Upload
rajesh0201
View
219
Download
0
Embed Size (px)
Citation preview
8/14/2019 Web Application Testing and Standards for Web
1/34
Web Application Testing
andStandards for Web Application
8/14/2019 Web Application Testing and Standards for Web
2/34
What is a Web Application?
A web application is a dynamic extension of web or application
server.Ability to update and maintain web applications without
distributing and installing software on any of the client computers
is a key reason for the popularity and vast adoption in today's
application development approach.A significant advantage for building web applications being that
they should perform as specified, regardless of the operating
system or OS version installed on the given client.
In addition, web applications are typically storing both the
program and data on the centralized hosting server, make it easy
to maintain and backup, at the same time require very minimal
disk space on the client PC.
8/14/2019 Web Application Testing and Standards for Web
3/34
How is Web Application different from DesktopApplication and Client-Server Application?
Desktop Application
-- Runs on personal computers and work stations, so when you test
the desktop application you are focusing on a specific environment.
--- Testing of complete application can be divided broadly into
categories like GUI, functionality, Load, and backend i.e DB.
8/14/2019 Web Application Testing and Standards for Web
4/34
How is Web Application different from DesktopApplication and Client-Server Application?
Client Server Application--- 2 different components to test. A client-server application is a
distributed system comprising both client and server software.
--- Testing of complete application can be divided broadly intocategories like, GUI on both sides, functionality, Load, client-server
interaction, backend, Manual support testing, Functionality
testing, Compatibility testing & configuration testing, Intersystem
testing--- This environment is mostly used in Intranet networks. We are
aware of number of clients and servers and their locations in the
runtime scenario.
8/14/2019 Web Application Testing and Standards for Web
5/34
How is Web Application different from DesktopApplication and Client-Server Application?
Web Application-- Is a bit different and complex to test as there is not much controlover the application.
-- Application is loaded on the server whose location may or may
not be known and no exe is installed on the client machine, thisruns on different web browsers.
-- Web applications are supposed to be tested on different browsers
and OS platforms so broadly Web application is tested mainly for
browser compatibility and operating system compatibility, errorhandling, static pages, backend testing and load testing.
-- User interface testing, Functionality testing, Security testing,
Browser compatibility testing, Load / stress testing, Interoperability
testing/intersystem testing, Storage and data volume testing.
8/14/2019 Web Application Testing and Standards for Web
6/34
Different Types of Web Architecture
2-Tier architecture 3-Tier architectureModel-View-Controller (MVC) Architecture
Service-Oriented Architecture (SOA)
8/14/2019 Web Application Testing and Standards for Web
7/34
Different Types of Web Architecture
2-Tier architecture-- In the early days of web computing, most websites deployed a 2-
tier architecture, which consisted of a web server that processed
HTTP requests and a database server that provided a back-end data
store.-- Application logic that served the website resided on the web
server, which interacted directly with databases and generated
dynamic web pages based on the query results.
-- Because of its simplicity, 2-tier architecture is still vastly in usenowadays, but it is only recommended for simple application only.
8/14/2019 Web Application Testing and Standards for Web
8/34
Different Types of Web Architecture
3-Tier Architecture
-- The 3-tier architecture model adds an application server tier to
handle the business logic of a web application.
-- With a 3-tier architecture, adding more web server tier machinescan address the problem of slow static web page response times. If
response times for processing transaction requests are slow, adding
more application-server tier machines can improve their
performance.
8/14/2019 Web Application Testing and Standards for Web
9/34
Different Types of Web Architecture
Model-View-Controller (MVC) Architecture
-- The main aim of MVC architecture is to separate the business
logic and application data from the presentation data to the user.
-- MVC architecture is triangular: the View sends updates to theController, the Controller updates the Model, and the View gets
updated directly from the Model.
-- MVC is often seen in web applications, where the View is the
actual HTML page, and the Controller is the code that gathersdynamic data and generates the content within the HTML.
8/14/2019 Web Application Testing and Standards for Web
10/34
Different Types of Web Architecture
Service-Oriented Architecture (SOA)-- Service Oriented Architecture (SOA) is an architectural style for
creating and using business processes, packaged as services,
throughout their lifecycle.
-- SOA separates functions into distinct units (services), which canbe distributed over a network and can be combined and reused to
create business applications.
-- SOA may be implemented using a wide range of technologies,
including SOAP, RPC, DCOM, CORBA, Web Services or WCF,and it can be implemented using one or more of these protocols.
8/14/2019 Web Application Testing and Standards for Web
11/34
Identify WEB Applications Testing Strategy
Techniques for Web Application Testing:1. Page Flow Testing/Navigation Testing
2. Security Testing
3. Cookies and Session Testing
4. Links Testing5. Performance Testing
6. Connectivity Testing
7. Cross-Browser Testing
8. Usability Testing9. Navigation Testing
10. Content Testing
11. Fail Over Testing
8/14/2019 Web Application Testing and Standards for Web
12/34
Page Flow Testing/Navigation Testing
It deals with ensuring that each page can be viewed via specific
previous pages and that the application does not confuse the
Users by jumping to random pages.
A page flow diagram is a very useful aid for checking thecorrectness of the navigation/page flow within the application.
8/14/2019 Web Application Testing and Standards for Web
13/34
Page Flow Testing/Navigation Testing
Testing strategies: Manual Execution Use of Bookmarks Establish a session - navigate through pages in random order Navigate through the pages in unnatural path (Negative) Use faked session interaction (Negative)
8/14/2019 Web Application Testing and Standards for Web
14/34
Security Testing
It is the process to determine that an IS (Information System)
protects data and maintains functionality as intended.
Security testing is providing evidence that an application
sufficiently fulfills its requirements in the face of hostile andmalicious inputs.
8/14/2019 Web Application Testing and Standards for Web
15/34
Security Testing
Testing strategies: Unauthenticated access to the application
Unauthorized access to the application Unencrypted data passing (if encyption of data is being done) Protection of data Log files to be checked to ensure they do not contain sensitive
information
8/14/2019 Web Application Testing and Standards for Web
16/34
Security Testing
Testing Strategies:
Multiple login testing by a single user from several clients
Automatic Logout after "N" minutes of inactivity
Attempt to break into the application by running password
cracking programs
Faked sessions. Checking for valid and secure session
information (URL containing a Session indentifier should not beallowed to be copied into another system and the application be
continued from different system without being detected)
8/14/2019 Web Application Testing and Standards for Web
17/34
Cookies and Session Testing
What is a Cookie?
Cookie is a small information stored in a text file on user's harddrive by the web server and this information is later used by the web
browser to retrieve information from the machine. Generally cookie
contains persinalized user data or information that is used to
communicate between different web pages.Types of Cookies:
(i) Session Cookies - This cookie is active till the browser that
invoked the cookie is active. The session cookie gets deleted when the
browser is closed. Some time session of few minutes can be set forthe session cookie to expire.
(ii) Persistent Cookies - These cookies that are written
permanently on the user machine last for months or years.
8/14/2019 Web Application Testing and Standards for Web
18/34
8/14/2019 Web Application Testing and Standards for Web
19/34
Cookies and Session Testing
Testing strategies: (Session testing)
Application session should get expired after a predefined period
of time
Back-Forward button functionality
Check for multiple logins from the same machine (Using same
browser or multiple browsers)
8/14/2019 Web Application Testing and Standards for Web
20/34
Links Testing
It deals with all the elements which are responsible for proper
viewing of the web pages in the application.
Testing strategies:Can the page be downloaded and displayed? Do all the objects on a page load correctly? Do all the objects on a page load in an acceptable time?
If User turns off umages, uses a non-graphical or no-framesbrowser, does it still work? Do all the text and graphical links work?
8/14/2019 Web Application Testing and Standards for Web
21/34
Links Testing
Linked pages (Clicking hyperlinks to navigate to other pages)
Frame pages (Does each HTML page inside a frame loadaccurately when a page is divided into different frames)
Do Images used for graphical appearance or as buttons to
navigate function properly?
Form handlers, where these are CGI scripts, Active ServerPages, etc.
Do Active X, Java Applets and other objects that are
downloaded and executed within the browser act properly?
Do other content files, such as video (AVI, MPEG). and audio(WAV, AU, MIDI, MPEG) files work properly?
Do other Internet protocols such as email links, FTP,
Newsgroup links and feeds work properly?
8/14/2019 Web Application Testing and Standards for Web
22/34
Performance Testing , Load Testing and StressTesting
It deals with assessing the system's capacity for growth, identifyingthe weak points in the architecture, detect obscure bugs in software,
tuning requiremnts of the system, verifying resilience and
reliability of the application.
-- Performance - is about response, time lapses, duration ... etc.
-- Load testing - is about test behavior under normal/peak workload
conditions. Load is more about characterizing / simulating your
actual workload.
-- Stress testing - is about surfacing issues under extreme
conditions and resource failures.
8/14/2019 Web Application Testing and Standards for Web
23/34
Performance Testing , Load Testing and StressTesting
Testing strategies:
Multiple User transactions
Multiple Users accessing same page Multiple Users performing transactions including huge data,
entering huge data onto forms, huge data file uploads etc.
8/14/2019 Web Application Testing and Standards for Web
24/34
Connectivity Testing
It involves determining if the servers and clients behave
appropriately under varying circumstances. Involves two aspects:
"Voluntary", where a user actively interacts with the system in anunexpected way; "Involuntary", where the system acts in an unpredictable manner.
8/14/2019 Web Application Testing and Standards for Web
25/34
Connectivity Testing
Testing strategies: (Voluntary) Quit from session without the User saving state Quit from session with the User saving state Server-forced quit from session due to inactivity
Server-forced quit from session due to server problem Client forced quit from session due to visiting another site in the
middle of the session for a brief period of time Client forced quit from session due to visiting another site /
application for an extended period of time Client forced quit from session due to client PC crashing Client forced quit due to browser crashing
8/14/2019 Web Application Testing and Standards for Web
26/34
8/14/2019 Web Application Testing and Standards for Web
27/34
Connectivity Testing
Testing strategies: (Involuntary)Database Server On/Off Test. Shutdown the database server
and then restart it (User should be able to connect back to the
application without being redirected to the login page proving
statelessness of individual pages. Note: Shutdown only for theDatabase server, not for the application server) Application Server On/Off Test. Shutdown the database server
and restart it (2 possible outcomes: (i) Application redirects to an
error page indicating loss of connectivity and the user is requestedto login and retry. (ii) Application continues normally since no
session information was lost as it was held in a persistent state that
transcends application server restarts)
8/14/2019 Web Application Testing and Standards for Web
28/34
Browser Testing
Cross-browser testing and debugging can be the most
frustrating. It is always advisable to discuss with the client
about the browser compatibility at the early phase.
To be at the safer side, it is good to have an agreement on whichbrowsers the web application pages will match the approved
layouts and make it clear that the rest of the browsers may match
to the agreed upon layout.
8/14/2019 Web Application Testing and Standards for Web
29/34
Browser Testing
Testing strategies:
Use HTML Validator and CSS Validator to check HTML and
CSS errors
Use Browser Compatibility testing tools
Manually test on different browsers
8/14/2019 Web Application Testing and Standards for Web
30/34
Usability Testing
It includes testing the application from User point of view and
focus on the objectives, Informational Content, UI Functionality,
User Performance, Load Imposed on the End-User, Satisfaction of
End-User, Cost-Benefit Analysis.
8/14/2019 Web Application Testing and Standards for Web
31/34
Usability Testing
Testing strategies:
Checks the citation, credibility, coverage, currency, continuity,
language and objectivity of the Content
Checks for advance components to make things simpler for Users
Checks for Colors and Backgrounds, Alignment and Layout,
Consistency of the application
Focus on Form designs, Graphic designs, labelling, Page/siteDesign, Search functionality etc
8/14/2019 Web Application Testing and Standards for Web
32/34
Navigation Testing
This deals with the readiness if finding required content orsection within the application.
Testing strategies: Global, Local, Contextual Navigation Indication of "Where am I" Grouping of like objects Positioning and placement Site structure (Site Map) Clearly Marked Exits Bookmark - Easily undestandable names Consistency throughout the web application
8/14/2019 Web Application Testing and Standards for Web
33/34
Content Testing
Two types of content - (i) Static Content, (ii) Dynamic Content
Testing strategies: (Static Content)
Verify for correctness
Verify for accuracy
Verify organization of content
Testing strategies: (Dynamic Content)
Test by feeding new content Try all possible combinations (wrong data, huge amount of data,
not matching the expected type of content, with and without
graphics)
8/14/2019 Web Application Testing and Standards for Web
34/34
Fail Over Testing
Failover Tests verify of redundancy mechanisms while the system
is under load. Failover testing allows technicians to address
problems in advance, in the comfort of a testing situation, rather
than in the heat of a production outage. It also provides a baseline
of failover capability so that a 'sick' server can be shutdown with
confidence, in the knowledge that the remaining infrastructure will
cope with the surge of failover load.
Testing strategies: In a web environment, failover testing determines what will
happen if multiple web servers are being used under peak
anticipated load, and one of them dies.