Category Archives: Week 11

Web App Testing

Since we (Me and Dan) are working as a team to build a web app (Remote Team Builder) for our final project in 343 class, I thought to learn how to test web apps would be essential. So, this week I read an article on Software Testing Help site, which was a guide about testing web applications.

As per the author, these are the most common web testing checklists:

1) Functionality Testing

Test for all the links in web pages, database connection, forms used for submitting or getting information from user in the web pages, Cookie testing etc.

Cookies Testing: Test the application by enabling or disabling the cookies in your browser options. Test if the cookies are encrypted before writing to user machine. If you are testing the session cookies check for login sessions and user stats after session ends.

Validate your HTML/CSS: If you are optimizing your site for Search engines then HTML/CSS validation is the most important one. Mainly validate the site for HTML syntax errors. Check if the site is crawlable to different search engines.

Database testing: Check for data integrity and errors while you edit, delete, modify the forms or do any DB related functionality.

2) Usability testing

Test for navigation: Navigation means how an user surfs the web pages, different controls like buttons, boxes or how the user uses the links on the pages to surf different pages.

Content checking: Check for spelling errors. Usage of dark colours annoys the users and should not be used in the site theme. You can follow some standard colours that are used for web page and content building.

3) Interface testing

Check if all the interactions between these servers are executed and errors are handled properly. If database or web server returns any error message for any query by application server then application server should catch and display these error messages appropriately to the users. Check what happens if user interrupts any transaction in-between? Check what happens if connection to the web server is reset in between?

4) Compatibility testing

Compatibility of your website is a very important testing aspect. See which compatibility test to be executed such as Browser compatibility, Operating system compatibility, Mobile browsing, Printing options.

5) Performance testing

Web Load Testing:  You need to test if many users are accessing or requesting the same page. Can system sustain in peak load times? Site should handle many simultaneous user requests, large input data from users, simultaneous connection to DB, heavy load on specific pages etc.

Web Stress Testing: Web stress testing is performed to break the site by giving stress and its checked as how the system reacts to stress and how it recovers from crashes. Stress is generally given on input fields, login and sign up areas.

6) Security testing

Following are some of the test cases for web security testing:

  • Test by pasting internal URL directly onto the browser address bar without login. Internal pages should not open.
  • If you are logged in using username and password and browsing internal pages then try changing URL options directly. I.e. If you are checking some publisher site statistics with publisher site ID= 123. Try directly changing the URL site ID parameter to different site ID which is not related to the logged in user. Access should be denied for this user to view others stats.
  • Try some invalid inputs in input fields like login username, password, input text boxes etc. Check the systems reaction on all invalid inputs.
  • Web directories or files should not be accessible directly unless they are given download option.
  • Test the CAPTCHA for automates script logins.
  • Test if SSL is used for security measures. If used proper message should get displayed when user switch from non-secure http:// pages to secure https:// pages and vice versa.
  • All transactions, error messages, security breach attempts should get logged in log files somewhere on the web server.

Although it was a quite a lengthy article, I enjoyed reading it. We may not get time to test every aspect of our web app, but I will definitely keep on eye on the security aspects. In our web app we have a login in screen for the members of a team. I will test the method as suggested in the article to browse internal pages then try changing URL options directly. I think it would be a fun to include CAPTCHA security measures to prevent automates script logins.

Source: http://www.softwaretestinghelp.com/web-application-testing/

 

 

From the blog CS@Worcester – Not just another CS blog by osworup007 and used with permission of the author. All other rights reserved by the author.

The Software Craftsman 7 & 8 Week 11

The first part of the reading talks about adapting technical practices and getting other developers or managers on board. Just telling developers or a manager that your going to be using something like TDD might make them question that practice because it will end up taking longer. What should be done is ask questions like do we want this to be bug free or do we want the code clean. Then once they see the advantages talk about what technical practices to use.

The second part of the reading goes on to say that the goal of being a software craftsman is to find pleasure in your work. Purpose and mastery are ideal characteristics when looking for a job, but that cannot always be done. The more experienced you become the easier it is to find jobs like this. To find this you need to know where you are in your career and work to where you want to be, nobody else can do this for you.

From the blog CS@Worcester – Software Testing by kyleottblog and used with permission of the author. All other rights reserved by the author.