dqoqnmb163241 2017-03-15 02:51
浏览 86
已采纳

在Codeception中,是否可以在解析之前拦截和修改HTTP响应? 如果是这样,怎么样?

I am new to Codeception and I am researching using it to run our integration / acceptance test suite (currently some phpunit scripts...). It seems like a very interesting tool but I've run into an issue that could prevent us from using it.

I'm trying to find a way to inject a middleware or create a module that will allow me to strip the JSON protection string from our server's response before it's decoded by the REST module.

The JSON is prefixed with ")]}', " to make the object invalid, which protects against a type of CSRF vulnerability in some browsers, but it breaks json_decode() (intentionally) and the Codeception REST validation methods.

I'm looking for a way to modify the response, to strip off the prefix, before the test suite begins using the data. Does anyone know if that's possible? Or if there are any built-in ways to work with or rewrite response bodies?

Unfortunately, removing the prefix from the server output is not an option. Thanks for any advice!

  • 写回答

1条回答 默认 最新

  • doyp9057 2017-03-17 21:23
    关注

    You can modify HTTP response content before it is parsed by REST module.

    REST module uses PhpBrowser or some Framefork module as HTTP-client. So to remove JSON protection string you need to create your own module that extends PhpBrowser and overrides _getResponseContent() method and then use this module in REST module config as dependency.

    Let's assume I have REST method http://example.dev/api/v1/test that returns following JSON string with protection prefix

    )]}'
{"test":"smest"}

    /tests/api.suite.yml

    class_name: ApiTester
modules:
    enabled:
        - REST:
            depends: \Helper\MyPhpBrowser
            url: 'http://example.dev/api/v1/'      
        - \Helper\Api

    /tests/_support/Helper/MyPhpBrowser.php

    <?php
namespace Helper;

class MyPhpBrowser extends \Codeception\Module\PhpBrowser
{
    public function _getResponseContent()
    {
        $rawContent = (string)$this->client->getInternalResponse()->getContent();

        // Here we're going to delete protection prefix from response content 
        $rawContent = preg_replace("/^\)\]\}'
/", "", $rawContent);

        return $rawContent;
    }
}

    /api/smestCept.php

    <?php 
$I = new ApiTester($scenario);

$I->sendGET('test');

$I->seeResponseContainsJson(['test' => 'smest']);

    Result

    $ codecept run api smestCept.php
Codeception PHP Testing Framework v2.2.4
Powered by PHPUnit 4.8.27 by Sebastian Bergmann and contributors.

Api Tests (1) -------------------------------------
✔ smestCept:  (0.29s)
---------------------------------------------------


Time: 579 ms, Memory: 12.50MB

OK (1 test, 1 assertion)
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 #MATLAB仿真#车辆换道路径规划
  • ¥15 java 操作 elasticsearch 8.1 实现 索引的重建
  • ¥15 数据可视化Python
  • ¥15 要给毕业设计添加扫码登录的功能!!有偿
  • ¥15 kafka 分区副本增加会导致消息丢失或者不可用吗?
  • ¥15 微信公众号自制会员卡没有收款渠道啊
  • ¥100 Jenkins自动化部署—悬赏100元
  • ¥15 关于#python#的问题:求帮写python代码
  • ¥20 MATLAB画图图形出现上下震荡的线条
  • ¥15 关于#windows#的问题:怎么用WIN 11系统的电脑 克隆WIN NT3.51-4.0系统的硬盘