# Security Gateway Test Case
# Test anti-BOT
Based on WeChat private agreement, grab bag can not get the plaintext information. After protection, all information is ciphertext (domain name, interface, data)
WeChat identity based encryption key, automatic update and can not be forged. The same request, each encrypted data is not the same.
Based on the risk control of WeChat, support to put the level of risk and other tags (white)
The above ability can be verified by grabbing the bag
# Test Weak Net Optimization
Use the same set of access service domain name as WeChat, request the availability to align the WeChat client
- iOS Simulate a packet loss scenario (request/Accept a packet loss rate of 50%), the test 100 Request timeout settings 60s
- wx.request Success rate 64%
- callGateway The success rate can be achieved 90% Above
Can be in a simulated weak network environment, cross-call wx.request and CallGateway, statistics the success rate of both ways
reference Weak network environment simulation Verify the above simulation
<a href="https://developers.weixin.qq.com/community/business/doc/000eaa4d3948d8b0b1f118de06200d target="_blank" data-ctabtn>
# Test Business Security
- Supporting DDoS, CC and other attack protection
- Service access layer based on WeChat private link, without fear DNS contaminated
Can simulate DNS pollution, compared to wx.request and callGateway The response situation
Configure the agent for the iPhone first
Modify the host file on your MacBook to resolve the domain name that needs to be contaminated to a wrong address
$ cat /etc/hosts
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
127.0.0.1 a265ea50e-wxc0dc4e681c123456. tj.wxcloudrun.com
