Welcome to the session on Web-based Software Testing!

1 Objectives of this course are listed above.

2 Any software application that can be accessed via a web over or a network such as internet or intranet can be called a web application. Any kind of web-browser can be its client. Since these clients like , , etc. are freely available across the world and there is no hassle of distributing and installing these applications in each client machine, web applications have become highly popular. Web applications can be used to implement - a simple portal to provide a company‟s information, an online retail store, webmail, online auctions, discussion boards like weblogs, chat, and many other functions. Users can access them almost in 24x7 mode.

3 This is the average architecture of most of the web applications. The components on the right side i.e. the file system, application server, data and the external systems are essentially the same as found in a typical client / server system. The left side elements, the and the web server are the elements unique to a typical web application.

Web server receives a page request from a user thru a web browser. It may be request for a static web page which can be fetched with the help of file system or a request for certain data which will be fetched with the help of application server. Application server may apply a business logic before providing the data to the web server based on the context and scenario.

It is an architectural challenge whether to have a thick client or a thin client. In case of a thick client, it offers greater locality of reference and better interactivity; however it may pose a distribution challenge. A thin client offers simplicity of security and distribution, but the browser would look more like a dumb terminal.

4 Business logic should touch the state of the business. This poses another architectural challenge. Should there be a stateless communication (where each command or transaction is executed independently without the knowledge of any of the commands or transactions that came before it) from the logic to the data via mechanisms like JSP or should there be a stateful communication (having the capability to maintain the previous state), such as thru Servlets? Again, there are advantages as well as disadvantages in each approach. Scripting is easier to change but comes with computational overhead, and Servlets are potentially faster but they may pose more challenge in developing and deploying the application.

Connection to application‟s persistence data (the ), which can also be present in legacy systems, is also another challenge. How does one show the objects to the user while the data continues to live in RDBMS tables? How should the connection from the application‟s business logic to its data be manifest? For e.g. a coupling thru JDBC may be more direct, but the developer should have better knowledge of data‟s form; On the other hand, a messaging architecture is less direct but is more scalable.

5 A web application be just a set of web pages navigable thru different links. The intention of such applications may be just to show the intended information. Testing such applications would involve clicking on all the links to ensure that they load the intended page upon clicking.

6 A web portal acts a source of many information. They present information from diverse sources in a unified way. Aside from the search engine standard, web portals offer other services such as news, happenings, entertainment and various other features. Portals provide a way for enterprises to provide a consistent look and feel with access control and procedures for multiple applications, which otherwise would have been different entities altogether. An example of a web portal is Sparsh.

7 Releasing any software application without testing is almost an offense! Just like you don‟t want to buy a car which is not tested for safety, any software application has to be tested thoroughly before its usage. Web application is not exception to this. Moreover, due to its architecture complexity (in case of big applications), varied user environments, access via different network / router segments, stricter security requirements / regulations and many other complex requirements makes it a “must” to test it rigorously before its deployment.

In case of web applications meant for online transactions like banking, e-auctioning, shopping- cart kind of applications, their usability, security features and performance play a major role which may impact the overall business of the corporation.

Web applications can be better called as living applications and hence require a new perspective of testing practices.

8 Web-based testing is a combination of Usability, Functionality, Performance, Security and Compatibility testing with respect to web-based applications. It is not a concept in itself.

9 Usability testing focuses on evaluating a human-made product's capacity to meet its intended purpose. Examples of such products that would require usability testing are web sites or web applications, computer interfaces, documents, or devices. Usability testing measures the usability, or ease of use, of a specific object or set of objects.

10 Five steps to website usability testing:

1. Define clear goals and objectives What is that you want to achieve from this usability test? It is typically more effective when it tries to identify how much time a user needs to complete a task (or a set of tasks)? Or how much difficulty the user would go thru in finishing the task. Usability testing helps you determine how users perform a specific tasks, in what sequence, choice of usage of various controls and how satisfied are they at the end of it.

2. Setup the test environment Decide on the type of usability test among many like controlled lab testing, field observation, focus groups, questionnaires, surveys, etc. While the costs involved in sophisticated controlled lab testing would be high, if the purpose of conducting such tests ensures user satisfaction and sustain (or increase) profits, it is a worthy exercise to do it where the benefits would exceed this cost disadvantage.

3. Select appropriate participants While its common and inexpensive to choose the fellow employees to the usability testing, the drawback in it is that these employees might be already aware of certain “jargons” and may not be able to provide any inputs in this regard. We also need to make sure that it is the website that is being tested for usability and not the participants themselves for their testing capability.

11 4. Conduct the test The type of usability testing selected in the step 2 above, would decide how to conduct this test. In case of questionnaire and surveys, they need to be conducted in a controlled environment to yield better results. Otherwise the results may get skewed due to fatigue, boredom, loss of memory, personal biases or similar reasons.

5. Report the findings Results of surveys, questionnaires, focus groups should be analyzed before making any design change decisions based on them. You should ensure that these results are not skewed or biased.

12 Following factors should be considered while testing the web application for usability: • Ease of Usage – e.g. easy to enter data, easy to use controls, etc. • Visual consistency and Consistency of action - e.g. click actions, error actions, etc. • Navigation - e.g. tab orders, easy flow, … • Clarity (non-ambiguous) – e.g. clear messages / information • Communication – e.g. updating the status on what‟s being done • Understandability (Intuitiveness) – usage of real-life objects as controls e.g. volume control knob • Self-learnability – e.g. self-explanatory menu items, controls, labels, etc. • General design / structure check – common sense check

13 Some of the guidelines on ease of use is shown in the slide above.

Did you know? When eBay auction web site went down in Jun ‟99, it initially lost many customers to its competitors. When the site was up again, many of those lost customers came back to eBay. Why? Because many of them found eBay was the easiest website (in its kind) to use.

14 How long does it take to load your application / page? The user may choose not to come back to your application site or it may put the user in discomfort if it takes too long to load. So the time to load the application must be appropriate enough so that it won‟t put the user into discomfort so that the user wants to come back.

In case of data-entry screens, it makes sense put the cursor on the first editable field to avoid the user in doing so saving some time for him / her.

In case of any error in the data entered in a field, once the user acknowledges the error message the cursor should be taken to the field where the error has occurred. It will save the user in searching for the field where the error has occurred especially, if the page contains many data-entry fields.

It has almost become a default feature in most of the data-entry page / screen of applications to confirm if the unsaved data needs to be saved before moving on to the next screen or on cancel.

Usability testing should focus on all these criteria while planning for it.

15 Look-n-feel of a web-application developed with 1024 x 1012 pixel resolution should look almost the same in 1024 x 768 resolution screen with probably a vertical scroll included. An application developed primarily for the former resolution may need both horizontal as well as vertical scroll bars making the users inconvenient to use it.

The margins, column layout, colors, fonts, size of controls, etc. should be consistent across forms. For e.g. a normal layout of buttons in a typical „Save changes?‟ type of a dialog-box is: Yes, No, Cancel. If this order is changed, the user may tend to press „No‟ or „Cancel‟ if they appear in the leftmost position. Choosing the right colors in the forms based on the context is also an important activity. They may convey different meanings at different places.

Use of hotkeys or accelerator keys minimizes mouse movements. Use of animations / graphics attracts users‟ attention. However too much of animations / graphics may distract or annoy the users.

Formats of date and time fields – whether DD/MM/YY format or MM/DD/YY format to use? It needs to be decided based on the users‟ region. It can be picked up from the desktop environment too (e.g. Regional settings in Windows)

16 Ensure that consistency is maintained while taking actions across different forms when the same task is being performed.

For e.g. when an error has occurred, usually it is communicated immediately in a dialog-box showing the error message. Some forms may choose to show the error message just above the field where the error has occurred. Displaying all validation errors at the top of the screen / form may be another standard that is followed. Whatever it may be, a consistent standard should be followed across different forms / screens of an application.

17 Refer to the slide for explanation.

18 Refer to the slide for explanation.

19 „Navigation‟ from a typical web application perspective should answer following questions:

• Where am I? • When can I go from here? • What do I find along way? Although these may sound very trivial, designing and testing for navigation aspect is one of the challenging activities. Variables such as menu structure, cultural diversity, language aspects can affect the way users understand and navigate through your website.

Navigation can be one of the key factors of success (or failure) of a web site. Users should be able to find the information they are looking for quickly and conveniently. For e.g. if I go to an airlines web site, I should be able to find the links for flight schedules, ticket booking, availability and nowadays for web check-in, easily.

Factors contributing to navigation of a website are listed in the slide above.

Visit http://www.dontclick.it/ once to see how different sections of a website can be navigated very easily with just ONE mouse click!

20 Navigation - Example

21 User should be appropriately communicated about his/her actions. Proactive communication on what else that s/he could look into in the site also would be helpful to the user. Having „contact‟ information in case if the user has any problems is very important. 23 At times, silly mistakes like spelling and grammar errors may have an impact on the overall credibility of the application.

24 When developing a website, the old cliché “Ignorance is far more expensive than education” applies. Many organizations tend to give lesser focus on this notion.

Refer to „Usability Testing‟ checklist in the IVS Unit portal: Test Repository > Methodologies > Checklists > Usability Checklist for a comprehensive list of items that need to checked during usability testing. (http://sparsh- ivs/IVS/Old_Data/Methodology/Checklists/UsabilityChecklist.xls)

More information on website usability and usability guidelines can also be found at: http://www.GUIGuide.com/, http://www.uie.com/ http://www.uiereports.com/

25 Functionality testing method of a web application is not much different from any other type of software application. The focus is to verify if the application is working as per the requirements specified. Various techniques (as explained in the pre-reading material for software testing) can be used here also to test for functionality of the application.

26 “The power of the Web is in its universality. Access by everyone regardless of disability is an essential aspect” - Tim Berners-Lee, Inventor of (WWW)

It is easy to design the web applications look-n-feel for normal people i.e. without any disability. However, if the application / website is going to be accessed by many diverse set of people (e.g. company website, online business applications, etc.), it has to be designed to take care of people with various types of disability.

Users with blindness disability may experience difficulty in getting information in visual representation. They may be using inputs tools other than keyboard. May be discerning synthesized speech from other sounds.

Users with lower vision may have difficulty in differentiating between colors and contrasts, size code information, discriminating between various fonts and certain small elements

27 Users with hearing impairments may experience difficulty in hearing certain frequency ranges, localizing sounds and picking up sounds against background noise.

Deaf users will have difficulty in sensing auditory information and may be using English as a 2nd language (sign language being 1st).

Users with mobility impairments may not be able to press multiple keys simultaneously. At times, they cannot reach the keyboard or mouse and may find it difficult to do tasks requiring precise movements.

Users with attention, memory, reading and cognitive impairments may find it difficult to read without sounding the text out loud. It may be difficult for them to perform action in specific time frames or learning and understanding the online help or understanding graphical objects without text labels.

28 Competition in the global economy means making your web application / site properly usable by the visitors across the world. Even though internet is available around the world, it is not yet evolved equally. As the businesses continue to focus on globalization, the need for localization of web sites is becoming more compelling.

If the website is can be viewed in only one language, only a small percentage of the world Internet population needs will be accommodated (of course, unless specifically designed for this need though). If the site / application is going to be accessed world-wide, serious consideration should be given to either developing multiple web sites (one per country / language) or allowing a single web site to be viewed in different languages.

Care has to be taken care while translating contents into different languages. A beer company translated the slogan "turn it loose" in such a way that it was understood as slang for "suffer from diarrhea“. A major airline literally translated its "fly in leather" slogan as „vuela en cuero‟, which means "fly naked“. There are many such instances which has lead to such misunderstandings / mistranslations. Such things need to be taken care appropriately.

29 Various language version of Infy website.

30 To accommodate the specified needs of the visitors / users, web sites can give them a „personal touch‟ by saving their preferences / settings and tailoring the contents based on their profiles. For e.g. customization options for look-n-feel of the web site, layout, items to be displayed like weather, stock tick, news bits, etc. These web sites can use Customer Relationship Management (CRM) systems to predict the type of information that visitor / user might be interested in seeing. They can publish the advertisements based on the visitors‟ residential area and other choices. It would help grow the business of the company which hosts the web site.

Few port-lets may not be meant to be used on personal pages and hence the user should not be able to select them on his/her personal page.

31 Identify what criteria are being used to determine the personalized content that is served up by the web site. Once this is clear, come up with no. of test cases to test out sufficient no. of various possibilities are tested out.

32 33 Performance testing of a web application is not much different from a normal client / server type of application. It is concerned with performance of the application under various conditions like no. of users, resources, etc. Needless to say, web applications are expected to take as less response time as possible. It is a very important factor for business intensive applications involving online transactions like stock brokerage, auctioning, buying / selling, etc.

When should you start performance testing? From the financial perspective, it should start as early as possible during the development cycle. However, it doesn‟t mean that there won‟t be any performance issues if this test started early; it just costs less to resolve them.

34 Before developing the test cases for performance testing, its objectives should be made very clear. Performance related non-functional requirements of the application should help in setting appropriate objectives. The pass/fail criteria need to be identified to assess if the performance objectives have been met. The objectives should focus on the speed, scalability and stability of the application.

Speed: Users who have to wait for more than 10-seconds for “something to happen” are likely to become impatient start re-clicking on buttons. In case of transactional applications, such re- clicking may cause serious issues (if not taken care properly) resulting in lost / corrupt data. Response time requirements vary from website to website. It should be made clear during objective settings.

Scalability – What should the web application do if more no. of users are connected to it than the specified number? It should be made clear during the objective settings. Particular attention should be paid to the functional integrity of web sites to ensure that the functionality that worked during low / normal load should work correctly during peak user load too.

Stability – Test cases should be included to test the stability of the web application. It is quite normal that the application would work correctly during low or normal user loads. How the system withstands sudden spikes should be tested - News web sites are expected to receive peak users during any major news outbreaks. Stock brokerage related web applications should expect peak load during opening of the day and if there are any sudden change in economic decisions like interest rate cut, etc.

35 Testing the performance includes evaluating factors like response time, throughput, break point, hits etc. as explained earlier.

Web Load Test is used to determine the point at which the response time of the web server or web application degrades by giving simulated loads. Load Testing will simulate a real time user load on the application and testing this prior to production ensures application will be stable and any performance issues can be addressed in pre-production phase. Simulated loads can be done by using some automated test tools like Load Runner with which virtual users are created for a web server or web application.

Web Stress Test is used to determine the breaking point of the web server or web application. It is also done by load simulation. Stress Testing ensures the application which is tested for expected load can take on spikes in the load condition, like increase in rate of transactions and study its impact on the system resources and helps tune and configure the system optimally.

Web Volume Test is a kind of load test where a large volume of input data are submitted to the application to see how it performs. A byproduct of volume testing is its ability to uncover rare functional errors. This is because, this large volume of data may contain an input test case which may not have been considered during normal functional testing, has the potential to detect the defect.

Web Endurance Test (also called soak testing) is done to evaluate the system performance by giving the expected load in ramp up (Sudden or Gradual increase in load) or down (Sudden or Gradual decrease in load) mode. Endurance testing can be done for an extended period of time (e.g. several days). Issues like very small memory leakages get uncovered in such tests.

36 Security Testing is done to assess the sensitivity of the system against unauthorized access.

The six basic security concepts that need to be covered by security testing are: confidentiality, integrity, authentication, authorization, availability and non-repudiation.

Confidentiality: A security measure which protects against the disclosure of information to parties other than the intended recipient that is by no means the only way of ensuring confidentiality

Integrity: A measure intended to allow the receiver to determine that the information which it receives has not been altered in transit or by other than the originator of the information. Integrity schemes often use some of the same underlying technologies as confidentiality schemes, but they usually involve adding additional information to a communication to form the basis of an algorithmic check rather than the encoding all of the communication.

Authentication: A measure designed to establish the validity of a transmission, message, or originator. Allows a receiver to have confidence that information it receives originated from a specific known source.

37 Authorization: The process of determining that a requester is allowed to receive a service or perform an operation. Access control is an example of authorization.

Availability: Assuring information and communications services will be ready for use when expected. Information must be kept available to authorized persons when they need it. Also authority to operate.

Non-repudiation: A measure intended to prevent the later denial that an action happened, or a communication that took place etc. In communication terms this often involves the interchange of authentication information combined with some form of provable time stamp.

38 Any user is primarily concerned about the security of a transaction made online. Web based attacks are on the rise today and the consequences can be devastating for companies and businesses who fail to take information security seriously. There are numerous cases where hackers have hacked govt. web sites and have stolen confidential information. Businesses might have to close down their web sites if they get hacked which will have major impact on the business since the customers will not have access to its information.

39 As can be seen from the Pie above, about 92% of the reported vulnerabilities are in the applications, not in the networks. Applications can be server / non-server applications or operating systems.

40 Before application development has started test to ensure that the appropriate policy and standards are in place for the development team. During Definition and Design It is essential that the security requirements be tested i.e. testing the assumptions that are made in the requirements, and testing to see if there are gaps in the requirements definitions. It is essential to test design and architectural artifacts to ensure that the design and architecture enforce the appropriate level of security as defined in the requirements. During Development Code Walkthroughs: Perform a code walkthrough with the developers, and in some cases, the system architects. Code Reviews: Check why certain things were coded the way they were, to examine the actual code for security defects. During Deployment Penetration testing the application after it has been deployed provides a last check to ensure that nothing has been missed. While the application may be secure, a small aspect of the configuration could still be at a default install stage and vulnerable to exploitation. Maintenance and Operations Conduct Operational Management Reviews - a process to detail how operational side of the application and infrastructure, is managed Conduct Periodic Health Checks – regular to checks to ensure no new security risks have been introduced Ensure Change Verification – to ensure that the level of security hasn‟t been changed by a change

41 Vulnerability Scanning Vulnerability Scanning is using automated software to scan one or more systems against known vulnerability signatures. It helps to determine if and where a system can be exploited and/or threatened. Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws and generates a report of the findings that can be used to tighten a network‟s security. Examples of this software are Nessus, Sara, and ISS.

Security Scanning Security Scanning is a Vulnerability Scan plus Manual verification. The Security Analyst will identify network weaknesses and perform a customized professional analysis.

42 Penetration Testing It is a method of evaluating the security of a network by simulating an attack by a hacker. It takes a snapshot of the security on one machine, the “trophy”. The Tester will attempt to gain access to the trophy and prove his access, usually, by saving a file on the machine. The security issues that are found are presented to the owner with an assessment of their impact and a solution or proposal for mitigation.

Penetration Testing can be of two types: Black Box Testing – with no prior knowledge of the infrastructure to be tested. White Box Testing – with complete knowledge of the infrastructure to be tested. It is a controlled and coordinated test with the client to ensure that no laws are broken during the test.

43 Risk Assessment Performing a security risk assessment and implementing adequate security risk management policies is a critical area in maintaining web applications. Risk Assessment involves a security analysis of interviews compiled with research of business, legal, and industry justifications.

Security Auditing It is a manual or systematic technical assessment of a system or application. Manual assessments include interviewing the staff, performing vulnerability scans, internal inspection of Operating Systems and Applications and analyzing physical access to the systems. Automated assessments include system generated audit reports or using software to monitor and report changes to files and settings on a system.

.

44 Ethical Hacking Ethical Hacking is basically a number of Penetration Tests on a number of systems on a network segment. It uses hacking techniques to perform an ethical hack on a web-site to quantitatively assess and measure the threats to it.

Posture Assessment & Security Testing It combines Security Scanning, Ethical Hacking and Risk Assessments to show an overall Security Posture of the organization. It is used to establish the current baseline security of the organization by discovering vulnerabilities and weaknesses and for providing incremental improvements to tighten the security of the organization

45 Phishing is an attempt to criminally and fraudulently acquire sensitive information such as usernames, passwords, credit card details, financial details, etc. by disguising as a trustworthy entity in an electronic communication. Popular website like eBay, PayPal and online banks are the most common targets for this. It is typically carried out by emailing or instant messaging.

46 47 48 Test the firewall functions in the test environment first. Fix the defects found, if any. Once all the defects are fixed, test it out in the production environment.

Firewalls have an option to log all actions that occurred on them. Test out this feature to ensure all kinds of logs are logged in the log files as appropriate.

In computer security, the term vulnerability is applied to a weakness in a system which allows an attacker to violate the integrity of that system. Test the firewall for different types of vulnerabilities to ensure that it withstands all kinds of attacks.

Design an initial suite comprising a set of test cases for testing the firewall. Every time the firewall settings are changed, use this testing suite to ensure that the existing functionality is not broken as part of the new settings.

49 It is quite common for designers / developers to test a web application on a browser that they are convenient with. It is quite ok if the users community who is going to use the application uses it on a single type of web browser. But in case of „Web apps‟ at Infosys, this may not be true. We have users with browsers like Internet Explorer, Firefox, Netscape Navigator, etc. on different platforms - Windows 2000, Windows XP, Vista, Apple Mac, etc. A web application should support multiple browsers, platforms, , etc. in such scenarios to avoid inconvenience caused to users. (There are a few cases in Infosys, where people working on Apple Mac computers, come to Windows desktops to access certain e-learning courses since they don‟t work on Mac machines!)

Compatibility Testing should take care of simulating such scenarios to fish out such issues so that the end product works on any specified operating environment / configuration. It also provides technical integration, functionality and stability testing of complementary, third party products.

50 51 Examples of how a same page appears on different browser versions.

52 1. Set a Goal The first step to test browser compatibility problems is to determine which browsers really matter to you from the end users‟ perspective. It's hard to test a Web page that displays perfectly on every version of every browser running on every computer. Hence plan your testing based on your requirements.

2. Validate your Pages Check for the display of important pages on commonly used browsers

53 30% of users use other than IE as the browser!!!

54 The table above shows various tools used for various types of web testing.

55 Context based services Web services offer different behaviors based on context such as location, consumer, time, etc. New behaviors can be introduced with new business rules on a dynamic basis. Live services As a consumer, How do you test a live service? You can‟t submit an order to see if it works, as the order will be processed. Hence providers must make some provision in the service that permits it to be tested without actually activating the business process it supports. And it can't just be a dummy service, as that proves nothing. Service Level Agreement Testing non-functional requirements is very important with external Web services. For example checking if the response time, or throughput promised is achievable, checking the scalability of the provider‟s live service without harming it etc. Continuous testing One cannot test a service once and presume it will thereafter always work. The implementation can change without one‟s knowledge. Security and authentication External web services will place additional responsibility to test that security and authentication mechanisms are working properly.

56 57 58 59 60 61 Q.: Is there any way to test browser-based programs? Can I test html pages? A.: If you use TestComplete Standard, you can test web pages via their GUI. Run TestComplete and try to record your actions over a web page. The resultant script will look very similar to the one recorded on any other ordinary, non-Open application. As web testing depends on the connection speed, you should place delays in your script where ever they are needed. It can be calls to BuiltIn.Delay(...) and different loops for waiting on changes in the window of your Internet browser. Another aspect of web testing is that web pages intensively use graphics. You can use Regions.Find() to locate the necessary areas on a page and then click, double-click, drag them or perform other operations. TestComplete Enterprise provides more web testing possibilities than TestComplete Standard. In addition to mouse click and keystroke simulation, the Enterprise edition can access the page‟s HTML objects from scripts. You can actually refer to HTML elements from scripts using the same names that are used on your page. TestComplete 4 provides you with access to elements of web pages displayed in Internet Explorer ver. 4 - 7 or in WebBrowser controls that reside in any application (that is, TestComplete supports any browser created on the base of the WebBrowser control). TestComplete 5 lets you also work with web pages displayed in Firefox ver. 1.5.0.1 - 2.0. TestComplete contains specific program objects to test combo boxes, list boxes and check boxes displayed on the page. Also, it provides two events that let you perform specific actions before navigating to a new page or upon downloading a page. For more information about web testing, see the “Web Testing” help topic. TestComplete Enterprise also includes the HTTP Load Testing project item that allows you to perform load, stress and scalability testing of web servers.

62 . Q.: Which browsers does TestComplete support for testing Web pages and Web servers? A.: With TestComplete, you can get access to web page elements and their elements and emulate mouse and keyboard actions over web pages displayed in the following browsers: Internet Explorer ver. 4 - 7 Firefox ver. 1.5.0.1 - 2.0 (TestComplete 5 only) TestComplete also provides access to web pages and their elements displayed in WebBrowser controls that reside in any application. That is, TestComplete supports any browser created on the base of the WebBrowser control. As to the load, stress and scalability testing of Web servers, TestComplete can emulate the following browsers: Internet Explorer v. 5.0 and 6.0 Netscape Navigator 6.0 8.0 Firefox 1.1-1.5 Pocket IE Smartphone

63 Q.: Does TestComplete support testing of applications that use CGI, ISAPI, PHP or ASP on the server side? A.: Yes. The fact is that TestComplete Enterprise tests the client side of web applications and does not depend on the technology used on the server side. . Q.: Does TestComplete support testing of Flash elements on web pages? A.: Yes. Flash elements are ActiveX elements and TestComplete has access to all methods and properties of ActiveX elements. . Q.: I would like to add an HTML document to the Tested Applications collection. How can I do this? A.: Add the IEXPLORE.EXE application and specify the name and path of the desired html page as a command-line argument.

Q.: What do I need to configure to perform the HTTP Load testing? A.: When you are recording load testing scripts with TestComplete, it intercepts low-level HTTP requests sent by the browser and then sends them itself. To intercept these requests, it requires that the browser does not send them through its usual port (8080 by default), they should be sent through another port specified in TestComplete‟s options for the HTTP Load Testing plug-in. This port is 9999 by default, and the port specified in your browser‟s options should correspond to it. So, please make sure that the proxy port number has the correct value in your browser‟s settings dialog. You can change the port number in the Proxy port field of the HTTP Load Testing Options dialog. To call the dialog, select Tools | Options from TestComplete's main menu and then choose Engines | HTTP Load Testing from the tree on the left of the ensuing Options dialog. Note that for some browsers (for instance, for Internet Explorer) TestComplete can set the needed port automatically. If you want to test an external web site and you use a proxy server in your LAN to access the Internet, you should check the Use HTTP Proxy check box in the “Firewall settings” group of the HTTP Load Testing Options dialog. In addition, you should specify the proxy network name or an IP address in the HTTP Proxy Host field and set the correct port number in the HTTP Proxy Port field. Please see the “HTTP Load Testing Options” help topic for details. If you want to test an internal web site (within your LAN) two cases are possible: If you are not using a local proxy server (typical for local networks), please disable the Firewall Settings | Use HTTP proxy setting of TestComplete. If you use proxy, set the HTTP load testing options as it was described for the external sites. In addition check proxy settings for local networks: For the Internet Explorer browser make sure that the Bypass proxy server for local addresses check box of the Tools | Internet Options | Connections | LAN Settings dialog window is disabled. For the FireFox browser check the No proxy for edit box of the Tools | Options | Connection Settings dialog. If the site to be tested is mentioned there, remove it from this box. For Opera and Netscape Navigator browsers no changes are required.

Q.: To record HTTP requests for my load tests I have to specify TestComplete as a proxy server in my Internet browser options. Is there a way to automate this? A.: You should specify TestComplete as a proxy server in order for TestComplete to be able to record HTTP requests. For Web browsers, that support WinINET technology (Microsoft Internet Explorer, for example), TestComplete can modify the proxy settings automatically. The only pre-requisite is that those browsers should be running when you start load testing with TestComplete. For other browsers, you have to change the settings manually. Changing the proxy settings every time you need to record HTTP traffic or play back load testing scripts is a waste of time. To avoid this extra work, you can create (or record) a script routine that will allow you to set your Internet browser options to the desired state. You can then run this script before recording or playing back your load testing scripts. Do not forget to change back the proxy settings, when load testing is finished. The corresponding script routine may be helpful in this task. . Q.: The web page I am testing displays the Login dialog. How can I access this dialog? When opening some pages, you may see a Login dialog, in which you should enter the user name and password in order to access the page, or the browser may display the Information bar asking for your permission to perform certain actions requested by the page. If you test these type of pages, you need to write a code that will: open the page, close the Login dialog or the Information bar by simulating user actions over them, wait until the page is loaded. You need a method that will not wait until the page is loaded and return the execution control to the script immediately, so that you will be able to handle the Login dialog or the Information bar. You can use one of the following approaches: Enter the page‟s URL into the Address bar or into the File | Open dialog of your web browser (for example, using the Keys method). Use the Navigate or Navigate2 methods of the page object (this is only valid for pages displayed in Internet Explorer or a WebBrowser control). Call the Page.ToUrl method using the Runner.CallObjectMethodAsync method. It will execute the ToUrl method asynchronously, so that the latter will not pause your script and you can simulate user actions over the Login dialog or Information bar. For more information and code examples, see the “Opening Web Pages That Display the Login Dialog or Informative Messages” help topic.

64 Q.: How can I find a web page element that contains specific text? A.: TestComplete provides you with access to methods and properties of web page elements, so you can search all web page elements and find the desired text in the element properties. To perform the search, you can use the Page object‟s Find method. This method uses three parameters: Page.NativeWebObject.Find(PropertyName, KeyValue, TagName) PropertyName - Name of the property, whose value is checked by the method. Typically, the element‟s text is accessible through the innerHTML or innerText property. KeyValue - The sought-for text (you can use the * and ? wildcards to specify the search masks). TagName - This parameter is optional. You can use it to specify tag names that you would like to search in. Note that since the name of the Find method coincides with the name of the Find method added to all tested objects by TestComplete, the Page object‟s method resides in the NativeWebObject namespace, that is, in your script you should call Page.NativeWebObject.Find rather than Page.Find. For code examples, see the Searching for Web Page Element Containing Specific Text blog on our AQCommunity site or the “Searching for the Element Containing the Desired Text” help topic.

Q.: How can I check if a web page contains specific text? A.: You can obtain the page‟s text using the document.body.innerText property and search for the desired text in it. For more information and code examples, see the “Checking if a Page Contains Specific Text” help topic.

Q.: How can I find a specific image within a web page? A.: To find an image within a web page, you can use one of the following approaches: Search for the IMG element whose SRC attribute contains the file name of the desired image. To perform the search, use the Page.NativeWebObject.Find method (see the method's description above). Use TestComplete‟s image-search capabilities. You can call the Picture method of the web browser window to obtain a Picture object holding the window image, and then use the Find method of this object to search for the desired image. This method returns a rectangle that specifies coordinates of the image within the web browser window. To obtain the scripting object corresponding to the found image, you can use the Sys.ObjectFromPoint method. Both approaches are equally valid, however, finding the image by name works much faster.

65 66 67 68 69