Understanding HTTP Methods and Status Codes

Dear Quality Questers,

This week, we’re diving into a foundational topic for anyone in tech, especially software testers and developers: HTTP Methods and Status Codes. Understanding these is essential for effective web testing, debugging, and ensuring seamless user experiences.

What is HTTP?

The Hypertext Transfer Protocol (HTTP) is the backbone of communication between clients (like your browser) and servers.

Every interaction involves:

• HTTP Methods: This is an instruction on what to do with the resources.
• Status Codes: Server responses indicating the success or failure of the requested action.

Let’s explore the essential HTTP methods and the status codes testers frequently encounter.

HTTP Methods: Core Four

GET

A method that retrieves data from the server without making changes.

Use Case: Loading a webpage, fetching search results, or accessing an image, etc.

Example: Retrieving a product with an ID of 3.

GET /products/3
Host: www.example.com        

Testing Considerations:

• Ensure data is retrieved correctly.
• Check for correct HTTP status codes in responses.
• Validate the response format (e.g., JSON, XML).
• Check caching behavior for performance optimization.

POST

A method that sends data to the server to create or update resources.

Use Case: Submitting forms, uploading files, or creating new user accounts.

Example: Creating a user account with the below name and email address.

POST /users  
Host: www.example.com  
Content-Type: application/json  

{ 
    "name": "Quality Quest", 
    "email": "qualityquest@example.com" 
}        

Testing Considerations:

• Validate successful data submission.
• Check for correct HTTP status codes in responses.
• Test for SQL injection or other vulnerabilities.

PUT

A method that updates an existing resource or create it if it doesn’t exist.

Use Case: Editing user profiles or updating inventory information.

Example: Updating the below user data.

PUT /users/12
Host: www.example.com  
Content-Type: application/json  

{   
    "name": "Mary Tester", 
    "email": "mary@example.com" 
}        

Testing Considerations:

• Verify idempotency (multiple identical requests yield the same result).
• Confirm resource updates in the database or API response.

DELETE

A method that removes a resource from the server.

Use Case: Deleting user accounts or removing items from a cart.

Example: Deleting a User account with ID of 12.

DELETE  /users/12
Host: www.example.com        

Testing Considerations:

• Ensure the resource is no longer accessible after deletion.
• Verify proper authentication or authorization is required.

HTTP Status Codes: Decoding Server Responses

1xx: Informational

• 100 Continue: The server acknowledges part of the request and awaits completion.
• When to Test: It is rare but critical during large data uploads or API interactions.

2xx: Success

• 200 OK: Everything worked as expected.
• 201 Created: Resource successfully created (often after a POST).
• 204 No Content: The server successfully processed the request but returned no content.

3xx: Redirection

• 301 Moved Permanently: Resource has a new permanent URL.
• 302 Found: Temporary redirection; original URL may be used again.
• 304 Not Modified: Cached version of the resource is still valid.

4xx: Client Errors

• 400 Bad Request: Client-side input error.
• 401 Unauthorized: Authentication is required.
• 403 Forbidden: You’re not allowed to access this resource.
• 404 Not Found: Resource doesn’t exist at the requested URL.
• Testing Tip: Use these codes to validate proper error handling in your app.

5xx: Server Errors

• 500 Internal Server Error: A generic error occurred on the server.
• 502 Bad Gateway: Server received an invalid response from an upstream server.
• 503 Service Unavailable: Server is down or overloaded.
• Testing Tip: Simulate server downtime to verify the system’s resilience.

Testing Scenarios for HTTP Methods and Status Codes

• Positive Tests: Ensure requests return the expected data or behavior with proper status codes.
• Negative Tests: Test invalid inputs or unauthorized actions to check error handling.
• Boundary Tests: Push the system to its limits, such as sending large payloads in a POST.
• Automation Tips: Use tools like Postman, REST Assured, or JMeter for API testing.

Conclusion

Understanding HTTP methods and status codes equips you with a deeper appreciation of how the web works and enhances your testing skills. Whether you’re testing APIs, ensuring robust error handling, or improving system resilience, these concepts are indispensable.

Thank you for being a part of Quality Quest! If you have any questions or suggestions, reply to this email or drop a comment on linkedin to discuss further.

Until next time,

Mary Onuorah

Empowering Quality, One Test at a Time.