Email Subscription Form

Saturday, February 29, 2020

More Fun With Cypress

Two weeks ago, I wrote about my first experiences using Cypress.io.  I was intrigued by the fact that it was possible to do http requests using Cypress commands, so this week I decided to see if I could combine API commands with UI commands in the same test.  To be honest, it wasn't as easy as I thought it would be, but I did manage to come up with a small proof-of-concept.


Part of the difficulty here may lie in the fact that there aren't many websites around on which to practice both UI and API automation.  For my experimentation, I decided to use the OWASP Juice Shop, which is a great site for practicing security testing.  I wanted to log into the site using an HTTP command, and then use the token I retrieved from my login to navigate to the site as an authenticated user.

Setting up the HTTP command was pretty easy.  Here's what it looks like:

var token;

describe('I can log in as a user', () => {
    it('Logs in', () => {
        cy.request({
  method: 'POST',
  url: 'https://juice-shop.herokuapp.com/rest/user/login',
  headers: {'content-type':'application/json'},
  body: {
    email: 'foo5@bar.com',
    password: '123456'
  }
})
  .then((resp) => {
    const result = JSON.parse(JSON.stringify(resp.body));
    token = result.authentication.token;
        expect(resp.status).to.eq(200);
    })
});
});

Let's take a look at what's happening here.  First I declare the token variable.  The 'I can log in as a user' and 'Logs in' parts are just the names of the test section and the test.  Then we have the cy.request section.  This is where the http request happens.  You can see the method, the url, the headers, and the body of the request.  Next, there's the then((resp), which shows what the test is doing with the response.  With const result = JSON.parse(JSON.stringify(resp.body)), I'm parsing the body of the response into JSON format and saving it to a result variable.  Then I'm setting the token variable to result.authentication.token.  Finally, with expect(resp.status).to.eq(200) I'm doing a quick assertion that the status code of the response is 200 just to alert me if something didn't come back correctly.

Next, I loaded the web page, and included the token in the browser's local storage so the web page would know I was authenticated:

describe('Is logged in', function() {
  it('Is logged in', function() {
    cy.visit('https://juice-shop.herokuapp.com/#/', {
    onBeforeLoad (win) {
      win.localStorage.setItem('token', token)
    },
  })
    cy.contains('Dismiss').click();
    cy.contains('Your Basket').should('be.visible');
  })
});

With this line: cy.visit('https://juice-shop.herokuapp.com/#/' I'm navigating to the web page.  With the next section:

    onBeforeLoad (win) {
      win.localStorage.setItem('token', token)
    },
  })

I'm telling the browser to put the token I saved into local storage.  There was a popup window with a "Dismiss" button that appeared in the browser, so I closed it with cy.contains('Dismiss').click(). And finally with cy.contains('Your Basket').should('be.visible') I asserted that the link called "Your Basket" was visible, because that link doesn't appear unless the user is authenticated.

My code definitely wasn't perfect, because I noticed that when I manually logged in, I saw my email address in the Account dropdown, but when I logged in through Cypress, the email address was blank.  I also tried doing some other UI tasks, like adding an item to my cart, but I had trouble simply because the application didn't have good element identifiers.  (I so appreciate developers who put identifying tags on their elements!  If your developers do this, please thank them often.)  And there may be irregularities with this application because it was specifically designed to have security holes.

It would be very interesting to see how easy it would be to set up API and UI testing in Cypress when testing an application with normal authentication processes and good element identifiers!  However, I think my experiment showed that it's fairly easy to integrate API and UI tests together in Cypress.

23 comments:

  1. Great content material and great layout. Your website deserves all of the positive feedback it’s been getting تحويل word الى pdf

    ReplyDelete
  2. This comment has been removed by the author.

    ReplyDelete
  3. Hey Guys !

    USA Fresh & Verified SSN Leads with DL Number AVAILABLE with 99.9% connectivity
    All Leads have genuine & valid information

    **HEADERS IN LEADS**
    First Name | Last Name | SSN | Dob | DL Number | Address | City | State | Zip | Phone Number | Account Number | Bank Name | Employee Details | IP Address

    *Price for SSN lead $2
    *You can ask for sample before any deal
    *If anyone buy in bulk, we can negotiate
    *Sampling is just for serious buyers

    ==>ACTIVE, FRESH CC & CVV FULLZ AVAILABLE<==
    ->$5 PER EACH

    ->Hope for the long term deal
    ->Interested buyers will be welcome

    **Contact 24/7**
    Whatsapp > +923172721122
    Email > leads.sellers1212@gmail.com
    Telegram > @leadsupplier
    ICQ > 752822040

    ReplyDelete
  4. Are you interested in trading bitcoin binary and forex trade where you can earn 100% of your investment daily If you invest as low as $200 you will get a profit of $2,000 after 72 hours if you are intrested you can contact him via email: hackintechnology@gmail.com +12132951376(WHATSAPP)

    ReplyDelete
  5. TUTORIALS AVAILABLE FOR
    SPAMMING
    CARDING
    CASHOUTS
    MOBILE DEPOSITS

    -->SPAMMING price == 200$
    >What you need to start spam

    -->CARDING price == 300$ (Includes All Carding)

    How to use eBay Carding, Amazon Carding, Adidas Carding, BITCOIN CARDING, WALMART CARDING, WESTERN UNION CARDING
    WORLD REMIT CARDING METHOD

    >APPLE PAY & ANDROID TAP CASH

    >BANK TRANSFER

    -->DUMPS+PINS price == 85$
    (How to use & create dumps with pins track 1 & 2)
    >HOW TO CASHOUT DUMPS+PINS

    >MOBILE DEPOSIT
    >SAFE SOCKS5 (USA)

    -->SMTP Linux Root
    *--price ==150$--*

    Also SELLING

    >SERVER I.P's price == 200$ in bulk
    >USA EMAILS with Passwords price ==150$ in bulk
    >SSN Fullz with Driving license price == 2$ each

    **Contact 24/7**
    Email > leads.sellers1212@gmail.com
    Telegram > @leadsupplier
    ICQ > 752822040

    ReplyDelete
  6. BE SMART AND BECOME RICH IN LESS THAN 3DAYS....It all depends on how fast 
    you can be to get the new PROGRAMMED blank ATM card that is capable of
    hacking into any ATM machine,anywhere in the world. I got to know about 
    this BLANK ATM CARD when I was searching for job online about a month 
    ago..It has really changed my life for good and now I can say I'm rich and 
    I can never be poor again. The least money I get in a day with it is about 
    $50,000.(fifty thousand USD) Every now and then I keeping pumping money 
    into my account. Though is illegal,there is no risk of being caught 
    ,because it has been programmed in such a way that it is not traceable,it 
    also has a technique that makes it impossible for the CCTVs to detect 
    you..For details on how to get yours today, email the hackers on : (
    atmmachinehackers1@gmail.com ). Tell your 
    loved once too, and start to live large. That's the simple testimony of how 
    my life changed for good...Love you all ...the email address again is ;
    atmmachinehackers1@gmail.com

    ReplyDelete
  7. Do you need personal loan?
    Loan for your home improvements,
    Mortgage loan,
    Debt consolidation loan,
    Commercial loan,
    Education loan,
    Car loan,
    Loan for assets.
    financialserviceoffer876@gmail.com Whatsapp +918929509036

    ReplyDelete
  8. I was thrown out of my own house was sleeping in a hotel for weeks she also took possession of my son could only see him once a week then I found out she was in love with my accountant all these while so I went online and I came across a Russian private investigator who help me get all my properties and my accounts back even my company back how he did these I don’t know but I gave all the information he asked for and followed all his instructions and now I’m happy my life’s better now.
    Thanks to HACKINTECHNOLOGY@CYBERSERVICES.COM
    I just said I should share my own story here
    Thank you

    ReplyDelete
  9. I am posting this review here because I want to be of help to everyone out there, after going through a lot to recover my bitcoin even though many people told me it’s impossible.
    If you have lost your bitcoin as a result of investing in binary options, trading platforms, your account was hacked or other bitcoin related scams, then You’re not alone. (I lost over ($30,000 to skyrockettrade)
    Being a scam victim myself, I tried several means to recover my funds all to no avail, till I came across a cyber crime and recovery expert’s address online wizardbrixton@gmail.com . He literally saved my life, all i lost to these fake investors skyrockettrade was recouped in just a few days (a total of 3.7721 BTC) , send a message to the contact above if you’ve been in such situations and you are seeking recovery, go get yourself the help you need contact :wizardbrixton@gmail.com

    ReplyDelete
  10. Never met any hacker as discreet and fast like this White Collar Hackers. They are called WhiteHats and they has helped me in multiple ways first was when my ex spouse cheated on me- they got me every information from my spouse phone number and now they are helping me paying my credit cards debts. They have the best hacking tools plus service any one can ever imagine and I recommend him to the world. I am thankful and grateful for the second chance. Honestly, WhiteCollar hackers are life savers please contact them here if you need their swift service Email; WhitehatspytechATcyberservicesDOTcom

    ReplyDelete
  11. CRYPTOCURRENCY SECTRETS FINALLY REVEALED.

    LEARN HOW TO EARN BITCOIN IMMEDIATEDLY AFTER STARTING.

    DISCOVER HOW TO GENERATE BITCOIN EVERYDAY.

    EDUCATE YOURSELF ON THE MARKET.

    SHARE AND EARN ALL FROM HOME ON YOUR PHONE. visit our site https://alphabitmining.com/

    ReplyDelete
  12. I will strongly love to recommend the services of the best team of dark web hackers. they are professional and very discreet in carrying out their jobs, they have the best customer service agents and satisfaction at heart. If you have any services you wish to contact them for, go on albertgonzalezwizard (@) gmail com / Whatassp +31684181827 or Telegram:  +31687920980. They help track and monitor your cheating partner's phone without his idea, clear or erase criminal records as well as repair a bad credit score, all social media hacks,funds recovery and many others.

    ReplyDelete
  13. Thanks for sharing your blog. If you are interested in Best Cypress Courses & Certification, feel free to visit our website.

    ReplyDelete
  14. Need A Hacker Who Can Recover Stolen Or scam*ed BTC?

    If you need a genuine hacker who can recover stolen or scam*ed Cryptocurrency RECOVERY MASTERS got you covered, they're secured Hacker from USA who deal with cyber issues of all kind, such as WhatsApp hack, Facebook hack, gmail hack, mobile phone hack, accounts hack, erase criminal records, websites hack, Bitcoin Trade recovery, and other hack relating to cyber issues.
    Contact info: (recoverymasters@email.cz)

    ReplyDelete
  15. contact A Guaranteed Financial Assets Recovery Masters;
    Email; (Recoverymasters@email.cz).
    My name is Sarah, a retired accountant, here's my recommendation,
    Recovery Masters are a team of Experienced Hackers whose focus Is to help Scam Victims Recover their Lost or stolen cryptocurrency, spy on couples spouses to know if they are cheating, clear bad criminal record (database)…… Fixing credit scores and all sorts of cyber Investigations.To anyone who has happened to fall for these swindlers tricks and ended up losing their funds you can reach out to these private investigators through their whatsapp to
    Whatsapp; +1(204)819-5505.
    Don't forget to mention Sarah recommended you.

    ReplyDelete
  16. Everyday news reveals Millions of people have lost their wealth to Bitcoin scam which is now so rampant.
    You can restore the funds those scammers took from you. Bitcoin recovery is one aspect which everyone needs to be careful about. Because I was once a victim of this before, not everything you see on the Internet is real, you need to be very careful cause some people get scam by fake investment platform and go ahead looking for recovery agency to get back there money in the process they get scam again, but a friend recommended a perfect recovery company who help to get this fixed and work out. So today I am glad to recommend the company to whoever lost his or her Bitcoins or cryptocurrency. I would strongly love to recommend Geo Coordinates Hacker. Contact their experts today and they will help you recover your losses. Contact: Email geocoordinateshacker@proton.me. Or Email: geovcoordinateshacker@gmail.com

    ReplyDelete
  17. Hire BitHelp Crypto Assets Recovery Service, e-mail Us, there are a few scenarios in which we can be able to assist you in recovery your stolen Bitcoin.

    WE INVESTIGATE CRYPTO SCAMS AND RECOVER STOLEN FUNDS
    RECENT BIGGEST CRYPTO SCAMS AND RECOVERY

    $610 million was hacked from the Chinese platform in August 2021. Customers got their crypto back after identifying the scammers.

    $534 million was stolen from the Japanese exchange in 2018. Customers were eventually reimbursed.

    $450 million Bitcoin was hacked in 2014. Customers are not reimbursed as scammers are not identified yet.

    $210 million were stolen by North Korean hackers in 2020. Customers got their crypto back after identifying the scammer.

    If you lost your crypto, the only way to get your crypto back is to identify the scammers. We know exactly how to do it.
    WALLET TRANSACTION ANALYSIS: Trace your crypto and identify the exchange wallet address with digital forensic investigation. Once we know who is holding your crypto, we go after that criminal.
    RECOVER YOUR CRYPTO: We will hunt down the scammers and force them to retrieve your crypto. If anyone can recover your crypto, that is us, we are registered Business in the USA, Featured in Big Media: We have been featured in the world’s leading print and electronic media, including BBC, CNN, Business Insider, Fox News, CBS etc for our innovative ideas and excellence in the cybercrime and cybersecurity industries, We know how to recover stolen cryptocurrencies and successfully recovered millions of dollars.At BitHelp Crypto Assets Recovery Service Consulting we do not initiate calls without request. We only call clients that reached out to us via email. Contact us

    Email: bithelpcryptorecovery@gmail.com 

    WhatsApp/Text: +1 (219) 424 - 7566

    Zangi Messager: 10 - 3657 - 7840
    And if you don't have zangi, you can get it on Google play store

    ReplyDelete
  18. Hire A Hacker❓Contact INTELLIGENCE CYBER WIZARD✅
    The really amazing deal about contacting INTELLIGENCECYBERWIZARD is that the Hack done by us can’t get traced to you, as every Hacking job we do is strongly protected by our Firewall. It’s like saying if anyone tries to trace the Hack, it will lead them to us and we block whatever actions they are doing.
    We have been Invisible to Authorities for almost a decade now and if you google INTELLIGENCECYBERWIZARD, not really about us comes out, you can only see posts and comments made by us or about us.
    Another Amazing thing to your benefits from Hiring our Hackers is that you get a Legit and the best Hacking service, As we provide you with Professional Hackers who have their Hacking Areas of specialization.We perform every Hack, using special Hacking tools we get from the dark web.
    Some list of Hacking Services we provide are-: Phone Hacking & Cloning Computer Hacking Emails & Social Media Account Hacking Recovering Deleted Files Tracking & Finding People Hunting Down Scammers Hack detecting Stealing/Copying Files & Documents From Restricted Networks and Servers Credit Score Manipulation Deleting Criminal Records Bitcoin Multiplication Binary Option Money Recovery Scam Money Recovery And lots more......
    SPECIAL HACKING SERVICES-: we also specialize in Scam Bounty, as we chase down SCAMMERS and help individuals RECOVER Money stolen from the online SCAMMERS. Please be watchful about this SCAMMERS. They post ENTICING TESTIMONIES and its quite Convincing.

    Whatever Hacking service you require, just give us an Email to the Emails Address provided below.
    intelligencecyberwizard@gmail.com 
    reportbitcoinscams@mail.com 
    Instagram: @intelligence_cyber_wizard 

    ReplyDelete

  19. JETWEBHACKERS CRYPTO RECOVERY REVIEW 2024

    I was left with a sense of hopelessness when I realized that my $34,000 worth of Bitcoin had been stolen from my wallet. I had tried every possible solution, but nothing seemed to work. That was until I discovered JETWEBHACKERS, a team of expert hackers who specialize in recovering stolen cryptocurrencies. With their expertise and guidance, I was able to recover my entire $34,000 in just a few days! The process was seamless, efficient, and professional. The team at JETWEBHACKERS was incredibly responsive, keeping me updated every step of the way. I was blown away by their level of expertise and the results they achieved. If you're a victim of crypto theft, I highly recommend JETWEBHACKERS. They are the best in the business and will get your stolen assets back for you.

    CONTACT THEM VIA

    EMAIL:jetwebhackers @ gmail .com

    TELEGRAM: @jetwebhackers

    ReplyDelete
  20. HOW TO GET YOUR MONEY BACK THROUGH WEB BAILIFF CONTRACTOR
    Am a Forex scam victim that i involved in a scam that cost me CHF 300,000, hoping it helps others avoid a similar fate. It all began when I encountered what appeared to be a lucrative opportunity in forex trading. The promise of high returns was too tempting to resist, leading me to invest a significant sum. Initially, everything seemed fine; I made a few small gains that reinforced my belief in the platform's legitimacy.However, things quickly spiraled downward when I attempted to withdraw my funds. What started as minor withdrawal issues rapidly escalated into a barrage of requests for additional fees, all with little to no explanation. Each time I complied, they concocted new reasons for further delays, continuously asking for more money. It became painfully clear that I was caught in a sophisticated scam designed to extract as much money as possible from unsuspecting investors.Feeling desperate and helpless, I began searching for a solution. During my research, I came across Web Bailiff Contractor. Their name appeared frequently in online forums and reviews, where many individuals shared their success stories in recovering lost funds from scams, including forex trading schemes. The feedback was overwhelmingly positive, prompting me to reach out to them in hopes of a miracle.To my relief, Web Bailiff Contractor responded promptly and professionally. They guided me through the entire recovery process, reassuring me of their solid track record in handling such cases. Within just 48 hours, they managed to recover CHF 290,000—an efficiency and effectiveness that left me amazed.While my experience with Web Bailiff Contractor was a huge relief, it also served as a harsh lesson about the importance of due diligence in investing. Forex trading and other high-risk investments can be fraught with danger, especially if one is not cautious about the platforms they choose. Always verify the legitimacy of a trading platform, be wary of promises that seem too good to be true, and ensure you’re dealing with regulated entities.For anyone facing similar challenges, I strongly recommend seeking professional help rather than trying to navigate the situation alone. Your financial well-being deserves it.

    ReplyDelete
  21. Investing in cryptocurrency can be a double-edged sword. While the potential for significant gains is enticing, the risks are equally substantial. Many individuals, drawn by the allure of quick profits, have fallen victim to scams that prey on their desire for financial growth. I, too, found myself ensnared in this web of deception, losing over $82,050 to a fraudulent broker, Financiale. My experience serves as a cautionary tale for anyone looking to venture into the world of crypto trading. my foray into cryptocurrency seemed promising. The market was booming, and with each successful trade, my confidence grew. However, my optimism blinded me to the signs of trouble. Financiale, which presented itself as a reputable trading platform, turned out to be a sophisticated scam. I watched helplessly as my funds dwindled, realizing too late that I had fallen victim to a scheme designed to exploit inexperienced traders like myself.The frustration and despair of losing such a significant amount of money were overwhelming. I tried to recover my funds through various channels, but my efforts were met with roadblocks and dead ends. It was a challenging period, as the pressure to recover my losses only compounded my stress. Many hours were spent researching strategies and potential recovery options, but each attempt felt increasingly futile. Just when I was about to lose hope, I came across a recommendation for Cyberpunk Programmers. Skeptical but desperate, I reached out to them, and that decision changed everything. MRS. Lucy, a skilled recovery specialist, took the time to understand my situation and assured me that they had a proven track record of helping individuals like me recover lost funds. Her professionalism and empathy were reassuring during a time when I felt vulnerable and defeated. The recovery process was meticulous but transparent. MRS. Lucy kept me informed at every step, providing insights into their strategies and techniques for navigating the complexities of online scams. To my astonishment, within a few weeks, Cyberpunk Programmers was able to reclaim 90% of my lost funds. The sense of relief I felt was indescribable, as I had nearly given up on the idea of ever recovering my money. My experience with Cyberpunk Programmers has been overwhelmingly positive, and I am immensely grateful for MRS. Lucy's expertise and dedication. I highly recommend their services to anyone who has fallen victim to online scams, especially in the unpredictable realm of cryptocurrency. Their commitment to helping clients recover lost funds is genuine, and they have earned my trust and appreciation. while the world of cryptocurrency offers exciting opportunities, it is essential to approach it with caution. Be wary of scams, and if you find yourself in a difficult situation, consider seeking help from professionals like those at Cyberpunk Programmers. Good work deserves recognition, and I am more than happy to share my experience in hopes of helping others avoid the pitfalls I faced.
    Their information is,
    Email: cyberpunk (@) programmer (.) net
    WhatsApp: +44 7848 161773

    ReplyDelete
  22. RECOVER FROM CRYPTO SCAMS WITH THE HELP OF WEB BAILIFF CONTRACTOR
    You want to hear confidence-boosting success tales about getting your lost bitcoins back? Web Bailiff Contractor has a remarkable history of assisting people and companies in getting their lost money back. Consider the instance of John Stone, who unintentionally sent his bitcoins to the incorrect address. John's face returned after Web Bailiff Contractor used their knowledge and tenacity to track down the transaction and get his bitcoins back.
    What distinguishes Web Bailiff Contractor from other alternatives for recovering bitcoin? Above all, their team of professionals is well-versed in handling bitcoin transactions, which enables them to handle even the most complicated circumstances. Furthermore, their customer-focused methodology guarantees that you will receive tailored support and consistent updates during the recuperation procedure. To demonstrate the superiority of Web Bailiff Contractor, let's compare their performance with that of their competitors. In a head-to-head analysis, Web Bailiff Contractor consistently outperformed other recovery services in terms of success rate, speed of recovery, and customer satisfaction. Time and time again, they have proven their ability to recover lost bitcoins when others have failed. At Web Bailiff Contractor, your privacy and confidentiality are of utmost importance. They employ robust security measures to safeguard your personal information and ensure that it remains strictly confidential. You can trust that your data is in safe hands throughout the recovery process. Not only does Web Bailiff Contractor excel in recovering lost bitcoins, but they also prioritize helping clients protect their funds from future loss. Their team provides expert advice on the latest security practices, including wallet management and secure transaction techniques. By equipping you with the knowledge to safeguard your investments, Web Bailiff Contractor goes above and beyond to ensure your long-term financial security. For enquiry, Email:(( web@bailiffcontractor.net )or call/whatsapp: +1(360)8198556

    ReplyDelete

New Blog Location!

I've moved!  I've really enjoyed using Blogger for my blog, but it didn't integrate with my website in the way I wanted.  So I...