Web Application Testing

1. Functional Testing (Regression, Integration, Smoke Testing)

2. Browser

3. Performance Testing

4. Security Testing

5. Production Monitoring

6. Usability Testing

1) Functional Testing (Regression, Integration, Smoke Testing) Test Web pages for correct function, formatting, cookies, and data validation. Functional testing is ideal to accomplish smoke testing, regression testing, and integration testing.

Check links: Test links to a page from external pages Test all links on a page for correct operation Test links to anchors on the same page Test email mail-to links Identify orphan pages - pages that are not linked from other pages

Test Web forms on the page: Check the field validation logic for each fieldCheck default values for each field Check that password fields do not show the password contents Negative test invalid input values for each field Validate the response to a form submit

Session and Cookie Management Testing: Check application log-in sessions by enabling and disabling cookies Negative test cookies by using a mismatching domain Check that session cookies reset between browser sessions Check application security by selectively deleting cookies while a test operates

Validate Cascading Style Sheet (CSS) tags: Identify CSS tags that return 404 or other CSS load errors Identify HTML id, class, and name attributes that do not match any CSS tags
Validate JavaScript tags: Identify Script tags that return 404 or other load errors Identify id, name, on... attributes that do not match any Script tag
Dynamic content testing (aka Database testing): Check data consistency in database-driven Web forms Check create, edit, delete, update (CRUD) tasks Verify data retrieval delivers the correct data Identify database connectivity and query errors

2) Browser Compatibility Testing: Differences in Web browsers, operating environments, and hardware devices impact the correct operation of your Web application. Browser compatibility: Test your Web application for correct function on several browsers, including Firefox, IE, Chrome, Opera, and Safari. Ideally your Web application handles browser differences elegantly. Check application function with a variety of browser security profile settings Verify application function with browser features turned-off (JavaScript, Cookies) Check browser rendering of your application's user interface Check the browser's security settings for cross domain access and hacks Verify consistent application function across multiple versions of a browser

Operating Environment Compatibility: Check application user interface rendering on OS windowing systems Check desktop integration functions, including drag-and-drop and file selection Test your web application on different operating systems, including Windows, Unix, MAC, Linux, and Solaris
Mobile Device Compatibility: Check application compatibility with device services, including location and dialing services Check user interface rendering on mobile device screen sizes, including screen rotation Verify correct application operation when device is in and out of range of network services

3) Performance Testing: Web Load Testing Linear scalability - where an application's performance does not vary as the number of users increases - is the Holy Grail of Web application testing. Load testing identifies a Scalability Index for your Web application performance. Check server response to browser form submit requests Identify performance changes over a period of time Test for functions that stop working at higher levels of user load Identify the network latency problems on Web application function Web Stress Testing Determine how the application responds under high levels of load Identify portions of the Web application that fail under high levels of load Identify application function after a system crash or component failure Identify forms and links that operate differently under high levels of load

4) Security Testing: Protect Web application data and maintain functionality as designed. Check URLs for operation without loging Test basic authentication using false user name and password credentials Check X.509 security certificates on secure Web pages Test for correct application function upon invalid URL attribute values Check for application function with invalid input fields, including text fields Check for Web server protection of inaccessible Web directories or files Check for Web application identification of security breaches, including error messages and security breach attempts being logged Test CAPTCHA fields for Web forms and logins Test browser security settings for moving from secure to insecure pages

5) Production Monitoring Operate the Web application tests periodically and save the test logs as proof of Servlice Level Agreement (SLA) compliance Periodically check the end user experience Provide auto-scaling and load balance systems with end user experience metrics Check for correct application function from a variety of geographic locations

6) Usability Testing The design and presentation of an application has a large impact on the success your users will have in using the Web application. PushToTest is a fan of Seth Godin's approach to usability testing. Test For Navigation: Check for the user to have apparent and easy controls to move from page to page. Test the flow of a Web application by observing how the user accomplishes their goals Check that the user can find instructions should they not intuitively know how to operate a function Test that common navigation objects appear on every page consistently Test search functions for proper application functions Content Checking: Test that content is logically arranged and easy for users to understand Check for spelling errors Check that pages adhear to color and pattern style guidelines, including fonts, frames, and borders Check that images load correctly and with proper sizes