# WeChat Gateway Test Cases

# Test anti-BOT

1. Based on the WeChat private protocol, the grab packet does not get plaintext information.Protected all information is confidential (domain name, interface, data)

2. The encryption key based on the identity of WeChat is automatically updated and cannot be forged. The same request is encrypted with different data each time.

3. Based on WeChat account risk control, support to tag the level of risk (white)

The above capabilities can be verified by scratching.

# Testing weak network optimization

And WeChat use the same set of access service domain name, request availability to align WeChat account

• IOS simulates packet loss scenarios (request / accept 50% loss), tests 100 times, request timeout setting 60 s
  • 64% success rate for wx.request
  • CallGateway has a success rate of more than 90%

Can simulate the weak network environment, cross-call wx.request and callGateway, statistics the success rate of the two ways

Verify the above simulation with reference to weak grid environment simulation

# Testing Business Security

• Supporting DDoS, CC and other attack protection
• Service access layer based on WeChat private link, without fear of DNS pollution

Can simulate DNS pollution, compare wx.request and callGateway response

1. Configure the agent for the iPhone first

2. Modify the host file on your MacBook to resolve the domain name that needs to be contaminated to a wrong address

$ cat /etc/hosts
127.0.0.1	localhost
255.255.255.255	broadcasthost
::1             localhost

127.0.0.1 a265ea50e-wxc0dc4e681c123456.tj.wxcloudrun.com