Ten Ways that I Follow to Test a Web Application.

One fine day in office, I had discussion with “Sandeep Tuppad” about qualities of a good tester, he compared a good tester with a warrior, he said that good warrior is one who know about war tactics and techniques and how and when to use weapons likewise, a good tester is one who know about the architecture and functionality of the app, one who know how to use the right tools and report the bug and get it resolved. So I assume myself as a good warrior while testing.

• Before starting testing I initially tour the product, so that I can better test the product and avoid missing certain area. I use the touring heuristic mnemonic (FCC CUTS VIDS), this helps me to find the testable areas in the application and to differentiate between feature and bug. I create a feature map by touring the application, this not only helps me to keep track of the features that I have tested, but also helps me to track the test coverage. To know more about the application I gather information about the application using add-ons like W3techs and Wappalyzer.
  W3techs website information technology is a browser extension available for Chrome and Firefox, it provides information about website background, server side language, client side language etc. More information like character encoding can be found when we use the website http://w3techs.com/sites the above extension fetches detail from this site.
  Wappalyzer is a Firefox add-on that server, framework present in the application as soon as we open the app in our Firefox browser.

Fig 1: Waaplyzer Output.

• After touring I come with different test scenarios for each feature in the application and I add it to the feature map which I have created and I also document the test cases.
• I will concentrate on particular features and test that feature based on different parameters and try to find bugs, if I am testing a File upload or CAPTCHA feature I go to the TestInsane mindmaps repository and pick the mindmap regarding to file upload testing or CAPTCHA testing, it triggers lots of test ideas.
• I use “Putchik's wheel of emotion” for performing Emotion based like I will get irritated if the application is slow.
• I automate test that I feel that need to be done repeatedly. There was a scenario where I need to add different combination of items to the cart and place the order, so I created a selenium script to add different items to the cart and place the order, it saved lots of time and also gives a better test coverage.
• Combinatorial testing there are different ways to enter a room so doing thing in a different way will leads to some bugs that is trying out different combination to perform the same task, for instance I was testing an app which allows to select postpaid option for a particular subscriber, but if I add the same number as primary number I was able to select prepaid for the subscriber and the re-charge for the number was getting failed.
• If there are any third party API like payment gateway, Dropbox integration I explore about their Terms & Condition and come up with test ideas, supposing if a payment gateway allow only Rs 2000 to be transferred in a particular day the app using the payment gateway must show error message if transaction of more than Rs 2000 is tried.
• I use the “common software error” by Cem Kaner, it contain over 400 ready-made software bugs and mindmap like “Ready-Made50 Bugs / Test Ideas” by Santhosh Tuppad, these helps me a lot to find if I am missing some test ideas
• I use add-on like web developer add-on which are my weapons. Some of the add-on which I use frequently are listed below. 
  
  
  Postman & Postman Interceptor
  Postman is a very useful Chrome APP for performing API testing we can capture the request link in using Developer Tool option and past it in the URL tab and select the option like GET, POST, PUT and click the Send button we will get the response back.
  
  
  PostmanInterceptor is used to capture the request while we load a particular page and show it in the Postman.
  
  
  Recx Security Analyser
  RecxSecurity Analyser  is a Chrome add-on used to analyse the HTTP security headers, page Meta security, cookie security options and Form auto-complete settings in a particular website. It can be used to find security vulnerabilities in the site suppose X-XSS protection header values is not “1: mode =block”, the website may be vulnerable to cross site scripting.
  
  
  BugMagnet
  BugMagnet is an add-on available in Firefox and Chrome, it will be useful while testing web form it provides set of valid and in-valid input values for the form fields like e-mail, URL etc. We can use it test if the form fields accepts invalid items and submit.
  
  
  Mockaroo Random Data Generator
  Mockaroo is a web application it can be used to generate test data for form fields in the app, it will be very helpful for automation.
  
  
  Flagfox
  FireFox add-on which contain tools like Whois. It can also be used to perform SSL Server Test by using SSL Server Test, It provide information such as server information, certificate information, signature algorithm used and the coolest part is it describes the vulnerability in the signature algorithm.

Fig 3: Flagfox Tool list.

• I read the bug reports that are reported by other tester in the team so that I get some ideas from them.

The Importance of Starting from Basics

Before going into advance concepts, learning the basics is very important thing which I have learned from my experience. I used to jump into advance concepts before learning the basics and I faced lots of problems. One fine day in office I got a chance to test a mobile app, I was scared because I did not have in -depth knowledge of testing a mobile app. I did not know the parameters that has to be covered. Initially I just use to do functionality test, I found it very difficult.

Difficulties which I faced

• I used to make mistakes in bug report like using click for tap and page for screen.
• I used to miss some bugs.
• I spent a lot of time in bug reporting because I need to transfer screenshot from mobile to phone.
• I did not use any tool so it was very difficult to report a crash in the app.
• I found it difficult to get test ideas.

One day after office, I was travelling to home with Sandeep Tuppad in a cab I started my discussing about the automation of mobile app testing using Appium. Sandeep asked me few basic questions such as how does push notification works and some basic UI related questions, I was not able to answer. He made a strong point that without knowing the basics it is very difficult to test or automate a mobile app. I started to work on it.

How did I overcome the difficulties?

• I stared from the basics I learned about the architecture of different mobile operation system.
• I attended a workshop related to mobile app testing by Ajay Balamurugdas. I learned the basics of mobile app testing by attending the workshop such as the terminology used to describe the actions that we perform in mobile screen like tap, pinch and swipe and some useful tools like Mirroring 360, Fiddler etc.
• I read a book related to mobile app testing called as “Tap into Mobile Application Testing” by Jonathan Kohl. The book explains about different aspects of mobile app testing from basics to advance. Jonathan Kohl explains about his model “I SLICED UP FUN” each letter in the mnemonic explains about parameter based on which we can test for example the letter "I" in the mnemonic is for Input. The mnemonic is very powerful it can be used to generate different test ideas.
• I started to use tools like iTools and iFunbox to get crash log for reporting while a crash occurs in the app.
• I used mindmaps related to mobile testing from the TestInsane mindmaps repository.
• I started to use SDK tool such as uiautomatorviewer, emulator, monkey and other tools.

After doing the above things I was able to feel some changes in my testing some were my bug reports were better and I could generate more test idea.

Initially in TestInsane I was testing a web application. I felt lots of actions which I do while testing consumes lots of time such as if the pager of the web application contains 100 pages to verify if all the pages contain some information, I need to click each link to check. Suppose I need to perform the same action with different combination of inputs I need to enter each input, I felt it difficult, so I explained it to Sandeep Tuppad about this he told me to use Selenium IDE to record and replay the action that I do repeteadly. I started to use Selenium IDE, but certain things cannot be done using Selenium IDE like performing the same action with different combination of input, so I started to code using “Selenium WebDriver” Java binding and Eclipse IDE.

Difficulties which I faced when I started to use Selenium WebDriver

• My code was not used to be so clean because I didn’t follow the coding guidelines.
• I used to code straight away without finding the scenarios needed to be automated, so I faced the problem of modifying the dataprovider frequently.
• I used a lot of explicit wait (Thread.sleep) in my code.
• Without having strong knowledge in core java I started directly.
• I used Selenium IDE a lot used to record scenario and export to Java code and use it in my script.
• X-PATH should be in such a way that it should work even if the web elements are changed, but I used Firepath to get the X-PATH of a particular element the X-PATH given by Firepath doesn’t support if there is a change in the position of the web element.
• My Debugging skills was a bit lower I used to ask other for help if a particular problem occurs in the code.
• I did not consider memory usage and code running time.

Things which I did to overcome the difficulties

• I stopped using Selenium IDE frequently and used to write code for the scenario need to be automated using Eclipse IDE.
• I practiced constructing dataprovider for a particular website.
• I studied the java coding guideline by Oracle.
• I started to debug problem that occur using the Debug mode in Eclipse by giving breakpoint and seeing the log.
• Learning to construct X-PATH will enable to construct effective X-PATH, so I learnt how to construct X-PATH and used (Ctrl+F) in the inspect element to check if the X-PATH selects the particular element.
• I learnt about synchronization in Selenium and used implicit wait to make the code faster.
• I studied core Java from the book “Thinking in Java” and practised coding in Eclispse IDE.
• Verifying the code with experienced people in team will give lot of Ideas. I used to verify my code with Sandeep Tuppad he gives me suggestion by reviewing my code, this helps me a lot because I can come to know my mistakes.

After following the above things my script got better now than before because I omit the things that should not be used in my code and I follow the coding standard.

The most important lesson that I have learned from my testing experience is starting from basics is very important to craft to perfection the things which we do.