A web application usually has many groups of users with many different platforms (operating systems, browsers.), it is also difficult to guess how many people are using a web application. Then the response time of the user request to the application is one of the decisive factors of the success or failure of the application. leading to the web application testing will have certain differences compared to testing traditional software. In particular, UI testing, performance testing, and security testing are the types of testing that web applications need to focus on. Below the writer would like to introduce the steps in testing web applications:
Functional testing requires the tester to test all the links in the web page, the format used in the web pages to send and receive necessary information from the user. There is also a database connection, cookie checker, and HTML / CSS verification.
Website usability is defined as a website that is easy to use, has clear and well-defined instructions for use, each with the main menu, and this menu must be consistent. Testers need to note these things.
In addition, when testing the usability, the tester also needs to test the navigation controls (such as button, text box, text link, breadcrumbs.), the content of the website must be easy to understand and user-friendly. No spelling mistakes, not difficult to read words, images are arranged neatly and reasonably.
The main interfaces include:
- Web server interface and application server interface
- Application server interface and data server interface
Examine all interactions between servers. If the data server or the web server returns any error messages for any queries from the application server, then the application server should immediately receive it and display an alert to the user. Check for cases where transactions are suddenly interrupted by the user, or the connection to the server is interrupted, restarted.
The following checks are required:
- Browser compatibility (on computers and mobile phones): Different users can use different browsers depending on their needs, habits. It is necessary to test the web application on as many browsers as possible (IE, Firefox, Chrome, Safari, Opera.) to check compatibility. Test on different versions of the browser. Test on the smartphone browser. If the application runs better or has a preference for compatibility with certain browsers, then notice to the user is required.
- Compatible with the operating system: some functions of the application may not be compatible with some operating systems, or there are other caveats to use, this should be carefully checked and notified to the user. Are known.
- Compatible with peripheral devices (printers): when users have print orders, they must ensure the accuracy of fonts, font sizes, paper sizes. that the user has chosen.
- Load test: test the application’s performance with different network connection speeds. Test when many users access or request a page to see if the system can maintain the operation? Or test when a user uploads or downloads an exceptionally large amount of data.
- Pressure test: ie pushing the system beyond its limits, trying to interrupt the website by increasing the load, and checking how the system reacts and recovers.
Some cases for web security testing are as follows:
- Type URL directly into your browser’s address bar without going through login. Internal pages must not be opened.
- After logging in and opening the internal pages, change the URL directly by changing the page ID parameter to the page that belongs to another logged-in user. Access must be denied because this user cannot view another user’s statistics page.
- Try invalid input values in the username, password fields. The system must report an error.
- CAPTCHA test for automated logins
- All transactions, error messages, and attempts to compromise security must be logged and stored on the webserver.