Friday, October 29, 2010

WEB TESTING

Web testing checklist:

1) Functionality Testing
2) Usability testing
3) Interface testing
4) Compatibility testing
5) Performance testing
6) Security testing

1) Functionality Testing:

Test for - all the links in web pages, database connection, forms used in the web pages for submitting or getting information from user, Cookie testing.

Check all the links:

  • Test the outgoing links from all the pages from specific domain under test.
  • Test all internal links.
  • Test links jumping on the same pages.
  • Test links used to send the email to admin or other users from web pages.
  • Test to check if there are any orphan pages.
  • Lastly in link checking, check for broken links in all above-mentioned links.

Test forms in all pages:
Forms are the integral part of any web site. Forms are used to get information from users and to keep interaction with them. So what should be checked on these forms?

  • First check all the validations on each field.
  • Check for the default values of fields.
  • Wrong inputs to the fields in the forms.
  • Options to create forms if any, form delete, view or modify the forms.

Let’s take example of the search engine project currently I am working on, In this project we have advertiser and affiliate signup steps. Each sign up step is different but dependent on other steps. So sign up flow should get executed correctly. There are different field validations like email Ids, User financial info validations. All these validations should get checked in manual or automated web testing.

Cookies testing:
Cookies are small files stored on user machine. These are basically used to maintain the session mainly login sessions. Test the application by enabling or disabling the cookies in your browser options. Test if the cookies are encrypted before writing to user machine. If you are testing the session cookies (i.e. cookies expire after the sessions ends) check for login sessions and user stats after session end. Check effect on application security by deleting the cookies. (I will soon write separate article on cookie testing)

Validate your HTML/CSS:
If you are optimizing your site for Search engines then HTML/CSS validation is very important. Mainly validate the site for HTML syntax errors. Check if site is crawl able to different search engines.

Database testing:
Data consistency is very important in web application. Check for data integrity and errors while you edit, delete, modify the forms or do any DB related functionality.
Check if all the database queries are executing correctly, data is retrieved correctly and also updated correctly. More on database testing could be load on DB, we will address this in web load or performance testing below.

2) Usability Testing:

Test for navigation:
Navigation means how the user surfs the web pages, different controls like buttons, boxes or how user using the links on the pages to surf different pages.
Usability testing includes:
Web site should be easy to use. Instructions should be provided clearly. Check if the provided instructions are correct means whether they satisfy purpose.
Main menu should be provided on each page. It should be consistent.

Content checking:
Content should be logical and easy to understand. Check for spelling errors. Use of dark colors annoys users and should not be used in site theme. You can follow some standards that are used for web page and content building. These are common accepted standards like as I mentioned above about annoying colors, fonts, frames etc.
Content should be meaningful. All the anchor text links should be working properly. Images should be placed properly with proper sizes.
These are some basic standards that should be followed in web development. Your task is to validate all for UI testing

Other user information for user help:
Like search option, sitemap, help files etc. Sitemap should be present with all the links in web sites with proper tree view of navigation. Check for all links on the sitemap.
“Search in the site” option will help users to find content pages they are looking for easily and quickly. These are all optional items and if present should be validated.

3) Interface Testing:
The main interfaces are:
Web server and application server interface
Application server and Database server interface.

Check if all the interactions between these servers are executed properly. Errors are handled properly. If database or web server returns any error message for any query by application server then application server should catch and display these error messages appropriately to users. Check what happens if user interrupts any transaction in-between? Check what happens if connection to web server is reset in between?

4) Compatibility Testing:
Compatibility of your web site is very important testing aspect. See which compatibility test to be executed:

  • Browser compatibility
  • Operating system compatibility
  • Mobile browsing
  • Printing options

Browser compatibility:
In my web-testing career I have experienced this as most influencing part on web site testing.
Some applications are very dependent on browsers. Different browsers have different configurations and settings that your web page should be compatible with. Your web site coding should be cross browser platform compatible. If you are using java scripts or AJAX calls for UI functionality, performing security checks or validations then give more stress on browser compatibility testing of your web application.
Test web application on different browsers like Internet explorer, Firefox, Netscape navigator, AOL, Safari, Opera browsers with different versions.

OS compatibility:
Some functionality in your web application is may not be compatible with all operating systems. All new technologies used in web development like graphics designs, interface calls like different API’s may not be available in all Operating Systems.
Test your web application on different operating systems like Windows, Unix, MAC, Linux, Solaris with different OS flavors.

Mobile browsing:
This is new technology age. So in future Mobile browsing will rock. Test your web pages on mobile browsers. Compatibility issues may be there on mobile.

Printing options:
If you are giving page-printing options then make sure fonts, page alignment, page graphics getting printed properly. Pages should be fit to paper size or as per the size mentioned in printing option.

5) Performance testing:
Web application should sustain to heavy load. Web performance testing should include:
Web Load Testing
Web Stress Testing

Test application performance on different internet connection speed.
In web load testing, test if many users are accessing or requesting the same page. Can system sustain in peak load times? Site should handle many simultaneous user requests, large input data from users, Simultaneous connection to DB, heavy load on specific pages etc.

Stress testing: Generally stress means stretching the system beyond its specification limits. Web stress testing is performed to break the site by giving stress and checked how system reacts to stress and how system recovers from crashes.
Stress is generally given on input fields, login and sign up areas.

In web performance testing web site functionality on different operating systems, different hardware platforms is checked for software, hardware memory leakage errors,

6) Security Testing:

Following are some test cases for web security testing:

  • Test by pasting internal url directly into browser address bar without login. Internal pages should not open.
  • If you are logged in using username and password and browsing internal pages then try changing url options directly. I.e. If you are checking some publisher site statistics with publisher site ID= 123. Try directly changing the url site ID parameter to different site ID which is not related to logged in user. Access should deny for this user to view others stats.
  • Try some invalid inputs in input fields like login username, password, input text boxes. Check the system reaction on all invalid inputs.
  • Web directories or files should not be accessible directly unless given download option.
  • Test the CAPTCHA for automates scripts logins.
  • Test if SSL is used for security measures. If used proper message should get displayed when user switch from non-secure http:// pages to secure https:// pages and vice versa.
  • All transactions, error messages, security breach attempts should get logged in log files somewhere on web server.

Cookies testing:
if the cookies are encrypted before writing to user machine. If you are testing the session cookies (i.e. cookies expire after the sessions ends) check for login sessions and user stats after session end.

Please check and correct the spelling mistake for the word others status in the last line of the second case in security testing

6) Security Testing:

Following are some test cases for web security testing:

Try directly changing the url site ID parameter to different site ID which is not

CAPTCHA are challenging questions generated by machines to be responded by humans and not by machines, to make sure that the attempt to access is by a human and not by a bot. If CAPTCHA is enabled in a web login, it has to be tested.

SSL is a cryptographic protocol for securing HTTP communication over the internet. When user switches from HTTP to HTTPS or vice-versa, a message window is pops up to inform about this switching and do you want to continue.

Log files should be maintained to recording and future analysis of all web activities, so that co

Q: What is the difference between client-server testing and web based testing and what are things that we need to test?

Ans: Projects are broadly divided into two types of:
2 tier applications
3 tier applications

CLIENT / SERVER TESTING
[a] This type of testing usually done for 2 tier applications (usually developed for LAN)
Here we will be having front-end and backend.

The application launched on front-end will be having forms and reports which will be monitoring and manipulating data

Eg : applications developed in VB, VC++, Core Java, C, C++, D2K, PowerBuilder etc.,
The backend for these applications would be MS Access, SQL Server, oracle, sybase, mysql, quadbase

The tests performed on these type of applications would be
- user interface testing
- manual support testing
- Functionality testing
- compatibility testing & configuration testing
- intersystem testing

WEB TESTING
[b] This is done for 3 tier applications (developed for Internet / intranet / xtranet)

Here we will be having Browser, web server and DB server.

The applications accessible in browser would be developed in HTML, DHTML, XML, JavaScript etc.,
(we can monitor thru these applications)

Applications for the web server would be developed in Adv Java, ASP, JSP, VBScript, JavaScript, Perl, Cold Fusion, PHP etc.,
(all the manipulations are done on the web server with the help of these programs developed)

The DBserver would be having oracle, sql server, sybase, mysql etc.,
(all data is stored in the database available on the DB server)

The tests performed on these type of applications would be
- user interface testing
- Functionality testing
- security testing
- browser compatibility testing
- load / stress testing
- interoperability testing/intersystem testing
- storage and data volume testing

A web-application is a three tier application.
This has a browser (monitors data) [monitoring is done using html, dhtml, xml, javascript]-> webserver (manipulates data) [ manipulations are done using programming languages or scripts like adv java, asp, jsp, vbscript, javascript, perl, coldfusion, php] -> database server (stores data) [data storage and retrieval is done using databases like oracle, sql server, sybase, mysql] .

The types of tests which can be applied on this type of applications are:
1. User interface testing for validation & user friendliness
2. Functionality testing to validate behaviors, i/p, error handling, o/p, manipulations, services levels, order of functionality, links, content of web page & backend coverage’s
3. Security testing
4. Browser compatibility
5. Load / stress testing
6. Interoperability testing
7. Storage & data volume testing

a client-server application is a two tier application.
This has forms & reporting at front-end (monitoring & manipulations are done) [ using vb, vc++, core java, c, c++, d2k, power builder etc.,] -> database server at the backend [data storage & retrieval) [ using ms access, sql server, oracle, sybase, mysql, quadbase etc.,]

the tests performed on these applications would be
1. User interface testing
2. Manual support testing
3. Functionality testing
4. Compatability testing
5. Intersystems testing

Desktop:
01. Application runs in single memory (Front end and Back end in one place)
02. Single user only

Client/Server:
01. Application runs in two or more machines
02. Application is a menu-driven
03. Connected mode (connection exists always until logout)
04. Limited number of users
05. Less number of network issues when compared to web app.

Web:
01. Application runs in two or more machines
02. URL-driven
03. Disconnected mode (state less)
04. Unlimited number of users
05. Many issues like hardware compatibility, browser compatibility, version compatibility, security issues, performance issues, etc
see friend when we consider the security testing, both application should well secured to internal and external threat.

As per difference in both the applications come where, how to access the resources. In client server once connection is made it will be in state on connected, whereas in case of web testing http protocol is stateless, then there comes logic of cookies, which is not in client server.

Usability testing of web application

Usability testing is done for" user friendliness". In this we check how comfortable the customer is in going thru the application. Suppose for an example while logging in he forgot his password, in usability testing u have to check whether there is an "forgot password option" and if we click this it is asking for secret question or not and many things u can test like there should be minimise and maximise button for a window....and so on

What is the difference in testing a CLENT-SERVER a...

Web Server:-

1) Webserver serves pages for viewing in web browser

2) Webserver exclusively handles http requests

3) Webserver delegation model is fairly simple, when the request comes into the web server, it simply passes the request to the program best able to handle it(Server side program). It may not support transactions and database connection pooling

4) Web Server serves static HTML pages or gifs, jpegs, etc., and can also run code written in CGI, JSP etc. A Web server handles the HTTP protocol. E.g. of some web server are IIS or apache

5) A J2EE application server runs Servlets and JSPs (as part of the app server called web container is responsible for running Servlets and JSPs) that are used to create HTML pages dynamically. In addition, J2EE application server can run EJBs - which are used to execute business logic.

Application server

1) Application server provides exposes business logic for client applications through various protocols

2) Application server serves business logic to application programs through any number of protocols.

3) Application server is more capable of dynamic behaviour than web server. We can also configure application server to work as a web server. Simply application server is a superset of web server

4)An Application Server is used to run business logic or dynamically generated presentation code. It can either be .NET based or J2EE based (BEA WebLogic, Server, IBM WebSphere, and JBoss).

5)A J2EE application server runs Servlets and JSPs (as part of the app server called web container is responsible for running servlets and JSPs) that are used to create HTML

What is the difference in testing a CLENT-SERVER a...

1)The Client-server application will have two setup files, one for the Client application and the other for the Server side, so a normal performance testing for optimum working condition of the application is sufficient to be tested.

Where as in the WEB application, there is only one setup file that is for the main server, and other side the browser will manage things.

In web application, testing is done in a thorough manner that is the performance testing involves:

Stress testing, Soak testing, Volume testing, load testing

2) As far as I know, In the Client-server application, the application will be stored in the server side and it will store as .EXE file in the client.
In the Web based application, here also the application will be stored in the server but the application must be accessed through the Browser

3)0Client-server application is 2 tier Architecture and web application N-tier Architecture. Client-Server application limited but web application is unlimited Client-Server application test the icon but in web testing checks the browser and pages Client server Application test single user but in web testing checks the multi user.

What are some test cases for testing a search engine website e.g google

The test cases for a search engine would be very vast. It totally depends upon the scope of testing. Some of the test cases are as mentioned below:

1) Check for simple strings like 'cricket 2007' or ' Indian history'.
2) Test the functionality of multiple page display by clicking on page number.
3) Verify whether a combination string works like 'cricket 2007_sachin tendulkar'
4) Perform test for opening the links in new windows.

As far as I know, In the Client- server application, the application will be stored in the server side and it will store as .EXE file in the client. In the Web based application, here also the application will be stored in the