Web Application Testing: How to Test a Website?
What is Web Testing?
Web Testing, or website testing is checking your web application or website for potential bugs before its made live and is accessible to general public. Web Testing checks for functionality, usability, security, compatibility, performance of the web application or website.
During this stage issues such as that of web application security, the functioning of the site, its access to handicapped as well as regular users and its ability to handle traffic is checked.
How to Test Web Application or Website
In Software Engineering, the following testing types/technique may be performed depending on your web testing requirements.
1. Functionality Testing of a Website
Functionality Testing of a Website is a process that includes several testing parameters like user interface, APIs, database testing, security testing, client and server testing and basic website functionalities. Functional testing is very convenient and it allows users to perform both manual and automated testing. It is performed to test the functionalities of each feature on the website.
Web based Testing Activities includes:
Test all links in your webpages are working correctly and make sure there are no broken links. Links to be checked will include –
- Outgoing links
- Internal links
- Anchor Links
- MailTo Links
Test Forms are working as expected. This will include-
- Scripting checks on the form are working as expected. For example- if a user does not fill a mandatory field in a form an error message is shown.
- Check default values are being populated
- Once submitted, the data in the forms is submitted to a live database or is linked to a working email address
- Forms are optimally formatted for better readability
Test Cookies are working as expected. Cookies are small files used by websites to primarily remember active user sessions so you do not need to log in every time you visit a website. Cookie Testing will include
- Testing cookies (sessions) are deleted either when cache is cleared or when they reach their expiry.
- Delete cookies (sessions) and test that login credentials are asked for when you next visit the site.
Test HTML and CSS to ensure that search engines can crawl your site easily. This will include
- Checking for Syntax Errors
- Readable Color Schemas
- Standard Compliance. Ensure standards such W3C, OASIS, IETF, ISO, ECMA, or WS-I are followed.
Test business workflow– This will include
- Testing your end – to – end workflow/ business scenarios which takes the user through a series of webpages to complete.
- Test negative scenarios as well, such that when a user executes an unexpected step, appropriate error message or help is shown in your web application.
Tools that can be used: QTP , IBM Rational , Selenium
2. Usability testing:
Usability Testing has now become a vital part of any web based project. It can be carried out by testers like you or a small focus group similar to the target audience of the web application.
Test the site Navigation:
- Menus, buttons or Links to different pages on your site should be easily visible and consistent on all webpages
Test the Content:
- Content should be legible with no spelling or grammatical errors.
- Images if present should contain an “alt” text
Tools that can be used: Chalkmark, Contentsquare, and Clixpy
3.Interface Testing:
Three areas to be tested here are – Application, Web and Database Server
- Application: Test requests are sent correctly to the Database and output at the client side is displayed correctly. Errors if any must be caught by the application and must be only shown to the administrator and not the end user.
- Web Server: Test Web server is handling all application requests without any service denial.
- Database Server: Make sure queries sent to the database give expected results.
Test system response when connection between the three layers (Application, Web and Database) cannot be established and appropriate message is shown to the end user.
Tools that can be used: Ranorex
4. Database Testing:
Database is one critical component of your web application and stress must be laid to test it thoroughly. Testing activities will include-
- Test if any errors are shown while executing queries
- Data Integrity is maintained while creating, updating or deleting data in database.
- Check response time of queries and fine tune them if necessary.
- Test data retrieved from your database is shown accurately in your web application
Tools that can be used: QTP, Selenium
5. Compatibility testing.
Compatibility tests ensures that your web application displays correctly across different devices. This would include-
Browser Compatibility Test: Same website in different browsers will display differently. You need to test if your web application is being displayed correctly across browsers, JavaScript, AJAX and authentication is working fine. You may also check for Mobile Browser Compatibility.
The rendering of web elements like buttons, text fields etc. changes with change in Operating System. Make sure your website works fine for various combination of Operating systems such as Windows, Linux, Mac and Browsers such as Firefox, Internet Explorer, Safari etc.
Tools that can be used: Dynatrace
6. Performance Testing:
This will ensure your site works under all loads. Software Testing activities will include but not limited to –
- Website application response times at different connection speeds
- Load test your web application to determine its behavior under normal and peak loads
- Stress test your web site to determine its break point when pushed to beyond normal loads at peak time.
- Test if a crash occurs due to peak load, how does the site recover from such an event
- Make sure optimization techniques like gzip compression, browser and server side cache enabled to reduce load times
Tools that can be used: Loadrunner, JMeter
7. Security testing:
Security Testing is vital for e-commerce website that store sensitive customer information like credit cards. Testing Activities will include-
- Test unauthorized access to secure pages should not be permitted
- Restricted files should not be downloadable without appropriate access
- Check sessions are automatically killed after prolonged user inactivity
- On use of SSL certificates, website should re-direct to encrypted SSL pages.
Intruder
Intruder is a powerful vulnerability scanner that will help you uncover the many weaknesses lurking in your web applications and underlying infrastructure. Offering industry-leading security checks, continuous monitoring and an easy-to-use platform, Intruder keeps businesses of all sizes safe from hackers.
Features
- Best-in-class threat coverage with over 10,000 security checks
- Checks for configuration weaknesses, missing patches, application weaknesses (such as SQL injection & cross-site scripting) and more
- Automatic analysis and prioritisation of scan results
- Intuitive interface, quick to set-up and run your first scans
- Proactive security monitoring for the latest vulnerabilities
- AWS, Azure, and Google Cloud connectors
- API integration with your CI/CD pipeline
8. Crowd Testing:
You will select a large number of people (crowd) to execute tests which otherwise would have been executed a select group of people in the company. Crowdsourced testing is an interesting and upcoming concept and helps unravel many a unnoticed defects.
Tools that can be used: Crowd Testing Platform
This concludes the tutorial. It includes almost all testing types applicable to your web application.
As a Web-tester its important to note that web testing is quite an arduous process and you are bound to come across many obstacles. One of the major problems you will face is of course deadline pressure. Everything is always needed yesterday! The number of times the code will need changing is also taxing. Make sure you plan your work and know clearly what is expected of you. Its best define all the tasks involved in your web testing and then create a work chart for accurate estimates and planning.
