Cypress.IO support for JSONP - jsonp

I've been able to use the following successfully with XHR Requests:
cy.server();
cy.route('GET','**/foo').as('bar');
//trigger ui event that make xhr GET request
cy.wait('#bar');
//happily proceed...
However, if I apply the same logic above, but to a JSONP Network Request, then cy.wait(...) will eventually time out.
The application I am testing sends jsonp requests. Using cypress.io, I would like to register these requests with the intent of waiting for a response using something like cy.wait. Does cypress.io provide any support for jsonp requests?

Related

Can Cypress intercept requests being made directly to a server?

I have been trying to intercept a server request using Cypress' intercept method.
I have noticed that Cypress can intercept requests made through the front-end/browser, however, the intercept method doesn't work if I make a request directly to the back-end server.
Let me clarify what I mean:
One thing is intercepting a request that the front-end/browser makes to the back-end server.
Another thing is intercepting a call that doesn't use the browser but calls directly the back-end endpoint.
For example:
I can create a user using the front-end interface
or I can create a user calling the back-end endpoint directly (directly calling the server).
Coming back to my question. Is there a way to intercept a call that was made directly to the back-end endpoint?
This is what I have tried so far:
I wrote a regex to intercept api/v0/customers
I then made a request to http://locahost:5440/api/v0/customers (which is the URL of the server)
Finally, I waited for the request to happen
Timeout request using Cypress intercept method
cy.intercept(/^\/api\/v0\/customers\/$/).as('createCustomer');
cy.request(createCustomer(customerData, headers));
cy.wait('#createCustomer').then(({ status, body }) => {
const customerId = body.customer_id;
console.log(body);
expect(status).equal(201);
});
Here's the problem: There was a timeout error.
As you can see in the image, I'm making a request to http://locahost:5440 which is the server URL. NOTE: I made sure the server was up and running.
The regex is also correct and it will match the endpoint http://locahost:5440/api/v0/customers
I suspect that intercept only works for requests being made through the browser. Is this assertion correct? I couldn't find this answer anywhere in the Cypress docs.
Is there a way for me to intercept a call being made directly to a server (not using the browser)?
You don't have to intercept the requests you explicitly make with cypress, just use .then to get the response, like this:
cy.request(createCustomer(customerData, headers)).then((response) => {
const customerId = response.body.customer_id;
console.log(response.body);
expect(response.status).equal(201);
});
Reference: https://docs.cypress.io/api/commands/request#Yields

Writing tests with http request without response

I need to prepare a Java test (citrus framework) which initial step is sending a http request. Unfortunately my app under tests does not reply to this http request with anything while my testing framework expects to have a response and generates an error otherwise. The best way to deal with such a situation which came to my mind is to use some kind of a proxy between my testing framework and actual application which will forward the test request to the actual application and reply back to the testing framework with OK status not waiting for the response from app.
Does it make a sense? How could I prepare such a proxy assuming that my tests are to be running with maven invocation?
I see following options:
Fire and forget: send the Http request (using the fork mode on the send operation in Citrus) and do not care for the response at all. Just leave out the receive message action to ignore the response in Citrus.
Expect the timeout: Send the Http request and use the receive timeout action to verify that the client does not receive a response in the given time
Assert/catch the timeout exception: Use the assert or catch action in Citrus to handle the timeout exception when sending the http request
Personally I would go for the option #2 where you send the Http request and verify that there is no response for a given amount of time. This makes sure that the actual behavior of your application to not send any response does not change over time.

Is there any way to block HTTP requests made by Postman in .NET Core?

I just wanted to know whether is there any way block to HTTP requests made by POSTMAN? Just like browser with the help of CORS allows only specific origins to access a resource. Thanks in advance.
No.
In CORS, it's browser job to block request (or answer), your server does not know "truth" about request. If some power user will disable "following CORS rules" in browser settings/flags - your CORS settings will be ignored.
And even if you will find some "special headers" that POSTMAN will "understand" and refuse to work - there are many other "clients" that can send http(s) requests to server (curl, Fiddler, ...).
I am not aware of anything that gives away the fact that the request is made via Postman.
At the end of the day, Postman is a simple client so the fact that the request is coming through it, or any other client as a matter of fact is irrelevant. Postman's job is to help talk to APIs and even automate this process.
If you are worried about security then secure your API first. Then you wouldn't really care how you get a request, as long as it's authenticated and actually allowed to talk to your API.
This is maybe old for this question but one of the easiest way to handle such situation is to
app.Use(async (context, next) =>
{
if (context.Request.Headers["Referer"].ToString() != "http://localhost:4200/")
{
byte[] data = Encoding.ASCII.GetBytes("Not Recognized Request");
await context.Response.Body.WriteAsync(data);
return;
}
await next();
});
This is useful for .Net core and must set in startup--> configure section.
via this approach you will restrict your API to "Http://localhost:4200" which would be the "Referer" that you want to restrict to.
So because postman has no "Referer" it will get "Not Recognized request" as response.

End to end test http requests

What end-to-end testing JavaScript framework is best to test outgoing HTTP requests?
I want to test HTTP request's payloads as well.
I am considering Nightwatch.js, but so far I couldn't figure out if Nightwatch.js allows testing the HTTP request and its payload.
(I am not using AngularJS on my website.)
I would recommend using Puppeteer to test HTTP requests.
There is an entire request class built-in for when a request is issued by a page:
request.abort()
request.continue()
request.failure()
request.frame()
request.headers()
request.isNavigationRequest()
request.method()
request.postData()
request.redirectChain()
request.resourceType()
request.respond()
request.response()
request.url()
There is also a response class for when/if the response is received by the page for the request:
response.buffer()
response.fromCache()
response.fromServiceWorker()
response.headers()
response.json()
response.ok()
response.request()
response.securityDetails()
response.status()
response.text()
response.url()
or you can use request-promise lib and to be happy)

Detect Authorized response after AJAX call

I have an API which I consume from a VueJS app, backend is handled through Laravel 5.2.
I have setup automatic session timeout after 15min, but if happens you're in the site and try to do anything, I have a loading screen, and it freezes as you're unauthorized.
I wanted to know if there's any global method to read Unauthorized response when all requests are made.
I don't know what this is called, so I wouldn't know how to properly Google the feature.
I'm using VueJS Resource $http library to manage all requests.
Thanks!
I've finally made my way to the right documentation, it was under Vue-Resource, and these are called Interceptors.
https://github.com/vuejs/vue-resource/blob/master/docs/http.md