I'm creating a script to test my API, I want to check that if the user doesn't enter the correct username and password, the access is denied.
I want my test to pass when the status code is 401. Postman displays a test failure because the status code of my request is not 200.
I actually WANT my response to be 401 in order to pass the test.
Any idea on how to operate ?
Cheers
I tried using this test:
pm.test("Status code is 401", function () {
pm.response.to.have.status(401);
});
This test passes, but Postman is displaying a failed assertion:
response is ok | AssertionError: expected response to have status code
200 but got 401
I just created a new folder and started again from scratch and it worked. I wasn't able to find where the problem was coming from though...
The parent folder may have the "200" test configured in it - thus inheriting it.
Related
I launched my app on heroku.
And ever since all of my axios get request return a blank html.
axios.post(process.env.REACT_APP_baseServerurl + '/create/get-users')
axios.get(process.env.REACT_APP_baseServerurl + '/create/get-users')
the response i get is always blank.
request
response
but if i change the same request to a post it works fine.
The get request works fine when i try it on my localhost. But when i deploy it on heroku it returns blank.
router.post('/get-users', (req,res) => {
res.json("asdsadas")
})
router.route('/get-users').get((req,res) => {
res.json("yes")
})
the POST request works but GET request returns a 304.
The 304 HTTP Status code means that the resource has not been modified since the last get request. This indicates that the server thinks you already have a copy of up-to-date data. The Server makes this assumption by looking at the If-None-Match and If-Modified-Since in your request header. (https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#3xx_redirection)
These are the actions you could take:
Cache the data manually on your first successful request (if there is one, otherwise there must be an error in the usage of the If-None-Match and If-Modified-Since headers) and re-use the cached data if the server returns a 304 status code.
Disable the mechanism and live with the fact that you might request the same data the server already gave you.
I try to use Postman to mock server functionality to mock an API call that will return status code 449. For some reason, the good response body is return, but the status code stays at 200.
I can change the example to return 404, 422, 451, and others, but as soon as I set 449 for the status code, it returns 200.
Is there a way to make the mock server return status code 449?
Edit:
I add a collection and environment that reproduce the problems
https://github.com/freddycoder/PostmanStatusCode
449 is not an official status code.
https://dynomapper.com/blog/254-the-6-types-of-http-status-codes-explained#:~:text=A%20449%20error%20appears%20when,order%20to%20fulfill%20a%20request.
The below site shows the officially assigned status codes. it seems like as of now unassigned ones are not supported in postman expect apache status code 509. Maybe mock servers use apache and 449, 450 etc are windows specific status codes.
https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml
You can test the specific usecase with the x-mock-response-code request header
On setting this header postman returns response only if the example of mock server has status code set as 449.
else you will get 404 mockRequestNotFoundError .
so in your test you can set pm.response.code = 449 if response code is 200;
To do this in pre reqeust set :
pm.response.code===200?pm.response.code=449:null
pm.response.code===449?pm.response.status="Retry With":null
console.log(pm.response.code,pm.response.status)
I have
/rest/drink/categories?alcohol=true
which is return 200 status code with list of drink categories that have alcohol in it, e.g.
200 ['wine','beer']
I wonder what status code should I use, if a user hit a none handled path like below
/rest/drink
or
/rest/drink?alcohol=true
404 - Not found if the URL does not exist,
400 - Bad request if the URL exists but the request parameter is invalid.
Http has status for such conditions.
4XX defines the error is from client side and needs a change.
Wiki says
The 4xx class of status code is intended for situations in which the client seems to have erred. Except when responding to a HEAD request, the server should include an entity containing an explanation of the error situation, and whether it is a temporary or permanent condition. These status codes are applicable to any request method. User agents should display any included entity to the user.[31]
For the condition where it is mentioned, its ideal to use 404 - Not Found or 400 - Bad Request
This gives list of all the status codes and appropriate explanation.
W3Org
defined the specifications for these.
I run http://localhost:8081/jasperserver/rest_v2/reportExecutions with the relevant reportExecutionRequest and it returns 200 ok message. The following is the result of the post request.
<reportExecution>
<exports>
<export>
<id>5eb00aeb-0f42-4195-8aec-b306535c325f</id>
<outputResource>
<contentType>application/pdf</contentType>
<fileName>ReportTest1.pdf</fileName>
<outputFinal>false</outputFinal>
</outputResource>
<status>ready</status>
</export>
</exports>
<reportURI>/reports/test/ReportTest1</reportURI>
<requestId>8da22862-35b7-448a-8169-e282d12a02f5</requestId>
<status>ready</status>
<totalPages>0</totalPages>
</reportExecution>
But i can't access the report using http://localhost:8081/jasperserver/rest_v2/reportExecutions/5eb00aeb-0f42-4195-8aec-b306535c325f/status. Is totalpages 0 is the problem?.
You put wrong GUID into status check URL. It must come from <requestId> element (or requestId property in JSON response), not <id> in <export> block.
So, proper status check address for example is http://localhost:8081/jasperserver/rest_v2/reportExecutions/8da22862-35b7-448a-8169-e282d12a02f5/status.
And both calls must be performed with same session cookie, basic authentication will lead to 404 on status check or generated output retrieval.
Yes. If totalpages are 0 then there is no report that could be shown to you.
You might want to include a band in your report that is printed every time anyway so a report is generated in any case. That way you would get an empty report instead of nothing.
When a client invokes my REST-ful service, it needs to know if the response came back was 'from me' or rather a diagnosis from the containing web server that something awful happened.
One theory is that, if my code is called, it should always return an HTTP OK(=200), and any errors I've got to return should be just represented in the data I return. After all, it's my code that gets the response, not the naked browser.
Somewhat self-evidently, if I'm using REST to generate HTML read directly by a browser, I absolutely must return an error code if there's an error. In the case I care about, it's always Javascript or Java that is interpreting the entrails of the response.
Another possibility is that there is some family of HTTP status codes that I could return with a high confidence that it/they would never be generated by a problem in the surrounding container. Is this the case?
I use the following:
GET
200 OK
400 Bad Request (when input criteria not correct)
POST
202 Accepted (returned by authorization method)
401 Unauthorized (also returned by authorization)
201 Created (when creating a new resource; I also set the location header)
400 Bad Request (when data for creating new entity is invalid or transaction rollback)
PUT
Same as POST
201 Ok
400 Bad Request
DELETE
200 OK
404 Not Found (same as GET)
I would not know how to avoid that some container returns codes like 404.
4xx codes are meant to handle client errors along with possibly some entity that describes the problem in detail (and thus would mean a combination of both of your mentioned approaches). Since REST relies on HTTP and the according semantics of status as well as methods, always returning 200 in any possible case is a violation of this principle in my opinion.
If you for instance have a request such as http://foo.com/bar/123 which represents a bar ressource with id=123 and you return 200 with some content, the client has no chance to figure out if this was the intended response or some sort of error that occured. Therefore one should try to map error conditions to status codes as discussed in REST: Mapping application errors to HTTP Status codes for example.