First, functional testing
For the testing of the site, each individual function module needs a separate test case for the design and export, mainly based on the requirements specification and detailed design instructions, for the application module requires the designer to provide basic path testing method test cases.
1 , Link testing
Link is a main feature of Web application system, it is the main means to switch between pages and instruct users to go to some pages that do not know the address. Link testing can be divided into three areas:
1) test that all links are actually linked to the linked page as instructed;
2) test whether the linked page exists;
3) To ensure that there are no orphaned pages on the Web application system, the so-called orphaned page refers to a page that is not linked to, and is accessible only if the correct URL address is known.
Link testing can be done automatically, and now there are many tools to take. Link testing must be done during the integration testing phase, that is, link testing after all page development of the entire Web application system is completed.
Xenu------Main test Link correctness tool
Unfortunately, there are some errors in testing for dynamically generated pages.
2 , form testing
When users submit information to the Web application administrator, they need to use form actions, such as user registration, login, information submission, and so on. In this case, we must test the integrity of the commit operation to verify the correctness of the information submitted to the server. For example: The user fills in the birth date and the occupation is appropriate, fills in the province and the city whether matches and so on. If a default value is used, verify that the default value is correct. If the form can only accept certain values that are specified, it is also tested. For example, only certain characters can be accepted, and these characters may be skipped during testing to see if the system will make an error.
To test these programs, you need to verify that the server is saving the data correctly, and that the program running in the background can interpret and use the information correctly.
b/S structure implementation of the function may be the main here, submit data, processing data, etc. if there is a fixed operation flow can consider the automated test tool recording function, write reusable script code, can be run during testing, regression test to reduce the workload of testers.
We test each function in each functional module of the UM subsystem in the following ways: Boundary value test, equivalence class test, and Anomaly class test. The test ensures that each type has more than 2 typical input values to ensure a comprehensive test input.
3 , Cookies Test
Cookies are usually used to store user information and the user's operation in an application, and when a user accesses an application using cookies, the Web server sends information about the user and stores the information in the form of a cookie on the client computer. This can be used to create dynamic and custom pages, or to store login information.
If the Web application uses cookies, it must check that the cookies are working and that the information is encrypted. The content of the test may include whether the cookie is working, whether it is saved at the scheduled time, and what effect the refresh has on cookies.
4 , design language testing
Differences in web design language versions can cause serious problems on the client or server side, such as which version of HTML to use. This issue is especially important when developers are not together when developing in a distributed environment. In addition to the HTML version problem, different scripting languages, such as Java, Javascrīpt, ActiveX, vbscrīpt, or Perl, are also validated.
5 , Database Test
In the Web application technology, the database plays an important role, and the database provides the space for the management, operation, query and realization of the user's request to the data storage. In Web applications, the most common type of database is a relational database, and you can use SQL to process information.
In a Web application system that uses a database, there are generally two types of errors that can occur, namely, data consistency errors and output errors. Data consistency errors are mainly caused by incorrect form information submitted by users, and output errors are mainly caused by network speed or programming problems, which can be tested separately for both cases.
Second, performance testing
Performance testing of the site is very important to the operation of the site, but at present, the performance of the site is not enough, we do not have a good benchmark in the design of the system can be consulted, so the establishment of a website performance testing of a complete set of test plans will be crucial.
The performance testing of the website is conducted from three aspects: Connection speed test, load test and stress test (Stress),
The connection speed test refers to a response speed test that opens a Web page . Load testing refers to the testing of some boundary data, the stress test is more like a malicious test, stress testing tendencies should be caused by the entire system crash.
1 , connection Speed test
The speed at which users connect to Web applications varies depending on how they surf the internet, and they may be telephone dialing or broadband access. When downloading a program, the user can wait a long time, but if you only visit a page it will not. If the response time of the web system is too long (for example, more than 5 seconds), the user will leave without patience.
In addition, some pages have a timeout limit, if the response is too slow, the user may not have time to browse the content, you need to re-login. Moreover, the connection speed is too slow, may also cause the data loss, causes the user to get the real page.
2 , load Testing
Load tests are designed to measure the performance of a web system at a certain load level to ensure that the web system functions properly within the requirements range. The load level can be the number of users who have access to the Web system at any one time, or the amount of online data processing. For example: How many users can the Web application system allow to be online at the same time? What happens if you exceed this number? Can web applications handle a large number of users ' requests for the same page?
3 , stress testing
The load test should be scheduled to be tested in the actual network environment after the web system is published. Because a company's internal staff, especially the project team, is always limited, and a web system can process the number of requests at the same time far beyond this limit, so only on the Internet, accept load testing, the results are correct and trustworthy.
Stress testing refers to the actual destruction of a Web application system, the test system reflects. Stress testing is the ability to test system limitations and resiliency, which means that testing Web applications will crash and under what circumstances. Hackers often provide incorrect data loads until the Web application crashes and then gain access when the system restarts.
Areas of stress testing include forms, landing, and other information transfer pages.
Test tools used:
Performance tests can be automated with the appropriate tools, and we currently use the following tools
AB-----test Tools for Apache
opensta-Development system Test architecture
Third, the interface test
In many cases, Web sites are not orphaned. Web sites may communicate with external servers, request data,
Validate data or submit orders.
1 , Server Interface
The first interface to test is the interface between the browser and the server. The tester submits the transaction and then views the server
Record, and verify that what you see on the browser is exactly what happened on the server. Testers can also query the database to verify that the transaction data is saved correctly.
2 , External interface
Some web systems have external interfaces. For example, online stores may want to validate credit card data in real time to reduce fraudulent lines
For the occurrence. When testing, you use the Web interface to send transactional data that validates valid credit cards, invalid credit cards, and stolen credit cards, respectively. If the store uses only Visa and Mastercard cards, you can try to use the data from the Discover card. (A simple client script can identify the code before committing the transaction, for example, 3 means American express,4 means that visa,5 represents mastercard,6 representing Discover.) Typically, testers need to verify that the software is able to handle all possible messages returned by the external server.
3 , error handling
The easiest place to be overlooked by the tester is interface error handling. Usually we try to make sure that the system can handle all errors.
Error, but cannot anticipate all possible errors in the system. Try to interrupt the transaction during processing to see what happens?
is the order complete? Try to interrupt the user's network connection to the server. Attempt to interrupt the Web server to the credit card verification service
The connection to the service device. In these cases, can the system handle these errors correctly? has the credit card been charged? If
The user interrupts the transaction, and when the order is saved and the user does not return to the site confirmation, the Customer representative
Confirm the order with the electricity user.
Iv. Usability Testing
Usability/usability At present we can only use manual testing method to judge, and lack of a good benchmark to carry out, this aspect needs to be discussed together.
1 , navigation testing
Navigation describes how a user operates within a page, between different user interface controls, such as buttons, dialogs, lists, Windows, and so on, or between different connection pages. You can decide whether a Web application is easy to navigate by considering the following questions: is navigation intuitive? Is the main part of the Web system accessible through the home page? Does the web system require a sitemap, search engine , or other navigational aids?
Putting too much information on a page tends to have the opposite effect as expected. Users of Web applications tend to drive the goal and quickly scan a Web application to see if they have the information they need, and if not, they leave quickly. Few users are willing to take the time to familiarize themselves with the structure of the Web application system, so the Web application navigation Help is as accurate as possible.
Another important aspect of navigation is the consistency of the Web application's page structure, navigation, menus, and connection styles. Make sure the user intuitively knows if there is content in the Web application and where the content is.
Once the hierarchy of Web application system is decided, it is necessary to test the user navigation function, let the end user participate in this kind of test, the effect will be more obvious.
2 , Graphics testing
In the Web application system, the appropriate picture and animation can play the role of advertising , but also to beautify the function of the page. A Web application's graphics can include pictures, animations, borders, colors, fonts , backgrounds, buttons, and so on. The contents of the graphic test are:
(1) To ensure that the graphics have a clear purpose, the picture or animation do not randomly stacked together, so as not to waste transmission time. Web application system picture size to be as small as possible, and to be able to clearly describe something, usually linked to a specific page.
(2) Verify that all page font styles are consistent.
(3) The background color should match the font color and foreground color.
(4) The size and quality of the image is also a very important factor, generally using JPG or GIF compression.
3 , Content testing
Content testing is used to verify the correctness, accuracy, and relevance of the information provided by the Web application system.
The correctness of information refers to whether the information is reliable or misinformation. For example, in the list of commodity prices, the wrong price may cause financial problems or even legal disputes; the accuracy of the information refers to whether there are grammatical or spelling errors. This kind of testing is usually done using word processing software, such as the "Pinyin and grammar checker" feature in Microsoft Word, which refers to whether the current page can find information lists or portals related to the current browsing information, or so-called "related article lists" in the general Web site.
4 , overall interface testing
Overall interface refers to the entire Web application system page structure design, is to give users a sense of the whole. For example: When a user is comfortable browsing a Web application, is it intuitive to know where to find the information? is the design style consistent across the Web application system?
The test process for the overall interface is actually a process of investigating the end user. The general Web application system takes the form of a questionnaire on the homepage to get feedback from the end user.
For all usability testing, there is a need for external personnel (people who are not associated with Web application development or who have little contact) to participate, preferably end-users.
Five, compatibility test
You need to verify that the application can run on the machine that the user is using. If your users are worldwide, you need to test various operating systems, browsers, video settings, and modem speeds. Finally, try a combination of various settings.
1 , platform testing
There are many different types of operating systems on the market, most commonly windows, Unix, Macintosh, Linux, and so on. Which operating system the end users of Web applications use depends on the configuration of the user's system. In this way, compatibility issues may occur, and the same application may run correctly under some operating systems, but may fail under another operating system.
Therefore, before the Web system is published, the web system needs to be tested for compatibility under various operating systems.
2 , Browser testing
Browsers are the core component of Web clients, and browsers from different vendors have different support for Java, javascrīpt, ActiveX, plug-ins, or different HTML specifications. For example, ActiveX is Microsoft's product, designed for Internet Explorer, JAVASCRĪPT is a Netscape product, Java is a sun product, and so on. In addition, frame and hierarchy styles are displayed differently in different browsers, not even at all. Different browsers do not have the same settings for security and Java.
One way to test browser compatibility is to create a compatibility matrix. In this matrix, we test the adaptability of different vendors and different versions of browsers to certain components and settings.
Using Test tools:
Test cases derived from white-box or black-box testing are tested with the appropriate tools and can be tested using Opensta, which can be tested in different browsers.
3. Video Test
Does the page layout appear normal in 640x400, 600x800, or 1024x768 resolution mode? Is the font too small to be browsed? Or is it too big? are text and pictures aligned?
4.modem/Connection Rate Test
If this is the case, it takes 10 minutes for the user to download a page using the 28.8 modem, but the tester
Was the T1 line used in the trial? Users may wait a long time to download articles or presentations,
But not patiently waiting for the first page to appear. Finally, you need to confirm that the picture is not too large.
5. Printer Test
The user may print the page down. Therefore, the Web page in the design to consider the printing problem, pay attention to saving paper and ink. Many users prefer to read rather than stare at the screen, so they need to verify that the page is printing properly. Sometimes the picture and text displayed on the screen may be aligned differently from what is printed. At a minimum, testers need to verify that the order confirmation page prints correctly.
6. Combination Test
Finally, a combination test is required. 600x800 resolution may be good on MAC, but IBM compatible
It's hard to see on the machine. Using Netscape on an IBM machine can be displayed normally, but it cannot be browsed using Lynx.
If you are using a Web site in-house, testing may be easier. If the company specifies that a type of browser is used,
Then you just need to test it on that browser. If all people use the T1 line, it may not be necessary to test the download to apply.
(But it is important to note that there may be employees dialing into the system from home) some internal applications, the development department may
Declaring in system requirements that some systems are not supported and only those that have been set are supported. However, the ideal situation is that
The system can run on all machines so that future developments and changes are not limited.
VI. Safety Testing
The security testing area of Web Application system mainly includes:
1 , Directory Settings
The first step in Web security is to set up the directory correctly. There should be index.html or main.html pages in each directory
So that it does not display all the content in that directory. If this rule is not enforced. Then select a picture, right-click, and find the path to the picture "... com/objects/images". Then manually enter the path in the browser's address bar to find a list of all the images for that site. It probably doesn't matter. But go to the next level directory "... com/objects" and click Jackpot. There is a lot of information in this directory, some of which are expired pages. If the company changes the product price information every month and saves the expired page. So if you look at these records, you can estimate their marginal profits and how much room they have to cut down to get a contract. If a customer views the information before the negotiation, they must be on the upper hand at the negotiating table.
2. Login
Now the Web application system basically uses the first registration, after landing the way. Therefore, you must test the valid and invalid user name and password, to notice whether the case is sensitive, how many times you can try the limit, whether you can browse a page without landing and so on.
3.Session
Whether the Web application system has a timeout limit, that is, after the user logged in for a certain period of time (such as 15 minutes) did not click on any page, whether need to re-login to normal use.
4. log Files
In order to ensure the security of Web application system, log files are very important. You need to test whether the relevant information is written into the log file and is traceable.
5. Encryption
When a secure socket is used, test the integrity of the information as well as whether the encryption is correct.
6. Security Vulnerabilities
Server-side scripting often poses a security vulnerability that is often exploited by hackers. Therefore, you also want to test the problem of not being authorized to place and edit scripts on the server side.
The problem of network security is becoming more and more important, especially for websites with interactive information and websites that conduct e-commerce activities. Currently our tests do not cover the safety of the site testing, we have developed the use of tools to determine,
Tools are as follows
SAINT-------Security Administrator ' s Integrated Network Tool
This tool can detect the corresponding security problems of the Web site system, and can provide a solution to the security vulnerabilities, but some of the more common vulnerability solutions.
Vii. Code legitimacy Test
The code legitimacy test mainly consists of 2 parts: the legality check of program code and the legality check of display code.
1. Procedure Code Legality check
The main criterion of legality check of program code is "INTERGRP Group Programming Specification", which is used by SCM Administrator to check the standard, and expects to have corresponding tools to test in the future.
2. Display code Legality check
Display code of legality check, mainly divided into HTML, javascrīpt, CSS code check, currently using
HTML code check------tested with CSE HTML validator
JAVASCRĪPT, CSS can also download the appropriate test tools on the Internet.
Eight, Document testing
L, Product specification property check List
1) complete. Are there omissions and missing, completely? Use alone to include all content
2) accurate. Is the established solution correct? Is the goal clear? Is there a mistake?
3) Precise, unambiguous, clear. Is the description plain? Or is it easier to read and understand than to be self-spoken?
4) consistent. The product function can describe whether it is self-contradictory, conflict with other functions
5) Apt. Is the statement describing the function necessary? Is there any extra information? is the function original customer request?
6) reasonable. Under the specific budget and schedule, can the existing manpower, material and resources be realized?
7) code Independent. Persist in defining the product rather than defining the software design, architecture, and code that it trusts
8) testability. Can the characteristics be tested? Does the tester who establishes the validation operation provide sufficient information?
2, the Product specification language check List
1) description. The description of the problem is usually characterized by whitewash without careful consideration of the function----can be attributed to the properties described earlier. Find out the terms in the product specification and examine how they are used in the text. Product brochures may be disguised and excused, may also be vague----either case can be considered a software defect.
2) always, every kind, all, no, never. If you see this kind of absolute or affirmative, the actual determination of the narrative, the software testers can begin to design the case of a confrontation.
3) Of course, therefore, obviously, obviously, inevitably. These words are intended to induce acceptance of assumptions. Don't get caught up in the trap.
4) Certain, sometimes, often, often, habitually, often, mostly, almost. These words are too vague. " Sometimes "functions that occur cannot be tested."
5) and so on, and so on. The list of features ending with such a word cannot be tested. The list of functions should be absolute or clear, so as not to confuse people and do not know how to infer.
6) Good, fast, cheap, efficient, small, stable. These are uncertain statements and cannot be tested. If it appears in the product specification, it must be further specified.
7) processed, rejected, ignored, eliminated. These corruption may hide a large number of features that need to be explained.
8) If ... So... (no otherwise). Find out there is "if ... So ... "and the lack of a matching" otherwise "structure of the statement. Think about what it would be like if it didn't happen.
Related Test tools
Opensta
The main performance test load and stress testing, the use of more convenient, you can write test scripts, you can also automatically generate test scripts, and then test the application test script.
SAINT
Web site security testing, the ability to test a specific site for security, and provide a solution to security issues.
CSE HTML Validator
A useful tool for checking the legality of HTML code
Ab (Apache Bench)
Apache's own tools for performance testing are not many, but very practical.
Crash-me
MySQL comes with a test database performance tool that can test the performance of multiple databases.
The main methods of website testing