Summary of web application testing methodologies and tools


Web application testing methodologies

In this article, web application refers to all applications that are accessed through a browser. This section outlines some of the testing methodologies you can use to test your web applications.

Usability testing

For an application to be effective, the user interfaces should comply to standards. Follow globally accepted conventions wherever applicable. For example, color coding conventions indicate that red is used to stop a process and green to start one.

Usability testing plays a pivotal role with applications that are designed to make manual tasks easier. The applications should comply with accessibility standards. For example, the widely used Captcha code has an option for spelling for people who are visually challenged.

Keep the following guidelines in mind when undertaking usability testing:

  • Ensure proper navigation between web pages.
  • Be sure to have a site map.
  • Use appropriate color combinations and best practices.
  • Avoid over-crowded content.
  • Practice user friendliness to all types of users, from novice to expert.
  • Provision support for physically challenged people.

User acceptance testing

The objective of user acceptance testing is to make sure your application meets the expectations of the user. It ensures that the application is fit enough to be deployed and used effectively. The following are tips for user acceptance testing:

  • Ensure browser compatibility.
  • Make sure that mandatory fields are given data in forms.
  • Check for time outs and field widths.
  • Be sure that proper control is used to feed data. For example, when requesting gender information, use an option button.

Alpha and beta testing are the two types of user acceptance testing.

Alpha testing
Testing in a development environment by developers.
Beta testing
Testing in a deployment or client environment by end users.

Performance testing

Performance testing on web applications measures the performance under various scenarios. Performance tests include:

Stress testing
To determine the maximum performance limits of an application.
Scalability testing
To find out how adaptable the application is to changes in software and hardware.
Load testing
To get an idea of how the application behaves under a heavy load. This test yields information and details about memory usage, CPU usage, and so forth.

Security testing

Security testing for your application is very important if data leaks or modifications are unacceptable and intolerable. For example, if a university application includes the academic grades of a student, then security testing should ensure that the system cannot be hacked. For e-commerce applications, which sometimes involve banking transactions, security testing is critical. It should also ensure that sufficient authentication and authorization mechanisms are in place.

Security testing can be static or dynamic.

Static testing involves doing a static code analysis to check for any vulnerabilities. The goal is to understand the code flow and check for security threats by walking through the code.
Dynamic testing entails running the application to see if the response is as expected for the associated request. It is very similar to black box testing.

Functional testing

Functional testing ensures that individual functions are working well. Test cases should ensure that boundary conditions are tested. Invalid inputs should prompt appropriate error messages.

In web applications, functional testing can range from testing whether links are working to checking whether changes made by users in a web page are reflected in the database. Some of the functional tests for web applications include:

  • Database testing
  • Configuration testing
  • Compatibility testing
  • Flow testing

Interface testing

Conduct interface testing to ensure that individual components are connected properly. The output of one module should be fed to the intended module without any issues. Interface testing plays a vital role for your applications that are developed to work on multiple platforms. The following are considerations to keep in mind during interface testing:

  • Ensure that data flow occurs smoothly and as expected between modules in a single application and between applications.
  • Ensure that the interfaces exposed by components are generic and extensible. They should be able to accommodate changes to the components while remaining backward compatible.

Web application testing tools

This section summarizes the various testing techniques and tools available for testing web application technologies. See Related topics for links to the tools mentioned in this article.

Basic web applications that have primarily HTML content can be tested with the following tools:

Hypertext markup language (HTML)
Rational Functional Tester (RFT)An IBM tool that can test several web application technologies, including HTML, using a record and playback method. You can also edit and customize the recorded script to suit your needs.
SeleniumAn open source project based on a record and playback test framework.

Testing your client-side script is essential for proper validation. JavaScript can be tested using the following tools:

JSpecA testing framework with its own grammar and preprocessor. It supports multiple modes of testing.
RhinoUnitAn Ant-based JavaScript testing framework for performing unit testing.

Dojo testing

For Dojo, Dojo Objective Harness (DOH) testing provides both command line and browser support. DOH is flexible and easy to use.

For testing RIA-based applications such as Flex, you can use the following:

Adobe Flex
FlexMonkeyA record and playback-based testing framework for Flex applications. It is an open source tool.
FlexUISeleniumAn extension to the Selenium test framework for testing Flex applications.

You need to test the HTML links in your website to be sure that none are broken. Many online and offline tools are available for this type of testing, including:

HTML links
WebLightA tool used for testing broken links and non-standard HTML.
LinkTiger.comAn online analysis of broken links for your websites.

Corresponding test frameworks are available for server-side scripts such as PHP, ASP, and JSP.

Server-side scripting
PHPUnitA unit testing framework for PHP based on JUnit for Java.
ASPUnitA unit testing framework for ASP.
CactusA JSP test framework from Apache.

A website should be resistant to hacking attempts and denial of service attacks. Security threats can include SQL injection, command injection, cross-site scripting, and server configuration errors. An array of tools is available for security testing.

Web application security testing
NiktoAn open source tool used for checking web servers for security flaws.
Rational AppScanAn IBM tool that supports automatic test creation and modification. It can also be easily integrated into existing testing environments.
Acunetix Web Vulnerability ScannerA tool that helps check cross-site scripting and other similar vulnerabilities.

Make sure that the web content for your site is uniform in all browsers. Be aware that some functions are browser-dependent; users will expect and use functions specific to their chosen browser. Several tools are available for browser testing, including:

Browser compatibility testing
Microsoft Expression Web SuperPreviewA tool that can perform various tasks, such as checking element alignment, showing attributes of DOM elements, and rendering in different sizes. The overlay layout feature helps you compare two browser views of a page.
Adobe Browser LabsAn online-based solution from Adobe that lets you test a website in various browsers and versions. It has features to change the page size and take snapshots of the screen.

Downloadable resources

Related topics


Sign in or register to add and subscribe to comments.

Zone=Web development
ArticleTitle=Summary of web application testing methodologies and tools