ABSTRACT
Testing input validation in web applications from specifications is a challenging and laborious process. GUI testing tools - with their record-and-playback and data-driven capabilities - ease the pains of testing through automation. Out-of-the-box, however, these tools have some scaling limitations as setup costs are incurred for every distinct web application to test. In environments where a line of many web applications are regularly created for various customers and purposes, scaling the test automation to span the entire product line is extremely valuable. In this paper, we report on our experience in generalizing the automatic specification-based testing of input validation in a line of web applications. Our approach is based on a nonstandard use of a GUI testing tool enabled by adjustments to coding standards and the requirements specification writing process.
- J. Offutt, Q. Wang, and J. Ordille. An Industrial Case Study of Bypass Testing on Web Applications. In Proceedings of the 2008 International Conference on Software Testing, Verification, and Validation, pages 465--474, Washington, DC, USA, 2008. IEEE Computer Society. Google ScholarDigital Library
- J. Offutt, Y. Wu, X. Du, and H. Huang. Bypass Testing of Web Applications. In Proceedings of the 15th International Symposium on Software Reliability Engineering, pages 187--197, Washington, DC, USA, 2004. IEEE Computer Society. Google ScholarDigital Library
- J. Pichler and R. Ramler. How to Test the Intangible Properties of Graphical User Interfaces? In Proceedings of the 2008 International Conference on Software Testing, Verification, and Validation, pages 494--497, Washington, DC, USA, 2008. IEEE Computer Society. Google ScholarDigital Library
Index Terms
- Towards automated oracles for GUI input validation
Recommendations
Automated verification and test case generation for input validation
AST '06: Proceedings of the 2006 international workshop on Automation of software testInput validation is essential for any software that deals with input from its external environment. It forms a major part of such software that has intensive interaction with its environment. Through the integration of invariant and empirical properties ...
Covering code behavior on input validation in functional testing
Input validation is the enforcement built in software systems to ensure that only valid input is accepted to raise external effects. It is essential and very important to a large class of systems and usually forms a major part of a data-intensive ...
MiTV: multiple-implementation testing of user-input validators for web applications
ASE '10: Proceedings of the 25th IEEE/ACM International Conference on Automated Software EngineeringUser-input validators play an essential role in guarding a web application against application-level attacks. Hence, the security of the web application can be compromised by defective validators. To detect defects in validators, testing is one of the ...
Comments