PROSPECTIVE METHODS OF PROTECTING THE FRAMEWORK WEB APPLICATION ON THE GRADLE AUTOMATIC ASSEMBLY SYSTEM
DOI:
https://doi.org/10.28925/2663-4023.2021.14.107117Keywords:
api; ui; framework; tests; test data; automation; client; web server; gradleAbstract
The article considers the problem of providing protection of the web framework application in the system of automatic build gradle and defines perspective methods of providing protection. This article defines that the basic and generally accepted approach to ensuring the security of a web application is a properly constructed test framework. During research the analysis of modern protection methods of web application of the framework based the automatic assembly gradle system is made. A comparative analysis of methods is also included.The basic approaches and methods concerning the organization of application protection are defined on the basis of the modern framework analysis. During planning a test framework, the automator is faced with the task of choosing methods that will solve the problem, will be flexible to change, easy to read and are fast for finding application vulnerabilities. At the stage of developing a test framework, it is planned to choose a suitable method for the specific category. Choose to check the client, web server or both at once; write api and ui tests to implement in individual or project or projects, choose the test data to use; define how to generate and transmit user tokens, which patterns to use; define whether they are needed. Implement parallelization for api tests or for ui as well; define how to check the models that come in the answers. This article outlines the methods that cover these issues and makes their brief analysis. The research of perspective methods and means of web application protection of the framework on the automatic assembly gradle system allows to state that correctly constructed test framework is one of effective and complex approaches to provide security information, which allows detection of vulnerabilities and correction of violations on the early stages of product development at the right time.
Downloads
References
Kondratiuk, D. (2021). UI Testing with Puppeteer: Implement end-to-end testing and browser automation using JavaScript and Node.js.
Richardson, A. (2017). Automating and Testing a REST API: A Case Study in API testing using: Java, REST Assured, Postman, Tracks, cURL and HTTP Proxies.
Postman for API Testing — Pros, Cons, and Alternative Solutions. World Wide Web. https://dzone.com/articles/postman-for-apitesting-pros-cons-and-alternative.
REST API. World Wide Web. https://www.loadview-testing.com/ru/blog/.
Katalon Studio. World Wide Web. https://artoftesting.com/katalonstudio-features-advantages-and-disadvantages.
What is API Testing? World Wide Web. https://www.inflectra.com/rapise/highlights/api-testing.aspx.
Front-end and Back-end outlet. World Wide Web. https://skillbox.ru/media/code/frontend_i_ backend_razrabotka/
API Testing: Why It Matters, and How to Do It. World Wide Web. https://blog.udemy.com/api-testing/.
SOAP API. World Wide Web. https://quality-lab.ru/blog/soap-api-testing/.
Satya, A. (2014). Selenium Webdriver Practical Guide. Paperback: Packt Publishing.
Testing software security. Basic understanding and value. World Wide Web. http://www.protesting.ru/testing/. (in Russian).
Gregory, J.; Crispin, L. (2019). Agile Testing: A Training Course for the Whole Team. "Mann, Ivanov and Ferber". (in Russian).
Software Testing. World Wide Web. https://www.tutorialspoint.com/software_testing/ software_testing_lev els.htm.
Software Testing - API testing. World Wide Web. http://www.tutorialspoint.com/software testingdictionary/apitesting.htm.
The Value of Mixing UI and API Testing. World Wide. https://www.webomates.com/blog/api-testing/the-value-of-mixing-ui-and-api-testing/.
Java For Testers: Learn Java fundamentals fast 2009. World Wide Web. http://tctutorial.ru/frameworks.
Patton, R. (2006). Software testing. Pearson Education India.
Vinnichenko, I. (2005). Automation of testing processes. Publishing house " (in Russian).
Badgett, T., Myers, G. J., & Sandler, C. (2011). Art of Software Testing. Wiley & Sons, Incorporated, John.
Savin, R. (2007). Testing Dot Com. Delo.(in Russian).
Ilyenko, A., Ilyenko, S., & Stashevskyi, D. (2021). Software error tracking module in web applications based on the use of logger algorithm. Cybersecurity: Education, Science, Technique, 3(11), 61–72. https://doi.org/10.28925/2663-4023.2021.11.6172
Ilyenko, A., Ilyenko, S., & Vertypolokh, O. (2020). METHOD FOR PROTECTION TRAFFIC FROM INTERVENTION OF DPI SYSTEMS. Cybersecurity: Education, Science, Technique, 2(10), 75–87. https://doi.org/10.28925/2663-4023.2020.10.7587.
Ilyenko, A., Ilyenko, S., & Kulish, T. (2020). PROSPECTIVE PROTECTION METHODS OF WINDOWS OPERATION SYSTEM. Cybersecurity: Education, Science, Technique, 4(8), 124–134. https://doi.org/10.28925/2663-4023.2020.8.124134
