What is Web Application Testing ? Strategies, Threats, Risks.

 Introduction of Web Application Testing

What is Web Application Testing ?

Web application testing is a software testing technique exclusively adopted to test the applications that are hosted on web in which the application interfaces and other functionalities are tested.

Web Application Threats and Risks

  • Security is a game of constant catch-up.
  • Key threats to a Web application can help you stay ahead of problems.

Who is using your application ?

  • Whether the application is internals or external to your organization, it's important to consider who uses it.
  •  Not every user is technically savvy. Not every user comes to your application with honest intentions.
  • Scrutinize every location where a user can interact with and submit information to the application.

  Web Application Threats

Where is your application hosted ?
  • The application is only as secure as the server hosting it. A vulnerability within the server could be a gateway into application data or an entry point into your organization.
  • Another way to prevent an attacker from gaining access is to understand the configuration of your server and services.
What data are you exposing ?
  • Data leakage can give an attacker critical information about your application and Web server setup.
  • Data can also be exposed within error messages that are too verbose.
  • Configuring the server to display only information that the user needs to see prevents them from gleaning any additional information about the application setup.
  • Usually a simple error message to users is sufficient.

Testing Strategies

Functionality Testing

Test Web pages for correct function, formatting, cookies, and data validation. Functional testing is ideal to accomplish smoke testing, regression testing, and integration testing.

The below are some of the checks that are performed :
  • Verify there is no dead page or invalid redirects.
  • First check all the validations on each field.
  • Wrong inputs to perform negative testing.
  • Verify the workflow of the system.
  • Verify the data integrity.
Validate JavaScript tags

  • Identify Script tags that return 404 or other load errors.
  • Identify id, name, on...attributes that do not match any Script tag.

Dynamic content testing (Database testing) 
  • Check data consistency in database-driven Web forms.
  • Check create, edit, delete, update (CRUD) tasks.
  • Verify data retrieval delivers the correct data.
  • Identify database connectivity and query errors.

Usability Testing

To verify how the application is easy to use with.
  • Test the navigation and controls.
  • Content checking.
  • Check for user intuition.

Interface Testing

  • Performed to verify the interface and the dataflow from one system to other.

Compatibility Testing

  • Compatibility testing is performed based on the context of the application.
  • Browser compatibility.
  • Operating system compatibility.
  • Compatible to various devices like notebook, mobile, etc.
Performance Testing

Performed to verify the server response time and throughput under various load conditions.

Load Testing : It is the simplest from of testing conducted to understand the behavior of the system under a specific load.
Load testing will result in measuring important business critical transactions and load on the database, application server, etc. are also monitored. 

Stress Testing : It is performed to find the upper limit capacity of the system and also to determine how the system performs if the current load goes well above the expected maximum.   

Soak Testing

  • Soak Testing also known as endurance testing, is performed to determine the system parameters under continuous expected load.
  • During soak tests the parameters such as memory utilization is monitored to detect memory leaks or other performance issues.
  • The main aim is to discover the system's performance under sustained use.

Spike Testing

  •  Spike testing is performed by increasing the number of users suddenly by a very large amount and measuring the performance of the system.
  • The main aim is to sustain the work load.

Security Testing

  • Protect Web application data and maintain functionality as designed.
  • Check URLs for operation without logging.
  • Test basic authentication using false user name and password credentials.
  • Check for application function with invalid input fields, including text fields.
  • Check for Web server protection of inaccessible Web directories or files.
  • Check for Web application identification of security breaches, including error messages and security breach attempts being logged.
  • Test CAPTCHA fields for Web forms and logins.
  • Test browser security setting for moving from secure to insecure pages.

Usability Testing

The design and presentation of an application has a large impact on the success your users will have in using the Web application.

Test For Navigation
  • Check for the user to have apparent and easy controls to move from page to page.
  • Test the flow of a Web application by observing how the user accomplishes their goals.
  • Test that common navigation objects appear on every page consistently.
  • Test search functions for proper application functions.
Content Checking
  • Check for spelling errors.
  • Check that pages adhere to color and pattern style guidelines, including fonts, frames and borders.
  • Check that image load correctly and with proper sizes.
Compatibility Testing

Compatibility testing is performed based on the context of the application.
  • Browser compatibility.
  • Operating system compatibility.
  • Compatible to various devices like notebook, mobile, etc.

Comments

Post a Comment

Please do not enter any spam link in the comment box.

Popular posts from this blog

What is Digital Marketing and How to learn Digital Marketing ? Modules, Blog, Domain, Hosting, SEO.

Image
                 What is Digital Marketing ? In simple terms, Digital Marketing is all about driving more customers. Be it any product, all services, using these technologies primarily through the internet. There have been an exponential rise in the digital marketing jobs, more and more companies are using digital marketing to acquire new customers. Now, let's talk about how learning Digital Marketing can help you📖 :- Digital marketing is a skill that everyone must have. There are numerous benefits for everyone. You can easily get a job, you can even do a career shift, if you are not happy with your current work.  You can even take freelancing work as well, you can become a full-time freelancer or do it part-time, for extra money. Now, this is especially good for college students who needed extra pocket money while practicing the newly learned digital marketing skills. you can even enhance your resume by adding digital marketing as a s...
Read more

What are the different levels of Testing in Software Testing? Unit Testing, Integration Testing, System Testing, User Acceptance Testing.

Image
 The different l evels of testing are :- Unit Testing  Integration Testing  System Testing User Acceptance Testing   UNIT TESTING Unit test is a smallest testable piece of software. Unit test is a procedure used to validate that individual unit of source code is working properly. Before entering into the unit testing it should be gone through code review. Tests the functionality of units. Typically done by the developers not by testers. It is typically used to verify control flow, data flow and memory leak problems. Integrating Testing Integration is a process of combining and testing multiple components together. Starts at module level when various modules are integrated with each other to form a system. Considered interfaces on system. Focuses on design and construction of software architecture. Approaches of Integrating testing are :- Bottom Up Approach Top Down Approach Hybrid Approach (Critical Part First) Big Bang Approach What is Bottom Up Approach ? Process o...
Read more

What is Black Box ,White Box and Gray Box Testing in Software Testing ? Advantages, Disadvantages, Error Guessing.

Image
What is Black Box Testing and White Box Testing ? BLACK BOX TESTING  Black box testing is testing that ignores the internal mechanism of a system or component and focuses solely on the outputs generated in response to selected inputs and execution conditions. (also called as Behavioral testing, Functional testing, Data driven testing, I/O driven testing) Approach to the testing where program is considered as a "black box". The system is considered as a black box where the outputs of the test results are matched against user Specifications. Inputs are given and outputs are compared against specifications. No implementation details of the code are considered. Test cases are based on requirement specifications. Test Case Design methods :- Equivalence Class partitioning method Boundary value analysis Decision Tables State transition testing Use case based testing Error guessing Equivalence Partitioning : Equivalence partitioning is a black-box testing method. Divide the input dom...
Read more