Network Requests & Api Testing Interview Questions

cy.intercept() is used to stub and spy on network requests. It can modify network responses, delay requests, and assert on network behavior. Example: cy.intercept('GET', '/api/users', { fixture: 'users.json' }). It supports pattern matching, dynamic responses, and request/response modifications.

HTTP requests can be made using cy.request() for direct API calls. It supports different HTTP methods, headers, and body data. Example: cy.request('POST', '/api/users', { name: 'John' }). It automatically handles cookies and follows redirects.

cy.request() makes actual HTTP requests and is used for direct API testing, while cy.intercept() intercepts and modifies network requests made by the application. cy.request() is for testing APIs directly, while cy.intercept() is for controlling the application's network behavior.

Network responses can be stubbed using cy.intercept() with static data or fixtures. Example: cy.intercept('GET', '/api/data', { statusCode: 200, body: { key: 'value' } }). Stubs can include status codes, headers, and dynamic responses.

Fixtures are static data files used for test data and network stubs. They're stored in cypress/fixtures and loaded using cy.fixture(). Example: cy.fixture('users.json').then((data) => { cy.intercept('GET', '/api/users', data) }). They help maintain consistent test data.

Use cy.wait() with aliased requests to wait for completion. Example: cy.intercept('GET', '/api/users').as('getUsers'); cy.wait('@getUsers'). This ensures network requests complete before continuing test execution.

Request parameters and headers can be verified using cy.intercept() with a callback function. Example: cy.intercept('POST', '/api/users', (req) => { expect(req.headers).to.have.property('authorization'); expect(req.body).to.have.property('name') }).

Request aliasing assigns names to intercepted requests using .as(). It allows waiting for specific requests and making assertions on them. Example: cy.intercept('GET', '/api/users').as('users'). Aliases can be referenced using @ syntax.

Authentication can be handled by setting headers in cy.request() or cy.intercept(), using beforeEach hooks for token setup, or implementing custom commands. Consider proper token management and session handling.

Common status codes (200, 201, 400, 401, 403, 404, 500) can be tested using statusCode in cy.request() assertions or cy.intercept() stubs. Example: cy.request('/api/users').its('status').should('eq', 200).

Dynamic responses can be handled using fixture factories, response transformation functions, or dynamic stub generation. Example: cy.intercept('GET', '/api/data', (req) => { req.reply((res) => { res.body = generateDynamicData(); }); }).

Error testing involves stubbing error responses, verifying error handling, and testing recovery mechanisms. Use different status codes, error payloads, and network conditions to test error scenarios comprehensively.

Timeouts and retries can be configured using timeout options, retry-ability settings, and proper error handling. Consider implementing custom retry logic and timeout configurations for different request types.

GraphQL testing involves intercepting queries/mutations, stubbing responses, and verifying request payloads. Consider implementing custom commands for GraphQL operations and proper response mocking.

Request chaining involves proper sequencing, data sharing between requests, and handling dependent operations. Use aliases, shared contexts, or custom commands to manage request dependencies.

File upload testing involves handling multipart/form-data, file fixtures, and proper request configuration. Consider implementing custom commands for file upload operations and proper response verification.

CORS handling involves proper header configuration, proxy setup, or disabling CORS checks. Consider implementing proper request configurations and understanding CORS implications in different environments.

API performance testing involves measuring response times, implementing timing assertions, and monitoring request behavior. Consider implementing performance thresholds and proper timing measurements.

Request body transformations can be implemented using intercept handlers, custom middleware, or response transformation functions. Consider implementing reusable transformation patterns.

Real-time API testing involves handling WebSocket connections, server-sent events, and long-polling scenarios. Consider implementing proper connection management and event verification strategies.

Complex API scenarios require proper request orchestration, state management, and error handling. Consider implementing reusable patterns for common scenarios and proper test organization.

Microservices testing involves handling multiple services, managing dependencies, and implementing proper service isolation. Consider implementing service mocking and proper test boundaries.

Complex authentication requires handling tokens, session management, and multi-step auth flows. Consider implementing proper auth state management and security considerations.

API versioning testing involves handling different versions, compatibility testing, and proper version negotiation. Consider implementing version-specific test suites and proper version management.

API security testing involves testing authentication, authorization, input validation, and security headers. Consider implementing security test patterns and proper security verification.

Rate limiting testing involves simulating request rates, verifying limit enforcement, and testing throttling behavior. Consider implementing proper request timing and limit verification.

Data sync testing involves verifying data consistency, handling sync conflicts, and testing offline scenarios. Consider implementing proper sync verification and state management.

Cache testing involves verifying cache behavior, testing cache invalidation, and handling cache headers. Consider implementing proper cache verification and management strategies.

Load testing involves simulating multiple requests, measuring performance under load, and verifying system behavior. Consider implementing proper load simulation and performance measurement.