Web Application Testing: How to Test a Website?

Before we pen down more details on the type of web testing, let’s quickly define Web Testing.

What is Web Testing?

Web Testing, or website testing is checking your web application or website for potential bugs before its made live and is accessible to general public. Web Testing checks for functionality, usability, security, compatibility, performance of the web application or website.

During this stage issues such as that of web application security, the functioning of the site, its access to handicapped as well as regular users and its ability to handle traffic is checked.

How to Test Web Application or Website

In Software Engineering, the following testing types/technique may be performed depending on your web testing requirements.

1. Functionality Testing of a Website

Functionality Testing of a Website is a process that includes several testing parameters like user interface, APIs, database testing, security testing, client and server testing and basic website functionalities. Functional testing is very convenient and it allows users to perform both manual and automated testing. It is performed to test the functionalities of each feature on the website.

Web based Testing Activities includes:

Test all links in your webpages are working correctly and make sure there are no broken links. Links to be checked will include –

Outgoing links
Internal links
Anchor Links
MailTo Links

Test Forms are working as expected. This will include-

Scripting checks on the form are working as expected. For example- if a user does not fill a mandatory field in a form an error message is shown.
Check default values are being populated
Once submitted, the data in the forms is submitted to a live database or is linked to a working email address
Forms are optimally formatted for better readability

Test Cookies are working as expected. Cookies are small files used by websites to primarily remember active user sessions so you do not need to log in every time you visit a website. Cookie Testing will include

Testing cookies (sessions) are deleted either when cache is cleared or when they reach their expiry.
Delete cookies (sessions) and test that login credentials are asked for when you next visit the site.

Test HTML and CSS to ensure that search engines can crawl your site easily. This will include

Checking for Syntax Errors
Readable Color Schemas
Standard Compliance. Ensure standards such W3C, OASIS, IETF, ISO, ECMA, or WS-I are followed.

Test business workflow– This will include

Testing your end – to – end workflow/ business scenarios which takes the user through a series of webpages to complete.
Test negative scenarios as well, such that when a user executes an unexpected step, appropriate error message or help is shown in your web application.

Tools that can be used: QTP , IBM Rational , Selenium

2. Usability testing:

Usability Testing has now become a vital part of any web based project. It can be carried out by testers like you or a small focus group similar to the target audience of the web application.

Test the site Navigation:

Menus, buttons or Links to different pages on your site should be easily visible and consistent on all webpages

Test the Content:

Content should be legible with no spelling or grammatical errors.
Images if present should contain an “alt” text

Tools that can be used: Chalkmark, Contentsquare, and Clixpy

3.Interface Testing:

Three areas to be tested here are – Application, Web and Database Server

Application: Test requests are sent correctly to the Database and output at the client side is displayed correctly. Errors if any must be caught by the application and must be only shown to the administrator and not the end user.
Web Server: Test Web server is handling all application requests without any service denial.
Database Server: Make sure queries sent to the database give expected results.

Test system response when connection between the three layers (Application, Web and Database) cannot be established and appropriate message is shown to the end user.

Tools that can be used: Ranorex

4. Database Testing:

Database is one critical component of your web application and stress must be laid to test it thoroughly. Testing activities will include-

Test if any errors are shown while executing queries
Data Integrity is maintained while creating, updating or deleting data in database.
Check response time of queries and fine tune them if necessary.
Test data retrieved from your database is shown accurately in your web application

Tools that can be used: QTP, Selenium

5. Compatibility testing.

Compatibility tests ensures that your web application displays correctly across different devices. This would include-

Browser Compatibility Test: Same website in different browsers will display differently. You need to test if your web application is being displayed correctly across browsers, JavaScript, AJAX and authentication is working fine. You may also check for Mobile Browser Compatibility.

The rendering of web elements like buttons, text fields etc. changes with change in Operating System. Make sure your website works fine for various combination of Operating systems such as Windows, Linux, Mac and Browsers such as Firefox, Internet Explorer, Safari etc.

Tools that can be used: Dynatrace

6. Performance Testing:

This will ensure your site works under all loads. Software Testing activities will include but not limited to –

Website application response times at different connection speeds
Load test your web application to determine its behavior under normal and peak loads
Stress test your web site to determine its break point when pushed to beyond normal loads at peak time.
Test if a crash occurs due to peak load, how does the site recover from such an event
Make sure optimization techniques like gzip compression, browser and server side cache enabled to reduce load times

Tools that can be used: Loadrunner, JMeter

7. Security testing:

Security Testing is vital for e-commerce website that store sensitive customer information like credit cards. Testing Activities will include-

Test unauthorized access to secure pages should not be permitted
Restricted files should not be downloadable without appropriate access
Check sessions are automatically killed after prolonged user inactivity
On use of SSL certificates, website should re-direct to encrypted SSL pages.

Intruder

Intruder is a powerful vulnerability scanner that will help you uncover the many weaknesses lurking in your web applications and underlying infrastructure. Offering industry-leading security checks, continuous monitoring and an easy-to-use platform, Intruder keeps businesses of all sizes safe from hackers.

Features

Best-in-class threat coverage with over 10,000 security checks
Checks for configuration weaknesses, missing patches, application weaknesses (such as SQL injection & cross-site scripting) and more
Automatic analysis and prioritisation of scan results
Intuitive interface, quick to set-up and run your first scans
Proactive security monitoring for the latest vulnerabilities
AWS, Azure, and Google Cloud connectors
API integration with your CI/CD pipeline

Visit Intruder >>

8. Crowd Testing:

You will select a large number of people (crowd) to execute tests which otherwise would have been executed a select group of people in the company. Crowdsourced testing is an interesting and upcoming concept and helps unravel many a unnoticed defects.

Tools that can be used: Crowd Testing Platform

This concludes the tutorial. It includes almost all testing types applicable to your web application.

As a Web-tester its important to note that web testing is quite an arduous process and you are bound to come across many obstacles. One of the major problems you will face is of course deadline pressure. Everything is always needed yesterday! The number of times the code will need changing is also taxing. Make sure you plan your work and know clearly what is expected of you. Its best define all the tasks involved in your web testing and then create a work chart for accurate estimates and planning.