Archive for March, 2016

Exploratory Testing During Load Testing

Tuesday, March 29th, 2016 by The Director

In Connecticut, some exploratory testing types found and exploited a software flaw in lottery terminals:

An investigator for the Connecticut Lottery determined that terminal operators could slow down their lottery machines by requesting a number of database reports or by entering several requests for lottery game tickets. While those reports were being processed, the operator could enter sales for 5 Card Cash tickets. Before the tickets would print, however, the operator could see on a screen if the tickets were instant winners. If tickets were not winners, the operator could cancel the sale before the tickets printed.

It’s a condition that only occurred while the system was under processing load.

Which is why, whenever I get to do some load testing, I also like to call up the application under test and run through some basic smoke tests with it. You can find different places where resources are not available or where the load times can lead to unintended consequences–like allowing the user to click a button that renders but is hidden when the page fully loads. Or to act on data that the user should not be able to act on, as the lottery terminal displays.

Of course, you can do something like this through some network-throttling tools, but that will only really handle client-side slowdowns and problems, not necessarily issues with the server and infrastructure.

Also, it’s a way to get one more user’s worth of load on the system, and given our load testing budget most of the time, that can be a 5% increase over the 20 virtual users we have licenses for.

Preach It, Brother

Friday, March 25th, 2016 by The Director

NPM & left-pad: Have We Forgotten How To Program?:

Finally, stringing APIs together and calling it programming doesn’t make it programming. It’s some crazy form of dependency hacking that involves the cloud, over-engineering things, and complexity far beyond what’s actually needed.

What’s worse is that if any of your code (or the 3rd party library code) has a bug or breaks, you won’t know how to debug or fix it if you don’t know how to program.

Events of the last week should make developers wary of third-party stuff, but they won’t.

QA Music: Sing Me A Song Of Startups

Monday, March 21st, 2016 by The Director

Linkin Park, “In the End”

Test Passes, Sorta

Thursday, March 17th, 2016 by The Director

I found this interesting article on the St. Louis Post-Dispatch Web site:

There are a lot of test articles floating through the Internet in production systems. Why people don’t bother to turn them off after the testing is done, I don’t know.

Bonus points to you if you can spot the issue with the test article itself.

My Talk On How To Succeed At Being A Consultant Is Online

Wednesday, March 16th, 2016 by The Director

If you want to be a successful consultant, you might learn something:

What defects will you log? Whatever defects you like. What is the best methodology for testing? Whatever methodology you like. What’s the best time to start automated testing? Whatever time you like.

Well, “succeed” might be a misnomer. But you’ll certainly be employable.

QA Music – Wolf Out

Monday, March 14th, 2016 by The Director

In This Moment, “Big Bad Wolf”

If you need more Monday morning wolfery, see also this.

Everything I Know About Testing I Learned From Zork

Thursday, March 10th, 2016 by The Director

Login Screen
This is a login screen before you can use the application, with an account name, password field, and a Log In! button.
There is bubbly copy and a licensed stock image of a bearded man holding a small boy.

> check copy

The copy is cheery, but not particularly informative. In a stunning turn of events, the words are all spelled correctly, AND they've remembered the serial comma.

> mouseover image

The title and alt text are set for the image and read "Welcome back!"

> type </html> into account name field.

The value displays in the edit box.

> type </html> into password edit box.

The value displays in the edit box.

> click Log In!

A Potentially Malicious Request warning displays! Oh, woe and agony! The site is eaten by a grue.

How I Became That Guy / The JavaScript Twofer

Wednesday, March 9th, 2016 by The Director

I’ve set as a basic test visiting sites under test without JavaScript enabled, without Flash enabled, and without cookies enabled. It was a bit of an exercise for me, because who would visit the Web with JavaScript enabled?

Well, suddenly, that’s me.

I was running an old version of Safari on my iPhone because my client required a lot of backward compatibility testing. I don’t do a lot of processing on my phone, but I do a lot of reading, and suddenly Safari was crashing all the time. It was the ad content JavaScript, and once I turned it off, I could read on my phone again.

I’ve since updated the phone, but I’ve kept the JavaScript off because the pages load faster (if at all) and I’m using less data.

Which means I see all sorts of bad behavior. Not just counting unresponsive forms, but sites completely failing to load because they’re doing something JavaScript before page load with no alternative.

So I’ve set one of my browsers to block JavaScript by default just to see what happens when I hit a new test site. A lot of the time, I encounter something weird and start to log a defect before I realize nothing’s working because I have JavaScript disabled.

So I log a bug to indicate that the page should display a message in this case. That’s the first part of the two-fer.

Then, nine times out of ten, I retest and close that issue and open a new one to capitalize JavaScript correctly. Although I’m pretty clear in the defect, the developers type Javascript. All. The. Time. The JavaScript Disabled message is two bugs in one.

I’ve read memes and jokes on the Internet and Twitter that people who don’t use JavaScript are like vegans and CrossFit people and must tell everyone. Apparently, with this post, I have become that guy.

Oh, and I look forward to the first through one hundredth times I have to log a bug about capitalizing CrossFit correctly.

(Meanwhile, while we’re on the topic of JavaScript, also read Maybe we could tone down the JavaScript.)

Category: Bug

Thursday, March 3rd, 2016 by The Director

You know I log every instance of controls/edit boxes/drop-down lists where the lower-cased g gets chopped at the bottom.

Well, except this one in the FogBugz defect tracker itself:

Internet Explorer is the worst offender in this regard, but the screenshot above is from Firefox.

Now you know why Roger Dougherty, single, born in August and living at 1021 Brighton Way, Harrisburg, Oregon always signs up for applications I test.


wordpress visitors