Checklist for Testing of Web Application
Web Testing in simple terms is checking your web application for potential bugs before its made live or before code is moved into the production environment.
During this stage issues such as that of web application security, the functioning of the site, its access to regular users and its ability to handle traffic is checked.
What is Functional Testing?
- Testing the features and operational behavior of a product to ensure they correspond to its specifications.
- Testing that ignores the internal mechanism of a system or component and focuses solely on the outputs generated in response to selected inputs and execution conditions.
Goal of Functional testing :
The goal of Functional Testing is to verify whether your product meets the intended functional specifications mentioned in your development documentation.
Testing Activities Include:
1) Test all links in your webpages are working correctly and make sure there are no broken links. Links to be checked will include –
- Outgoing links
- Internal links
- Anchor Links
- MailTo Links
2) Test Forms are working as expected. This will include-
- Scripting checks on the form are working as expected. For example- if a user does not fill a mandatory field in a form an error message is shown.
- Check default values are being populated.
- Once submitted, the data in the forms is submitted to a live database or is linked to a working email address.
- Forms are optimally formatted for better readability.
3) Test Cookies are working as expected. Cookies are small files used by websites to primarily remember active user sessions so you do not need to log in every time you visit a website. Cookie Testing will include
- Testing cookies (sessions) are deleted either when cache is cleared or when they reach their expiry.
- Delete cookies (sessions) and test that login credentials are asked for when you next visit the site.
4) Test HTML and CSS to ensure that search engines can crawl your site easily. This will include
- Checking for Syntax Errors.
- Readable Color Schemas.
- Standard Compliance. Ensure standards such W3C, OASIS, IETF, ISO, ECMA, or WS-I are followed.
5) Test business workflow
- Testing your end – to – end workflow/ business scenarios which takes the user through a series of web pages to complete.
- Test negative scenarios as well, such that when a user executes an unexpected step, appropriate error message or help is shown in your web application.
Functional Test Scenarios:
- Test all the mandatory fields should be validated.
- Test the asterisk sign should display for all the mandatory fields.
- Test the system should not display the error message for optional fields.
- Test that leap years are validated correctly & do not cause errors/miscalculations.
- Test the numeric fields should not accept the alphabets and proper error message should display.
- Test for negative numbers if allowed for numeric fields.
- Test division by zero should be handled properly for calculations.
- Test the max length of every field to ensure the data is not truncated.
- Test the pop up message (“This field is limited to 500 characters”) should display if the data reaches the maximum size of the field.
- Test that a confirmation message should display for update and delete operations.
- Test the amount values should display in currency format.
- Test all input fields for special characters.
- Test the timeout functionality.
- Test the Sorting functionality.
- Test the functionality of the buttons available.
- Test if any functionality fails the user gets redirected to the custom error page.
- Test all the uploaded documents are opened properly.
- Test the user should be able to download the uploaded files.
- Test the email functionality of the system.
- Test the Java script is properly working in different browsers (IE, Firefox, Chrome, safari and Opera).
- Test to see what happens if a user deletes cookies while in the site.
- Test to see what happens if a user deletes cookies after visiting a site.
- Test all the data inside combo/list box is arranged in chronological order.
What is Usability Testing?
- Usability testing is nothing but the User-friendliness check.
- In Usability testing, the application flow is tested so that a new user can understand the application easily.
- Basically, system navigation is checked in Usability testing.
Goal of Usability testing:
A Usability test establishes the ease of use and effectiveness of a product using a standard Usability test practices.
Testing Activities Include:
1) Test the site Navigation
- Menus, buttons or Links to different pages on your site should be easily visible and consistent on all webpages.
2) Test the Content
- Content should be legible with no spelling or grammatical errors.
- Images if present should contain an “alt” text.
Usability Test Scenarios:
- Web page content should be correct without any spelling or grammatical errors
- All fonts should be same as per the requirements.
- All the text should be properly aligned.
- All the error messages should be correct without any spelling or grammatical errors and the error message should match with the field label.
- Tool tip text should be there for every field.
- All the fields should be properly aligned.
- Enough space should be provided between field labels, columns, rows, and error messages.
- All the buttons should be in a standard format and size.
- Home link should be there on every single page.
- Disabled fields should be grayed out.
- Check for broken links and images.
- Confirmation message should be displayed for any kind of update and delete operation.
- Check the site on different resolutions (640 x 480, 600×800 etc.?)
- Check the end user can run the system without frustration.
- Scroll bar should appear only if required.
- If there is an error message on submit, the information filled by the user should be there.
- Title should display on each web page
- All fields (Textbox, dropdown, radio button etc) and buttons should be accessible by keyboard shortcuts and the user should be able to perform all operations by using keyboard.
- Check if the dropdown data is not truncated due to the field size and also check whether the data is hardcoded or managed via administrator.
Three areas to be tested here are – Application, Web and Database Server
Application: Test requests are sent correctly to the Database and output at the client side is displayed correctly. Errors if any must be caught by the application and must be only shown to the administrator and not the end user.
Web Server: Test Web server is handling all application requests without any service denial.
Database Server: Make sure queries sent to the database give expected results.
Test system response when connection between the three layers (Application, Web and Database) cannot be established and appropriate message is shown to the end user.
Database is one critical component of your web application and stress must be laid to test it thoroughly. Testing activities will include-
- Test if any errors are shown while executing queries.
- Data Integrity is maintained while creating, updating or deleting data in database.
- Check response time of queries and fine tune them if necessary.
- Test data retrieved from your database is shown accurately in your web application
To perform the Database testing, the tester should be aware of the below mentioned points:
- The tester should understand the functional requirements, business logic, application flow and database design thoroughly.
- The tester should figure out the tables, triggers, store procedures, views and cursors used for the application.
- The tester should understand the logic of the triggers, store procedures, views and cursors created.
- The tester should figure out the tables which get affected when insert update and delete (DML) operations are performed through the web or desktop applications.
Test Scenarios for Database Testing:
- Verify the database name: The database name should match with the specifications.
- Verify the Tables, columns, column types and defaults: All things should match with the specifications.
- Verify whether the column allows a null or not.
- Verify the Primary and foreign key of each table.
- Verify the Stored Procedure:
- Test whether the Stored procedure is installed or not.
- Verify the Stored procedure name
- Verify the parameter names, types and number of parameters.
- Test the parameters if they are required or not.
- Test the stored procedure by deleting some parameters
- Test when the output is zero, the zero records should be affected.
- Test the stored procedure by writing simple SQL queries.
- Test whether the stored procedure returns the values
- Test the stored procedure with sample input data.
- Verify the behavior of each flag in the table.
- Verify the data gets properly saved into the database after the each page submission.
- Verify the data if the DML (Update, delete and insert) operations are performed.
- Check the length of every field: The field length in the back end and front end must be same.
- Verify the database names of QA, UAT and production. The names should be unique.
- Verify the encrypted data in the database.
- Verify the database size. Also test the response time of each query executed.
- Verify the data displayed on the front end and make sure it is same in the back end.
- Verify the data validity by inserting the invalid data in the database.
- Verify the Triggers.
What is Compatibility testing?
Compatibility testing is used to determine if your software is compatible with other elements of a system with which it should operate, e.g. Browsers, Operating Systems, or hardware.
Goal of Compatibility testing:
The purpose of Compatibility testing is to evaluate how well software performs in a particular browser, Operating Systems, hardware or software. Compatibility tests ensure that your web application displays correctly across different devices.
Testing Activities Include:
The rendering of web elements like buttons, text fields etc. changes with change in Operating System. Make sure your website works fine for various combination of Operating systems such as Windows, Linux, Mac and Browsers such as Firefox, Internet Explorer, Safari etc.
Compatibility Test Scenarios:
- Test the website in different browsers (IE, Firefox, Chrome, Safari and Opera) and ensure the website is displaying properly.
- Test the HTML version being used is compatible with appropriate browser versions.
- Test the images display correctly in different browsers.
- Test the fonts are usable in different browsers.
- Test the java script code is usable in different browsers.
- Test the Animated GIF’s across different browsers.
What is Performance Testing?
Performance Testing is conducted to evaluate the compliance of a system or component with specified performance requirements.
Testing Activities Include:
- Website application response times at different connection speeds.
- Load test your web application to determine its behavior under normal and peak loads.
- Stress test your web site to determine its break point when pushed to beyond normal loads at peak time.
- Test if a crash occurs due to peak load, how does the site recover from such an event.
- Make sure optimization techniques like gzip compression, browser and server side cache enabled to reduce load times.
General Test scenarios:
- To determine the performance, stability and scalability of an application under different load conditions.
- To determine if the current architecture can support the application at peak user levels.
- To determine which configuration sizing provides the best performance level.
- To identify application and infrastructure bottlenecks.
- To determine if the new version of the software adversely had an impact on response time.
- To evaluate product and/or hardware to determine if it can handle projected load volumes.
Security Testing involves the test to identify any flaws and gaps from a security point of view.
Test Scenarios for Security Testing:
- Verify the web page which contains important data like password, credit card numbers, secret answers for security question etc should be submitted via HTTPS (SSL).
- Verify the important information like password, credit card numbers etc should display in encrypted format.
- Verify password rules are implemented on all authentication pages like Registration, forgot password, change password.
- Verify if the password is changed the user should not be able to login with the old password.
- Verify the error messages should not display any important information.
- Verify if the user is logged out from the system or user session was expired, the user should not be able to navigate the site.
- Verify to access the secured and non secured web pages directly without login.
- Verify the “View Source code” option is disabled and should not be visible to the user.
- Verify the user account gets locked out if the user is entering the wrong password several times.
- Verify the cookies should not store passwords.
- Verify if, any functionality is not working, the system should not display any application, server, or database information. Instead, it should display the custom error page.
- Verify the SQL injection attacks.
- Verify the user roles and their rights. For Example The requestor should not be able to access the admin page.
- Verify the important operations are written in log files, and that information should be traceable.
- Verify the session values are in an encrypted format in the address bar.
- Verify the cookie information is stored in encrypted format.
- Verify the application for Brute Force Attacks.