1) What is web application?

It is Software application that is accessed over a network such as the Internet or an intranet through a web browser. 2) What are the different types of environments available in the Web? Intranet (Local Network) Internet (Wide area Network) Extranet (Private network over Internet) 3) What is intranet application? It is a private application, can be accessed within the Organization only. It uses Local /Private Network and Internet Protocol technology to share information. 4) What is internet application? Generally it is a public web application, uses Wide area network. It can be accessed from anywhere.

5) What is extranet application? It is also a private application over internet, can be accessed by fixed machines only. It uses Wide area network and Internet Protocol technology to share information. 6) What are the different types of web applications available in the industry? Websites Web portals Web applications Social networks Web blogs Email communication provides Discussion forums Etc... 7) What is website? Basically website is an information provider, It provides information globally using internet protocols. 8) What is web portal? Web portal is a business gateway, It organizes business operations. Ex: Online shopping portals, Job portals etc... 9) What is web application? Web application provides services (Free and Paid) apart from information.

Ex: Online Banking System it provides Bank information, Branches & ATM Information, Loans information etc... And It provides balance enquiry, Fund transfer, Bill payments like services. 10) What is HTML? HTML stands for Hyper Text Markup Language, it is for displaying web pages and other information. Basically it is data presenter in the web. 11) What is Client side validation? Validating client side forms, which is typically done by Java Script. Generally it checks weather the user is entering correct form of data or not? and entering all mandatory fields or not? Client site validation is 2 types One is Field level validation another is Form level validation. 12) What is Server side validation? Validating, processing client requests and providing response from the Server. 13) What is web server? Web server handles Clint side and server side validations and helps to deliver Web content that can be accessed through the Internet protocols. Examples: Microsoft IIS (Internet Information Service) Apache Web server from Apache Java Web server Pramathi web server etc... 14) What is application server? Application Server also called an appserver, It is a program that handles all application operations between users and an organization's back-end business applications or databases. Examples: Bea WebLogic IBM WebSphre 15) What is database server? Database server is used to refer to the back-end system of a database application using client/server architecture.

The back-end, sometimes called a database server, performs tasks such as data design, storage, data manipulations, archiving, and other non-user specific tasks. Examples: Oracle MS SQL Server MySQL (Open source) IBM DB2 etc...

16) What is HTTP? Hyper Text Transfer Protocol, the data transfer protocol used on the World Wide Web. 17) What is HTTPS? HTTPS stands for Hypertext Transfer Protocol Secure is a widely-used communications protocol for secure communication over a computer network. 18) What is purpose of Java Script in the Web? It is for performing client side validations. 19) What is the purpose of Vbscript in the Web? It can be used for client side validations as well as Server side validations. 20) What is Web Browser? Web browser is a software application used to locate, retrieve and also display content on the World Wide Web, including Web pages, images, videos and other files. Examples: Microsoft Internet Explorer Mozilla Firefox Google Chrome Opera Safari etc

21) What is Server side testing? 22) What are the advantages of web applications than GUI based applications?

Only server side installation, client side installation is not mandatory, so deployment and maintenance is easy. It can be accessible anywhere, anytime via a PC with an Internet connection. The user interface of web-based applications is easier to customize than it is in GUI applications. Content can also be customized for presentation on any device connected to the internet, including PDAs, mobile phones etc Supports thousands of clients effectively Adding and removing clients is very easy.

23) What is WWW? The term WWW refers to the World Wide Web or simply the Web. The World Wide Web consists of all the public Web sites connected to the Internet worldwide, including the client devices (such as computers and cell phones) that access Web content. The WWW is just one of many applications of the Internet and computer networks. 24) What is Web Services? Web services are application components, communicate using open protocols and these can be used by other applications. XML is the basis for Web services SOAP (Simple Object Access Protocol), UDDI (Universal Description, Discovery and Integration) and WSDL (Web Services Description Language) are the Web services platform elements. 25) What are the important aspects in Web testing? Functional Testing (includes links testing, navigation testing etc...), Security Testing, Database Testing (includes Data integrity, data manipulations, data retrievals etc..), Performance Testing (includes all types of performance like Load Testing, Stress Testing, Spike Testing, Endurance Testing and Data volume Testing), Usability Testing, Navigation testing, Configuration Testing, Compatibility Testing, Reliability Testing, Availability Testing, Scalability Testing Etc...

How you can test Web Based Application Website Testing: In sample terms, testing the web based application and finds the all possible bugs and need to fix all before the changes uploaded on production or become live. All same scenarios are also applies here for the web based testing i.e. functional testing, traffic or performance testing etc. Scenarios checklist for the Web Based Application: i. Functionality Testing of Web application All required functionality will be tested here for Web based application as provided in requirement by client. It can be of different type. Some common functions are provided below which are generally used in web testing for all the web based applications: a. Links testing: All types of links should be work properly. There should not any broken links. All types of links mean Mail to link, Outgoing link, Anchor link, and Internal links. b. Forms Testing: Required field testing, mean need to confirm that all required fields are populated or not. User should not be able to submit the form without filling the required fields. Default Value testing all type of default values should be populated automatically without any delay or problem. Backend structure should be properly healthy mean when any form will be submitted then all details should be submitted into database properly. Form should be user friendly. c. Cookies Testing: Cookies testing is also required, to confirm the login session and active user performance. These are the small files which are only used to remember the active user sessions. d. HTML and CSS testing to confirm the crawl engines performance on the required website. This testing generally includes the Syntax Errors, Readable color schemas and Standard compliance. e. Business workflow testing: Done testing end to end scenarios. Positive and Negative scenarios both need to used in testing to ensure the business workflow process. ii. Usability Testing: Generally meaning of usability is how much useful is the web application. In todays era Usability Testing is the vital part of the testing process which is generally performed by the test engineers or the small group selected by the team managers. a. Menus, buttons or links should be available on all pages of website so that visitors can easily visit the pages of website. b. Content should be quality content without any spelling or grammatical mistakes. c. If Images are available then properly alt tags and other properties should available. iii. Interface Testing: In web application there are three areas which are need to test Application, Web and Database Server. Mean Proper integration in between the web server, application and database server should be maintain without any bug when changes will be live for visitors. iv. Database Testing: Database testing is very important part of web application. We need to confirm the following points to test the database testing: Error in executed query, Data integrity should be maintained while creating updating or deleting the records in SQL from the front end of application. Saved data/records should be retrieved properly and show on front end without showing any error or issues. v. Compatibility testing: Compatibility testing includes the Browser compatibility, Resolution compatibility and operation system compatibility. Web application should pass all these compatibilities. vi. Performance / Load Testing: mean what is the performance of website under different load or stress. On one time different -2 users can access the website which can put load on website and website can crash due to this load. To confirm the load and stress compatibility of website is called the performance testing. vii. Security Testing: To confirm the web application is how much secure. Test engineers need to perform the security testing. Main scenarios which generally perform in this testing are a. Restrict Unauthorized access, b. Restrict Unauthorized download / upload c. Session should be killed automatically when user will sign out or leave the system.

HTTP HTTP is a protocol with the lightness and speed necessary for a distributed collaborative hypermedia information system. It is a generic stateless object-oriented protocol, which may be used for many similar tasks such as name servers, and distributed object-oriented systems, by extending the commands, or "methods", used. A feature if HTTP is the negotiation of data representation, allowing systems to be built independently of the development of new advanced representations. Purpose When many sources of networked information are available to a reader, and when a discipline of reference between different sources exists, it is possible to rapidly follow references between units of information which are provided at different remote locations. As response times should ideally be of the order of 100ms in, for example, a hypertext jump, this requires a fast, stateless, information retrieval protocol. Practical information systems require more functionality than simple retrieval, including search, front-end update and annotation. This protocol allows an open-ended set of methods to be used. It builds on the discipline of reference provided by the Universal Resource Identifier (URI) as a name (URN, RFCxxxx) or address (URL, RFCxxxx) allows the object of the method to be specified. Reference is made to the Multipurpose Internet Mail Extensions (MIME, RFC1341) which are used to allow objects to be transmitted in an open variety of representations. Overall operation On the internet, the communication takes place over a TCP/IP connection. This does not preclude this protocol being implemented over any other protocol on the internet or other networks. In these cases, the mapping of the HTTP request and response structures onto the transport data units of the protocol in question is outside the scope of this specification. It should not however be at all complicated. The protocol is basically stateless, a transaction consisting of Connection The establishment of a connection by the client to the server - when using TCP/IP port 80 is the well-known port, but other non-reserverd ports may be specified in the URL; Request The sending, by the client, of a request message to the server; Response The sending, by the server, of a response to the client; Close The closing of the connection by either both parties. The format of the request and response parts is defined in this specification. Whilst header information defined in this specification is sent in ISO Latin-1 character set in CRLF terminated lines, object transmission in binary is possible. Cookie A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information about you, similar to a preference file created by a software application. While cookies serve many functions, their most common purpose is to store login information for a specific site. Some sites will save both your username and password in a cookie, while others will only save your username. Whenever you check a box that says, "Remember me on this computer," the website will

generate a login cookie once you successfully log in. Each time you revisit the website, you may only need to enter your password or you might not need to log in at all. Cookies are also used to store user preferences for a specific site. For example, a search engine may store your search settings in a cookie. A news website may use a cookie to save a custom text size you select for viewing news articles. Financial websites sometimes use cookies to store recently viewed stock quotes. If a website needs to store a lot of personal information, it may use a cookie to remember who you are, but will load the information from the web server. This method, called "server side" storage, is often used when you create an account on a website. Browser cookies come in two different flavors: "session" and "persistent." Session cookies are temporary and are deleted when the browser is closed. These types of cookies are often used by e-commerce sites to store items placed in your shopping cart, and can serve many other purposes as well. Persistent cookies are designed to store data for an extended period of time. Each persistent cookie is created with an expiration date, which may be anywhere from a few days to several years in the future. Once the expiration date is reached, the cookie is automatically deleted. Persistent cookies are what allow websites to "remember you" for two weeks, one month, or any other amount of time. Most web browsers save all cookies in a single file. This file is located in a different directory for each browser and is not meant to be opened manually. Fortunately, most browsers allow you to view your cookies in the browser preferences, typically within the "Privacy" or "Security" tab. Some browsers allow you to delete specific cookies or even prevent cookies from being created. While disallowing cookies in your browser may provide a higher level of privacy, it is not recommended since many websites require cookies to function properly. NOTE: Since cookies are stored in a different location for each web browser, if you switch browsers, new cookies will need to be created Session in the computing world, a session refers to a limited time of communication between two systems. Some sessions involve a client and a server, while other sessions involve two personal computers. A common type of client/server session is a Web or HTTP session. An HTTP session is initiated by a Web browser each time you visit a website. While each page visit constitutes an individual session, the term is often used to describe the entire time you spend on the website. For example, when you purchase an item on an ecommerce site, the entire process may be described as a session, even though you navigated through several different pages. Another example of a client/server session is an email or SMTP session. Whenever you check your email with an email client, such as Microsoft Outlook or Apple Mail, you initiate an SMTP session. This involves sending your account information to the mail server, checking for new messages, and downloading the messages from the server. Once the messages have been downloaded, the session is complete. An example of a session between two personal computers is an online chat, or instant messaging session. This type of session involves two computers, but neither system is considered a server or client. Instead, this type of communication is called a peer-to-peer or P2P. Another example of P2P communication is BitTorrent file sharing, where file downloads are comprised of one or more sessions with other computers on the BitTorrent network. A P2P session ends when the connection between two systems is terminated. Server side web sessions Server-side sessions are handy and efficient, but can become difficult to handle in conjunction with loadbalancing/high-availability systems and are not usable at all in some embedded systems with no storage Client side web sessions

Client-side sessions use cookies and cryptographic techniques to maintain state without storing as much data on the server. When presenting a dynamic web page, the server sends the current state data to the client (web browser) in the form of a cookie HTTP session token A session token is a unique identifier that is generated and sent from a server to a client to identify the current interaction session. The client usually stores and sends the token as an HTTP cookie and/or sends it as a parameter in GET or POST queries. Session management In humancomputer interaction, session management is the process of keeping track of a user's activity across sessions of interaction with the computer system. Desktop session management A desktop session manager is a program that can save and restore desktop sessions Browser session management Session management is particularly useful in a web browser where a user can save all open pages and settings and restore them at a later date. Web server session management Hypertext Transfer Protocol (HTTP) is stateless: a client computer running a web browser must establish a new Transmission Control Protocol (TCP) network connection to the web server with each new HTTP GET or POST request Multibrowaer issue Cross-browser refers to the ability of a website, web application, HTML construct or client-side script to function in environments that provide its required features and to bow out or degrade gracefully when features are absent or lacking With wide range of web browsers available, end users using different web browsers to access your web applications, it has now become crucial to test web applications on multiple browsers. On different browsers, client components like Javascript, AJAX requests, Applets, Flash, Flex etc. may behave differently. Also for different browsers you may have different handling on how requests are processed on server side based on the user-agent received from client browser. So just testing your web application on single web browser is not enough. You need to make sure that your web application works fine across multiple browser. Cross Browser Testing is a process to test web applications across multiple browsers. Cross browser testing involves checking compatibility of your application across multiple web browsers and ensures that your web application works correctly across different web browsers. Cross Browser testing involves testing both the client side and server side behavior of your Web application when it is accessed using different Web Browsers

Client Side Cross Browser Testing

AppPerfect Web Test can help you test functionality of your web application on client side on different Web Browsers. It ensures compatibility of your application on different Web browsers like Internet Explorer, Firefox, Safari, Chrome etc. at same time. You can record test on any one Web browser and run it on different Web browsers and this way test application's behavior on different browsers without need to re-record test on multiple browsers. Do the following to functional test your application across different Web browsers :

Server Side Cross Browser Testing

AppPerfect Load Test can help you test behavior of your web application on server side when application is accessed from different web browsers. AppPerfect Load Test supports Load testing for Web applications using

HTTP protocol and can be configured to simulate the HTTP requests from different web browsers. Web Server identifies each client by way of User-Agent string. When Internet users visit a web site, a text string is usually sent in the HTTP header field "User-Agent" to identify the client application. Web applications often include code to detect client version to adjust the page design sent according to the user agent string received. Web application may be designed to work differently for mobile Internet user and PC based Web browsers. AppPerfect Load Test supports execution of HTTP requests with different web browser clients . WEB SERVER A Web server is a program that, using the client/server model and the World Wide Web's Hypertext Transfer Protocol ( HTTP ), serves the files that form Web pages to Web users (whose computers contain HTTP clients that forward their requests). Every computer on the Internet that contains a Web site must have a Web server program. Two leading Web servers are Apache , the most widely-installed Web server, and Microsoft's Internet Information Server ( IIS ). Other Web servers include Novell's Web Server for users of its NetWare operating system and IBM's family of Lotus Domino servers, primarily for IBM's OS/390 and AS/400 customers. Web servers often come as part of a larger package of Internet- and intranet-related programs for serving e-mail, downloading requests for File Transfer Protocol ( FTP ) files, and building and publishing Web pages. Considerations in choosing a Web server include how well it works with the operating system and other servers, its ability to handle server-side programming, security characteristics, and publishing, search engine, and site building tools that may come with it. APPLIACTION SERVER An application server is a server program in a computer in a distributed network that provides the business logic for an application program. The application server is frequently viewed as part of a three-tier application, consisting of a graphical user interface (GUI) server, an application (business logic) server, and a database and transaction server. More descriptively, it can be viewed as dividing an application into: A first-tier, front-end, Web browser-based graphical user interface, usually at a personal computer or workstation A middle-tier business logic application or set of applications, possibly on a local area network or intranet server A third-tier, back-end, database and transaction server, sometimes on a mainframe or large server Older, legacy application databases and transaction management applications are part of the back end or third tier. The application server is the middleman between browser-based front-ends and back-end databases and legacy systems. In many usages, the application server combines or works with a Web (Hypertext Transfer Protocol) server and is called a Web application server. The Web browser supports an easy-to-create HTML-based front-end for the user. The Web server provides several different ways to forward a request to an application server and to forward back a modified or new Web page to the user. These approaches include the Common Gateway Interface (CGI), FastCGI, Microsoft's Active Server Page, and the Java Server Page. In some cases, the Web application servers also support request "brokering" interfaces such as CORBA Internet Inter-ORB Protocol (IIOP) CLIENT SERVER A client-server network is a communications model in which multiple client programs share the services of a common server program. For example, your computing device's Web browser is the client program that requested services from the WhatIs.com server (which technically is called an HTTP server) so you could read this Web page. Other network communication models include master/slave and peer-to-peer.

N-Tier architecture

1. Functionality Testing: This is used to check of your product is as per the specifications you intended for it as well as the functional requirements you charted out for it in your developmental documentation.Testing Activities Included: Test all links in your webpages are working correctly and make sure there are no broken links. Links to be checked will include Outgoing links Internal links Anchor Links MailTo Links Test Forms are working as expected. This will includeScripting checks on the form are working as expected. For example- if a user does not fill a mandatory field in a form a error message is shown. Check default values are being populated Once submitted , the data in the forms is submitted to a live database or is linked to an working email address Forms are optimally formatted for better readability Test Cookies are working as expected. Cookies are small files used by websites to primarily remember active user sessions so you do not to log in every time you visit a website. Cookie Testing will include Testing cookies (sessions) are deleted either when cache is cleared or when they reach their expiry. Delete cookies (sessions) and test that login credentials are asked for when you next visit the site. Test HTML and CSS to ensure that search engines can crawl your site easily. This will include

Checking for Syntax Errors Readable Color Schemas Standard Compliance.Ensure standards such W3C, OASIS, IETF, ISO, ECMA, or WS-I are followed. Test business workflow- This will include Testing your end - to - end workflow/ business scenarios which takes the user through a series of webpage's to complete. Test negative scenarios as well, such that when a user executes an unexpected step , appropriate error message or help is shown in your web application. 2. Usability testing: Usability testing has now become a vital part of any web based project. It can carried out by testers like you or a small focus group similar to the target audience of the web application. Test the site Navigation: Menus , buttons or Links to different pages on your site should be easily visible and consistent on all webpages Test the Content: Content should be legible with no spelling or grammatical errors. Images if present should contain and "alt" text Tools that can be used: Chalkmark, Clicktale, Clixpy and Feedback Army 3. InterfaceTesting: Three areas to be tested here are - Application, Web and Database Server Application: Test requests are sent correctly to the Database and output at the client side is displayed correctly. Errors if any must be caught by the application and must be only shown to the administrator and not the end user. Web Server: Test Web server is handling all application requests without any service denial. Database Server: Make sure queries sent to the database give expected results. Test system response when connection between the three layers (Application, Web and Database) can not be established and appropriate message is shown to the end user. 4. DatabaseTesting: Database is one critical component of your web application and stress must be laid to test it thoroughly. Testing activities will includeTest if any errors are shown while executing queries Data Integrity is maintained while creating, updating or deleting data in database. Check response time of queries and fine tune them if necessary. Test data retrieved from your database is shown accurately in your web application 5. Compatibility testing. Compatibility tests ensure that your web application displays correctly across different devices. This would includeBrowser Compatibility Test: Same website in different browsers will display differently. You need to test if your web application is being displayed correctly across browsers, javascript, AJAX and authentication is working fine. You may also check for Mobile Browser Compatibility. The rendering of web elements like buttons, text fields etc changes with change in Operating System. Make sure your website works fine for various combinations of Operating systems such as Windows, Linux, Mac and Browsers such as Firefox, Internet Explorer, Safari etc. 6. PerformanceTesting: This will ensure your site works under all loads. Testing activities will include but not limited to Website application response times at different connection speeds Load test your web application to determine its behavior under normal and peak loads Stress tests your web site to determine its break point when pushed to beyond normal loads at peak time. Test if a crash occurs due to peak load , how does the site recover from such an event

Make sure optimization techniques like gzip compression , browser and server side cache enabled to reduce load times Tools that can be used: Loadrunner, JMeter 7. Security testing: Security testing is vital for e-commerce website that store sensitive customer information like credit cards.Testing Activities will includeTest unauthorized access to secure pages should not be permitted Restricted files should not be downloadable without appropriate access Check sessions are automatically killed after prolonged user inactivity On use of SSL certificates, website should re-direct to encrypted SSL pages. Tools that can be used: Babel Enterprise, BFBTester and CROSS PRIORITIES AND SEVERITY 1. Low Severity & High Priority: Example 1: On any Log in Screens, OK button have text KO Now try to understand, Button is working fine, means No functionality is affecting by that, it means its a minor Severity Bug. But User will not understand what KO is. Because of this their applicat ion has no use, and they cant release the product without fixing the bug. This is the High Priority bug. 2. High Severity & Low Priority: Example 1: Suppose you have an application which is having functionality of exporting to Excel File. But that functionality is totally not working. So in this case the Severity is Very High. But for current release this functionality is not useful, means user may not use the Export function, so here is have Low Priority 3. High Severity & High Priority: Example 1: A bug which is a show stopper.i.e, a bug due to which we are unable to proceed our testing. An example would be a run time error during the normal operation of the software. Which would cause the application to quit abruptly? Example 2: Suppose you are doing online shopping and filled payment information, but after submitting the form, you get a message like "Order has been canceled." 4. Low Severity & Low Priority: Example 1: There is a mistake like "You have registered success" instead of successfully, success is written.