SlideShare a Scribd company logo

Lecture32-Web-based-testing-II.pptx

Download as PPTX, PDF
B
Balkrishanpatidar

This document discusses various types of testing for web-based systems, including navigation testing, configuration/compatibility testing, security testing, and performance testing. Navigation testing ensures correct sequencing of links and redirects. Configuration/compatibility testing checks for issues across browsers, operating systems, and other variables. Security testing protects against hackers by ensuring confidentiality, integrity and availability of the system. Performance testing identifies bottlenecks and ensures the system can handle expected loads.

1 of 31
Testing Web-based Systems cont … Prof. Durga Prasad Mohapatra Professor Dept.of CSE, NIT Rourkela
 Navigation testing is performed on various possible paths in web applications ◦ to ensure the functioning of correct sequence of navigations  Design the test cases such that the following navigations are correctly executing: ◦ Internal links & External links ◦ Redirected links (the redirected links should be with proper messages displayed to the user) ◦ Navigation for searching inside the web application Navigation Testing
 The errors must be checked for the followings: ◦ The broken links (the links should not be broken due to any reason). ◦ The proper redirected links with proper messages displayed ◦ Ensuring whether all possible navigation paths active and relevant or not. ◦ The navigations for the back and forward buttons, and their proper working Navigation Testing cont…
 Diversity in configuration for web applications makes the testing of these systems very difficult.  There may be various types of : ◦ Browsers supporting different operating systems ◦ Variation in servers ◦ Networks, etc. Configuration/Compatibility Testing
 Therefore, configuration testing becomes important so that there is compatibility between various available resources and application software.  The tester must consider these configurations and compatibility issues so that they can design the test cases incorporating all the configurations. Configuration/Compatibility Testing cont …
Some important points for configuration testing:  There are a number of different browsers and browser options. ◦ The web application has to be designed to be compatible for majority of the browsers. Configuration/Compatibility Testing cont …
 The graphics and other objects on a website have to be tested on multiple browsers. ◦ If more than one browser will be supported, then the graphics have to be visually checked for differences in the physical appearance. ◦ Some of the things to check are  centering of objects,  table layouts,  colours,  monitor resolution,  forms and Configuration/Compatibility Testing cont …
 The code that executes from the browser also has to be tested. ◦ There are different versions of HTML. ◦ They are similar in some ways but they have different tags which may produce different features. Configuration/Compatibility Testing cont …
◦ Some of the other codes, besides HTML, to be tested are  Java  JavaScript  ActiveX  VBScripts  Cgi-Bin Scripts  Database access ◦ Cgi-Bin Scripts have to be checked for end-to-end operations and is most essential for e-commerce sites. ◦ The same goes for database access. Configuration/Compatibility Testing cont …
 All new technologies used in the web development like graphics designs, interface calls like different API’s, may not be available in all the operating systems. ◦ Test your web application on different operating systems:  Windows,  Unix,  MAC,  Linux,  Solaris with different OS flavors. Configuration/Compatibility Testing cont …
 The most challenging issue is to protect the web applications from ◦ Hackers ◦ Crackers ◦ Spoofers ◦ virus launchers, etc. Security Testing
Security Testing cont …  Through security testing we try to ensure: ◦ Confidentiality ◦ Integrity ◦ Availability ◦ Non Repudiation  The web application must be able to nullify the external attacks
 Security testing is carried out for: ◦ Security of the infrastructure hosting the web application ◦ Vulnerabilities of the web application  Firewall and port scans can be the solutions for security infrastructure  For vulnerabilities, user authentication, restricted and encrypted use of cookies, data communication must be planned. Users should not be able to browse through the directories in Security Test Plan
 Check the interfaces of the components, because most of the security bugs lie on the interfaces only.  Prioritize the interfaces according to their level of vulnerability.  High-priority interfaces are tested thoroughly by injecting mutated data to be accessed by that interface in order to check the security. Security Test Plan cont …
Security Test Plan cont …  While performing security checking, do not modify the configuration of the system or server, services running on the server, and existing user or customer data hosted by the application.
 Unauthorized user/fake identity/password cracking ◦ check for the confidentiality of the contents/data.  Buffer overflows ◦ Due to this malicious code can be executed ◦ Check buffer overflow module and the different ways of submitting a range of lengths to the application Various Threat types and their Corresponding Test Cases
Threats and their Test Cases cont..  URL manipulation  Web application uses HTTP GET method to pass information between the client and server. The information is passed through parameters in the query string. An attacker may change some information in the query string passed from GET request so that he may get some information. Or corrupt the data. When somebody attempts to modify the data, it is known as fiddling of data.  Prevent Fiddling in the HTTP GET query string for the change or corruption of the data.  Design test cases to check that an user is trying to
 SQL injection ◦ Hackers can put some SQL statements through the web interface (inputs) to get vital information ◦ Design test cases such that the special characters from the user inputs should be handled/escaped properly. Threats and their Test Cases cont..
Threats and their Test Cases cont …  Denial of service When a service does not respond, it is known as denial of service ◦ There are several ways that can make an application fail:  Heavy load  Distorted data that may crash an application  Overloading of memory, etc. ◦ Tester should design the test cases considering all the above factors.
 Cross-Site Scripting (XSS) • When a user insert HTML/client side script in the user interface of a web application and this insertion is visible to other users, it is called cross-site scripting (XSS). • Using XSS attacker can use scripts like Java Scripts to steal user cookies and information stored in cookies. • To avoid this, tester should check web application for XSS. Threats and their Test Cases cont …
 Performance testing helps the developer to identify the bottlenecks in the web application and can be rectified.  Bottlenecks can be code, database, network, peripheral devices, etc. Performance Testing
 Resource Utilization ◦ The percentage of time a resource(CPU, memory, I/O, Peripheral, Network) is busy.  Throughput ◦ The number of event responses that have been completed over a given interval of time.  Response time ◦ The time lapsed between a request and its reply. Performance Parameters
Performance Parameters cont …  Round-Trip Time ◦ How long does the entire user-requested transaction take, including connection and processing time?  Scalability ◦ The ability of an application to handle additional workload, without adversary affecting performance, by adding resources such as processor, memory, and storage capacity.  Database load ◦ The number of times database is accessed by web
 Load Testing  Stress Testing Types of Performance Testing for web applications
• This testing is performed to check that whether the system can sustain at times of peak load. • The site should handle many simultaneous user requests, large input data from users, simultaneous connections to database, heavy load on specific pages, etc. When we test the system with these types of loads, this testing is called load testing. • It focuses on determining or validating performance characteristics of the system when subjected to workloads & load volumes expected during production operations. It refers to how much maximum load can be put on the web application & it will still serve flawlessly Load Testing
 Capacity testing ◦ Determines the maximum load the web service can handle before failing. ◦ Reveals the web services’ ultimate limit.  Scalability testing ◦ Determines how effectively the web service will expand to accommodate an increasing load. Types of load testing
Stress Testing  Stress refers to stretching the system beyond its specification limits.  Web stress testing is performed to break the site by giving stress and to know how the system reacts to the stress and how the system recovers from crashes.  It focuses on determining or validating performance characteristics of the system when subjected to conditions beyond those expected during production operations.  Tests the performance of the system under stressful conditions such as memory overflow, insufficient disk space, server failure etc.
Stress Testing cont …  These test are designed to determine under what conditions an application will fail, and how gracefully it may recover from failure.  Examples of graceful failure:  The system saves the state at the time of failure and does not crash suddenly  On restarting it, the system recovers from the last good state  The system shows meaningful error messages to the user, etc.
 Discussed some important types of testing for web-based systems. ◦ Navigation Testing ◦ Configuration / Compatibility Testing ◦ Security Testing ◦ Performance Testing Summary
References 1. N. Chauhan, Software Testing; Principles and Practices, Second Edition, (Chapter – 15), Oxford University Press, 2018.
Thank You

Recommended

28791456 web-testing
28791456 web-testing28791456 web-testing
28791456 web-testing
Rushikesh Bhongade
 
Web testing essentials
Web testing essentialsWeb testing essentials
Web testing essentials
bolsupport
 
Performance testing jmeter
Performance testing jmeterPerformance testing jmeter
Performance testing jmeter
Bhojan Rajan
 
Database Testing.pptx
Database Testing.pptxDatabase Testing.pptx
Database Testing.pptx
ssuser88c0fd1
 
Software Testing includes Performance testing with Load Runner and the JMeter
Software Testing includes Performance testing with Load Runner and the JMeter Software Testing includes Performance testing with Load Runner and the JMeter
Software Testing includes Performance testing with Load Runner and the JMeter
Hima Bindu Kosuru
 
Performancetestingjmeter 121109061704-phpapp02
Performancetestingjmeter 121109061704-phpapp02Performancetestingjmeter 121109061704-phpapp02
Performancetestingjmeter 121109061704-phpapp02
Shivakumara .
 
Glimpse and Benefits of Testing
Glimpse and Benefits of TestingGlimpse and Benefits of Testing
Glimpse and Benefits of Testing
Sourabh Kasliwal
 
Lecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptxLecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptx
Balkrishanpatidar
 

Recommended

28791456 web-testing
28791456 web-testing28791456 web-testing
28791456 web-testing
Rushikesh Bhongade
 
Web testing essentials
Web testing essentialsWeb testing essentials
Web testing essentials
bolsupport
 
Performance testing jmeter
Performance testing jmeterPerformance testing jmeter
Performance testing jmeter
Bhojan Rajan
 
Database Testing.pptx
Database Testing.pptxDatabase Testing.pptx
Database Testing.pptx
ssuser88c0fd1
 
Software Testing includes Performance testing with Load Runner and the JMeter
Software Testing includes Performance testing with Load Runner and the JMeter Software Testing includes Performance testing with Load Runner and the JMeter
Software Testing includes Performance testing with Load Runner and the JMeter
Hima Bindu Kosuru
 
Performancetestingjmeter 121109061704-phpapp02
Performancetestingjmeter 121109061704-phpapp02Performancetestingjmeter 121109061704-phpapp02
Performancetestingjmeter 121109061704-phpapp02
Shivakumara .
 
Glimpse and Benefits of Testing
Glimpse and Benefits of TestingGlimpse and Benefits of Testing
Glimpse and Benefits of Testing
Sourabh Kasliwal
 
Lecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptxLecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptx
Balkrishanpatidar
 
Lecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptxLecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptx
Balkrishanpatidar
 
Lecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptxLecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptx
Balkrishanpatidar
 
Web Engineering: A Practitioner Approach -Testing web app - Content Managemen...
Web Engineering: A Practitioner Approach -Testing web app - Content Managemen...Web Engineering: A Practitioner Approach -Testing web app - Content Managemen...
Web Engineering: A Practitioner Approach -Testing web app - Content Managemen...
Esraa Farrag
 
Less11 3 e_loadmodule_1
Less11 3 e_loadmodule_1Less11 3 e_loadmodule_1
Less11 3 e_loadmodule_1
Suresh Mishra
 
Performance Testing
Performance TestingPerformance Testing
Performance Testing
Anu Shaji
 
QSpiders - Introduction to HP Load Runner
QSpiders - Introduction to HP Load RunnerQSpiders - Introduction to HP Load Runner
QSpiders - Introduction to HP Load Runner
Qspiders - Software Testing Training Institute
 
performancetestingjmeter-121109061704-phpapp02 (1)
performancetestingjmeter-121109061704-phpapp02 (1)performancetestingjmeter-121109061704-phpapp02 (1)
performancetestingjmeter-121109061704-phpapp02 (1)
QA Programmer
 
performancetestingjmeter-121109061704-phpapp02
performancetestingjmeter-121109061704-phpapp02performancetestingjmeter-121109061704-phpapp02
performancetestingjmeter-121109061704-phpapp02
Gopi Raghavendra
 
What is Web Testing?
What is Web Testing? What is Web Testing?
What is Web Testing?
QA InfoTech
 
Performance testing
Performance testingPerformance testing
Performance testing
Chalana Kahandawala
 
1,2,3 … Testing : Is this thing on(line)? with Mike Martin
1,2,3 … Testing : Is this thing on(line)? with Mike Martin1,2,3 … Testing : Is this thing on(line)? with Mike Martin
1,2,3 … Testing : Is this thing on(line)? with Mike Martin
NETUserGroupBern
 
JMeter
JMeterJMeter
JMeter
Md Samsul Kabir
 
PerformanceTestingWithLoadrunner
PerformanceTestingWithLoadrunnerPerformanceTestingWithLoadrunner
PerformanceTestingWithLoadrunner
techgajanan
 
Performance Testing With Loadrunner
Performance Testing With LoadrunnerPerformance Testing With Loadrunner
Performance Testing With Loadrunner
vladimir zaremba
 
Chapter 3 - Performance Testing in the Software Lifecycle
Chapter 3 - Performance Testing in the Software LifecycleChapter 3 - Performance Testing in the Software Lifecycle
Chapter 3 - Performance Testing in the Software Lifecycle
Neeraj Kumar Singh
 
Pm 6 testing
Pm 6 testingPm 6 testing
Pm 6 testing
Radiant Minds
 
Pm 6 testing
Pm 6 testingPm 6 testing
Pm 6 testing
Radiant Minds
 
Manual testing real time questions by subbu
Manual testing real time questions by subbuManual testing real time questions by subbu
Manual testing real time questions by subbu
palla subrahmanyam
 
Performance testing : An Overview
Performance testing : An OverviewPerformance testing : An Overview
Performance testing : An Overview
sharadkjain
 
QSpiders - Introduction to JMeter
QSpiders - Introduction to JMeterQSpiders - Introduction to JMeter
QSpiders - Introduction to JMeter
Qspiders - Software Testing Training Institute
 
Analysis insight about a Flyball dog competition team's performance
Analysis insight about a Flyball dog competition team's performanceAnalysis insight about a Flyball dog competition team's performance
Analysis insight about a Flyball dog competition team's performance
roli9797
 
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
mzpolocfi
 

More Related Content

Similar to Lecture32-Web-based-testing-II.pptx

Lecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptxLecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptx
Balkrishanpatidar
 
Lecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptxLecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptx
Balkrishanpatidar
 
Web Engineering: A Practitioner Approach -Testing web app - Content Managemen...
Web Engineering: A Practitioner Approach -Testing web app - Content Managemen...Web Engineering: A Practitioner Approach -Testing web app - Content Managemen...
Web Engineering: A Practitioner Approach -Testing web app - Content Managemen...
Esraa Farrag
 
Less11 3 e_loadmodule_1
Less11 3 e_loadmodule_1Less11 3 e_loadmodule_1
Less11 3 e_loadmodule_1
Suresh Mishra
 
Performance Testing
Performance TestingPerformance Testing
Performance Testing
Anu Shaji
 
QSpiders - Introduction to HP Load Runner
QSpiders - Introduction to HP Load RunnerQSpiders - Introduction to HP Load Runner
QSpiders - Introduction to HP Load Runner
Qspiders - Software Testing Training Institute
 
performancetestingjmeter-121109061704-phpapp02 (1)
performancetestingjmeter-121109061704-phpapp02 (1)performancetestingjmeter-121109061704-phpapp02 (1)
performancetestingjmeter-121109061704-phpapp02 (1)
QA Programmer
 
performancetestingjmeter-121109061704-phpapp02
performancetestingjmeter-121109061704-phpapp02performancetestingjmeter-121109061704-phpapp02
performancetestingjmeter-121109061704-phpapp02
Gopi Raghavendra
 
What is Web Testing?
What is Web Testing? What is Web Testing?
What is Web Testing?
QA InfoTech
 
Performance testing
Performance testingPerformance testing
Performance testing
Chalana Kahandawala
 
1,2,3 … Testing : Is this thing on(line)? with Mike Martin
1,2,3 … Testing : Is this thing on(line)? with Mike Martin1,2,3 … Testing : Is this thing on(line)? with Mike Martin
1,2,3 … Testing : Is this thing on(line)? with Mike Martin
NETUserGroupBern
 
JMeter
JMeterJMeter
JMeter
Md Samsul Kabir
 
PerformanceTestingWithLoadrunner
PerformanceTestingWithLoadrunnerPerformanceTestingWithLoadrunner
PerformanceTestingWithLoadrunner
techgajanan
 
Performance Testing With Loadrunner
Performance Testing With LoadrunnerPerformance Testing With Loadrunner
Performance Testing With Loadrunner
vladimir zaremba
 
Chapter 3 - Performance Testing in the Software Lifecycle
Chapter 3 - Performance Testing in the Software LifecycleChapter 3 - Performance Testing in the Software Lifecycle
Chapter 3 - Performance Testing in the Software Lifecycle
Neeraj Kumar Singh
 
Pm 6 testing
Pm 6 testingPm 6 testing
Pm 6 testing
Radiant Minds
 
Pm 6 testing
Pm 6 testingPm 6 testing
Pm 6 testing
Radiant Minds
 
Manual testing real time questions by subbu
Manual testing real time questions by subbuManual testing real time questions by subbu
Manual testing real time questions by subbu
palla subrahmanyam
 
Performance testing : An Overview
Performance testing : An OverviewPerformance testing : An Overview
Performance testing : An Overview
sharadkjain
 
QSpiders - Introduction to JMeter
QSpiders - Introduction to JMeterQSpiders - Introduction to JMeter
QSpiders - Introduction to JMeter
Qspiders - Software Testing Training Institute
 

Similar to Lecture32-Web-based-testing-II.pptx (20)

Lecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptxLecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptx
 
Lecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptxLecture31-Web-based-testing-I.pptx
Lecture31-Web-based-testing-I.pptx
 
Web Engineering: A Practitioner Approach -Testing web app - Content Managemen...
Web Engineering: A Practitioner Approach -Testing web app - Content Managemen...Web Engineering: A Practitioner Approach -Testing web app - Content Managemen...
Web Engineering: A Practitioner Approach -Testing web app - Content Managemen...
 
Less11 3 e_loadmodule_1
Less11 3 e_loadmodule_1Less11 3 e_loadmodule_1
Less11 3 e_loadmodule_1
 
Performance Testing
Performance TestingPerformance Testing
Performance Testing
 
QSpiders - Introduction to HP Load Runner
QSpiders - Introduction to HP Load RunnerQSpiders - Introduction to HP Load Runner
QSpiders - Introduction to HP Load Runner
 
performancetestingjmeter-121109061704-phpapp02 (1)
performancetestingjmeter-121109061704-phpapp02 (1)performancetestingjmeter-121109061704-phpapp02 (1)
performancetestingjmeter-121109061704-phpapp02 (1)
 
performancetestingjmeter-121109061704-phpapp02
performancetestingjmeter-121109061704-phpapp02performancetestingjmeter-121109061704-phpapp02
performancetestingjmeter-121109061704-phpapp02
 
What is Web Testing?
What is Web Testing? What is Web Testing?
What is Web Testing?
 
Performance testing
Performance testingPerformance testing
Performance testing
 
1,2,3 … Testing : Is this thing on(line)? with Mike Martin
1,2,3 … Testing : Is this thing on(line)? with Mike Martin1,2,3 … Testing : Is this thing on(line)? with Mike Martin
1,2,3 … Testing : Is this thing on(line)? with Mike Martin
 
JMeter
JMeterJMeter
JMeter
 
PerformanceTestingWithLoadrunner
PerformanceTestingWithLoadrunnerPerformanceTestingWithLoadrunner
PerformanceTestingWithLoadrunner
 
Performance Testing With Loadrunner
Performance Testing With LoadrunnerPerformance Testing With Loadrunner
Performance Testing With Loadrunner
 
Chapter 3 - Performance Testing in the Software Lifecycle
Chapter 3 - Performance Testing in the Software LifecycleChapter 3 - Performance Testing in the Software Lifecycle
Chapter 3 - Performance Testing in the Software Lifecycle
 
Pm 6 testing
Pm 6 testingPm 6 testing
Pm 6 testing
 
Pm 6 testing
Pm 6 testingPm 6 testing
Pm 6 testing
 
Manual testing real time questions by subbu
Manual testing real time questions by subbuManual testing real time questions by subbu
Manual testing real time questions by subbu
 
Performance testing : An Overview
Performance testing : An OverviewPerformance testing : An Overview
Performance testing : An Overview
 
QSpiders - Introduction to JMeter
QSpiders - Introduction to JMeterQSpiders - Introduction to JMeter
QSpiders - Introduction to JMeter
 

Recently uploaded

Analysis insight about a Flyball dog competition team's performance
Analysis insight about a Flyball dog competition team's performanceAnalysis insight about a Flyball dog competition team's performance
Analysis insight about a Flyball dog competition team's performance
roli9797
 
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
mzpolocfi
 
ViewShift: Hassle-free Dynamic Policy Enforcement for Every Data Lake
ViewShift: Hassle-free Dynamic Policy Enforcement for Every Data LakeViewShift: Hassle-free Dynamic Policy Enforcement for Every Data Lake
ViewShift: Hassle-free Dynamic Policy Enforcement for Every Data Lake
Walaa Eldin Moustafa
 
4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...
4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...
4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...
Social Samosa
 
Enhanced Enterprise Intelligence with your personal AI Data Copilot.pdf
Enhanced Enterprise Intelligence with your personal AI Data Copilot.pdfEnhanced Enterprise Intelligence with your personal AI Data Copilot.pdf
Enhanced Enterprise Intelligence with your personal AI Data Copilot.pdf
GetInData
 
Population Growth in Bataan: The effects of population growth around rural pl...
Population Growth in Bataan: The effects of population growth around rural pl...Population Growth in Bataan: The effects of population growth around rural pl...
Population Growth in Bataan: The effects of population growth around rural pl...
Bill641377
 
一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理
一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理
一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理
74nqk8xf
 
End-to-end pipeline agility - Berlin Buzzwords 2024
End-to-end pipeline agility - Berlin Buzzwords 2024End-to-end pipeline agility - Berlin Buzzwords 2024
End-to-end pipeline agility - Berlin Buzzwords 2024
Lars Albertsson
 
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
Timothy Spann
 
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
v7oacc3l
 
原版制作(Deakin毕业证书)迪肯大学毕业证学位证一模一样
原版制作(Deakin毕业证书)迪肯大学毕业证学位证一模一样原版制作(Deakin毕业证书)迪肯大学毕业证学位证一模一样
原版制作(Deakin毕业证书)迪肯大学毕业证学位证一模一样
u86oixdj
 
Influence of Marketing Strategy and Market Competition on Business Plan
Influence of Marketing Strategy and Market Competition on Business PlanInfluence of Marketing Strategy and Market Competition on Business Plan
Influence of Marketing Strategy and Market Competition on Business Plan
jerlynmaetalle
 
一比一原版(UniSA毕业证书)南澳大学毕业证如何办理
一比一原版(UniSA毕业证书)南澳大学毕业证如何办理一比一原版(UniSA毕业证书)南澳大学毕业证如何办理
一比一原版(UniSA毕业证书)南澳大学毕业证如何办理
slg6lamcq
 
Everything you wanted to know about LIHTC
Everything you wanted to know about LIHTCEverything you wanted to know about LIHTC
Everything you wanted to know about LIHTC
Roger Valdez
 
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
nuttdpt
 
一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理
aqzctr7x
 
State of Artificial intelligence Report 2023
State of Artificial intelligence Report 2023State of Artificial intelligence Report 2023
State of Artificial intelligence Report 2023
kuntobimo2016
 
My burning issue is homelessness K.C.M.O.
My burning issue is homelessness K.C.M.O.My burning issue is homelessness K.C.M.O.
My burning issue is homelessness K.C.M.O.
rwarrenll
 
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
ahzuo
 
The Ipsos - AI - Monitor 2024 Report.pdf
The Ipsos - AI - Monitor 2024 Report.pdfThe Ipsos - AI - Monitor 2024 Report.pdf
The Ipsos - AI - Monitor 2024 Report.pdf
Social Samosa
 

Recently uploaded (20)

Analysis insight about a Flyball dog competition team's performance
Analysis insight about a Flyball dog competition team's performanceAnalysis insight about a Flyball dog competition team's performance
Analysis insight about a Flyball dog competition team's performance
 
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
 
ViewShift: Hassle-free Dynamic Policy Enforcement for Every Data Lake
ViewShift: Hassle-free Dynamic Policy Enforcement for Every Data LakeViewShift: Hassle-free Dynamic Policy Enforcement for Every Data Lake
ViewShift: Hassle-free Dynamic Policy Enforcement for Every Data Lake
 
4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...
4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...
4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...
 
Enhanced Enterprise Intelligence with your personal AI Data Copilot.pdf
Enhanced Enterprise Intelligence with your personal AI Data Copilot.pdfEnhanced Enterprise Intelligence with your personal AI Data Copilot.pdf
Enhanced Enterprise Intelligence with your personal AI Data Copilot.pdf
 
Population Growth in Bataan: The effects of population growth around rural pl...
Population Growth in Bataan: The effects of population growth around rural pl...Population Growth in Bataan: The effects of population growth around rural pl...
Population Growth in Bataan: The effects of population growth around rural pl...
 
一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理
一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理
一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理
 
End-to-end pipeline agility - Berlin Buzzwords 2024
End-to-end pipeline agility - Berlin Buzzwords 2024End-to-end pipeline agility - Berlin Buzzwords 2024
End-to-end pipeline agility - Berlin Buzzwords 2024
 
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
 
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
 
原版制作(Deakin毕业证书)迪肯大学毕业证学位证一模一样
原版制作(Deakin毕业证书)迪肯大学毕业证学位证一模一样原版制作(Deakin毕业证书)迪肯大学毕业证学位证一模一样
原版制作(Deakin毕业证书)迪肯大学毕业证学位证一模一样
 
Influence of Marketing Strategy and Market Competition on Business Plan
Influence of Marketing Strategy and Market Competition on Business PlanInfluence of Marketing Strategy and Market Competition on Business Plan
Influence of Marketing Strategy and Market Competition on Business Plan
 
一比一原版(UniSA毕业证书)南澳大学毕业证如何办理
一比一原版(UniSA毕业证书)南澳大学毕业证如何办理一比一原版(UniSA毕业证书)南澳大学毕业证如何办理
一比一原版(UniSA毕业证书)南澳大学毕业证如何办理
 
Everything you wanted to know about LIHTC
Everything you wanted to know about LIHTCEverything you wanted to know about LIHTC
Everything you wanted to know about LIHTC
 
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
一比一原版(UCSF文凭证书)旧金山分校毕业证如何办理
 
一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理一比一原版(UO毕业证)渥太华大学毕业证如何办理
一比一原版(UO毕业证)渥太华大学毕业证如何办理
 
State of Artificial intelligence Report 2023
State of Artificial intelligence Report 2023State of Artificial intelligence Report 2023
State of Artificial intelligence Report 2023
 
My burning issue is homelessness K.C.M.O.
My burning issue is homelessness K.C.M.O.My burning issue is homelessness K.C.M.O.
My burning issue is homelessness K.C.M.O.
 
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
 
The Ipsos - AI - Monitor 2024 Report.pdf
The Ipsos - AI - Monitor 2024 Report.pdfThe Ipsos - AI - Monitor 2024 Report.pdf
The Ipsos - AI - Monitor 2024 Report.pdf
 

Lecture32-Web-based-testing-II.pptx

  • 1. Testing Web-based Systems cont … Prof. Durga Prasad Mohapatra Professor Dept.of CSE, NIT Rourkela
  • 2.  Navigation testing is performed on various possible paths in web applications ◦ to ensure the functioning of correct sequence of navigations  Design the test cases such that the following navigations are correctly executing: ◦ Internal links & External links ◦ Redirected links (the redirected links should be with proper messages displayed to the user) ◦ Navigation for searching inside the web application Navigation Testing
  • 3.  The errors must be checked for the followings: ◦ The broken links (the links should not be broken due to any reason). ◦ The proper redirected links with proper messages displayed ◦ Ensuring whether all possible navigation paths active and relevant or not. ◦ The navigations for the back and forward buttons, and their proper working Navigation Testing cont…
  • 4.  Diversity in configuration for web applications makes the testing of these systems very difficult.  There may be various types of : ◦ Browsers supporting different operating systems ◦ Variation in servers ◦ Networks, etc. Configuration/Compatibility Testing
  • 5.  Therefore, configuration testing becomes important so that there is compatibility between various available resources and application software.  The tester must consider these configurations and compatibility issues so that they can design the test cases incorporating all the configurations. Configuration/Compatibility Testing cont …
  • 6. Some important points for configuration testing:  There are a number of different browsers and browser options. ◦ The web application has to be designed to be compatible for majority of the browsers. Configuration/Compatibility Testing cont …
  • 7.  The graphics and other objects on a website have to be tested on multiple browsers. ◦ If more than one browser will be supported, then the graphics have to be visually checked for differences in the physical appearance. ◦ Some of the things to check are  centering of objects,  table layouts,  colours,  monitor resolution,  forms and Configuration/Compatibility Testing cont …
  • 8.  The code that executes from the browser also has to be tested. ◦ There are different versions of HTML. ◦ They are similar in some ways but they have different tags which may produce different features. Configuration/Compatibility Testing cont …
  • 9. ◦ Some of the other codes, besides HTML, to be tested are  Java  JavaScript  ActiveX  VBScripts  Cgi-Bin Scripts  Database access ◦ Cgi-Bin Scripts have to be checked for end-to-end operations and is most essential for e-commerce sites. ◦ The same goes for database access. Configuration/Compatibility Testing cont …
  • 10.  All new technologies used in the web development like graphics designs, interface calls like different API’s, may not be available in all the operating systems. ◦ Test your web application on different operating systems:  Windows,  Unix,  MAC,  Linux,  Solaris with different OS flavors. Configuration/Compatibility Testing cont …
  • 11.  The most challenging issue is to protect the web applications from ◦ Hackers ◦ Crackers ◦ Spoofers ◦ virus launchers, etc. Security Testing
  • 12. Security Testing cont …  Through security testing we try to ensure: ◦ Confidentiality ◦ Integrity ◦ Availability ◦ Non Repudiation  The web application must be able to nullify the external attacks
  • 13.  Security testing is carried out for: ◦ Security of the infrastructure hosting the web application ◦ Vulnerabilities of the web application  Firewall and port scans can be the solutions for security infrastructure  For vulnerabilities, user authentication, restricted and encrypted use of cookies, data communication must be planned. Users should not be able to browse through the directories in Security Test Plan
  • 14.  Check the interfaces of the components, because most of the security bugs lie on the interfaces only.  Prioritize the interfaces according to their level of vulnerability.  High-priority interfaces are tested thoroughly by injecting mutated data to be accessed by that interface in order to check the security. Security Test Plan cont …
  • 15. Security Test Plan cont …  While performing security checking, do not modify the configuration of the system or server, services running on the server, and existing user or customer data hosted by the application.
  • 16.  Unauthorized user/fake identity/password cracking ◦ check for the confidentiality of the contents/data.  Buffer overflows ◦ Due to this malicious code can be executed ◦ Check buffer overflow module and the different ways of submitting a range of lengths to the application Various Threat types and their Corresponding Test Cases
  • 17. Threats and their Test Cases cont..  URL manipulation  Web application uses HTTP GET method to pass information between the client and server. The information is passed through parameters in the query string. An attacker may change some information in the query string passed from GET request so that he may get some information. Or corrupt the data. When somebody attempts to modify the data, it is known as fiddling of data.  Prevent Fiddling in the HTTP GET query string for the change or corruption of the data.  Design test cases to check that an user is trying to
  • 18.  SQL injection ◦ Hackers can put some SQL statements through the web interface (inputs) to get vital information ◦ Design test cases such that the special characters from the user inputs should be handled/escaped properly. Threats and their Test Cases cont..
  • 19. Threats and their Test Cases cont …  Denial of service When a service does not respond, it is known as denial of service ◦ There are several ways that can make an application fail:  Heavy load  Distorted data that may crash an application  Overloading of memory, etc. ◦ Tester should design the test cases considering all the above factors.
  • 20.  Cross-Site Scripting (XSS) • When a user insert HTML/client side script in the user interface of a web application and this insertion is visible to other users, it is called cross-site scripting (XSS). • Using XSS attacker can use scripts like Java Scripts to steal user cookies and information stored in cookies. • To avoid this, tester should check web application for XSS. Threats and their Test Cases cont …
  • 21.  Performance testing helps the developer to identify the bottlenecks in the web application and can be rectified.  Bottlenecks can be code, database, network, peripheral devices, etc. Performance Testing
  • 22.  Resource Utilization ◦ The percentage of time a resource(CPU, memory, I/O, Peripheral, Network) is busy.  Throughput ◦ The number of event responses that have been completed over a given interval of time.  Response time ◦ The time lapsed between a request and its reply. Performance Parameters
  • 23. Performance Parameters cont …  Round-Trip Time ◦ How long does the entire user-requested transaction take, including connection and processing time?  Scalability ◦ The ability of an application to handle additional workload, without adversary affecting performance, by adding resources such as processor, memory, and storage capacity.  Database load ◦ The number of times database is accessed by web
  • 24.  Load Testing  Stress Testing Types of Performance Testing for web applications
  • 25. • This testing is performed to check that whether the system can sustain at times of peak load. • The site should handle many simultaneous user requests, large input data from users, simultaneous connections to database, heavy load on specific pages, etc. When we test the system with these types of loads, this testing is called load testing. • It focuses on determining or validating performance characteristics of the system when subjected to workloads & load volumes expected during production operations. It refers to how much maximum load can be put on the web application & it will still serve flawlessly Load Testing
  • 26.  Capacity testing ◦ Determines the maximum load the web service can handle before failing. ◦ Reveals the web services’ ultimate limit.  Scalability testing ◦ Determines how effectively the web service will expand to accommodate an increasing load. Types of load testing
  • 27. Stress Testing  Stress refers to stretching the system beyond its specification limits.  Web stress testing is performed to break the site by giving stress and to know how the system reacts to the stress and how the system recovers from crashes.  It focuses on determining or validating performance characteristics of the system when subjected to conditions beyond those expected during production operations.  Tests the performance of the system under stressful conditions such as memory overflow, insufficient disk space, server failure etc.
  • 28. Stress Testing cont …  These test are designed to determine under what conditions an application will fail, and how gracefully it may recover from failure.  Examples of graceful failure:  The system saves the state at the time of failure and does not crash suddenly  On restarting it, the system recovers from the last good state  The system shows meaningful error messages to the user, etc.
  • 29.  Discussed some important types of testing for web-based systems. ◦ Navigation Testing ◦ Configuration / Compatibility Testing ◦ Security Testing ◦ Performance Testing Summary
  • 30. References 1. N. Chauhan, Software Testing; Principles and Practices, Second Edition, (Chapter – 15), Oxford University Press, 2018.