Checking the functions of web-based system before launching can help address problems within the application before it reaches the public. Web testing is basically software testing that focuses on checking web applications. Issues such as basic functionality, security, ability to handle internet traffic, and more are check as part of web testing. The following list shows some of the types of testing that is important to thorough web testing.
- Functionality Testing
- Interface Testing
- Usability Testing
- Performance Testing
- Compatibility Testing
- Security Testing
Functionality Test checks links in web pages, forms used for providing and retrieving user information, database connection, cookies, etc. When checking links, the tester should test the following:
• Outgoing links from all pages in the domain being checked
• Internal links
• Links that jump within the same page
• Email links to admin or other users
• Orphan pages
• Broken links
Forms are a vital part of most web sites. They are used to obtain information from users and also to maintain interaction with them. When checking forms, the tester should:
• Check all of the field validations
• Check the default values of fields
• Check the operation of invalid field inputs
• Verify options to create, delete, view, or modify forms
Maintaining data consistency is extremely important for a web application. When checking the database, the tester should check for data integrity and errors. They should verify that all queries to the database are being executed properly, and that data is retrieved and updated correctly.
Cookies are small files that are stored on a user’s machine and are used to maintain session login data. When web testing cookies, the tester should enable and disable the cookies in browser options. They should check to see if the cookies are encrypted before being written to the user’s machine. If session cookies (i.e. cookies expire after the sessions ends) are being checked, look for login sessions and user stats after the session ends. Another important thing to look for when testing cookies is their effect on application security when cookies are deleted.
When performing interface testing, the main interfaces to examine are those between the web server and the application server and the one between the application server and the database server. The tester should verify that all of the interactions between these servers are executed properly and errors are handled appropriately. In the event that the database or web server returns error messages for any queries by the application server then that server should capture and display them to users. The tester should also be sure to examine what happens when transactions are interrupted or if the connection to the web server is reset.
When performing usability testing, the tester should verify that that the site is simple to use, instructions are clear, navigation controls (buttons, boxes, etc.) operate properly, menus are provided on each page and above all, the site is consistent. Besides the obvious check for spelling errors, the tester should verify that the content is logical, meaningful, and easy to comprehend. Anchor text as well as site map links should be checked for proper operation and image placement and size should be verified.
Performance Testing is an important part of web testing because it involves load and stress testing. Web applications have to be able to sustain heavy loads. It is a good idea to test the application performance using different internet connection speeds. For web load testing, the tester should do the following:
- Find out if some pages are receiving more traffic than others
- Verify that the system can sustain a heavy load during peak times
- Verify that the site can handle a large amount of simultaneous user requests,
- Check that the site can handle large input data from users
- Check for simultaneous connection to the database
In web testing, stress testing is used to check how far an application can go beyond its specified limits. The main point is to break the site and checking to see how the system reacts to stress as well as how it recovers from a crash. It is most common to apply stress to the input areas, login, and sign up fields.
Web testing should also check functionality on various operating systems and hardware platforms.
Checking the compatibility of the web site is a very important part of web testing because it verifies the applications ability to work with different browsers, operating systems, and printing options. Some applications depend heavily on the browsers being used. Different browsers have various configurations and settings that the application must be compatible with so a tester should check that it operates properly across several platforms such as Internet Explorer, Firefox, Safari, Chrome, etc. Along the same lines as browser compatibility, the tester should test the web pages on mobile browsers, as compatibility problems can arise in this area. Since there are many different operating systems (Windows, MacOS, Linux, etc.), web testing should include verifying that all application functions operate properly on most operating systems. If printing options are offered, the tested should also be sure to check page alignments, fonts, and graphics are printing correctly.
Web security is a big deal for most people using the web. Checking the security of an application is a serious matter in web testing. Testers should perform security checks such as the following:
- Verify that internal pages do not open when a user attempts to open an internal URL without being logged in
- Verify that the system does not react to invalid inputs such as login name and password
- Check to make sure that error messages, transactions, and attempts to breach security are logged on the web server
- Verify that users are not able to access other user accounts
- Be sure that web directories and files are only accessible with a download option (if this function is intended to be offered)
- Verify that Secure Sockets Layer (SSL) is used properly and that the correct message is displayed when the user is switching from a secure page to a non-secure page.