Lecture 34: Testing II April 24, 2017 Selenium testing script 7/7/2019

Slides:



Advertisements
Similar presentations
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
Advertisements

Abirami Poonkundran 2/22/10.  Goal  Introduction  Testing Methods  Testing Scope  My Focus  Current Progress  Explanation of Tools  Things to.
CS 290C: Formal Models for Web Software Lecture 10: Language Based Modeling and Analysis of Navigation Errors Instructor: Tevfik Bultan.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Multiple Tiers in Action
CS 290C: Formal Models for Web Software Lecture 1: Introduction Instructor: Tevfik Bultan.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
 Visual Studio has great support for building ASP.NET web applications  Real web application development involves more than just copying the files created.
MSF Testing Introduction Functional Testing Performance Testing.
W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.
TESTING STRATEGY Requires a focus because there are many possible test areas and different types of testing available for each one of those areas. Because.
JavaScript & jQuery the missing manual Chapter 11
Testing Tools. Categories of testing tools Black box testing, or functional testing Testing performed via GUI. The tool helps in emulating end-user actions.
Manage Engine: Q Engine. What is it?  Tool developed by Manage Engine that allows one to test web applications using a variety of different tests to.
WaveMaker Visual AJAX Studio 4.0 Training Troubleshooting.
Software Quality Assurance Lecture #8 By: Faraz Ahmed.
WEB SECURITY WEEK 3 Computer Security Group University of Texas at Dallas.
Basics of Web Databases With the advent of Web database technology, Web pages are no longer static, but dynamic with connection to a back-end database.
CSCI 6962: Server-side Design and Programming Secure Web Programming.
Lecture 7 Interaction. Topics Implementing data flows An internet solution Transactions in MySQL 4-tier systems – business rule/presentation separation.
Module 8 Configuring and Securing SharePoint Services and Service Applications.
Penetration Testing James Walden Northern Kentucky University.
Exploitation: Buffer Overflow, SQL injection, Adobe files Source:
Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.
Standalone Java Application vs. Java Web Application
Ideas to Improve SharePoint Usage 4. What are these 4 Ideas? 1. 7 Steps to check SharePoint Health 2. Avoid common Deployment Mistakes 3. Analyze SharePoint.
Introduction to JMeter Anton Nesterov. User profile  Anton Nesterov  QA Engineer at Sitecore  3+ years of experience in testing automation  Skype:
Web Application Security ECE ECE Internetwork Security What is a Web Application? An application generally comprised of a collection of scripts.
Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.
Top Five Web Application Vulnerabilities Vebjørn Moen Selmersenteret/NoWires.org Norsk Kryptoseminar Trondheim
Security Attacks CS 795. Buffer Overflow Problem Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program.
Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Controlling Web Site Access Using Logins CS 320. Basic Approach HTML form a php page that collects the username and password  Sends them to second PHP.
Implementing and Using the SIRWEB Interface Setup of the CGI script and web procfile Connecting to your database using HTML Retrieving data using the CGI.
Security Attacks CS 795. Buffer Overflow Problem Buffer overflow Analysis of Buffer Overflow Attacks.
Performance Testing Test Complete. Performance testing and its sub categories Performance testing is performed, to determine how fast some aspect of a.
Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.
Lecture 14 Page 1 CS 236 Online Secure Programming CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
WEB TESTING
Fundamental of Databases
Software Testing.
Test Automation CS 4501 / 6501 Software Testing
Working with Client-Side Scripting
Data Virtualization Tutorial… CORS and CIS
Software testing
SQL Injection Attacks Many web servers have backing databases
CS5123 Software Validation and Quality Assurance
BTEC NCF Dip in Comp - Unit 15 Website Development Lesson 05 – Website Performance Mr C Johnston.
Marking Scheme for Semantic-aware Web Application Security
PHP / MySQL Introduction
Dynamic Web Pages (Flash, JavaScript)
PHP Overview PHP: Hypertext Preprocessor Server-Side Scripting
Myths About Web Application Security That You Need To Ignore.
Chapter 12: Automated data collection methods
Moodle Scalability What is Scalability?
Objective Understand web-based digital media production methods, software, and hardware. Course Weight : 10%
Test Automation CS 4501 / 6501 Software Testing
Web UI testing automation and Selenium
Automation Testing tool that can be used in software engineering course Ran Shi 04/29/2011.
Web Security CS 136 Computer Security Peter Reiher March 11, 2010
Lecture 4: HTML/CSS Lab Wednesday February 1, /12/2019
CS5123 Software Validation and Quality Assurance
Recitation on AdFisher
Lecture 27 Security I April 4, 2018 Open news web sites.
Requirements Analysis Document Presentation
Lecture 33: Testing I April 20, 2018
CS5123 Software Validation and Quality Assurance
© University of Liverpool
Web Application Development Using PHP
Presentation transcript:

Lecture 34: Testing II April 24, 2017 Selenium testing script 7/7/2019 CS132 Lecture 35: Testing II

Testing A Web Site Want to simulate actual use cases / scenarios CS132 Lecture 35: Testing II Testing A Web Site Want to simulate actual use cases / scenarios Play a sequence of actions from start to finish Login through logout Look at what results Need to generate user actions Need to check the results Need to have multiple such scenarios (lots) 7/7/2019

Generating User Actions CS132 Lecture 35: Testing II Generating User Actions Can be done without a browser Actions = URL request with proper context Context = cookies, put fields, … curl is a command-line tool that can do this Lots of work however (for general scripts) But you can put together scripts of curl calls to emulate tests Want to do it with a browser Or something that acts as a browser 7/7/2019

Web Site Testing Tools CS132 Lecture 35: Testing II httpunit Create test cases for calls to the server Providing input, checking expected output These are using a Java framework Generating test cases automatically By analyzing on the JavaScript code Sikuli Test cases with visual input and output Why is this difficult? Examples https://www.youtube.com/watch?v=pWLa1kxakOs Tutorial: https://www.youtube.com/watch?v=rrVHoYBknGo Overview: https://www.youtube.com/watch?v=01jFl8KrEMY 7/7/2019

Browser Automation: Selenium CS132 Lecture 35: Testing II Browser Automation: Selenium Example: https://www.youtube.com/watch?v=gsHyDIyA3dg Installation: http://www.seleniumhq.org/download Firefox: https://addons.mozilla.org/en-US/firefox/addon/selenium-ide/ Chrome: https://github.com/SeleniumHQ/selenium/wiki/ChromeDriver Example of creating a script Example of a written script 7/7/2019

Performance Testing Importance of performance CS132 Lecture 35: Testing II Performance Testing Importance of performance 100ms makes the difference between success & failure What do you want to test How fast the web site performs Speed to undertake common actions How responsive the web site is What happens if … What are the testing circumstances How many users should you have for testing? 7/7/2019

CS132 Lecture 35: Testing II Performance Testing Most developer tool sets include this for a single page: Can look at browser debugger network page gtmetrix: https://gtmetrix.com Show on a sample web site 7/7/2019

Load Testing How does the application behave under load CS132 Lecture 35: Testing II Load Testing How does the application behave under load What types of load should be considered Network performance How does the user’s connection affect your application How does overall network activity affect your application Large numbers of simultaneous users What happens to your server under load What happens to your database under load Large individual requests Complex database queries Heavy load on specific pages 7/7/2019

Stress Testing What are the limits of your application CS132 Lecture 35: Testing II Stress Testing What are the limits of your application What types of things to consider Maximum load that can be tolerated Maximum input size that can be processed Determine what happens when things go wrong Database crash or disconnect Server crash or disconnect Web server crash or disconnect Browser crash or disconnect Network crash (server/browser stay up) Gradual degradation 7/7/2019

How To Do Performance/Load Testing CS132 Lecture 35: Testing II How To Do Performance/Load Testing What do you need to do Recruit hundreds of users Simulate lots of users Doing normal things with the system Doing particular things with the system Simulate failures Suppose I wanted to try my app with 1000 users How might you do this? 7/7/2019

Jmeter: Performance Testing CS132 Lecture 35: Testing II Jmeter: Performance Testing Jmeter is an open-source web performance tester http://www.youtube.com/watch?v=8NLeq-QxkSw Works with a set of test cases Series of interactions with the back end These can be specified Manually by a set of HTTP requests (URLs with data) By example (gathering information from sample runs) Will run many of these simultaneously You get to specify which ones and how many With random delays For as long as you want 10 minute video 7/7/2019

Security Testing URL security CS132 Lecture 35: Testing II Security Testing URL security Ability to bypass login/security by creating a URL Ability to get private pages by editing URLs Passing in inputs that will make the system misbehave Overly long inputs that can cause buffer overflows Input checking Are all invalid inputs detected Openness to SQL injection and Cross-browser attacks Are internal files, etc. in the web pages inaccessible Is SSL used for all appropriate pages Can it be bypassed? Are all errors, security breach attempts, etc. logged 7/7/2019

Security Testing Tools exist Websecurify: www.websecuify.com CS132 Lecture 35: Testing II Security Testing Tools exist Websecurify: www.websecuify.com 14 day free trial Netsparker: https://www.youtube.com/watch?v=bVpv4r1T5Ac Download: http://www.netsparker.com Wapiti, Websurgury, … Show netsparker demo 7/7/2019

Design For Testability CS132 Lecture 35: Testing II Design For Testability Want to have a web site that is testable Might not be possible to test live site Don’t want it to crash Want to test before installing updates Actions might have real-world effects Set up a test site Separate database Add test users Internal code to handle external actions Based on which server is being run Do it on a local machine / separate VM Possibly special URLs to reset the server to a known state 7/7/2019

Lab Preparation Have an accessible test site for your project CS132 Lecture 35: Testing II Lab Preparation Have an accessible test site for your project Can be production site if that is safe Meet to determine who will test what Html/CSS, Usability, Web Site, Performance, Load Testing, Security Develop a testing plan for your project When and what, reusable tests, testing before update, … Download and install the tools you need if any Come prepared to set up tests and test your project 7/7/2019

Next Time Next Times: Testing Lab CS132 Lecture 35: Testing II 7/7/2019

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.