Software & WebApp Testing. Nisa ul Hafidhoh

Size: px

Start display at page:

Download "Software & WebApp Testing. Nisa ul Hafidhoh"

Julian Ellis
5 years ago
Views:

1 Software & WebApp Testing Nisa ul Hafidhoh

2 Testing Process of analyzing a software entity to detect differences between existing conditions and undesirable conditions (defects / bugs) and evaluate features of the software entity (standar ANSI/IEEE 1059)

3 Software Development Activity

4 Testing Activity

The Role of each Testing Process Ensure each component/unit aprpropriates with specification Ensure each component/unit collaborate Verification of

5 The Role of each Testing Process Ensure each component/unit aprpropriates with specification Ensure each component/unit collaborate Verification of functional requirements fulfillment Verification of non-functional requirements fulfillment Verification of from user / customer Testing in user environment

6 Software Testing Strategy testing-in-the-small to testing-in-the-large Conventional Software Unit testing: focus on each individual component, ensuring each function is running Integration testing: focus on design and construction of software architecture Validation testing: ensure the PL meets all needs System Testing: PL and other system elements are tested as a whole OO Software Focus on testing each class including attributes and operations Testing of communication / collaboration between classes

7 Software Testing Method

specificationbased atau functional testing Whitebox

8 Blackbox VS Whitebox Blackbox testing Tidak perlu mengetahui struktur software Juga disebut dengan specificationbased atau functional testing Whitebox testing Harus mengetahui struktur dan implementasi dari software

9 Web App Testing Activity that looks for errors on parts of the Web App, such as: Content Function Structure Usability Navigability Compatibility Interoperability Performance Security

10 Challenge Web-based applications running on the network, and operating with different Systems Operating System Browser Hardware Platform Communication protocol

11 General Error in Web App What is often seen is the result of an error, not the error itself Errors are often difficult to reproduce Need to create environment Errors are often encountered from the WebApp configuration Error must be searched from: Client Server Network

12 Web App Testing

13 Content Testing To uncover syntactic errors (typos, grammatical errors) in document-based text, graphical representations, and other media To uncover semantic error (Focused on the information presented in each item content) To find errors in the organization or content structure presented to users.

14 Navigation Testing To ensure that mechanisms that allow users to browse through the webapp can work and to validate each NSU (Navigation Semantic Unit) can be achieved by the appropriate user category.

15 Navigation Mechanism Navigation/link Internal links within the webapp, external links for other webapps must be ensured, content / functionality can be run. Redirect Tested by asking for an incorrect internal or external URL link and assessing how the webapp handles this request. Bookmarks Despite the browser functionality, the webapp should be tested to ensure that meaningful page titles can be extracted from the bookmarks created.

16 Navigation Mechanism [2] Frame & Frameset Each frame is tested for the correct content, proper layout and size, download performance, and browser compatibility Framesets consist of several frames SiteMap Provided a table of contents of all web pages Each site path must be tested to ensure that the link will bring the user to the right content or function. Internal Search Engines Validate the accuracy and completeness of the search, error handling of search engines, and advanced search features

17 Interface Testing Interface features including font type, use of colors, frames, images, borders, tables, and related interface features generated as a result of webapp execution should be tested Individual interface mechanisms are tested in a way analogous to unit testing (client-side scripting, dynamic HTML, scripting, content streaming) The full interface is tested against the selected use case along with NSU to reveal errors in the interface semantics

18 Interface Mechanism When a user interacts with a web app, the interaction can be through various mechanisms. Link Each navigation link should be checked to ensure that the appropriate content / functionality can be achieved Form Ensure that the labels identifying the fields in the form are correct and the fields must be visually identified to the user The server receives all information contained in the form and no data is lost in the transmission between the client & server Use the appropriate default when the user does not select a pulldown menu or button The browser function (e.g., Back arrow) does not damage data entered in a form

19 Interface Mechanism [2] Client-side scripting Black-box testing is done to uncover errors in processing when the script is run. This test is often combined with form testing, since the input script often comes from the data provided as part of the form processing. A compatibility test should be performed to ensure that the selected scripting language will work well in different environment configurations Dynamic HTML Testing must be performed to ensure that dynamic HTML is displayed correctly. Compatibility Test must be performed to ensure dynamic HTML works well in environment configurations that support webapp

20 Interface Mechanism[3] Pop-up windows A series of tests ensures that : The size and position of the pop-up is correct Pop-ups do not cover the original webapp window The aesthetic design of the pop-up is consistent with the aesthetic design of the interface The scroll bar and other control mechanisms added to the pop-up location and function are correct. Streaming content The test should show that Streaming data is up-to-date, displayed correctly, can be delayed without errors and Restart without difficulty.

21 Interface Mechanism[4] Cookies On the server side, tests should ensure that cookies are properly created and transmitted to the client side when certain content or functionality is requested and to ensure that the expiration date is correct. On the client side, the tests determine whether the webapp correctly? Pastes the cookies for specific requests sent to the server

Compatibility Testing A series of compatibility validation tests are derived or often adapted from existing interface tests, navigation tests,

22 Compatibility Testing A series of compatibility validation tests are derived or often adapted from existing interface tests, navigation tests, performance tests, and security tests. The purpose of this test is to uncover errors or execution problems that can be traced in the different configurations.

23 Component Testing Component level testing, also called functional testing, focuses on a set of tests that attempt to uncover errors in the webapp function. Each webapp function is a software component (implemented on one programming or scripting language) and can be tested using blackbox testing or whitebox technique.

24 Database Testing Test that uncovers errors in communication between webapp and database. The test is designed to uncover errors made when translating user requests into forms that DBMS can process. The raw data obtained from the database must be transmitted to the webapp server and formatted for subsequent delivery to the client. Tests that demonstrate the validity of transformations are applied to the raw data to create valid content objects.

25 Interaction Layer

26 Security Testing A security test designed to investigate vulnerabilities in the client-side environment, the communication network that occurs as data is sent from the client to the server and back again, as well as the server-side environment. Client-side Vulnerability: On the client side, vulnerabilities can often be traced to pre-existing bugs in the browser, program, or communications software. for example: one of the commonly mentioned bugs is Buffer Overflow

27 Security Testing [2] Network Vulnerability: Data communicated between client and server is vulnerable to spoofing. Spoofing occurs when one end of a communication path is undermined by and an entity with malicious intent. For example, A user can be forged by a malicious website that acts as if it is a legitimate web app. The goal is to steal passwords, proprietary information, or credit data.

28 Security Testing [3] Vulnerability in server side: Vulnerabilities include denial-of-service attacks and malicious scripts that can be forwarded to the client side or used to disable server operations For example: the server-side database can be accessed without authorization (data theft).

29 Performance Testing To reveal performance issues because: Lack of server-side resources Insufficient network bandwidth Inadequate database capacity, poor or weak operating system capabilities Poorly designed web app functionality The goal is twofold To understand how the system responds to loading (that is, the number of users, the number of transactions, or the overall volume of data) increases To collect metrics that will cause design modifications to improve performance

30 Load & Stress Testing Load Testing to determine how web applications and server-side environments will respond to various load conditions. Stress Testing Stress testing is a continuation of load testing, but in this case forced to exceed the operational limit.

31 Referensi Pressman, R.S. & David Lowe Web engineering : a practitioner s approach. McGraw-Hill Louise Tamres Introducing Software Testing. First edition, Addison Wesley.

32 Thankyou

Testing Web Applications. Slides copyright 1996, 2001, 2005, 2009 by Roger S. Pressman. For non-profit educational use only

Testing Web Applications. Slides copyright 1996, 2001, 2005, 2009 by Roger S. Pressman. For non-profit educational use only Chapter 20 Testing Web Applications Slide Set to accompany Software Engineering: A Practitioner s Approach, 7/e by Roger S. Pressman Slides copyright 1996, 2001, 2005, 2009 by Roger S. Pressman For non-profit