Checklist for Web Application Testing
1. Introduction
The following sections will present a list of checks that need to be kept in mind while doing
any testing on Web Applications. These are checks that I have:
1. Implemented over my experience.
2. Read in various books and tool manuals.
3. Come across in literature available on the net.
Though the line items in the list may not provide 100% coverage of a web application under
test, nevertheless these will supplement any testing that is being carried out.
2. Test Environment
1. Is the browser installed on the clean machine, deleting all the cookies and temporary
Internet files
2. Is the default browser settings enabled
3. Is the web servers (IIS, Apache, etc.) configured appropriately for testing (Set the
Timeout parameter, etc.)?
4. Is the settings done for Data Driven as well as Database testing (Adding the DSN)
5. Is the basic testing (sanity or smoke test) is done on the web application to check if the
Application behaves as intended
3. Usability, Interface and Navigation
1. Is a navigational bar present on every screen?
2. Is the navigation bar consistently located?
3. Can a user navigate without the use of a mouse?
4. Can your site be used by the visually impaired? Red/Green Color-Blind, less than 20/20
vision, etc.
5. Does tabbing work consistently, in a uniform manner?
6. Is there a link to home on every single page?
7. Is page layout consistent from page to page?
8. Is each page organized in an intuitive manner?
9. Are graphics used consistently?
10. Are graphics optimized for quick downloads?
11. Do all the images add value to each page, or do they simply waste bandwidth?
12. Does text wrap properly around pictures/graphics?
13. Are all referenced web sites or email addresses hyper linked?
14. Are hyperlink colors standard?
15. Does the site look good on 640 x 480, 600x800 etc.?
16. Are fonts too small to read (remember not everyone may have the same vision as you)?
17. Are fonts too large?
18. Is all text properly aligned?
19. Are all graphics properly aligned?
20. Do pages print legibly without cutting off text?
21. Does the site have a site map?
22. Does each hyperlink on the map actually exist?
23. Does each hyperlink work on each page?
24. Is content legally correct (i.e. not filler content placed on site by developers during unit
testing)?
25. Is the page background (color) distraction free?
26. Does the Back button work as intended? It should not open a new browser window,
redirect you to another site, prevent caching such that the Back navigation requires a
fresh trip to the server
27. Does content remain if you need to go back to a previous page, or if you move forward to
another new page?
28. Can you get to your desired location with 3 or less clicks from the Home Page?
29. Are all of the parts of a table or form present? Is the table layout correct? Can you
confirm that selected texts are in the "right place?
30. Are all of the links on a page the same as they were before? Are there new or missing
links?
31. Are there any broken links?
32. Does a link bring you to the page it said it would?
33. Does the page you are linking to exist?
34. Are there any orphan pages?
35. Check for the spelling, Alt tags and GUI (Buttons, Bitmap, Static & Dynamic page text)
36. Is contact information for the site owner readily visible and available (name, telephone
number, email address, mailing address, fax number)?
37. If a user wishes to bookmark a page, is the page name easily understandable?
38. Does your site’s Web address appear in the History list if the user allows for historical
page recording?
39. Does the status bar on each Web page accurately reflect the progress of page loading,
Information, etc.?
40. Can the system work effectively for one user, ten users or a thousand?
41. Does the home page load quickly?
42. Are the instructions on how to use the site clear to the user?
43. If you follow each instruction does the expected result occur?
44. Is all terminology understandable for all of the site’s intended users?
4. Tables
1. Does the user constantly have to scroll to the right to see items in a table?
2. Do tables print out properly?
3. Are the columns wide enough or does every row have to wrap around?
5. Frames
1. Does your Web site handle browsers that do not support frames?
2. Do frames resize automatically and appropriately? Is the user able to manipulate frame
size?
3. Does a scrollbar appear if required?
4. On framed pages have you verified that what is actually recognized by the Bookmark or
Favorites is appropriate?
5. Can a search engine find content within the frames?
6. Do the frame borders look right?
7. Are there any issues related to refreshing within frames?
6. Data Verification
1. Has data been verified at the workstation?
2. Has data been verified at the server?
3. Have you ensured that what the user is entering on the workstation is yielding the right
information on the server? (Database verification)
4. Check that the data to be encrypted is done so and appropriately stored in the server
5. Are you prevented from entering the same information multiple times (order forms, free
samples, etc.)?
6. Is data that is requested of the user essential to the process for which it is requested? For
example do you need a user’s date of birth in order to process his book order or are you
simply asking for too much user information?
7. Can text be entered in numeric fields?
8. Can wildcards be used in searches?
9. Can spaces and blank values be entered in fields?
10. Are long strings accepted?
11. Do fields allow for the maximum amount of text to be entered?
12. Check for the mandatory fields?
13. Are the initial values of checkboxes and radio buttons correct?
14. Are you restricted to only selecting one radio button in a group at one time?
15. Do check boxes trigger the desired event?
16. Are users prevented from entering HTML code in form fields?
7. External Interfaces
1. Does the system interface correctly with related external systems?
2. Have all possible interfaces been identified?
3. Have all supported browsers been tested?
4. Have all error conditions related to external interfaces been tested when external
application is unavailable or server inaccessible?
5. Has proxy caching been tested?
6. Have all external applications that may be launched from within the Web site been
tested?
8. Internal Interfaces
1. Can the Web site work with firewalls?
2. If the site uses plug-ins, can the site still be used without them?
3. Can the site support all plug-ins that are needed for the Web site at various modem and
PC speeds?
4. Will all versions of plug-ins work together?
5. Can all linked documents be supported/opened on all platforms (i.e. can Microsoft Word
be opened on Solaris)?
6. Do all plug-ins work with all Browsers?
7. Does the site lose usability, if Java is not enabled?
8. Do all plug-ins load properly?
9. Are failures handled if there are errors in download?
10. Does the site function with the use of “non-standard” hardware (speakers, cable
modems, etc.)
11. Can you Download Signed ActiveX Controls?
12. Can you Download Unsigned ActiveX Controls?
13. Can you initialize and script ActiveX controls not marked as safe?
14. Can you Run ActiveX controls and plug-ins?
15. Can you Script ActiveX controls marked safe for scripting?
16. Does your solution require cookies?
17. Does your solution work even if users disable cookies?
18. Does your solution allow per-session cookies?
19. Does your solution require special fonts?
20. Does your solution require users to access data sources across multiple sites/domains?
21. Can users use copy/paste functionality?
9. Browsers
1. Has it been verified by hardening the browser (Setting various options in Internet options
in case of IE and Preferences in case of Netscape)
2. Is the HTML version being used compatible with appropriate browser versions?
3. Is Java Code/Scripts usable by the browsers under test?
4. Do images display correctly with browsers under test?
5. Have you verified that fonts are usable on any of the browsers?
6. Have you checked the Security Settings/Risks as they relate to each browser?
7. Have you verified digital certificates across multiple browsers?
8. Have you verified that plug-ins work with the browsers you are testing with your site?
9. Have you safeguarded against viewing source code?
10. Have you printed your site’s content from various browsers?
11. Impact of Content Size on Infrastructure (reliability, consistency)
12. Have you verified Applets to Frames Compatibility?
13. Human Engineering – color codes – visual presentation
14. Have you tested Mouse vs. Key Strokes within various browsers?
15. Have you implemented intelligent error handling (from disabling cookies, etc.)?
16. Have you verified the use of 128-bit Encryption?
17. Have you tested Animated GIFs across browsers?
18. Check the browser (IE4.x, 5.x, 6.x, NN4.x) behavior on different OS (Win9x, WinNT,
Win2K, and Mac)
10. Cookies
1. Has information stored in cookies been verified?
2. Is cookie information encrypted?
3. Is cookie information being incremented properly?
4. Have you prevented cookies from being editable by the user?
5. Have you checked to see what happens if a user deletes cookies while in site?
6. Have you checked to see what happens if a user deletes cookies after visiting a site?
7. Are cookies being stored in the proper directory?
8. Is cookie information correct and valid for the user accessing the site?
11. Load/Concurrent Usage
1. Does the system meet its goals for response time, throughput, and availability?
2. Is the system able to handle extreme or stressful loads?
3. Is the system able to continue operating correctly over time without failure?
4. Does the system operate in the same way across different computer and network
5. configurations, platforms and environments, with different mixes of other applications?
6. Have you monitored CPU usage, response time, disk space, memory utilization and
leaks?
7. Have you defined standards for response time (i.e. all screens should paint within 10
seconds)?
8. Have you verified Firewall, Certificate, Service Provider and Customer Network impact?
9. Is page loading performance acceptable over modems of different speeds?
10. Can the site sustain long periods of continuous usage by 1 user?
11. Can the site sustain long periods of usage by multiple users?
12. Can the site sustain short periods of usage at high volume?
13. Can the site sustain large transactions without crashing?
14. Will the site allow for large orders without locking out inventory if the transaction is
invalid?
12. Error Handling
1. Are automatic error detection and recovery mechanisms built in to try to keep the system
operating no matter what?
2. If the system does crash, are the re-start and recovery mechanisms efficient and
reliable?
3. If you leave the site in the middle of a task does it cancel?
4. If you lose your Internet connection does the transaction cancel?
5. Does your solution handle interruptions in file transfer?
6. Does your solution handle browser crashes?
7. Does your solution handle network failures between Web site and application servers?
8. Does your solution handle the database server becoming inaccessible?
9. Does the application notify the user of transaction status?
10. Memory – leaks, cache, issues of resulting from continual running
13. Network Impacts
1. Have you considered 32-bit vs. 64-bit versions of IP?
2. Have you tested the impact of Secure Proxy Server?
14. Security
1. Is security adequate?
2. Is confidentiality/user privacy protected?
3. Is access only successful with 128 bit browsers?
4. Does the site prompt for user name and password?
5. Does site ask for personal information of children? If so, is it acquired through secure
pages with warning information for parents?
6. Are there Digital Certificates, both at server and client?
7. Have you verified where encryption begins and ends?
8. Are concurrent logins permitted?
9. Does the application include time-outs due to inactivity?
10. Is bookmarking disabled on secure pages?
11. Does the key/lock display on status bar for insecure/secure pages?
12. Is Right Click, View, Source disabled?
13. Are you prevented from doing direct searches by editing content in the URL?
14. If using Digital Certificates, test the browser Cache by enrolling for the Certificate and
completing all of the required security information. After completing the application and
installation of the certificate, try using the <-- Backspace key to see if that security
information is still residing in Cache. If it is, then any user could walk up to the PC and
access highly sensitive Digital Certificate security information.
15. Is there an alternative way to access secure pages for browsers under version 3.0, since
SSL is not compatible with those browsers?
16. Do your users know when they are entering or leaving secure portions of your site?
17. Does your server lock out an individual who has tried to access your site multiple times
with invalid login/password information?
18. Does the site incorporate aging procedures in place for passwords?
19. Is there a link for help in case of forgotten password?
Test Plan:-
Project Name
Domain
27-Aug-2010
Version 1.0
Author / 27-Aug-2010 | ||||
Revision History
Version
|
Date of Revision
|
Description of Change
|
Reason for Change
|
Author
|
Approved By
|
1.0
|
27-Aug-2010
|
First Version
|
Velmurugan
| ||
Table Of Contents
| ||
1.
|
Objective…………………………………………………………………………………………………
|
4
|
2.
|
Scope……………………………………………………………………………………………………..
|
4
|
3.
|
Testing Approach/Strategy…………………………………………………………………………….
|
4
|
4.
|
Inputs for Testing………………………………………………………………………………………..
|
4
|
5.
|
Test Case Preparation Team/Schedules…………………………………………………………….
|
4
|
6.
|
Test Execution Schedules……………………………………………………………………………..
|
5
|
7.
|
Pass/Fail Criteria…………………………………………………………………………………………
|
6
|
8.
|
Testing Constraints……………………………………………………………………………………..
|
6
|
9.
|
Environmental Needs…………………………………………………………………………………..
|
6
|
10.
|
Test Deliverables………………………………………………………………………………………..
|
7
|
Objective
|
This test plan defines the scope of testing activities planned to validate that the system developed is usable and customer friendly. It will be based on the Business Requirements. The testing activities are detailed in this document. Roles and responsibilities of the QA members involved in these quality efforts are also outlined
Scope
|
A high level testing of abc Module in “Projectname” which includes the following
- Test the Functionality is working fine for the features
- Test the Structural Quality, Content, Accuracy and Consistency, Scalability, Response Time & Performance, Usability across targeted environments
- The main features of “Project Name” Module are:-
- Module1
- Module2
- Module3
- Module4
Testing Approach/Strategy
|
- Unit Testing (to be done by the development team)
- Component /Module Testing
- Integration Testing (to be done by development and testing team)
- Conversion Testing (With legacy application)
- Interface Testing
- Security Testing
- Recovery Testing
- Performance Testing
- Regression Testing
Inputs For Testing
|
Input for Testing
Test Case Preparation Team/Schedules
|
Test case preparation Team
1. Mr. Name1
2. Mr. Velmurugan
3. Ms. Name3
Sl No
|
Name of Person(s)
|
Task
|
Start Date
|
End Date
|
1.
|
Velmurugan
|
TC-module1
|
21-Jun-2010
|
20-Aug-2010
|
2.
|
Name1
|
TE-Module1
|
18-Oct-2010
|
22-Oct-2010
|
3.
|
Name3
|
Review-Module1 TC And TE
|
01-Oct-2010
|
15-Oct-2010
|
Test Execution Schedules
|
6.1 Unit Level Test Details/Schedules
<<Refer scrum and mpp files>>
6.2 Module Level Test Details
6.3 Integration test details
Start Date: 01-Oct-2010
End Date:
Team: Velmurugan- Create Test Case for module1
Name1 –Execute all module1 Test Cases
Name3 – System as a whole
6.4 Database test details
Start Date:
End Date:
Team: Velmurugan, Name1
6.5 Other test details
Start Date:
End Date:
Team: Name1, Velmurugan, Name3
• Interface Testing
• Security Testing
• Performance Testing
• Regression Testing
Pass /Fail Criteria
|
- Suspension Criteria
- When any critical bugs raised/bug rate is too high and if it is difficult to proceed testing
- When a major requirement change occurred which may affect the main functionalities and current testing
- Resumption Criteria
- When the critical bug fixed
- When the enhanced module ready after unit testing
- Approval Criteria
- When all bugs are closed
- All requirements are incorporated
- If any pending bugs are existing(other than critical bugs), it must be properly informed to the management as well as the client. The Project Manager can decide whether to allow these bugs pending or not.
Testing Constraints
|
<< Identify significant constraints on testing such as test item availability, testing resource Availability, and deadlines. >>
1. All modules with GUI & Validations must be ready for testing
2. Testers are not allocated with other works/Non availability of resources for testing
3. Limited Time for Testing
4. Deadlines :
Environmental Needs
|
<< Specify the software and hardware required for testing >>
Hardware: -
<< Specify the hardware requirement for testing >>
a. Memory - Minimum 1 GB RAM.
b. Hard Disk – Minimum 40 GB. Recommended 80 GB
c. Printer –
i. For bills - Epson LX 300+
ii. For reports - Laser Jet
Software: -
<< Specify the software requirements>>
a. Operating System – Windows XP with Service Pack 2 or Windows 2000 with Service Pack 4
b. Oracle 10g
c. .NET Frame Work 3.5 with SP1
Testing Tools: -
<< Give a detailed description of testing tools used if any. It could be an annexure also>>
- Functional/Regression Testing ; QTP/Test Complete
- Performance Testing : Load Runner
- Bug Tracking : BugTracker.NET
Test Deliverables
|
- Test Case Document
- Bug Report
- Final Test Summary Report /Test Certificate
