What are Response Headers?
When a client (like a browser or an API testing tool) makes an HTTP request to a server, the server responds with:
- Status Line → (status code like 200 OK, 404 Not Found, etc.)
- Response Headers → Metadata about the response.
- Response Body → The actual content/data returned (like JSON, HTML, XML).
Response Headers are key–value pairs that provide additional information about the response.
Examples:
- Content-Type → format of response body (application/json, text/html, etc.).
- Content-Length → size of the response body in bytes.
- Server → server type (e.g., Apache, Nginx).
- Cache-Control → caching policies.
- Set-Cookie → cookies sent by the server.
- Date → time when the response was generated.
Why Test Response Headers in API Testing?
Testing headers is important because they:
- Ensure correct data format → e.g.,
Content-Typemust beapplication/jsonif API promises JSON.
- Security checks → headers like Strict-Transport-Security, X-Content-Type-Options, etc. help secure APIs.
- Performance checks →
Cache-Control,Expireshelp manage caching.
- Compliance checks → some APIs must include custom headers for authorization, tracking, etc.
- Troubleshooting → headers help identify server/software versions or errors.
Steps to test response headers using Rest Assured:
- Set Base URI using
RestAssured.baseURI - Send GET Request using
given().get(endpoint) - Extract Headers from the response
- Verify Specific Headers using assertions
Maven Dependency for Rest Assured
<dependencies> <dependency> <groupId>io.rest-assured</groupId> <artifactId>rest-assured</artifactId> <version>5.3.2</version> <scope>test</scope> </dependency> </dependencies>
Java Code: Get and Test Response Headers
import io.restassured.RestAssured; import io.restassured.response.Response; import io.restassured.http.Headers; import io.restassured.http.Header; public class GetResponseHeaders { public static void main(String[] args) { // Step 1: Set Base URI RestAssured.baseURI = "https://reqres.in/api"; // Step 2: Send GET request Response response = RestAssured .given() .get("/users?page=2"); // Step 3: Print all headers Headers allHeaders = response.getHeaders(); System.out.println("===== All Response Headers ====="); for (Header header : allHeaders) { System.out.println(header.getName() + ": " + header.getValue()); } // Step 4: Get a specific header String contentType = response.getHeader("Content-Type"); String server = response.getHeader("Server"); System.out.println("\nContent-Type: " + contentType); System.out.println("Server: " + server); // Step 5: Validate headers using assertions if (!"application/json; charset=utf-8".equals(contentType)) { throw new AssertionError("Expected Content-Type not found!"); } if (!"cloudflare".equalsIgnoreCase(server)) { throw new AssertionError("Expected Server header value not found!"); } System.out.println("\n Header validations passed successfully!"); } }
Code explanation:
1. Set Base URI
2. Send GET Request
3. Print all headers on console
4. Get a specific header
5. Validate headers using assertions
Output:
===== All Response Headers ===== Date: Mon, 28 Jul 2025 14:00:00 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Server: cloudflare ... Content-Type: application/json; charset=utf-8 Server: cloudflare Header validations passed successfully!
Useful Methods in Rest Assured
- response.getHeaders() – Gets all headers
- response.getHeader("Header-Name") – Gets a specific header
- response.header("Header-Name") – Alias for getHeader
No comments:
Post a Comment