The development of modern web applications is a complex process that requires the coordination of many different specialists working to achieve a common goal. One might think that all you need is a developer and some code in order to make a webpage work. And one would be correct to some extent, however, there are other aspects that have to be taken into consideration, such as quality, which is possibly the most important example.
“Quality is not an act, it is a habit” Aristole
How to define quality in terms of web applications? This is a very wide term covering everything from the basics and particularly the importance of testing: functional checks, usability tests, requirements testing or performance testing to more in-depth subjects like accessibility testing, security tests and fully-automated tests.
To examine the subject further let us have a look at the most common test areas.
Types of Web Application tests
Manual tests are the cornerstone of each successful project, each functionality has to be tested –and often for many devices/browsers – whether it meets the specification requirements, each edge case needs to be tested thoroughly to prevent an end user from exploiting any security threats or causing a web page crash. Many of those manual tests can and should be automated in order to reduce the amount of time required for testing. Test automation is a development branch that requires special tools and frameworks where each test is fundamentally a script, so a skilled automation engineer should also follow all good code practices and standards.
Another area are performance tests which can be divided into several subareas and strategies. A very common approach is to just test the application response times, however, more detailed tests check things like: How does an application respond if there is high traffic? How many users can enter the page simultaneously before it crashes? Does application performance degrade over time which implies some memory leaks? What is the page load time in Hong Kong in comparison to Atlanta? Thorough performance tests can provide answers to those questions and help find potential problems and bottlenecks.
Security tests are meant to find as many potential security issues as possible. They are conducted in order to locate and fix security vulnerabilities which could result in hacking the site, sensitive data being stolen or crashing the servers. They usually consist of the use of various automated tools that check for the most common threats but may also need some manual tests which require the tester to think as a hacker and predict possible issues.
There are some other testing approaches as well, accessibility testing focuses on adjusting the application so it is usable by people with issues like hearing impairment, color blindness, infirmity and old age or other problems; usability testing focuses on testing how easy and intuitive the page is; and regressions tests which constantly ensure that none of the already existing functionalities breaks and that quality does not deteriorate.
Requirements for successful Quality Assurance
As you can see testing web pages consists of many areas that often require a specialist to be able to prepare and conduct a valuable set of tests. In order to test application security one has to be up to date with current threats, be an expert in the area of system architecture and proficient as a developer as well. In order to provide a successful test automation a skilled developer with test experience and devops knowledge is a must.
Finally the testing requires effort from the whole team in order to be successful. This is very often overlooked and people think that simply adding the testers to the team is enough to improve application quality. However what everyone needs to be aware of is that it also slows down the development process due to the fact that it now incorporates testing. So every new feature has to be manually tested, all defects need to be documented and fixed, also the automated tests need to be recorded and maintained as well as regularly updated to match the latest changes in order to produce benefits. Any additional testing activities will also usually require new testing environments and will further delay the release date. However, there is a huge advantage of doing these kinds of tests and I will discuss this in the next part of this article.
The Benefits of Testing
So what are the actual benefits of testing and should it be done? Well, let me give you an example. Let’s say that you have ordered a brand new car that you expected to be the best in all areas and you have just received it. At first glance everything looks fine but after one day of using it you notice that the top speed and acceleration is actually much worse than with your old car. Moreover the door only occasionally locks which makes it very prone to theft. There are also a few issues inside the car, the gear box does not work properly, the radio is broken and in order to use the turn-signal you need to press 2 buttons that are located on the backseat of the car because someone thought that this may have been a good idea despite of what the standard is.
In fact this is not an extreme example, because some web pages look more like a car that could never even start its engine, never mind drive and yet there they stand, proud members of the online community. The benefits of testing affects both the team and the business-side. Testers will increase the team’s confidence before release and test automation constantly ensures the developers that their code changes do not introduce new issues. Testers also make sure that the new functionalities are consistent with requirements and make it much easier to introduce all kinds of bigger changes in the application (technology stack updates or application changes) due to automated tests. From the business perspective the end-product is of higher quality, the risk of introducing a defect into the production environment is much lower, which is the same as the possibility of weak performance or security issues.
If you don’t have time to do it right, when will you have time to do it over?