What is Web Application Testing?
Web Application Testing is a testing process which will ensure there are no issues on the Web Application and certify whether application is ready to go live or not, which can be accessed and used over the network. By testing, any organization can be sure that the web application will work perfectly and will be easily accepted by the end-users. http://… http://…Here you can find the checklist for web testing. By using the checklist, user can create test cases for any web based application. Find ultimate web application vulnerability testing checklist to make sure your app is secure.
Software Testing Tools like Cucumber, Specflow not only help us to perform regression tests but also helps us to automate data set up generation, product installation, GUI interaction, defect logging, etc.
User Interface Testing (GUI Testing) :
- Content wording used in the web pages should be correct.
- Wrap-around should occur properly.
- Instructions used in web pages should be correct (i.e. if you follow each instruction does the expected result occur?)
- Check image size specifications: Check that at least the text of the page appears quickly.
- View in text browser: Test each web page in text-only browser, or text-browser emulator. It will help you pick up on badly-chosen or missing ALT texts.
- Switch images off: Check that sensible ALT texts have been provided for images.
- Check sensible page titles.
- Resolution change effect on web pages
- Image spacing – To verify that images are displaying properly with text.
- Print – Printing should be proper.
We Also provide training on below courses by working professionals
1. Links/URL Testing: There are mainly 4 types of links in most websites – Internal links (Test the links that point to the pages of the same website). External links (Test the links that point to external websites.) Mail links (Test if the email links open the default email client with the recipient email ID already filled in the “To” field.) Broken links (Test if any of those links are broken or dead).
2. Forms Testing: The web forms should be consistent and should contain all the required input and output controls. Test the integrity of the web forms and the consistency of the variables.
3. Validation Testing: To make sure that valid HTML and CSS. Test the different fields for field level validation. Test and validate user inputs like: TextBox inputs, DropDownBox selections, KeyDown, KeyPress, KeyUp etc.
4. Test the Error messages: Test all the error messages whether it misguides the end user.
5. Testing optional and mandatory fields: Test if the web forms handle the optional and mandatory fields efficiently. Ideally, the application should not allow to proceed unless ALL the mandatory fields are filled and should not restrict from proceeding if any of those optional fields unfilled.
6. Database Testing: Testing the database for its integrity becomes essential to make sure the website is able to handle the data processing effectively. TestComplete allows you to perform functional testing of web applications to verify that they work properly.
1. Data display on browser should match with data available on server: To test browser and server interface, run queries on the database to make sure the transaction data is being retrieve and store properly.
2. Error Handling: Make sure system can handle application errors.
1. Test on different Operating systems: Test your web application on different operating systems like Windows (XP, Vista, Win7 etc), Unix, MAC, Linux, Solaris with different OS flavors.
2. Test on different Browsers: Test web application on different browsers like:
- Firefox, as that has the best standards compliance and is the second most-used browser.
- Internet Explorer for Windows – currently the most widely used browser (IE6, IE7, IE8).
- Opera – growing in popularity due to its speed and pretty good standards compliance.
3. Mobile browsing: This is new technology age. So in future Mobile browsing will rock. Test your web pages on mobile browsers. Compatibility issues may be there on mobile.
1. Limit should be defined for the number of tries: Is there a maximum number of failed logins allowed before the server locks out the current user?
2. Verify rules for password selection.
3. Is there a timeout limit?
4. Test by pasting internal url directly into browser address bar without login. Internal pages should not open.
5. Test the CAPTCHA for automates scripts logins.
6. Test if SSL is used for security measures. If used proper message should get displayed when user switch from non-secure http:// pages to secure https:// pages and vice versa.
7. All transactions, error messages, security breach attempts should get logged in log files somewhere on web server.
8. Clear your Cache: Be sure to clear the browser cache, including cookies, before each test.
9. SQL injection: To test for SQL injection bugs, find places where users can enter text, such as where the text is used to perform a lookup function, according to Breach. Then type a single quote character and some text. If the application shows an error message from your database, then you’re likely housing an SQL injection bug.
10. (SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution.)
11. Session hijacking: If your application has a session identifier number in the URL decrease that number by one and reload the page. The app has a session hijacking vulnerability if the app then “sees” you as a different user.
As with any software, web applications need to be tested thoroughly before deployment. While test suites have been developed for the unit testing of (back-end/business logic) code developed in say Java or C#, testing the front-end of a web application is still a manual activity (across many projects).
Cookies Testing: Cookies are small files stored on user machine, mainly login sessions. Tests should cover enabling and disabling the cookies. Similarly test should be done on application security by deleting the cookies. Poor handling of cookies can result in security holes and vulnerabilities that can be taken advantage by malicious users and hackers.
Performance Testing: Performance testing should be done to ensure that heavy load will not break the web application. This includes – Load Testing and Stress testing. In web load testing, testing should be done to ensure that, system can sustain in peak load times, site can handle simultaneous user requests, large input data from users, simultaneous connection to db, heavy load on specific pages etc.Web stress testing should be done to break the system by giving stress and to ensure that it is capable of recovering from crashes.
Similarly test by passing internal urls directly into address bar of the browser without login and check whether the pages are opening or not. All transactions, error messages, security breach attempts should be logged in log files somewhere in web server.
Free Tools which plays very important role in web site testing:
1. Bug Tracking Tool: Bugzilla
2. Recording the bug in video format: Screencast-o-matic
3. Tool for taking Screen-shots for reporting the bug: Fireshot
4. Compatibility testing tools: Browser Sandbox and Adobe BrowserLab
5. Tool to Monitor CSS and HTML: Firebug
6. Tool to ensure valid HTML: HTML Validator
7. Performance testing tool: Page Speed by Google
8. To find Broken Links: Pinger Ad-on and brokenlinkcheck
9. For checking the spelling of content: Spell Check