File Upload/Download Test Automation
Playwright + AI Test Automation Masterclass with TypeScript
File Upload Testing
This demo showcases how to test file upload functionality while implementing security best practices.
Security Features Implemented:
Client-side validation
Server-side validation
File type restriction
Size limiting
Rate limiting
Secure filename handling
File Download Testing
Practice testing download functionality with these demo files:
sample.txt
(Text file)
Download Text
test-data.csv
(CSV data file)
Download CSV
empty.pdf
(Empty PDF)
Download PDF
Security Features Implemented:
Rate limiting(3/minute)
Content-Disposition header
X-Content-Type-Options
Restricted file list
Playwright Testing Guide
Upload File Test Example:
// Testing file upload test('should upload a file', async ({ page })=& gt; { await page.goto('/file-demo'); // Setup file to upload const filePath='path/to/test-file.txt'; // Use set input files for upload await page.setInputFiles('#file-input', filePath); // Submit form await page.click('#upload-btn'); // Check for success message await expect(page.locator('.alert-success')) .toContainText('uploaded successfully'); });Download File Test Example:
// Testing file download test('should download a file', async ({ page })=& gt; { await page.goto('/file-demo'); // Start waiting for download const downloadPromise=page.waitForEvent('download'); // Click download link await page.click('#download-txt'); // Wait for download to start const download=await downloadPromise; // Verify download expect(await download.suggestedFilename()) .toBe('sample.txt'); // Save downloaded file await download.saveAs('./downloaded-file.txt'); });
Security Best Practices
- Rate limit upload/download endpoints
- Validate file types client & server-side
- Restrict file sizes to prevent DoS attacks
- Use secure file storage outside web root
- Scan uploads for malware when possible