Testing REST - submitting a web-form. Identifying why the server responses with 500 for some emails



  • The troubled email is teststudent12@skyeng.ru, the URL is https://junior.skyeng.ru/online-uroki-po-matematike/ (form is placed almost at footer).

    The website to test is in Russian. If you want to help me - please translate it in Chrome, it's easy. Or you just go directly to Postman:

    POST https://crm.skyeng.ru/order/createV2Kid
    Body(x-www-form-urlencoded):
    parentName: test
    parentEmail: teststudent12@skyeng.ru
    parentPhone: +79650389823 (any decent Russian mobile phone)
    subject: mathematics
    childName: test
    

    So the response is 500 Internal Server Error. The task here is to localize the error. To find out the specific conditions why the bug occurs.

    What I've done (just some of examples):

    teststudent@skyeng.ru
    x-www-form-urlencoded
    200 ok
    
    teststudentnew@skyeng.ru
    x-www-form-urlencoded
    500
    
    7qa@pm.me
    x-www-form-urlencoded
    200
    
    teststudent1@skyeng.ru
    x-www-form-urlencoded
    500
    

    And if you change from x-www-form-urlencoded to form-data it will return every request with 200 OK, even with our email teststudent12@skyeng.ru.

    So my questions are:

    • Is it really happening because of x-www-form-urlencoded? If so, why then we are able to get 200 Ok with teststudent@skyeng.ru and any other real email?
    • Maybe we should look at some Headers or other additional information and if yes - where exactly?

    I can't even google anything because I don't know exactly what to find. I googled articles about form-data/x-www-form-urlencoded, HTTP (https://developer.mozilla.org/en-US/docs/Web/HTTP) and still can't localize the bug.

    I would appreciate any help!



  • Your testing is good. You are considering different possibilities and conducting experiments to see what happens. That is great.

    I would continue that process. Here are some thoughts for you to try out. They are not answers you can copy and paste (which, as you indicate is good), they are ideas for your to try out yourself. Good luck!

    • Try special characters, numbers and letters, underscores 'as is'
    • Try special character that are encoded, e.g.   for space
    • Try different input lengths
    • Use an email that was created today
    • Use an email that you know doesn't exist
    • Use an accepted email then try a second time with same email and record error
    • Timing - try quick and slow data entry
    • Javascript - try disabling javascript
    • Browser errors - see chrome console for any errors, such as network

    In some of the above cases, the details of the error may help point you towards the cause



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2