360Logica.com

When company is thinking about testing a software, there are lots of limitations that come in mind first, including available resources, time lines, tools and off course budget. It is required for an organization to consider the quality and cost of product simultaneously while providing application on time to end user.

This context is all about product based organizations with production and deployment over hundred plus products. For a company– it is a kind of investment for future benefits to make goodwill in market. It gives a lot of impact on sales as well as supports cost of software also.

The testing manager has information about entire scenario and it is helpful for company in getting more return on investment with quality products but first organization has to consider following aspects:

Planning & Estimation

Testing takes similar time as required in development and execution of software but we have limited time and resources.

Change Management & Regression Testing

Are we successfully utilizing the efforts to update the old test suites based on the changes for the release?

Last Minutes Changes

Test timelines get affected whenever there is a delay in deployment of product; it will obviously affect release of software then following cost may arise:

1. Cost if we required to ship it in next week? 
2. If we arrange developers at last moment as timelines have reduced.

Resources

Now the question arises how many testers are required as compared to development?

Tools and Test Labs

Do we have the sufficient finance plan for the Tools & Machines that are required for your test lab and mechanization?

After having the entire discussion and considering entire scenario, it is found out that testing is essential part of a product and necessary for every business organizations too for generating more revenues in comparison of cost of software.

These days a number of web sites are deployed in multiple languages. As companies perform more and more business in other countries, the number of such global multi-lingual web applications will continue to increase. Testing web sites supporting multiple languages has its own fair share of challenges.

Prepare and use the required test environment

If a web site is hosted in English and Japanese languages, it is not enough to simply change the default browser language and perform identical tests in both the languages. Depending on its implementation, a web site may figure out the correct language for its interface from the browser language setting, the regional and language settings of the machine, a configuration in the web application or other factors. Therefore, in order to perform a realistic test, it is imperative that the web site be tested from two machines – one with the English operating system and one with the Japanese operating system. You might want to keep the default settings on each machine since many users do not change the default settings on their machines.

Acquire correct translations

A native speaker of the language, belonging to the same region as the users, is usually the best resource to provide translations that are accurate in both meaning as well as context. If such a person is not available to provide you the translations of the text, you might have to depend on automated web translations. It is a good idea to compare automated translations from multiple sources before using them in the test.

Get really comfortable with the application

Since you might not know the languages supported by the web site, it is always a good idea for you to be very conversant with the functionality of the web site. Execute the test cases in the English version of the site a number of times. This will help you find your way easily within the other language version. Otherwise, you might have to keep the English version of the site open in another browser in order to figure out how to proceed in the other language version (and this could slow you down).

Start with testing the labels

You could start testing the other language version of the web site by first looking at all the labels. Labels are the more static items in the web site. English labels are usually short and translated labels tend to expand. It is important to spot any issues related to label truncation, overlay on/ under other controls, incorrect word wrapping etc. It is even more important to compare the labels with their translations in the other language.

Move on to the other controls

Next, you could move on to checking the other controls for correct translations and any user interface issues. It is important that the web site provides correct error messages in the other language. The test should include generating all the error messages. Usually for any text that is not translated, three possibilities exist. The text will be missing or its English equivalent will be present or you will see junk characters in its place.

Do test the data

Usually, multi-lingual web sites store the data in the UTF-8 Unicode encoding format. To check the character encoding for your website in mozilla: go to View -> Character Encoding and in IE go to View -> Encoding. Data in different languages can be easily represented in this format. Make sure to check the input data. It should be possible to enter data in the other language in the web site. The data displayed by the web site should be correct. The output data should be compared with its translation.

Be aware of cultural issues

A challenge in testing multi-lingual web sites is that each language might be meant for users from a particular culture. Many things such as preferred (and not preferred) colors, text direction (this can be left to right, right to left or top to bottom), format of salutations and addresses, measures, currency etc. are different in different cultures. Not only should the other language version of the web site provide correct translations, other elements of the user interface e.g. text direction, currency symbol, date format etc. should also be correct.

Source: http://www.softwaretestinghelp.com

The biggest change in Selenium recently has been the inclusion of the WebDriver API. Driving a browser natively as a user would either locally or on a remote machine using the Selenium Server it marks a leap forward in terms of browser automation.

WebDriver is a tool for automating testing web applications, and in particular to verify that they work as expected. It aims to provide a friendly API that’s easy to explore and understand, easier to use than the Selenium-RC (1.0) API, which will help make tests easier to read and maintain. It’s not tied to any particular test framework, so it can be used equally well in a unit testing or from a plain old “main” method.

Selenium WebDriver is the successor to Selenium RC. Selenium WebDriver accepts commands (sent in Selenese, or via a Client API) and sends them to a browser. This is implemented through a browser-specific browser driver, which sends commands to a browser, and retrieves results. Most browser drivers actually launch and access a browser application (such as Firefox or Internet Explorer); there is also a HtmlUnit browser driver, which simulates a browser using HtmlUnit.

Unlike in Selenium 1, where the Selenium RC server was necessary to run tests, Selenium WebDriver does not need a special server to execute tests. Instead, the WebDriver directly starts a browser instance and controls it. However, Selenium Grid can be used with WebDriver to execute tests on remote systems

When global downturns hit, there is certain inevitability to their impact on information technology and Finance Sectors. Customers become more reluctant in giving software business. Some customers are withdrawing their long term projects and some customers use the opportunities in quoting low price. Many projects are dragged much longer than expected and cost more than planned.

So, companies start to explore how “Agile with different flavors” can help their Enterprises more reliably deliver software quickly and iteratively. The roles and responsibilities of Test Managers/Test Architects becomes more important in implementing Agile Projects. Innovations are increasingly being fueled by the needs of the testing society at large.

The Challenges in Agile Testing

Agile Testers face lot of challenges when they are working with Agile development team. A tester should be able to apply Root-Cause Analysis when finding severe bugs so that they are unlikely to reoccur. While Agile has different flavors, Scrum is one process for implementing Agile. Some of the challenging scrum rules to be followed by every individual are

• Obtain Number of Hours Commitment Up Front
• Gather Requirements / Estimates Up Front
• Entering the actual hours and estimated hours daily.
• Daily Builds
• Keep the Daily Scrum meetings short
• Code Inspections are Paramount

So, in order to meet the above challenges, an agile tester needs to be innovative with the tools that they have. A great idea happens when what you have (tangible and intangible) meets the world’s deepest hunger.

How Testers Can be More Innovative in the Age of Agile Testing?

Here are Important Keys to Innovation:

1. Creative

A good Agile Tester needs to be extremely creative when trying to cope up with speed of development/release. For a tester, being creative is more important than being critical.

2. Talented

He must be highly talented and strives for more learning and innovating new ideas. Talented Testers are never satisfied with what they have achieved and always strives to find unimaginable bugs of high value and priority.

3. Fearless

An Agile Tester should not be afraid to look at a developer’s code and if need be, hopefully in extreme cases, go in and correct it.

4. Visionary

He must have a comprehensive vision, which includes client’s expectations and delivery of the good product.

5. Empowered

He must be empowered to work in Pairs. He will be involved in Pair Programming to bring shorter scripts, better designs and finding more bugs.

6. Passionate

Passionate Testers always have something unique to contribute that may be in terms of their innovative ideas, the way they carry day-to-day work, their outputs and improve things around them tirelessly.

7. Multiple Disciplines

Agile Tester must have multiple skills like, Manual, Functional, Performance testing skills and soft skills like Leadership skills, Communication skills, EI, etc. so that agile testing will become a cake walk.

Source: http://www.softwaretestinghelp.com

We will first focus on what exactly cookies are and how they work. It would be easy for you to understand the test cases for testing cookies when you have clear understanding of how cookies work? How cookies are stored on hard drive? And how can we edit cookie settings?

What is Cookie?

Cookie is small information stored in text file on user’s hard drive by web server. This information is later used by web browser to retrieve information from that machine. Generally cookie contains personalized user data or information that is used to communicate between different web pages.

Why Cookies are used?

Cookies are nothing but the user’s identity and used to track where the user navigated throughout the web site pages. The communication between web browser and web server is stateless.

For example if you are accessing domain http://www.example.com/1.html then web browser will simply query to example.com web server for the page 1.html. Next time if you type page as http://www.example.com/2.html then new request is sent to example.com web server for sending 2.html page.

What if you want the previous history of this user communication with the web server? You need to maintain the user state and interaction between web browser and web server somewhere. This is where cookie comes into picture. Cookies serve the purpose of maintaining the user interactions with web server.

How cookies work?

The HTTP protocol used to exchange information files on the web is used to maintain the cookies. There are two types of HTTP protocol. Stateless HTTP and Stateful HTTP protocol. Stateless HTTP protocol does not keep any record of previously accessed web page history. While Stateful HTTP protocol do keep some history of previous web browser and web server interactions and this protocol is used by cookies to maintain the user interactions.

Whenever user visits the site or page that is using cookie, small code inside that HTML page (Generally a call to some language script to write the cookie like cookies in JAVAScript, PHP, Perl) writes a text file on users machine called cookie. Here is one example of the code that is used to write cookie and can be placed inside any HTML page:

Set-Cookie: NAME=VALUE; expires=DATE; path=PATH; domain=DOMAIN_NAME;

When user visits the same page or domain later, this cookie is read from disk and used to identify the second visit of the same user on that domain. Expiration time is set while writing the cookie. This time is decided by the application that is going to use the cookie.

Generally two types of cookies are written on user machine.

• Session cookies: This cookie is active till the browser that invoked the cookie is open. When we close the browser this session cookie gets deleted. A session of say 20 minutes can be set to expire the cookie.
• Persistent cookies: The cookies that are written permanently on user machine and lasts for months or years.

Where cookies are stored?

When any web page application writes cookie it get saved in a text file on user hard disk drive. The path where the cookies get stored depends on the browser. Different browsers store cookie in different paths. E.g. Internet explorer stores cookies on path “C:\Documents and Settings\Default User\Cookies”
Here the “Default User” can be replaced by the current user you are logged in as. The cookie path can be easily found by navigating through the browser options. In Mozilla Firefox browser you can even see the cookies in browser options itself. Open the Mozila browser, click on Tools->Options->Privacy and then “Show cookies” button.

How cookies are stored?

Let us take an example of a cookie written by rediff.com on Mozilla Firefox browser:
On Mozilla Firefox browser when you open the page rediff.com or login to your rediffmail account, a cookie will get written on your Hard disk. To view this cookie simply click on “Show cookies” button mentioned on above path. Click on Rediff.com site under this cookie list. You can see different cookies written by rediff domain with different names.

Site: Rediff.com Cookie name: RMID
Name: RMID (Name of the cookie)
Content: 1d11c8ec44bf49e0… (Encrypted content)
Domain: .rediff.com
Path: / (Any path after the domain name)
Send For: Any type of connection
Expires: Thursday, December 31, 2020 11:59:59 PM

Applications where cookies can be used

• To implement shopping cart
  Cookies are used for maintaining online ordering system. Cookies remember what user wants to buy. What if user adds some products in their shopping cart and if due to some reason user doesn't want to buy those products this time and closes the browser window? When next time same user visits the purchase page he can see all the products he added in shopping cart in his last visit.
• Personalized sites
  When user visits certain pages they are asked which pages they don’t want to visit or display. User options get stored in cookie and till the user is online, those pages are not shown to him.
• User tracking
  To track number of unique visitors online at particular time.
• Marketing
  Some companies use cookies to display advertisements on user machines. Cookies control these advertisements. When and which advertisement should be shown? What is the interest of the user? Which keywords he searches on the site? All these things can be maintained using cookies.
• User sessions
  Cookies can track user sessions to particular domain using user ID and password.

Drawbacks of cookies

• Writing Cookie is a great way to maintain user interaction but if user has set browser options to warn before writing any cookie or disabled cookies completely then site containing cookie will be completely disabled and can not perform any operation resulting in loss of site traffic.
• Too many Cookies
  If you are writing too many cookies on every page navigation and if user has turned on option to warn before writing cookie, this could turn away user from your site.
• Security issues
  Some times users personal information is stored in cookies and if someone hacks the cookie then hacker can get access to your personal information. Even corrupted cookies can be read by different domains and lead to security issues.
• Sensitive information
  Some sites may write and store your sensitive information in cookies, which should not be allowed due to privacy concerns.

Some Major Test cases for web application cookie testing

The first obvious test case is to test if your application is writing cookies properly on disk. You can use the Cookie Tester application also if you don’t have any web application to test but you want to understand the cookie concept for testing.

Test Cases

• As a privacy policy make sure from your design documents that no personal or sensitive data is stored in the cookie.
• If you have no option other than saving sensitive data in cookie make sure data stored in cookie is stored in encrypted format.
• Make sure that there is no overuse of cookies on your site under test. Overuse of cookies will annoy users if browser is prompting for cookies more often and this could result in loss of site traffic and eventually loss of business.
• Disable the cookies from your browser settings: If you are using cookies on your site, your sites major functionality will not work by disabling the cookies. Then try to access the web site under test. Navigate through the site. See if appropriate messages are displayed to users like “For smooth functioning of this site make sure that cookies are enabled on your browser”. There should not be any page crash due to disabling the cookies. (Please make sure that you close all browsers, delete all previously written cookies before performing this test).
• Accepts/Reject some cookies: The best way to check web site functionality is not to accept all cookies. If you are writing 10 cookies in your web application then randomly accept some cookies, say accept 5 and reject 5 cookies. For executing this test case you can set browser options to prompt whenever cookie is being written to disk. On this prompt window you can either accept or reject cookie. Try to access major functionality of web site. See if pages are getting crashed or data is getting corrupted.
• Delete cookie: Allow site to write the cookies and then close all browsers and manually delete all cookies for web site under test. Access the web pages and check the behavior of the pages.
• Corrupt the cookies: Corrupting cookie is easy. You know where cookies are stored. Manually edit the cookie in notepad and change the parameters to some vague values and see the site functionality. In some cases corrupted cookies allow to read the data inside it for any other domain. This should not happen in case of your web site cookies. Note that the cookies written by one domain say rediff.com can’t be accessed by other domain say yahoo.com unless and until the cookies are corrupted and someone is trying to hack the cookie data.
• Checking the deletion of cookies from your web application page: Some times cookie written by domain say rediff.com may be deleted by same domain but by different page under that domain. This is the general case if you are testing some ‘action tracking’ web portal. Action tracking or purchase tracking pixel is placed on the action web page and when any action or purchase occurs by user the cookie written on disk get deleted to avoid multiple action logging from same cookie. Check if reaching to your action or purchase page deletes the cookie properly and no more invalid actions or purchase get logged from same user.
• Cookie Testing on Multiple browsers: This is an important case to check if your web application page is writing the cookies properly on different browsers as intended and site works properly using these cookies. You can test your web application on Major browsers like Internet explorer (Various versions), Mozilla Firefox, Chrome, Netscape, Opera etc.
• If your web application is using cookies to maintain the logging state of any user then log in to your web application using some username and password. In many cases you can see the logged in user ID parameter directly in browser address bar. Change this parameter to different value say if previous user ID is 100 then make it 101 and press enter. The proper access message should be displayed to user and user should not be able to see other users account.

These are some Major test cases to be considered while testing website cookies. You can write multiple test cases from these test cases by performing various combinations.

Source: http://www.softwaretestinghelp.com

Have you performed software installation testing? How was the experience? Well, Installation testing (Implementation Testing) is quite interesting part of software testing life cycle.

If your installation is successful on the new system then customer will be definitely happy but what if things are completely opposite. If installation fails then our program will not work on that system; not only this but can also leave user’s system badly damaged. User might require to reinstall the full operating system.

In above case will you make any impression on user? Definitely not! Your first impression to make a loyal customer is ruined due to incomplete installation testing.

What you need to do for a good first impression? Test the installer appropriately with combination of both manual and automated processes on different machines with different configuration. Major concern of installation testing is Time! It requires a lot of time to even execute a single test case. If you are going to test a big application installer then think about time required to perform so many test cases on different configurations.

We will see different methods to perform manual installer testing and some basic guideline for automating the installation process.

To start installation testing first decide on how many different system configurations you want to test the installation. Prepare one basic hard disk drive. Format this HDD with most common or default file system, install most common operating system (Windows) on this HDD. Install some basic required components on this HDD. Each time create images of this base HDD and you can create other configurations on this base drive. Make one set of each configuration like Operating system and file format to be used for further testing.

How we can use automation in this process? We will make some systems dedicated for creating basic images (use software’s like Norton Ghost for creating exact images of operating system quickly) of base configuration. This will save you tremendous time in each test case. For example if time to install one OS with basic configuration is say 1 hour then for each test case on fresh OS you will require 1+ hour. But creating image of OS will hardly require 5 to 10 minutes and you will save approximately 40 to 50 minutes!

You can use one operating system with multiple attempts of installation of installer. Each time uninstalling the application and preparing the base state for next test case. Be careful here that your uninstallation program should be tested before and should be working fine.

Installation testing tips with some broad test cases:

• Use flow diagrams to perform installation testing. Flow diagrams simplify our task.
• If you have previously installed compact basic version of application then in next test case install the full application version on the same path as used for compact version.
• If you are using flow diagram to test different files to be written on disk while installation then use the same flow diagram in reverse order to test uninstallation of all the installed files on disk.
• Use flow diagrams to automate the testing efforts. It will be very easy to convert diagrams into automated scripts.
• Test the installer scripts used for checking the required disk space. If installer is prompting required disk space 1MB, then make sure exactly 1MB is used or whether more disk space is utilized during installation. If yes flag this as error.
• Test disk space requirement on different file system format. Like FAT16 will require more space than efficient NTFS or FAT32 file systems.
• If possible set a dedicated system for only creating disk images. As mentioned above this will save your testing time.
• Use distributed testing environment in order to carry out installation testing. Distributed environment simply saves your time and you can effectively manage all the different test cases from a single machine. The good approach for this is to create a master machine, which will drive different slave machines on network. You can start installation simultaneously on different machines from the master system.
• Try to automate the routine to test the number of files to be written on disk. You can maintain this file list to be written on disk in an excel sheet and can give this list as an input to automated script that will check each and every path to verify the correct installation.
• Use software’s available freely in market to verify registry changes on successful installation. Verify the registry changes with your expected change list after installation.
• Forcefully break the installation process in between. See the behavior of system and whether system recovers to its original state without any issues. You can test this “break of installation” on every installation step.
• Disk space checking: This is crucial in the installation-testing scenario. You can choose different manual and automated methods to do this checking. In manual methods you can check free disk space available on drive before installation and disk space reported by installer script to check whether installer is calculating and reporting disk space accurately. Check the disk space after the installation to verify accurate usage of installation disk space. Run various combination of disk space availability by using some tools to automatically make disk space full while installation. Check system behavior on low disk space conditions while installation.
• As you check installation you can test for uninstallation also. Before each new iteration of installation make sure that all the files written to disk are removed after uninstallation. Some times uninstallation routine removes files from only last upgraded installation keeping the old version files untouched. Also check for rebooting option after uninstallation manually and forcefully not to reboot.

What is Regression Software Testing?

Regression means retesting the unchanged parts of the application. Test cases are re-executed in order to check whether previous functionality of application is working fine and new changes have not introduced any new bugs.

This is the method of verification. Verifying that the bugs are fixed and the newly added feature have not created in problem in previous working version of software.

Why regression Testing?

Regression testing is initiated when programmer fix any bug or add new code for new functionality to the system. It is a quality measure to check that new code complies with old code and unmodified code is not getting affected.
Most of the time testing team has task to check the last minute changes in the system. In such situation testing only affected application area in necessary to complete the testing process in time with covering all major system aspects.

How much regression testing?

This depends on the scope of new added feature. If the scope of the fix or feature is large then the application area getting affected is quite large and testing should be thoroughly including all the application test cases. But this can be effectively decided when tester gets input from developer about the scope, nature and amount of change.

What we do in regression testing?

• Rerunning the previously conducted tests
• Comparing current results with previously executed test results.

Regression Testing Tools:

Automated Regression testing is the testing area where we can automate most of the testing efforts. We run all the previously executed test cases this means we have test case set available and running these test cases manually is time consuming. We know the expected results so automating these test cases is time saving and efficient regression testing method. Extent of automation depends on the number of test cases that are going to remain applicable over the time. If test cases are varying time to time as application scope goes on increasing then automation of regression procedure will be the waste of time.

Most of the regression testing tools are record and playback type. Means you will record the test cases by navigating through the AUT and verify whether expected results are coming or not.

Example regression testing tools are:

• Winrunner
• QTP
• AdventNet QEngine
• Regression Tester
• vTest
• Watir
• Selenium
• actiWate
• Rational Functional Tester
• SilkTest

Most of the tools are both Functional as well as regression testing tools.

Regression Testing Of GUI application:

It is difficult to perform GUI(Graphical User Interface) regression testing when GUI structure is modified. The test cases written on old GUI either becomes obsolete or need to reuse. Reusing the regression testing test cases means GUI test cases are modified according to new GUI. But this task becomes cumbersome if you have large set of GUI test cases.

Agile software development is a group of software development methodologies based on iterative and incremental development, where requirements and solutions evolve through collaboration between self-organizing, cross-functional teams.

It promotes adaptive planning, evolutionary development and delivery, a time-boxed iterative approach, and encourages rapid and flexible response to change. It is a conceptual framework that promotes foreseen interactions throughout the development cycle. The Agile Manifesto introduced the term in 2001. Agile management methods can also be applied in development projects other than software development.

Source: PicNetTV

The Client

Our Customer is a Online News Community http://www.newsfromfriends.com . User can get their personal newspaper and share thoughts and address them to special persons

The Requirements

Customer wanted to make sure their users privacy and content are secured enough, few of their security test requirements are below:

• SQL injection vulnerability
• Cross site scripting
• Business workflow securities
• Authentication security
• Brute force authentication breach testing
• Firewall security testing
• Web server files security

The Solution

• Identification of Application Input e.g. Files, environment variables, parameters in URL, through form submission etc., config files and registry
• Identification Application Output e.g. Files, Environmental Variables, Network Traffic, The Windows Registry, Console/Form, Database Source
• Logical tests Authentication, login, Email confirmation, business work flow securities, data encryption etc.

The Technology

• PHP
• Linux
• Apache

Contribution

• Breach finding using cross site scripting and SQL injection
• Breach finding using Brute force authentication
• Link injection, other user’s profile access breach and their content as well
• Hidden folders and direct files access from web server
• Email security and Data encryption security

You can also download the case study here.

The Client

Our Customer is a Internet marketing company exclusively for the travel industry providing online hospitality marketing and consulting service for worldwide hotels, resorts and travel clients.

The Requirements

• Scalability: Platform must be able to support a very high number of concurrent users.
• Efficiency: Customer expectation includes the highly efficient application with minimal page navigation response time.
• Reliability: Platform must scale rapidly to meet the business goals of attracting a larger user base and supporting multiple formats
• Fail Over: Application should be able to behave functionally correct under high load and should have the Fail Over control

The Solution

• Performance testing on HTTP, HTTPS protocols
• Performance Tests on UI, AJAX etc
• Identify Performance bottlenecks and suggest measures to overcomes them
• Performance tests based on number concurrent users
• Monitoring the server parameters like CPU usage, threads count, connections etc.
• Profiling the application through Dot Trace and SQL profiler

The Technology

• Microsoft .NET
• AJAX
• SQL Server
• IIS Server
• Kapow Data Mining

Contribution

• Response time for actions covered under test.
• Server stats analysis and suggesting bottlenecks:
  • Bottleneck due to resource usage of Kapow which is running on the same web server.
  • Suggestion for the optimum threads count.
• Capturing the time consuming Stored Procs.

You can also download the case study here.