How to test HTTP protocol: a guide

HTTP protocol: what it is, where it is used

HTTP protocol (HyperText Transfer Protocol) is an application-level protocol for hypermedia documents such as HTML. The protocol was developed for communication between web browsers and web servers, but is also used for other purposes. The HTTP protocol is used not only to transmit hypertext documents, but also to transmit images and videos or to send content to servers. HTTP is also used to obtain part of the document to refresh the web page on demand.

This protocol uses the basic client-server model, by which the client (web-browser) is making an inquiry, the server creates the response and sends it back to the client by means of the information that we see in the browser. So it is important to know that they do not keep the information about the previous enquiries. That is why each enquiry contains all the information needed.

Between the client and the server there are a lot of entities between a client and a server called a proxy. They perform various operations and act, for example, as gateways or caches.

The browser is always the initiator of requests. It sends an original request for an HTML document to display the web page. The file is then analyzed using additional queries corresponding to the execution scenarios. Then the browser composes the received resources and displays the whole document (in this case – a web page). Scripts that are executed by the browser may receive more resources at a later stage, so the web page is refreshed.

On the opposite side of the communication channel is a server that processes documents at the request of the client (in this case – the browser). The server virtually looks like one machine. However in reality, it can be a set of servers that share the load, generating all or part of the document on demand.

Queries and answers: their structure, formation and methods

Queries and answers are formed in a strict sequence and correspond to a certain structure. 

There must be a blank line between the header and the body, which serves as a separator. When the request is sent to the server, the server sends a response. The response from the server indicates whether the request was successful or not. The answers consist of the following components:

• status code (shows whether the query was successful or not);
• HTTP titles;
• a body that consists of the extracted resource.

HTTP uses special query methods to perform various tasks:

• GET – requests certain data from the database;
• HEAD – requests a specific resource without body content;
• POST – adds content, messages or data to the database;
• PUT – replaces an existing record with a new one;
• DELETE – gets rid of data;
• TRACE – shows any changes made to the web resource;
• PATCH – partially changes the record;
• OPTIONS – show which HTTP methods are available for a particular URL;
• CONNECT – turns request connection into a transparent TCP/IP tunnel.

The query method determines the action to be performed on the resource. It is case sensitive and indicated only in capital letters.

How HTTP protocols are tested

Currently, many companies have switched to microservices in their applications. This means that applications consist of different sections that have their own data warehouses and use different commands to interact with them.

Most microservices use the API and the API uses REST requests and SOAP requests. They need to be tested. Let's look at this in more detail.

API (Application Programming Interface) – an interface between the program and the server. It is used to access the functionality of a third-party program, site, etc.

SOAP-request (Simple Object Access Protocol) – simple protocol for information exchange in a distributed computing environment.

REST-request (Representational State Transfer) – an architectural style of building web applications.

The difference between them is that SOAP is a family of protocols and standards that works with operations and REST is an architectural style that works with resources. REST is also a more popular and freer architectural style. It is based on standard methods (GET, POST, DELETE, etc.). In turn, SOAP has clearer documentation, a clearer structure of what the query should look like.

Queries are tested both manually and automatically. Automated testing is more commonly used to test large systems.

When we transfer data, we use two formats – <xml /> and JSON. <Xml /> – is a markup language used to send and receive data. JSON is more understandable to the average user and is only used for REST requests.

Today there are two most popular tools for studying REST-requests – Swagger and Postman. With these programs, it's easy to see what types of requests your API allows and what type of settings these requests expect. SoapUI is used to test SOAP queries – it is quite a difficult tool to use and must be well studied before use.

HTTP is an extensible protocol that is fairly easy to use. The client-server structure combined with the ability to easily add headers allows HTTP to evolve along with the expansion of WEB capabilities. You can also use the API test to test many scenarios that cannot be tested through the user interface. This strategy can be used to look for design and security flaws in the early stages of development.