Testing Web Applications

  

Answer the questions in full sentences no use of big words. No use of any other sources, you are only allowed to use the powerpoint im uploading.
it355unit11.pptx

quiz8.docx

Don't use plagiarized sources. Get Your Custom Essay on
Testing Web Applications
Just from $10/Page
Order Essay

Unformatted Attachment Preview

IT355
Unit 11 – Testing Web
Applications
Summer 2016
Dr Diane Murphy
4/6/2016
1
Topics







Content vs. software vs. databases
User environments
Browser compatibility
System upgrades
Security implications
Risks associated with new applications
Testing the effectiveness of integrating new
technologies
4/6/2016
2
Web Site Testing
• Web sites are essentially client/server
applications
– Web server, database server, etc
– Browser is client on any platform
• Considerations
– HTML/CSS/JavaScript/Flash/Silverlight/Ajax page
– TCP/IP communications
– Internet connections
– Firewalls and their impact
– Applications that run on a range of servers
3
Additional Considerations
• Wide variety of servers and browsers
– Various versions of each
• Small but sometimes significant differences
between them
– New versions constantly being introduced
• Variations in connection speeds and screen sizes
• Rapidly changing technologies
– Load balancing
– Content distribution networks
• Multiple standards and protocols
4/6/2016
4
Types of Testing
• White-box testing for client functions
– HTML
– CSS
– JavaScript
– Ajax
• Black-box testing for server functions
– Load balancers
– Web server(s)
– Applications server
– Database server
4/6/2016
5
Questions To Think About
• Who is the target audience?
– What kind of browsers will they be using?
– What kind of connection speeds will they be
using?
– Are they intra-organization (thus with likely high
connection speeds and similar browsers) or
Internet-wide (thus with a wide variety of
connection speeds and browser types)?
• What kind of performance is expected on the
client side (e.g., how fast should pages appear,
how fast should applets, etc. load and run)?
4/6/2016
6
Questions to Answer
• What are the expected loads on the server
(e.g., number of hits per unit time?)
• What kind of performance is required under
such loads (such as web server response time,
database query response times)
• What kinds of tools will be needed for
performance testing (such as web load testing
tools, other tools already in house that can be
adapted, web robot downloading tools, etc.)?
4/6/2016
7
More Questions
• Will down time for server and content
maintenance/upgrades be allowed? how much?
• What kinds of security (firewalls, encryptions,
passwords, etc.) will be required and what is it
expected to do? How can it be tested?
• How reliable are the site’s Internet connections
required to be? And how does that affect backup
system or redundant connection requirements
and testing?
4/6/2016
8
More Questions
• What processes will be required to manage updates
to the web site’s content?
• What are the requirements for maintaining, tracking,
and controlling page content, graphics, links, etc.?
• Which HTML specification will be adhered to? How
strictly? What variations will be allowed for targeted
browsers?
• Will there be any standards or requirements for page
appearance and/or graphics throughout a site or
parts of a site??
4/6/2016
9
More Questions
• How will internal and external links be validated and updated?
how often?
• Can testing be done on the production system, or will a
separate test system or staging server be required?
• How are browser caching, variations in browser option
settings, dial-up connection variabilities, and real-world
internet ‘traffic congestion’ problems to be accounted for in
testing?
• How extensive or customized are the server logging and
reporting requirements; are they considered an integral part
of the system and do they require testing?
4/6/2016
10
More Questions
• How are cgi programs, applets, JavaScript,
ActiveX components, etc. to be maintained,
tracked, controlled, and tested?
• How long are pages? Are they 3-5 screens max
unless content is tightly focused on a single
topic? If larger, are internal links provided
within the page?
4/6/2016
11
More Questions
• Are page layouts and design elements be consistent
throughout a site, so that it’s clear to the user that
they’re still within a site?
• Are pages as browser-independent as possible, or
are pages provided or generated based on the
browser-type?
• Do all pages have links external to the page; there
should be no dead-end pages?
• Is the page owner, revision date, and a link to a
contact person or organization included on each
page?
4/6/2016
12
Web Testing Checklist
1)
2)
3)
4)
5)
6)
Functionality Testing
Usability testing
Interface testing
Compatibility testing
Performance testing
Security testing
4/6/2016
13
1. Functionality Testing
• “Testing that bases its test cases on the
specifications of the component under test”
• Make sure the Web page does what it is
intended to do
• Test all forms used in the web pages for
submitting or getting information from users
• Make additional checks on functionality that
seem appropriate
4/6/2016
14
Basic Testing
• How do you get to the page?
– Test the link to the page by entering URL
– Is it accessible from a search engine?
• Does the page display correctly and it is easy
to understand its functionality?
• Does the page do what it says it will do?
• Can you display any embedded information
such as a pdf file?
4/6/2016
15
Validate Metatags
• If you are optimizing your site for search
engines then HTML/CSS validation is very
important
• Verify metatags to ensure that effective and
do not validate copyright
• Mainly validate the site for HTML syntax errors
and Search Engine Optimization (SEO)
• Check if site is crawlable to different search
engines
• Check search engine presence
4/6/2016
16
Tests for Navigation
• Navigation means how the user surfs the web
pages
• Need to test the different controls like
buttons, boxes or how user using the links on
the pages to surf different pages
• If a menu is provided on each page, it should
be consistent
• Links can and do change so need to test often
– Tools to check automatically
4/6/2016
17
Content Checking
• Content should be logical and easy to understand
– Check for spelling and grammatical errors
– Use of contrasting colors
– Section 508 compliance if government site
• Follow some standards that are used for web
page and content building
• Content should be meaningful
– No typos
– Images should be placed properly with proper sizes
4/6/2016
18
Help Features
• Help features include search option, sitemap,
help files etc
• Sitemap should include all the links in web
sites with proper tree view of navigation
– Check for all links on the sitemap
• “Search in the site” option helps users to find
content pages they are looking for quickly
• These are all optional items and if present
should be validated
4/6/2016
19
2. Usability Testing
• “Verifies the ease with which a user can learn
to operate, prepare inputs for, and interpret
outputs of a system or component”
• Web site should be easy to use
• Instructions should be provided clearly so
check if the provided instructions are correct
• Some basic standards that should be followed
in web development
• Validate all for user interface (UI) testing
4/6/2016
20
Website Usability Testing
• Why do websites have problems?
– Many design sites for people to read them
– Instant access has made us impatient
– People don’t read, they scan1
– 80% of web users give the Web site several seconds
to get their attention
• Usability testing helps provide a clear path for
the website users
1Jacob
Nielson October 1997 “How Users Read on the Web”
Healthcare.gov Example
from www.nngroup.com
• Allow users to see the product/information before registering
• Keep calls to action and other pertinent information above
the fold
• Prepare the users
• Number the steps
• Use email as username
• Simplify password requirements
• Provide specific and actionable rror messages
• Display passwords as users type them
• Remove unnecessary steps
• Simplify instructions and content for low-literacy readers
4/6/2016
22
4/6/2016
23
4/6/2016
24
4/6/2016
25
4/6/2016
26
Website Usability Testing
• Summary
– Create real world tasks from site goals
– Recruit from target market(s)
– Use 3 subjects per test period
– Test early and often
– Encourage out loud thinking from test subjects
– Don’t over analyze – just start doing it!
3. Interface Testing
• “Testing conducted to evaluate whether systems or
components pass data and control correctly to one
another. It is usually performed by both testing and
development teams”
• For Web it includes:
– Making sure that links work
– Interaction between the browser and server particularly
when data is entered or displayed
– Interaction with database in backend
– Interaction with other applications, such as Adobe Reader
for pdf files
4/6/2016
28
Checking Links
• Test the outgoing links from all the pages from
specific domain under test
• Test all internal links
• Test links jumping on the same page
• Test links used to send the email to admin or
other users from web pages
• Test to check if there are any orphan pages
– Pages no longer used in application but Web page
still on the server
4/6/2016
29
Testing Forms
• Forms are the integral part of many web sites
• Forms are used to get information from users
and to keep interaction with them
• So what should be checked on these forms?
– First check all the validations on each field
– Check for the default values of fields
– Validate that wrong inputs to the fields in the
forms give appropriate messages
– Check any Javascript appliation
4/6/2016
30
Cookies Testing
• Cookies are basically used to maintain the session
mainly login sessions
• Test the application by enabling or disabling the
cookies in your browser options
• Test if the cookies are encrypted before writing to
user machine
• If you are testing the session cookies (i.e. cookies
expire after the sessions ends) check for login
sessions and user stats after session end
• Check effect on application security by deleting the
cookies
4/6/2016
31
Database Testing
• Data consistency is very important in web
application
• Test database connection and what happens
when database not available or fails
• Check for data integrity and errors while you
edit, delete, modify data on the forms or do
any DB related functionality
• Check if all the database queries are executing
correctly, data is retrieved correctly and also
updated correctly
4/6/2016
32
4. Compatibility Testing
• “Validates how well a software performs in a
particular hardware/software/operating
system/network environment”
• For Web applications, three main
characteristics:
– Computer/operating system (MAC, PC, etc)
– Browser: type and version
– Screen resolution
• Connectivity to Internet may also be an issue
4/6/2016
33
5. Performance Testing
• “Evaluates the compliance of a system or
component with specified performance
requirements”
• Especially important for Web applications
when server can crash if it becomes
overloaded
• Important to identify the breaking point so
that can track number of visits or “hits” on an
ongoing basis
4/6/2016
34
Browser Issues
• Can do some limited performance testing on
the browser
• Factors that might affect machine
performance might be:
– Disk space availability
– Machine memory
– Other programs running on machine
– Internet connectivity speed
4/6/2016
35
6. Security Testing
• “A process to determine that an information
system protects data and maintains
functionality as intended”
• Most important if personally identifiable
information is identified (PII)
• Make sure use https: when such information
(e.g. credit card information is used)
• Verify information that is stored in the cookie
to identify you either directly or through a
third party
4/6/2016
36
Why the Web is Vulnerable?Security
Securing the application
Input validation
Session mgmt
Authentication
Authorization
Config mgmt
Error handling
Secure storage
Auditing/logging
Web server
App server
Apps
Database
Host
Host
Firewall
Firewall
Apps
DB server
Host
Securing the network
Securing the host
Router
Patches/updates
Accounts
Ports
Firewall
Services
Files/directories
Registry
Switch
Protocols
Shares
Auditing/logging
Web Application Behaviour
 HTTP is stateless and hence requests and responses to communicate
between browser and server have no memory
 Most typical HTTP requests utilise either GET or POST methods
 Scripting can occur on:
 Server-Side (e.g. perl, asp, jsp)
 Client-Side (javascript, flash, applets)
 Web server file mappings allow the web server to handle certain file
types using specific handlers (ASP, ASP.NET, Java, JSP,CFM etc)
 Data is posted to the application through HTTP methods, this data is
processed by the relevant script and result returned to the user’s
browser
38
HTTP POST
HTTP GET
“GET” exposes sensitive authentication information in the URL
 In Web Server and Proxy Server logs
 In the http referer header
 In Bookmarks/Favorites often emailed to others
“POST” places information in the body of the request and not the URL
Enforce HTTPS POST For Sensitive Data Transport
39
What are HTTP Headers?
•HTTP headers are components of the message header
of HTTP Requests and Responses
•HTTP headers define different aspects of an HTTP
transaction
•HTTP headers are colon-separated name-value pairs in
clear-text string format, terminated by a carriage
return (CR) and line feed (LF) character sequence.
http://en.wikipedia.org/wiki/List_of_HTTP_header_fields
Firewalls
• Functionality of a site can be impacted by
other factors
• Firewalls may be in two place:
– Browser may have to go through firewall to get to
the Internet
– Server and/or backend databases may be behind
one of more firewalls
• Firewalls may prevent certain messages from
being transmitted that may affect the
functionality
4/6/2016
41
Browser Controls
• Browsers can be set to limit what web content
is assessed or displayed on the screen
• Most browsers allow for user control of:
– Security setting based on some black list of sites,
general or controlled by the user
– Control over permanent cookies
– Control over “active content” such as Java
• Set most restrictive settings to test what
happens to the software
4/6/2016
42
Exercise 11: Test Cases for Web
• In pairs, write down at least ten test cases to
test part of my Canvas Web application:







Modules
Content pages
Quizzes
Grades
Assignments
Discussions
To Do List
• Upload to Canvas with your site name as the
document title
4/6/2016
43
1) Describe the type of testing that you would apply to the content of an
informational web page such as the Marymount University home page.
2) Browsers have many optional settings, list 3 that you might modify in a standard
test of an informational website
3) What tests would you do to evaluate whether a web site uses responsive design
4) What security test might you conduct to evaluate a simple web registration form
that collects the following information: name. Age, username, password
Give at least 3 specific examples
5) You are testing an existing web site for its potential performance on search sites
such as Google, where on the site will you be looking and for what
6) Explain the different security aspects of the GET and POST commands when
sending data from a web form
7) Explain the types of tests of a web application that would be classified as
interface testing and why
8) You are asked to test the Marymount web site and have to limit your testing to 3
device types. Which devices would you choose and why
9) You are asked to test the external and internal links from a web page on a
monthly basis. What are you looking for and what tools might you use?
10) How and why might you test cookies on the Marymount web page?

Purchase answer to see full
attachment

Place your order
(550 words)

Approximate price: $22

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more

Order your essay today and save 30% with the discount code ESSAYSHELP