Web services testing *

Seven tasks for test, one for deploy

ArticlesPostsNewsAuthors

straykerwl Jan 18 2022 at 21:19

Comparing PHP-FPM, NGINX Unit, and Laravel Octane

12 min

26K

High performance*PHP*Programming*Web services testing*Microservices*

Translation

Comparing PHP-FPM, NGINX Unit, and Laravel Octane - what to choose for developing microservices.

+10

blondnika Aug 21 2019 at 10:46

How to Make Emails and Not Mess Up: Practical Tips

23 min

3.2K

VK corporate blogEmail layout*Spamming and anti-spammingIT systems testing*Web services testing*

Tutorial

A developer, who first encountered generating emails, has almost no chance to write an application, that will do it correctly. Around 40% of emails, generated by corporate applications, are violating some form of standard, and due to this, there are problems with delivery and display. There are reasons for this: emails are technically more difficult than the web, and operating emails is regulated by a few hundred standards, as well as an uncountable number of generally accepted (and not as much) practices, whereas the email clients are more varied and unpredictable than browsers. Testing may significantly improve the situation, but materials that are dedicated to testing the email system, are practically non-existent.

Mail.ru regularly interacts with its users by email. In our projects, all the components responsible for generating emails and even individual mailings, are subject to mandatory testing. In this article, we will share our experience (learning from our mistakes).

+40

Okhomiak Apr 23 2019 at 13:51

The most common OAuth 2.0 Hacks

6 min

41K

Web services testing*Website development*Information Security*

OAuth 2 overview

This article assumes that readers are familiar with OAuth 2. However, below a brief description of it is presented below.

The application requests authorization to access service resources from the user. The application needs to provide the client ID, client secret, redirect URI and the required scopes.
If the user authorizes the request, the application receives an authorization grant
The application requests an access token from the authorization server by presenting authentication of its own identity, and the authorization grant
If the application identity is authenticated and the authorization grant is valid, the authorization server issues the access and refresh (if required) token to the application. Authorization is complete.
The application requests the resource from the resource server and presents the access token for authentication
If the access token is valid, the resource server serves the resource to the application

The are some main Pros and Cons in OAuth 2.0

OAuth 2.0 is easier to use and implement (compared to OAuth 1.0)
Wide spread and continuing growing
Short lived Tokens
Encapsulated Tokens

— No signature (relies solely on SSL/TLS ), Bearer Tokens
— No built-in security
— Can be dangerous if used from not experienced people
— Too many compromises. Working group did not make clear decisions
— Mobile integration (web views)
— Oauth 2.0 spec is not a protocol, it is rather a framework — RFC 6749

+16

sashalisik Feb 14 2019 at 08:33

Front End and Back End Debugging

6 min

9.7K

Web services testing*Programming*JavaScript*Google ChromeAngular*

Tutorial

Original article — "How to debug javascript in Chrome quick and easy ".

Overview

In this article, you will learn how to debug JavaScript code on front end and back end using Chrome DevTools and VS Code.

+16