 is used for according to described judged result, obtains the identification information in the message that sends described test website.After landing the test website, this machine network interface card will receive outside HTTP packet, wherein have from the test website and send, also have and send from non-test website, whether judging unit 11 sends from the test website according to the Host determined property HTTP packet of the HTTP packet that receives, as sending 12 identification informations that obtain in the message of acquiring unit from the test website from the HTTP packet, as not being to send from the test website, 12 of acquiring units abandon this HTTP packet.Being provided with like this can significantly reduce the workload that identification information obtains, and avoids obtaining wrong identification information.
In the structural representation of the 3rd preferred embodiment of Website testing system of the present invention shown in Figure 6, test module 2 comprises structural unit 21 and test cell 22.Structural unit 21 is used for according to described identification information structure HTTP packet; Test cell 22 is used for sending access request to obtain the website test data according to described HTTP packet to described test website.Structural unit 21 makes test cell 22 can utilize website logo information to forge website log-on message by identification information structure HTTP packet, thereby walks around the process of input validation sign indicating number, makes that the website automatic test is carried out.
Preferred embodiment as Website testing system of the present invention, when Cookie is used in described test website, obtain described identification information in the cookie information of acquiring unit 12 from heading, structural unit 21 uses described identification information to constitute Cookie attribute information in the heading of described HTTP packet; When Cookie was not used in described test website, acquiring unit 12 obtained described identification information from the Accept information of heading, and structural unit 21 uses described identification information to constitute Accept attribute information in the heading of described HTTP packet.At the website two kinds of settings using Cookie and do not use Cookie may be set, adopt obtaining and using method of different identification informations.Concrete implementation is referring to above-mentioned relevant website method of testing.So promptly realized website test to the automation of use and the different test website of not using Cookie.
The above only is embodiments of the invention; be not so limit claim of the present invention; every equivalent structure transformation that utilizes specification of the present invention and accompanying drawing content to be done, or directly or indirectly be used in other relevant technical fields, all in like manner be included in the scope of patent protection of the present invention.

Claims (10)

1. a website method of testing is characterized in that, comprises step:
S1, land the test website, obtain the identification information in the message that sends described test website;
S2, send access request to obtain the website test data to described test website according to described identification information.
2. website according to claim 1 method of testing is characterized in that, described step S1 comprises:
Whether S11, login test website obtain the HTTP packet that all this machine network interface cards receive, send from described test website according to the described HTTP packet of the Host determined property of described HTTP packet, produce judged result;
S12, according to described judged result, obtain the identification information in the message that sends described test website.
3. website according to claim 2 method of testing is characterized in that, described step S12 comprises: when Cookie is used in described test website, obtain described identification information in the cookie information from heading; When Cookie is not used in described test website, from the Accept information of heading, obtain described identification information.
4. website according to claim 1 method of testing is characterized in that, described step S2 comprises:
S21, according to described identification information structure HTTP packet;
S22, send access request to obtain the website test data to described test website according to described HTTP packet.
5. website according to claim 4 method of testing is characterized in that, described step S21 comprises: when Cookie is used in described test website, use described identification information to constitute Cookie attribute information in the heading of described HTTP packet; When Cookie is not used in described test website, use described identification information to constitute Accept attribute information in the heading of described HTTP packet.
6. a Website testing system is characterized in that, comprising:
Acquisition module (1): be used to land the test website, obtain the identification information in the message that sends described test website; And
Test module (2): be used for sending access request to obtain the website test data to described test website according to described identification information.
7. Website testing system according to claim 6 is characterized in that, described acquisition module (1) comprising:
Judging unit (11): be used for login test website, obtain the HTTP packet that all this machine network interface cards receive, whether send, produce judged result from described test website according to the described HTTP packet of the Host determined property of described HTTP packet; And
Acquiring unit (12): be used for according to described judged result, obtain the identification information in the message that sends described test website.
8. Website testing system according to claim 7 is characterized in that, when Cookie is used in described test website, obtains described identification information in the cookie information of described acquiring unit (12) from heading; When Cookie was not used in described test website, described acquiring unit (12) obtained described identification information from the Accept information of heading.
9. Website testing system according to claim 6 is characterized in that, described test module (2) comprising:
Structural unit (21): be used for according to described identification information structure HTTP packet; And
Test cell (22): be used for sending access request to obtain the website test data to described test website according to described HTTP packet.
10. Website testing system according to claim 9 is characterized in that, when Cookie was used in described test website, described structural unit (21) used described identification information to constitute Cookie attribute information in the heading of described HTTP packet; When Cookie was not used in described test website, described structural unit (21) used described identification information to constitute Accept attribute information in the heading of described HTTP packet.
CN 201010559355 2010-11-25 2010-11-25 Website testing method and system Active CN102136964B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 201010559355 CN102136964B (en) 2010-11-25 2010-11-25 Website testing method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 201010559355 CN102136964B (en) 2010-11-25 2010-11-25 Website testing method and system

Publications (2)

Publication Number Publication Date
CN102136964A true CN102136964A (en) 2011-07-27
CN102136964B CN102136964B (en) 2013-02-27

Family

ID=44296625

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 201010559355 Active CN102136964B (en) 2010-11-25 2010-11-25 Website testing method and system

Country Status (1)

Country Link
CN (1) CN102136964B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102541732A (en) * 2011-12-23 2012-07-04 中国移动(深圳)有限公司 Method for constructing Web automatic testing framework
CN103490896A (en) * 2013-09-16 2014-01-01 北京鹏宇成软件技术有限公司 Multi-user website automatic logger and achieving method thereof
CN103634159A (en) * 2012-08-24 2014-03-12 百度在线网络技术(北京)有限公司 Registration simulation-based flow playback method and apparatus
CN104580436A (en) * 2014-12-29 2015-04-29 北京锐安科技有限公司 Method and device for acquiring report data of illegal website
CN108370381A (en) * 2016-01-04 2018-08-03 微软技术许可有限责任公司 For using client honey guide to detect the system and method for advanced attacker
CN109635549A (en) * 2018-12-13 2019-04-16 郑州云海信息技术有限公司 A kind of method and device verified in automatic test

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1952964A (en) * 2005-10-18 2007-04-25 邱文志 Testing method for web site system
CN101572608A (en) * 2009-06-17 2009-11-04 杭州华三通信技术有限公司 Method and device for acquiring once-login parameters
WO2010014386A1 (en) * 2008-07-29 2010-02-04 Motorola, Inc. Method and system for securing communication sessions
CN101778013A (en) * 2009-12-28 2010-07-14 北京世纪互联宽带数据中心有限公司 Website testing system and method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1952964A (en) * 2005-10-18 2007-04-25 邱文志 Testing method for web site system
WO2010014386A1 (en) * 2008-07-29 2010-02-04 Motorola, Inc. Method and system for securing communication sessions
CN101572608A (en) * 2009-06-17 2009-11-04 杭州华三通信技术有限公司 Method and device for acquiring once-login parameters
CN101778013A (en) * 2009-12-28 2010-07-14 北京世纪互联宽带数据中心有限公司 Website testing system and method

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102541732A (en) * 2011-12-23 2012-07-04 中国移动(深圳)有限公司 Method for constructing Web automatic testing framework
CN102541732B (en) * 2011-12-23 2015-05-27 中国移动(深圳)有限公司 Method for constructing Web automatic testing framework
CN103634159A (en) * 2012-08-24 2014-03-12 百度在线网络技术(北京)有限公司 Registration simulation-based flow playback method and apparatus
CN103634159B (en) * 2012-08-24 2018-11-09 百度在线网络技术(北京)有限公司 A kind of traffic playback method and device based on simulation login
CN103490896A (en) * 2013-09-16 2014-01-01 北京鹏宇成软件技术有限公司 Multi-user website automatic logger and achieving method thereof
CN103490896B (en) * 2013-09-16 2017-02-08 北京创世泰克科技股份有限公司 Multi-user website automatic logger and achieving method thereof
CN104580436A (en) * 2014-12-29 2015-04-29 北京锐安科技有限公司 Method and device for acquiring report data of illegal website
CN108370381A (en) * 2016-01-04 2018-08-03 微软技术许可有限责任公司 For using client honey guide to detect the system and method for advanced attacker
CN108370381B (en) * 2016-01-04 2020-12-29 微软技术许可有限责任公司 System and method for detecting advanced attackers using client-side honey marks
CN109635549A (en) * 2018-12-13 2019-04-16 郑州云海信息技术有限公司 A kind of method and device verified in automatic test

Also Published As

Publication number Publication date
CN102136964B (en) 2013-02-27

Similar Documents

Publication Publication Date Title
CN102136964B (en) Website testing method and system
CN105302732B (en) A kind of automatic test approach and device of mobile terminal
CN102801616B (en) Message sending and receiving method, device and system
CN105051685B (en) For causing networked asset to be able to access that locally applied system and method
US9294463B2 (en) Apparatus, method and system for context-aware security control in cloud environment
JP5863199B2 (en) Method and system for providing MDT measurement information to a base station in a wireless network environment
CN105897652A (en) Standard protocol based heterogeneous terminal dynamic access method
WO2016144518A1 (en) Method and apparatus for fast communication of information during bluetooth discovery phase
CN103198130A (en) Method and device for realizing login unified with webpage on client side
CN108459850B (en) Method, device and system for generating test script
CN106484611A (en) Fuzz testing method and apparatus based on automation protocol adaptation
CN102761456A (en) Method, device and system for acquiring performance parameters of browser of mobile terminal
CN103490896B (en) Multi-user website automatic logger and achieving method thereof
CN110290015A (en) Remote deployment method, apparatus and storage medium
CN104123125A (en) Webpage resource acquisition method and device
CN103973858A (en) Automatic testing system of mobile terminals
CN105095764A (en) Virus checking and killing method and device
WO2017054307A1 (en) Recognition method and apparatus for user information
CN111066014A (en) Apparatus, method and program for remotely managing devices
CN103997437A (en) Cloud server registration function testing method
KR101593993B1 (en) Apparatus and method of data communication among web applications
CN110995538B (en) Network data acquisition method, device, system, equipment and storage medium
CN108363922B (en) Automatic malicious code simulation detection method and system
CN103095702A (en) Request message reporting and processing method and device thereof
CN115278211A (en) Image processing method, device and system and image acquisition equipment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: 518048 Guangdong province Futian District Shenzhen City Binhe Road, No. 9023, building 11, 41 layers of the country through the

Patentee after: Medium shift information technology Co., Ltd.

Address before: 518048 Futian District Binhe Road, Shenzhen, Guangdong Province, ten building, Xinzhou mansion, Xinzhou

Patentee before: China Mobile (Shenzhen) Co., Ltd.

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20200312

Address after: Room 1006, building 16, yard 16, Yingcai North Third Street, future science city, Changping District, Beijing 100000

Co-patentee after: CHINA MOBILE COMMUNICATIONS GROUP Co.,Ltd.

Patentee after: China Mobile Information Technology Co., Ltd

Address before: 518048, Guangdong Province, Futian District, Shenzhen Binhe Road, 9023 Tong Building, 11 and 41

Patentee before: Medium shift information technology Co., Ltd.