I am looking for guidelines/best practice for testing REST services. For example, if I have the following JSON payload in a REST request: { "maxActiveBadges": "1", "photoUrl": "https://someurl/?employeeId=12345", "employeeId": "12345" } The way I've approached testing this is obviously number 1 to test the happy path scenario to ensure I get a 200 response code. Then there are many negative scenarios I can cover: missing input fields, misspelled input fields, incorrect formatting of input fields (e.g. string instead of int), invalid json and exceeding field input lengths. My question is how extensive should the negative testing be? Should I reasonably assume that the service will deal with any inputs gracefully, by returning an appropriate error status code and message in the response body? A secondary question - are there certain characters that the service should never accept e.g. \?<> for security reasons?
Aucun commentaire:
Enregistrer un commentaire