Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

What are the basic knowledge points of Web testing?

2025-01-24 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)05/31 Report--

This article introduces the relevant knowledge of "what are the basic knowledge points of Web testing?" in the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

1. Web application

There are two modes for applications, Chand S and Bhand S. Client/Server (client / server) mode, which can be run independently. Bounce S mode, or Browser/Server (browser / server) mode, such programs need to be run with the help of browsers.

Web applications are generally based on Bamp S mode. A Web application is made up of various Web components (web components) that perform specific tasks and presents services to the outside world through Web. In practical application, Web application is composed of multiple Servlet, JSP pages, HTML files, image files and so on.

Now that you know about Web applications, how do you test them?

II. Functional testing

Functional testing is to verify the functions of the product. The main points of the test are:

Link test

(1) whether all links are linked to the page of the link as directed

(2) whether the linked page exists

(3) make sure there are no orphaned pages

Form test

(1) verify that the server can save the data correctly.

(2) the programs running in the background can correctly interpret and use this information.

Cookies test

(1) whether Cookies works

(2) whether the Cookies is saved at the scheduled time

(3) what is the impact of refresh on Cookies

Design language testing

(1) different versions of the design language will cause serious problems on the client and server.

Database testing

(1) data consistency error: incorrect information submitted in the form

(2) output error

Related functional testing

(1) Delete / add an item: whether it affects other items, and whether these effects are correct

(2) list default check

(3) check whether the button function is correct: new, edit, delete, close, return, save, import, previous page, next page, page jump, reset (common errors)

(4) string length check: exceeds the length

(5) character type checking

(6) punctuation check: spaces, various quotation marks, enter key

(7) Special characters: common%, "

(8) Chinese characters: whether garbled or not

(9) check the integrity of the information: check the information to see if the information is fully updated; update the information, whether the updated information is consistent with the added information

(10) duplicate information: unique information is required, such as duplicate name or ID, whether duplicate names are case-sensitive, and adding spaces

(11) check deletion function: do not select any information, press Delete to see how to handle it; select one or more to delete; multi-page selection, page flip to delete; whether there is a prompt for deletion

(12) check whether additions and modifications are consistent: add required items, modify should also be required; add what type, modify what type

(13) check to modify the duplicate name: change the item that cannot be renamed to the existing content.

(14) repeat submission of the form: a record that has been successfully submitted. Return and then submit.

(15) check to use the return key multiple times: return to the original page and repeat it many times

(16) search check: whether the content exists or not, to see whether the search results are correct; multiple search conditions and enter reasonable and unreasonable conditions at the same time; special characters

(17) location of input information

(18) upload and download file check: whether the function is realized, upload: whether the uploaded file can be opened, format requirements, whether the system has explanatory information, modify the file format that cannot be uploaded with a suffix to the file format that can be uploaded; download: whether the download can be opened, saved, format requirements

(19) required check: the required item is not filled in; if there is a prompt, please add *; whether the focus is automatically located to the required item after the prompt is returned.

(20) Shortcut key check: whether the shortcut keys Ctrl+C, Ctrl+V, backspace; are supported for fields that are not allowed to enter (such as drop-down options), and whether shortcuts are also restricted.

(21) Enter key check: press enter at the end of the input, how does the system handle

(22) Refresh key check: how to press the browser refresh key to handle

(23) back key check: how to press the browser back key

(24) Space check: enter one or more spaces for the entry

(25) input method half-width full-width check: for example, floating-point type, enter full-width decimal point. " Or ".", such as 4. 5; full-width space

(26) password check: enter the limit characters of the encryption method; the password is as long as possible.

(27) user check: whether the different permissions of different types of administrator users can delete, manage and edit each other; the permissions of general users; logout function, old users log out and re-register, whether they are new users

(28) system data check: the data remains correct with the change of business process and state, and the data can not be lost because of a certain process.

(29) system recoverability check: cripple the system in various ways and test whether the system can recover quickly

(30) confirm prompt check: system update and delete operation: whether there is a prompt or cancel operation; whether the prompt is accurate; prompt before and after the event

(31) data injection check: injecting database, special characters, destroying SQL statements

(32) time and date check: time, date and time verification: whether the date range is in line with the actual business; is there a limit on the dates that do not conform to the actual business?

(33) Multi-browser verification

Third, ease of use testing (interface testing)

Overall interface testing

(1) the overall sense of comfort to the user; the information you are looking for can be found by feeling; whether the design style is consistent or not

Control testing

(2) the function of each control

Multimedia testing

(1) the graphics should have a clear purpose, the pictures and animations should be arranged in an orderly manner and the purpose should be clear.

(2) the picture button link is valid, and the properties of the link are correct (for example, the new window opens and the current page opens)

(3) the background picture should be matched with the font color and foreground color.

(4) check the size and quality of the picture: generally, jpg, gif and png; can reduce the size of the picture to less than 30kb without affecting the quality of the picture.

(5) whether the gif animation has set the correct loop mode and whether the color is normal.

(6) whether Flash and Silverlight elements are normal

Navigation test

(1) site map and navigation bar: whether the location is reasonable; page structure

Content testing

(2) the correctness, accuracy and relevance of providing information.

Container testing

(1) DIV

(2) Table: as a control, whether the setting is correct; whether the length and width are sufficient. As an earlier way of web page layout, the change of browser window size is taken into account; the impact of dynamic addition or deletion of content on the interface

IV. Compatibility testing

Platform testing: windows;unix;macintosh;linux

Browser testing: browsers from different vendors support different specifications for Java, Javascript, ActiveX, plug-ins or different HTML; frames and hierarchies are displayed differently in different browsers

5. Security testing

Security test requirements:

(1) be able to guard against password testing tools

(2) Common means to guard against attacks on Cookie

(3) sensitive data is guaranteed not to be transmitted in clear text.

(4) it can prevent obtaining important information by guessing the file name and viewing the contents of the html file.

(5) it is guaranteed to recover within a given time after the tool is received on the website, and the loss of important data does not exceed 1 hour.

Test essentials

(1) Application-level security

The purpose of application-level security testing is to find out the hidden dangers in the programming of Web system. The test areas are as follows:

(1.1) Registration and login: valid and invalid username and password; pay attention to whether there is case sensitivity; limit on how many times you can try; whether you can browse a page directly without logging in.

(1.2) online timeout: timeout limit

(1.3) leave a mark on the operation: whether the relevant information is written to the log

(1.4) backup and recovery: database incremental backup; database full backup; system full backup

(2) Transport-level security

The purpose of transport-level security testing is to test the possible security vulnerabilities that may exist when data is transferred from the client to the server, the ability of the server to prevent illegal access, and the main points of the test:

(2. 1) HTTPS and SSL testing; checking for script vulnerabilities on the server side; scripts cannot be placed and edited on the server side without authorization of the test

(2.2) Firewall testing: firewall functions; firewall settings

(2.3) data encryption testing: verifying the identity of the person involved in the transmission, access, processing and related content of the intervention information.

(2.4) key: generation, distribution, preservation, replacement and destruction of key

VI. Performance testing

(1) stress testing: actually destroy a Web application system, test the response of the system, test the limitations and fault resilience of the system.

(2) load testing: performance at a certain load level, including the number of users accessing Web at the same time and the number of online data processing

(3) strength testing: to verify the software and hardware level of the system by testing the acceptability of test objects under abnormal or extreme conditions (such as reduced resources or too many users).

(4) Database capacity test: insert a certain amount of data into the database table through the stored procedure to see if it can be displayed in time.

(5) performance testing of expected indicators: some performance indicators will be put forward in the requirements analysis and design stage, and the pre-determined performance requirements should be tested first.

(6) Independent business performance testing: user concurrency testing of core business modules, including doing exactly the same operation at the same time and using the same function at the same time.

(7) combined service performance test: simulate the different operations of multi-users, which is closest to the actual user usage, and simulate the combination concurrency of each module according to the proportion of the actual number of users.

(8) fatigue strength performance test: under the condition of stable operation of the system, the test of running the system for a long time under certain load pressure.

(9) Network performance testing: accurately show how changes in bandwidth, delay, load and port affect the corresponding time of users.

(10) large amount of data performance testing: real-time large amount of data, simulating the real-time large amount of data when the user is working; testing in the limit state, whether the system can operate normally when it is used for a period of time and accumulating a period of data, and the combination of the former two

(11) Server performance testing: complete the monitoring and evaluation of server performance when testing user concurrent performance, fatigue strength and large amount of data.

(12) some special tests: configuration tests, some special tests for memory leaks

This is the end of the content of "what are the basic knowledge points of Web testing". Thank you for your reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Network Security

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report