Shulou(Shulou.com)06/03 Report--

Software permissions

1) deduction risk: including sending text messages, making phone calls, connecting to the network, etc.

2) risk of privacy disclosure: including access to mobile phone information, contact information, etc.

3) improve the input validity check, authentication, authorization, sensitive data storage, data encryption and so on of App

Line detection

4) restrict / allow access to the Internet using mobile phone functions

5) restrict / allow the use of mobile phones to send and receive messages

6) restrict / allow applications to register automatic startup applications

7) restrict or use local connections

8) restrict / allow the use of mobile phones to take pictures or record audio

9) restrict / allow the use of mobile phones to read user data

10) restrict / allow the use of mobile phones to write user data

11) detect App user authorization level, data leakage, illegal authorized access, etc.

Installation and uninstallation

1) the application should be installed correctly on the device driver

2) the corresponding icon of the application can be found on the installation device driver

3) whether it contains digital signature information

4) all managed properties and their values contained in the JAD file and JAR package must be correct

5) the data content displayed by the JAD file should be consistent with that displayed by the application program.

6) the installation path should be able to specify

7) without the user's permission, the application cannot be set to start automatically in advance

8) whether it is safe to uninstall and whether all the files installed are uninstalled

9) whether there is a prompt to uninstall the files generated during the use of the user

10) whether the modified configuration information is restored

11) whether the uninstall affects the functionality of other software

12) Uninstall should remove all files

Data security

1) when passwords or other sensitive data are entered into the application, they are not stored in the device, the same as

The password will not be decoded.

2) the password of the input will not be displayed in clear text

3) passwords, credit card details, or other sensitive data will not be stored in their pre-input location

4) the individual × × or password length of different applications must be at least between 4 and 8 digits.

5) when the application processes credit card details, or other sensitive data, the data is not written in clear text

To other separate or temporary files. To prevent the application from terminating abnormally without excluding its

Temporary files, files may be attacked by intruders, and then read the data information.

6) when sensitive data is entered into the application, it will not be stored in the device

7) backup should be encrypted, data recovery should consider abnormal communication interruption in the recovery process, etc., and then after data recovery.

It should be checked before use.

8) applications should consider user prompts or security alerts generated by the system or virtual machine

9) applications cannot ignore user prompts or security warnings generated by the system or virtual machines, let alone

Can be used by the security police

Graphic test

1) horizontal comparison. The operation mode of each control of the whole App is unified.

2) Adaptive interface design, the content is adaptive according to the size of the window

3) whether the style of page tags is uniform

4) whether the page is beautiful or not

5) the picture of the page should have its practical meaning and be orderly and beautiful as a whole.

6) the picture quality should be high and the picture size should be as small as possible if the design meets the requirements.

7) the overall use of colors in the interface should not be excessive.

Running

After the trial run after the installation of App, the software can be opened normally.

App opens the test to see if there is a progress prompt for the loading status.

App opens the speed test to see if the speed is considerable.

Whether the switching between App pages is smooth and the logic is correct

Register

Edit the page with the form

Username password length

Tips page after registration

Whether the data of the registration page of the foreground and the management page of the background are consistent.

After registration, the page prompts in the background management

Log in

Log in to the system using a legitimate user.

Whether the system allows multiple illegal logins, whether there is a limit on the number of times.

Whether the login system using the login account that has been logged in is handled correctly.

Whether it is handled correctly to log in to the system using a disabled account.

Can you log in if the user name and password (password) are wrong or missing?

Delete or modify the user, the original user login.

Do not enter user password and user, repeat point (determine or cancel button) whether login is allowed. -- after landing

Login information on the page.

There is a logout button on the page.

Handling of login timeout

Write off

Log out of the original module, whether the new module system can be handled correctly.

Can the logout be terminated to return to the original module, the original user.

If the original user is logged out, can the new user system handle it correctly?

Log out with the wrong account, password, unauthorized and disabled account

Switching between foreground and background of application

1) APP switches to the backend, and then goes back to app to check whether it stays in the previous interface.

2) APP switches to the background, and then returns to app to check whether the function and application status are normal.

3) when app switches to the background and returns to the foreground, pay attention to whether the program crashes and whether the functional status is normal.

Especially when the data is automatically updated when switching from the background to the foreground.

4) after unlocking the screen, enter the app to see if it will crash and whether the function is normal, especially for

When you switch back from the background to the foreground, the data is updated automatically.

5) when a phone call is interrupted during the use of App, and then switch to app, whether the function status is normal.

6) when the app process is killed, whether the app,app can be started normally.

7) after the prompt box that must be processed appears, switch to the background, and then switch back to check whether the prompt box is still alive.

Yes, there are sometimes defects in the application of automatically skipping prompt boxes.

8) for pages with data exchange, each page must be tested for switching between foreground and background and locking screen.

This kind of page is most prone to crash.

Login-free

Many applications provide login-free function, which can be used automatically as the user who logged in last time when the application is opened.

App.

1) when app has login-free feature, you need to consider the difference in IOS version.

2) consider whether you can enter login-free status normally when there is no network.

3) after switching user login, verify whether the user login information and data content are updated accordingly to ensure that the original

The household quits.

4) if an account is allowed to log on to only one machine. You need to check how many phones are logged into one account.

Users in the original phone need to be kicked out and give friendly hints.

5) switch the app to the background, and then switch back to the verification of the foreground

6) switch to the background, and then switch back to the foreground test.

7) after the password is changed, check whether the valid identity is verified when there is a data exchange.

8) applications that support automatic login check whether the system can log in successfully and

The data operation is correct.

9) after checking that the user logs out actively, the next time you start app, you should stay in the login interface.

Data update

According to the applied business rules and the amount of data update, the optimal data update scheme is determined.

1) need to determine where manual refresh is needed, where automatic refresh is needed, and where

To manually + automatically refresh.

2) determine where the data needs to be updated when switching from the background to the foreground.

3) determine which content needs to be updated in real time and which needs to be updated according to the reasonable distribution of business, speed and traffic.

Update regularly.

4) determine whether the processing logic of the data display part is requested from the server or cached locally.

Only in this way can we carry out the corresponding test with pertinence.

5) check where there is data exchange and have corresponding exception handling

Offline browsing

Many applications will support offline browsing, that is, some of the data will be cached on the local client for users to view.

1) you can browse local data without network.

2) you can browse normally when you exit app and then open app.

3) switch to the background and then back to the foreground to browse normally.

4) unlock the screen and return to the application foreground to browse normally.

5) offline prompts will be given when there are updates to the data on the server.

App update

1) when the client has a new version, there is an update prompt

2) when the version is an unforced upgrade version, the user can cancel the update, and the old version can be used normally. Users are in

The next time you start app, you will still be prompted to update.

3) when the version is a mandatory upgrade version, when the user does not make an update after the mandatory update is given, exit the client.

The next time you start app, you will still be prompted for a forced upgrade.

4) when the client has a new version, if the client is not deleted locally, directly update to check whether it can

Normal update.

5) when the client has a new version, check the updated client without deleting the client locally

Whether the feature is a new version.

6) when the client has a new version, check the file with the same name of the resource, such as

Whether the picture can be updated to the latest version.

If the above can not be updated successfully, it is also a defect.

7) Test the incremental upgrade of App, and test whether App can continue to use the upgrade after the upgrade fails

The previous version.

8) after the release of the new version, it will be updated and downloaded, installed, updated and launched in conjunction with different network environments.

More, run the verification test.

What needs to be checked:

Test whether the upgraded function is the same as the requirement description

Test whether the functions of the modules related to the upgrade module are consistent with the requirements

Test for unexpected conditions of upgrade installation (such as panic, power outage, restart)

UI testing of the upgrade interface

Upgrade testing between different operating systems

Digital signature, upgrade override installation, manual override installation after download, cross-version upgrade, can be normal after upgrade

Use. Override installation should ensure that if the database has field updates, it can be updated normally, otherwise it will easily lead to

App exception.

Positioning, camera service

1) App is useful for cameras. When locating services, you need to pay attention to system version differences.

2) where location services and camera services are useful, you need to test the switching between the front and background, and check that you should

Whether it is normal or not.

3) when the location service is not enabled, if you use the location service, it will be friendly to pop up whether you are allowed to set the location lift.

Show. When it is determined that positioning is allowed, it can automatically jump to the positioning settings to turn on the positioning service.

4) when testing positioning and camera services, you need to use a real machine for testing.

Time test

The client can set the time zone and time of the phone by itself, so you need to verify the impact of this setting on app.

China is East 8 District, so when the time set by mobile phone is not East 8 District, check the place where the time needs to be displayed.

Whether the time is displayed correctly and whether the application function is normal. Time generally needs to be converted to server time

The client shows the corresponding time zone, and this kind of user experience is better.

For example, publishing a Weibo post recorded at 10:00 on the server, at this time, 22:00 Washington time, guests

When browsing on the client, if you set Washington time, the published time displayed is 22:00.

When the time is set back to East District 8, it will be displayed as 10:00.

PUSH test

1) check whether push messages are sent according to the specified business rules

2) when checking that the push message is not accepted, check that the user will no longer receive push.

3) if the user sets a do not disturb period, check that the user cannot receive it during the do not disturb period

PUSH . During the non-do not disturb period, the user can receive the push normally.

4) when the push message is aimed at the logged-in user, you need to check whether the received push and the identity of the user

It matches and does not mistakenly push messages from others.

In general, only the message is pushed to the last logged-in user on the phone.

5) when testing push, you need to use a real machine for testing.

Performance testing

Evaluate the temporal and spatial characteristics of App:

1) limit test: verify whether App is under various boundary pressure conditions, such as battery, storage, network speed, etc.

Can respond correctly.

Install App when memory is full-- phone power off when running App-- disconnect network when running App

2) response ability test: test whether all kinds of operations in App meet the requirements of user response time. -- App

Response time of installation and uninstallation-- influence time of various functional operations of App

3) stress test: whether the occupation of system resources is abnormal under repeated / long-term operation.

App repeatedly installs and uninstalls to see if the system resources are normal

Other functions operate repeatedly to check whether the system resources are normal.

4) performance evaluation: evaluate the use of system resources in typical user application scenarios.

Testable aspects-installation and startup time-CPU footprint-memory footprint-traffic consumption-power consumption

Consumption-backend to test whether all kinds of operations in App meet the requirements of user response time, mainly testing

In terms of network speed, 2g, 3g, and wifi, and 4G must be covered-there is network concurrency at the back end.

Cross event testing

A testing method is proposed for the service level division and real-time characteristics of intelligent terminal applications. Cross test

Also known as event or conflict testing, refers to a function in the process of execution while another event or action

Test the interference of the process.

For example, when App is running in the foreground / background, it interacts with key applications such as incoming calls, file downloads, music listening, etc.

Situation test and so on. Cross-event testing is very important to discover potential performance problems in many applications.

1) whether running multiple App at the same time affects the normal function

2) whether the front / background switch of App runtime affects the normal function

3) make / receive calls while App is running; 4) send / receive messages when App is running

5) send / receive email when App is running

6) App runtime switching networks (2G, 3G, 4G, WIFI)

7) App runtime browsing the web

8) App runtime uses Bluetooth to send / receive data

9) use cameras, calculators and other mobile devices when App is running

Compatibility testing

Main test for internal and external compatibility

1) compatibility with local and mainstream App

2) based on the difference between development environment and production environment, verify that under various network connections (WiFi, GSM, GPRS,

EDGE, WCDMA, CDMA1x, CDMA2000, HSPDA, etc.), whether the data and application of App are correct

3) whether it is compatible with various devices. If there is cross-system support, you need to check whether there are all kinds of lines under each system.

Whether it is consistent or not

Compatibility of different operating systems, whether it fits

Compatibility of different mobile phone screen resolutions

Compatibility of different mobile phone brands

User experience testing

Perceive the comfort, usefulness, ease of use and friendliness of products or services from the perspective of subjective ordinary consumers

Degrees. Effective evaluation of product experience through statistical reuse of different individuals, independent spaces and non-experience

The feature increases the potential customer satisfaction of the product.

1) whether the data interface design is available to guide the user to perform the operation.

2) whether or not to abuse user guidance.

3) whether there are unclickable effects, for example, if your button is not available at this time, it must be grayed out

Drop, or remove the button, otherwise it will mislead the user

4) whether the menu level is too deep

5) whether there are too many branches of interactive process

6) whether the relevant options are far away

7) whether too much data is loaded at a time

8) whether the clickable range of the button in the interface is moderate

9) whether there is no dependency between the tab and the content, when the tag is switched, the content is switched.

10) the operation should have primary and secondary subordinate relationship.

11) whether there is a design of horizontal screen mode, applications generally need to support horizontal screen mode, that is, adaptive design

Hardware environment testing

Gesture operation test

1) the influence of the unlocking screen of mobile phone on the running App

2) the influence of switching network on App in operation

3) the influence of switching between foreground and background of App in operation

4) switching between multiple running App

5) shut down the App during runtime

6) restart the system while App is running

7) charging while App is running

8) when App is running, kill drops the process and then opens it.

Network environment

At present, the mobile phone network is mainly divided into 2G, 3G and wifi.

At present, the 2G network is relatively slow, so we should pay special attention to the testing of this block.

1) when there is no network, perform the operations that require the network and give friendly prompts to ensure that the program does not appear crash.

2) when testing the internal network, you should pay attention to the handling of the exception when selecting the operation of the external network.

3) when the network signal is not good, check whether the functional status is normal to ensure that it will not be caused by the failure to submit data.

Crash .

4) when the network signal is not good, check whether the data will always be in the state of submission and whether there is a timeout limit.

Give a hint in case of data exchange failure.

5) when the network signal is not good, after performing the operation, if the callback is not completed, exit this page or

To perform other operations, and whether there are any anomalies. This problem also occurs frequently with the program crash.

Note: generally, you can choose to test in the representative places of subway, bus, elevator and tunnel lights.

Summary

1. UI test

Whether the ui of the main core of app is consistent with the actual design; for suggestions on interaction, you can contact the

The product manager confirms that only after the confirmation is approved will the developer start to implement changes or optimizations.

two。 Function test

Verify the implementation of each function of App according to software description or user requirements

Like other tests, there is not much difference. You can take a look at the previous test point combing articles.

3. Interrupt test

Simulate the interruptions that users will encounter when they actually use app.

Such as: network disconnection, switching network, power outage, phone calls / text messages, listening to music, switching to other app

Turn on the notification of other app, whether it can be used normally when the power is low, etc.

4. Compatibility and adaptation testing

Functional and logical compatibility tests of new and old versions. The same app runs in different system versions.

And compatibility testing between different models: the compatibility testing of the interface can guarantee most of the work.

Can improve

App ensures running suitability on different system versions: screen, system version, etc. (system digits must be

Consider) this part is carried out through a third-party cloud platform

Validate App behavior with different supporting languages.

5. Safety testing

App security tests are roughly divided into the following categories:

1) from local data storage to data transmission, processing and remote access, based on the corresponding

Security standards / industry standards to evaluate the security features of App

Draw lessons from some successful experiences in WebApp and network security testing to reduce the App testing of intelligent terminals.

Or adapt.

2) detect App user authorization level, data leakage, illegal authorized access, etc.

3) improve the input validity check, authentication, authorization, sensitive data storage, data encryption and so on of App

Line testing, with a view to finding potential safety problems

4) check whether App meets the corresponding requirements based on various communication protocols or corresponding industry security standards.

6. Online testing

Online testing must be completed after the product is launched, and this part can be tested according to the scene.

Among them, the network environment should be completely covered.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.