Software Product Development | Software Testing Tutorial

Showing posts with label Web pages. Show all posts

Friday, April 12, 2013

Support forums - encouraging users to add their feedback and increase communication levels

In today's world (actually even in times gone by), it was always important for makers of software to engage with their customers. If you build something, you may be secure in the knowledge that you did your best and built your software to meet the customer needs and expectations, but if you are not engaged with your customers, then you might not be on the path to success. What works with customers can be enumerated through marketing and surveys to the highest degree, but customers have a horrible way of surprising even the best laid plans. You may turn out with a very successful software product, or you may turn out with a product that may fail to click with customers. How do you prevent this from happening ? Well, you need to be engaged with your customers, get their opinions, and do so in a way that you are getting it in their natural setting (and not depend entirely on a controlled setting where people representing customers are presented questions and information taken from these answers); and so this before, during and after your product is released.
Why would you want to get information from customers after your product is released ? Well, unless you are there for a one-off product, you need to ensure that your customers are engaged with you, feel that their opinions are taken into account, and if they have any queries, those are answered. And a critical part of that is about ensuring that their opinions and complaints are responded back. However, one major problem that I have seen is that formal customer support is more and more treated as a way to also generate revenue (or also to atleast cover costs). If done well and if you have skilled customer support, then you end up with customers who are satisfied. However, I have also seen customers who are very dis-satisfied with the level of customer support that they are getting and this forms the basis of a bad opinion of the product and of the organization. I was recently searching for some help on a topic related to MS Word, and found a page where users had suggested some solutions, and this worked for me as well. But, when you read about the opinions expressed by many of the users, the common complaint used to be that the customer support was unable to help them, and then they found a solution on a web page, and continued customer interaction on that web page brought such pages to the top of web searches for that particular problem.
And this is where teams and organizations need to be focusing. Formal customer support in the form or chat and telephone may have a certain resolution capability and experience, but it is important to combine this with web pages where users can report problems and get solutions. I have seen teams where team members are encouraged to respond to user problems and suggest solutions (especially in cases where customers are looking for simple items such as looking for a certain feature or a plugin, or some other issue that is not machine or user specific). In the cases I have seen where teams did this kind of interaction, we also saw that other users also started jumping in where they could suggest solutions or where there was a case where they had been given a solution in the past and they could post the same solution for another user. In addition, we had started tagging users with badges which identified them as experts at proposing solutions, and this started to build (pride and the prestige associated with getting recognized in front of other users would make sure that people got into this mode of reporting solutions). Eventually, this got into a self-sustaining mode, but the team ensured that it it did not let up about their interactions with users).
These pages also started getting reported higher and higher on search engines, and as a result, more and more users started landing on such pages when they were running into problems and for most of the users, there was not a need to go to formal customer support mechanisms.

Friday, February 22, 2013

Explain SlimDog - Web Functional/Regression Test Tool

About SlimDog

- SlimDog is a web application testing tool that is based on simple script i.e., the httpunit.

- The tool comes with a range of commands that help you to work with forms, navigating between the web pages and checking the table contents.

- The hard task of writing lengthy xml files and JUnit test cases, the slimdog allows the users to create simple text scripts.

- Each command is a test node that is contained in every line of the script.

- As such all commands contained in a file are treated as a test case and processed as the same.

- Every command has a syntax that is quite simple as well as easy to learn.

- If you want, you can form a test suite by combining several test scripts.

- The results of the tests executed are written as an html page or file to the console.

How to use SlimDog?

- To use slimdog, firstly you need to download its latest version from its web site.

- The application will be in zipped form.

- You need to extract the files to a directory of your choice.

- Next step is to create a test directory.

- After this you can start creating tests and save them in the test directory you just created.

- After you have created the test, your next step is to get the html content.

- You can run the tests from the command line.

- After obtaining the results save them to a file.

- Be careful that the file in which you are saving the result should be defined using the –o argument.

- You can even navigate from one page to another.

- All files in the test directory can be run as a test suite.

- Every test case file must end with .test extension so that it becomes recognizable.

- You can even use a proxy.

- The slimdog commands can even be used with the JUnit test cases.

- However, running a test case is the easiest way.

- Firstly, the web tester needs to be instantiated and all commands need to be added through the parse line method.

- You do not have to worry about the syntax since it is the same as that of the script files.

- After this runtest() method can be called and web test results can be obtained.

General SlimDog Commands

Below we shall mention some general slimdog commands:

Get_html: This command is for establishing a connection with the given URL and thus reading its content. The read content then can be used later. The parameter to this command is the URL itself and it supports variables.
Check_title: Parameter for this command is the required title and it is of the type test. The title of the page that you specify is checked against the given title. There is one thing about this test which is that if it fails, the entire test will fail.
Set_proxy: The parameters for this command are the proxy port and host. It is of the type command.
Check_link (missing): The parameter for this command is the text within the tag and this one is also of the type test.
Check_text: The text to be found is passed as a parameter to this command and it is of the type test.
Click_link: The argument for this is the text within the tag. It is of the type command.
Seturlprefix: The parameter here is the URL prefix. This URL prefix is used as the base URL for other tests. It is of the type command.
Enable java_script: Parameter is either true or false. This command disables and enables the JavaScript based on the argument passed.

Friday, December 21, 2012

Give an overview of IBM Rational Application Developer?

The Rational Application Developer was developed by IBM to provide a complete solution for the development of the applications which are otherwise are difficult to be built. It creates an integrated environment for you to work in. The work bench platform can be further extended to meet your specific requirements.

The Rational Application Developer by default supports two SCM systems (software configuration management systems) namely:

SCM adapter plug–in: This is included for the CVS systems (concurrent version system). This is so because the eclipse only supports the open source SCM system which is none other than the CVS.
Rational clear case SCM adapter plug–in: This is automatically installed by the rational application developer. However the clear case client needs to be installed separately.

Before using either of the above mentioned adapters, you should enable the appropriate one.

About Rational Application Developer

- Rational application developer is a great tool for the development of web application since its work bench offers you a number of tools that you might require for developing your applications.

- The application may range from web sites to static web pages to complex web applications which make use of JSP files or java servlets.

- A web project consists of all these resources, web resources and deployment descriptors.

- Rational application developer can also be used for the development of portal as well as portlet applications.

- The tools provided by the rational application developer run well on web sphere portal.

- Rational application developer has it all that is required for the development of portal – views, wizards and specialized editors.

- All these ease the creation of the portal sites.

- Java development tools of the rational application developer assist you in building and running the java programs that have been optimized.

- Tools consist of a UML diagram editor and a visual editor as well.

- The client, data tiers and servers can be segregated using the J2EE specifications for the enterprise applications.

- It has also got some relation data base tools using which the work regarding the data access applications can be defined.

- You can work with the following:

Tables
Views
Filters
SQL
DB2
UDB routines
SQLJ files
SQL DDL files
DADX files
XML files and so on.

- Not only this, a number of enterprise applications can be developed and tested in the specialized environment dedicated to this by the rational application developer.

- The following tasks can also be carried out:

Writing and editing business logic
Importing and exporting enterprise applications
Maintenance of the source code
Generating code using java development tools

- An already existing system can be redesigned to achieve better maintenance of the design.

- This IBM product also comes with tools to assist you in discovering, transforming, and creating, deploying, building, developing, testing and publishing the web services.

- Thus, it is a web service development package also.

- A web service consists of many application functions that are related to each other and can be invoked over the internet.

- These web services can be mixed and matched by the businesses for carrying out complex transformations involving just required amount of programming.

- Rational application developer has proved to be quite a great tool in developing the EGL (enterprise generation language) applications.

- EGL are the languages which help you write code for full functions applications as quickly as possible.

- It lets you focus up on the business problems rather than its development technology.

- It can be used for the creation of a text user interface, basic batch, as well as web applications.

Wednesday, October 24, 2012

Explain advantages of DOM extension over VO extension?

In this article we shall discuss the advantages DOM has over VO. First, we shall discuss about these two silk test browser extensions individually.

About VO Extension

- VO browser extension is related to the concept of virtual object.

- An extension is a supplementary add–on component required for carrying out certain tests for web sites and web applications using silk test.

- This virtual browser extension operates using a technique called the “sophisticated pattern recognition technique”.

- This technique helps in facilitating the object identification process and provides an actual view of the web sites and web applications.

- However, the HTML tags cannot be recognized with the help of this extension. - One thing to be noted is that only the objects present in the web pages can be recognized by the virtual object browser extension.

- This extension however does not care about the implementation of these objects.

- Identification of the object is done based up on the following:

Control type
Caption
Associated text
Control index
Location and
Window ID

- This browser extension is one of the methods used by the silk test for object recognition.

About DOM Extension

- The second method is the Document Object Model and makes use of the DOM browser extension.

- DOM browser extension is basically used for establishing a direct communication between the web application and web browser.

- The following tasks can be carried out:

Recognition of the objects
Categorization of the objects and
Manipulation of the objects

- The DOM browser extensions works with the HTML code rather than working up on the visual patterns like the virtual browser extension does.

- Firstly, it identifies the browser window of the application which consists of the application that is currently being executed.

- The object among the other web UI objects is identified based unique HTML elements that represent that particular UI object.

- This is done by concatenating the following two things:

HTML element identification and
Browser window identification

- This DOM browser extension is known to operate on the standards laid down by the W3C or world wide web consortium.

- However, till date there are only two browsers which support this extension namely internet explorer 5+ versions and netscape 6.

- These two web browsers provide the provision to silk test for making direct queries to them.

Advantages of DOM over VO

Now let us see what all advantages DOM has got over the VO browser extension:

A rectangle is displayed over the VO or virtual object by the recorder as the recording is carried out by the quality assurance engineer.
The text size as well as the actual name of the objects is easily recognized by the DOM extension as compared with the VO browser extension.
The DOM extension is not dependent on the text size setting and browser size like the VO browser.
DOM extension provides a better support to the border-less tables.
More classes and properties are available in DOM extension as compared to the VO browser extension.
Using DOM extension, you can maintain a great consistency over the object recognition process.
DOM extension is quite fast in working as compared to the slow VO browser extension.
One can expect some gain in the playback speed in DOM extension but the same is not possible with the VO browser extension.
There is less crashing or freezing events in the recorder with the DOM extension and more in the VO browser extension.
In VO browser extension the conversion of scripts is more like a daunting task but this not so with DOM.

Monday, July 16, 2012

What are the types of web testing security problems?

Web testing is much in demand these days since the use of web sites and web applications are increasing by huge margins day by day. As the cyber crimes are increasing, web sites and web applications call for more security settings which in turn plunge in to the web testing schedule as the web testing security problems.

"Web testing is a kind of software testing that focuses on web sites and web applications. The security issues of the web sites and web applications are addressed by another type of web testing called web security testing".

The testing of the web sites and web applications for security vulnerabilities is quite and exciting concept. Though the matter is quite exciting, it needs to be taken seriously. The best method to combat with the known web testing security problems can be to be prepared in advance and having knowledge of what is to be checked for.

In this article we are going to take up some of the most common security aspects that can pose problems in web testing. They are mentioned below:

Server problems: These are the most common security problem. It happens many a times that the server is down for maintenance or some other reason.
Hardware problems
Data base problems: Any problems in the data base of the web site or web application gives rise to many of the security problems. Any problem and uncertainty in the data base can prove to be a danger to the overall security of the web site or web application.
Navigation from one page to another: Too much of navigation from one page to another endangers the security of the web site or web application which in turn acts as a hindrance in the web testing of that particular web site or web application.
Server security: A server houses a web site or web application data base; therefore it is obvious that the security of the web site or the application relates a lot to the security of the server. Maintaining the security of the web server is quite an important point which otherwise could introduce many of the security problems during the web testing.
Authentication issue
Data encryption
User privileges leaks
SQL injection
Cross side scripting
Cookie testing
The content on a web site that proves to be inaccessible or incorrect can also pose security problems during web testing.
Improper validation of the input can disturb the working mechanism of the web site or web application.
Link testing is an important aspect of web testing. Broken links can hamper the security of the web site or application and thus poses problems in web testing security.
Incorrect copyright information.
Incorrect EULA or end user license agreement.
Un-optimized images that do not meet the specifications.
Improper storage of the data obtained through the web pages.
Time taken by the pages to render.
Lag in performance with many simultaneous users.
Concurrency issues like when a user is working on multiple windows of the same page or there are multiple users on the same page.
Improper and inefficient tracking of the transactions by the server log.
Improper usage of SSL by the web site or web application.
Inefficient working of the feeds.
Inefficient working of the cookies.

Web testing is absolutely essential if you want make sure that your web site or web application has enough browser support and the HTML is valid.

Wednesday, May 30, 2012

Explain the concepts of URL manipulation?

Today in this internet savvy world, I guess almost everybody is familiar with what is an URL or uniform resource locator.

If you see an URL, you can make out that it is nothing but a string of characters. These characters add up to mark up a reference string which points to a source from internet. A uniform resource locator was previously known as uniform resource identifier.

The URLs came in to existence in the year of 1994 along with the introduction of the World Wide Web by Sir Tim Berners – Lee along with the contributions from the internet engineering task force.

The format of a typical URL consists of the domain names along with the file paths and the forward slashes are used to distinguish between the different file names and folders. Name of the servers are preceded by a double slash.

Components of URL

Let us now list the components of a typical URL in the order in which they are lined up in the URL:

The scheme name which is usually a protocol.
The scheme is followed by a colon
Two slashes
Name of the domain (if any depending on the scheme).
A port number
CGI (common gateway scripts) scripts
Query string
Fragment identifier (optional)

Categories of URL

- The URLs are categorized under two categories namely relative URLs and absolute URLs.

- The relative URLs are used whenever the references contained in the resources refer to another resource.

- These relative URLs are often conceived from the absolute URLs.

- The URLs locate a resource based on their primary access mechanism.

- There are various issues related to URLs like URL normalization, URL manipulation etc.

What is meant by URL Manipulation?

- URL manipulation is just another name for URL rewriting.

- As the term itself suggests it is all about altering the parameters of the URL.

- The URL manipulation is used for good purposes also and for bad ones also.

- It is a technique that is usually employed by the web server administrator for convenience and is often used by the hackers for nefarious purposes.

- The original URLs of the resources are quite complicated and complex.

- Therefore, a purpose of this technique is also to make it easy for the user to access a web resource by providing a simple URL.

- URL manipulation technique is used so that the user does not require cutting, copying or pasting long and arcane string of characters.

- This technique is also employed since remembering complex URLs is a difficult task and they are quite lengthy which makes it quite a tedious task for the users to remember or store it and use.

- Therefore, using the technique of URL manipulation they are modified in to simple and short URLs which are comparatively easy for the users to remember.

Wrong Use of URL Manipulation

- A nefarious use of URL manipulation is to use the URL of a legitimate site or web resource without the prior permission or knowledge of the site owner or administrator to redirect the users to an illegitimate web site or web resource.

- Such illegitimate sites then may install malicious code on the hard drive of the user’s system.

- This may also have an intended purpose of increase the traffic on the attacker’s illegitimate web site or application.

- There is a term similar to the term URL manipulation called URL poisoning. These two terms may sound similar in meaning, though they are not.

What is URL Poisoning?

- URL poisoning is a technique that is employed to track the activities of the user on the web.

- This technique involves the addition of an identification number to the current URL of the web browser when that particular web site is visited by the user.

- This URL with the ID number is then used for tracking the visits of that user on the sites.

Tuesday, April 17, 2012

Explain the concepts of XSS cross site scripting?

XSS or cross site scripting is a much familiar word in today’s cyber world. Cross site scripting is categorized under the category of computer security vulnerabilities which are common among the web applications.

Purpose of XSS Cross Site Scripting

- This vulnerability makes the web application so vulnerable that the malicious outside attackers are able to inject the malicious client side scripts in to the web pages or applications that are later viewed by the people who visit the page.

- Another purpose may be to incur the access controls like the same origin policy.

- The cross site scripting vulnerability itself accounts for almost 80.5 percent of all the security vulnerabilities identified and documented in the year of 2007 by the Symantec.

- The cross site scripting technique is employed for curbing risk depending on the measure of the sensitivity of the data that is being processed by that particular web site or web page.

- Apart from this factor, another factor that influences this is the security mitigation as implemented by the owner of that web site.

Limitations of XSS Cross Site Scripting

- Cross site scripting can also be employed by some people to create petty nuisance.

- This vulnerability of the security system is often misused by the attackers for bypassing the security mechanisms on the client side which are usually implemented by the web browsers up on the web content on that particular site.

- There are various ways through which the attacker can find the access to the web pages for injecting their malicious scripts in to them.

- Such ways or methods can provide the attacker an unauthorized access to all the sensitive content of the page, information of the user activity as stored by the browser and session cookies etc.

About Cross Site Scripting

- Cross site scripting is a type of code injection attack and is somewhat similar to the SQL injection attacks.

- Earlier the cross site scripting technique was defined as the loading of the third party application that had been attacked at an unrelated attack site while executing java scripts in the context of security of the domain on target as created by the attacker.

- Eventually this cross site scripting refer to the different modes of the code injection, non java script vectors (like VBscript, flash, Java, ActiveX, HTML, SQL and so on).

- The cross site scripting vulnerabilities have been under exploitation since the advent of 20th century.

- So many famous social networking sites like my space, orkut, twitter, Facebook etc have been a victim of the cross site scripting in the past.

- With the sophistication of the cross site scripting techniques, they have now surpassed the vulnerabilities like buffer overflows reporting to be the most common security vulnerability.

- Even now 68 percent of the total web sites have been sorted as vulnerable to the cross site scripting attacks.

Classifications of XSS flaws

As such there are no proper criteria for the classification of the XSS flaws, but according to the experts they are classified in to two categories:

1. Persistent XSS Flaws
It is also known as stored XSS flaws and is the most destructive type. It occurs when the data which has been provided by the attacker is stored by the server.

2. Non persistent XSS flaws
It is also known as reflected XSS flaws and it is the most common type. It occurs when data from a web client is used by server scripts for generating required pages without the sanitization of the queries.

Some other experts classify them as:
1. DOM based XSS flaws: infect client side scripts.
2. Traditional XSS flaws: occur as a result of the flaws in the server side scripts.

Thursday, April 12, 2012

What are different features of smart phones?

Smart phones are now becoming a much in demand essential commodity for this third generation world. The demand for the smart phones has been increasing rapidly since the advent of much advanced and sophisticated technology.

One should be well versed with the current technologies in this tech savvy world and so we have this dedicated entirely to the discussion regarding smart phones.

Features of Smart Phones

- A smart phone is also like a mobile phone, but then what makes it different? Of course it’s so called smart features!

- A smart phone like any other phone is built up on a mobile computing platform but having more capabilities, abilities and connectivity when compared with their ordinary mobile counterparts.

- Today’s smart phones much like the earlier smart phones are incorporated with all the functions of a PDA (personal digital assistant), a camera as well as mobile phones or feature phones.

- But today’s technology has advanced so much so as to build smart phones that have functions of portable media players, pocket video cameras, compact digital cameras, GPS navigation units and so on incorporated in to them.

- The modern i.e., to say the recent smart phones come with more typical features like web browsers and super amoled touch screens which make the accessing of the web much easier than the ordinary feature phones on which only those web sites or pages can be viewed that have been optimized for the mobile phones.

- These smart phones are very much capable of displaying and accessing the standard web pages developed even with a very high resolution.

- Mobile broadband and wi- fi have also been incorporated in to these smart devices to provide them the ability of accessing data at high speeds.

- Many of the smart phones make use of the following operating systems:
1. iOS from Apple
2. Android from Google
3. Microsoft windows phones
4. Symbian from nokia
5. RIMS’s blackberry OS
6. Embedded Linux like MeeGo and Maemo etc

- The smart phones are designed in such a way that any OS can be installed on different models as well as one device is capable of receiving updates of more than one OS software all during its life time.

Difference between Feature phones and Smart phones

- Till now no official definition has been given regarding the difference between the feature phones and the smart phones.

- But, one point of significance is that the advance APIs or application programming interfaces for smart phones can run the third party applications with better integration with the operating system of the phone and its hardware.

- This much integration is not seen in ordinary feature phones.

- The feature phones in contrast to the smart phones make use of the proprietary firmware.

- A third party support is provided to these phones through platforms like BREW or Java ME and so on.

Features of first Smart Phone

- The first smart phone that was introduced was the IBM simon which was introduced in the year 1992. It had the following features:

1. Address book
2. Calendar
3. World clock
4. Note pad
5. Calculator
6. E- mail client
7. Fax and email features
8. Games

- It made use of a touch screen and stylus like modern smart phones.

- It lacked the ability to download third party applications as well as camera.

- However, that phone was highly sophisticated when compared to the other devices of that time.

Features of Nokia Communicator

- After that the nokia introduced its first smart phone range called “Nokia Communicator” releasing Nokia 9000 first in the range.

- The phone in this series had a clam shell like design with a QWERTY keyboard and a display with high resolution of 640 x 200 mega pixels.

- The screen sizes for the smart phones lie between 2 to 4 inches when measured diagonally.

- Some even come with a screen size of 5 inches but, this some what reduces the usability of the phone.

Friday, March 16, 2012

What causes browser display differences?

Most of the time while browsing the same over many browsers you might have noticed considerable differences between the displays across the various browsers. These differences cause a lot of annoyance to the users.

There are various reasons why there occur differences across the different browsers. This article is focussed up on such browser display differences and errors as well as suggestions to avoid them.

ABOUT WEB BROWSER DISPLAY DIFFERENCES

- Earlier it was quite difficult and time consuming task to compare the web sites displays under many different browsers but nowadays several tools have been developed that have proven to be quite effective in testing the appearance of a web site on various browsers.

- These tools help in checking out the differences by taking the snap shots of the web site across the various browsers and then comparing them.

- You can even have the snap shots of your web page under different computers and screen resolutions.

- An HTML tool box is incorporated in these tools which tell whether the differences have occurred due to the incompatibility of the HTML code used in the web site or are they because of the browser incompatibility.

- The HTML tool box in some of the tools has also the capability for repairing off the code errors in just a few clicks.

Some of the most common factors that causes browser display differences are:
1. Browser bugs
2. Browser incompatibility
3. HTML errors
4. Different font sizes
5. Different computer types
6. Different screen sizes
7. Different versions of the browsers

RARE CASES
- In some very rare cases, the problem of differences might also occur due to certain features of a web site that have been exclusively designed for certain browsers and are not meant for others.

- Usually a web site is developed so that all of its features are accessible by all the web sites.

- For example, the web site for downloading Google chrome extensions and tools has been designed exclusively for the Google chrome browser.

- Though this web site can be viewed in any other browser but, one cannot download extensions through that browser.

STEPS FOR ELIMINATING DISPLAY DIFFERENCES ARE:

There are several steps that one can take for eliminating such differences:
1. Avoiding using cutting edge HTML as far as possible.
2. Set some goals for your web site.
3. Always check for the browsers incompatibilities.
4. Follow the trial and error debugging method.
5. Never forget to validate your web pages.

WHAT WEB BROWSERS ACTUALLY DO?

- They translate the web site code in to the formatted web pages.

- Every individual web browser has its own way of translating the web pages.

- This can be compared to the following example: you give a sentence written in German to a few people and ask them to translate it in to English. Checking the results, you will observe that all of them though have translated the sentence but their ways of translation are different i.e., the have used different words and grammar composition.

- Though the rules and standards for using HTML have been stated by the World Wide Web consortium, web site designers have their own way of implementing it.

- There is a fact that you should know which is that there is no such an effective browser that supports the hundred percent of the HTML, though there are certain browsers that come a little far away than their counterparts.

- If your browser does not supports a part of the code, it is sure to affect the display of your web site.

- This problem is further exaggerated by the HTML extensions that are specific to certain browsers.

- Such problems have forced the designers to put a label on their web site stating on which browser their web site can be viewed.

Thursday, March 15, 2012

What are different kind of browser bugs?

It is a universal fact that every thing in this world is infected with some discrepancies. So does it hold well for the web browsers! This article is here to discuss about the bugs associated with the web browsers.

Till date so many bugs of the web browsers like Mozilla, internet explorer, Netscape, opera and so on have been discovered. Let us check out some of the prominent errors:

Multiple browsers bugs

Bugs discovered under this category are:

(a) Font variant ligatures are not implemented by most of the bugs. The font module level 3 of the CSS defines the property of the font variant ligatures to specify the use of ligatures. Till now no such browser has been developed that supports this property fully.

(b) Font weight is not implemented consistently by the browsers. This font weight property of CSS lays down the specifications regarding the numeric values and key words.

(c) Data tables are not managed properly by the browsers. Most of the table properties are not supported by the browsers.

(d) Layout affected by outlining property.

(e) Styling legend tags

(f) Bugs in Mozilla Firefox
Styling is not applied and problems have been experienced with the horizontal scroll bar.

(g) Bugs in Internet Explorer
When the cursor is hovered over some elements, they did not work properly with the forms; the left origin of the positioning coordinates is incorrectly set.

(h) Bugs in Opera
&rsquo and &isquo entities were not recognizable by the opera, but this was later fixed in the 8th version.

(i) Bugs in Safari
These crashes were reported when : hover :: after was used.

(j) The borders separating the head and the body sections are often placed incorrectly by the opera.

(k) Multi-column ordered list remembering.

(l) Backgrounds show through invisible tables.

(m) Buttons with images cannot be aligned with those having only text.

(n) In some browsers even the fixed elements align along with the adjacent elements.

WHAT CHALLENGES ARE FACED WHILE DEVELOPING A WEBSITE

- When you start developing or designing your web sites choose carefully between the CSS and HTML.

- Don’t go for such an advance version of the languages because if you did then you may run in to the problems with the incompatibility of the browser.

- There is so much of competition going around the whole software market.

- The browser developers are releasing new browsers at very fast pace without even testing them properly which then becomes a headache for the web site designers.

- The new languages being used today like HTML 5 and CSS 3 are now gaining very much popularity though they are pretty much complex then their preceding versions.

- Number of features to be implemented is quite huge which is the major cause of the bugs.

- Whenever you come across a bug, do not forget to report it since it may be so very rare that nobody else would have stumbled up on it.

- One thing you should always remember is to keep the problem in the reduced form as much as possible.

- For doing this you an simply make up a copy of the code and from that remove the java script or CSS files one by one and ultimately you’ll come at a point when the problem will go away.

- Now you add that file and remove the others from the ones that you did previously.

- If you find that the bug is now going away even after removing all the files then it is likely that the bug lies in HTML coding.

- Now after you know that which aspect houses the problem, you need to locate that file or code.

What we can do to avoid browser incompatibility?

Malfunctioning of the web sites across various browsers has become a topic of utter annoyance.

Why it happens so that your web site functions perfectly well on one browser and at the same time fails to perform well in some other browser?
Why it appears to be missing some thing while it appears as proper on other browsers?

The root cause of all such errors and differences is the browser incompatibility.

WHAT IS BROWSER INCOMPATIBILITY & TOOLS FOR DETECTING BROWSER INCOMPATIBILITY

- There are various tools that can help you across detecting the browser incompatibility.

- Such tools check for the browser incompatibility by comparing the various snap shots of the web site operating under various web browsers.

- Different browsers and different browser versions all add up to the browser incompatibility.

- Browser incompatibility though cannot be eradicated fully; it can be at least reduced to a certain extent.

- Though the browser is only to be blamed for its incompatibility, the measures to reduce or avoid it can be taken from both sides.

- It can be done by improving either the standards of the browser or by taking care of the web site.

- If the web site in its design and code is good, incompatibility will be noticed less.

WHY INCOMPATIBILITY ARISES?

- It arises either because of the incompatibility of the web browser or because of the problems in the web site itself.

- So you need to focus on the design an implementation of your web site rather than bogging up yourself with the browser issues.

- Employing cutting edge HTML can also run you in to the incompatibility problems as the HTML standards usually are a way step ahead of what is supported by the web browsers.

- Till now, no such browser has been developed that will take in to consideration 100 percent HTML.

- No doubt there are certain browsers that are a bit close to this value than the others.

- Using latest versions and standards of the HTML is always not a good choice. So be wise when you choose the version of HTML for designing up your web site.

- Another fact to be kept in mind is that not all the web browsers are equally efficient in translating the HTML code in to formatted web sites.

- There are some browsers that may leave certain parts of the HTML code because they are not able to execute it and again you will have trouble with your browser compatibility.

- Also all the web browsers do not translate a web page in the same manner and don’t give the same results.

- Before you start building up your web site, check out the compatibility of the different browsers so that you will have an idea what all formats and standards they support and you can build your site according and simultaneously avoiding a bug deal of incompatibility.

- After you have finished developing your web site, have your pages validated. If you are getting errors in your web site try out the trail and error debugging method.

Though the World Wide Web consortium has specified the standards for using HTML, you can very well invent your own and design your web site accordingly. But this has a disadvantage that the browser may reject the parts that cannot be executed and the appearance and functioning of your web site will be affected.

The basic difference between the two versions of a browser lies in the support they provide for the HTML. But on top of all it would be better if you pay attention to the browser compatibility while designing your web site. This will prevent you from running in to future issues regarding the incompatibility of the browser.

Sunday, March 11, 2012

What is meant by content spoofing in detail?

Content spoofing is a rarely discussed topic and is much unheard by the many of us!
So let's evaluate the concepts of content spoofing in detail:

- Content spoofing has been categorized as an attack technique using which the attacker is able to inject a malicious code or payload in to the good content of a web site or a web application.

- This malicious payload or code is later thought of as being the legitimate content of that particular web site or web application which is a wrong interpretation.

- Content spoofing affects usually the web pages which have been built dynamically.

- Text only content spoofing is the technique in which the payload usually as text is passed in to the body of the web page or application in the form of a query string value.

- This approach usually takes effect on the pages of the web sites displaying some news entries and error pages.

- Such content is then later posted on the web site as its legitimate content.

- So when the users visit that particular link they perceive that the spoofed content is nothing but the legitimate content.

- In some cases it is possible that the pay load may exist on the web page for a longer time than estimated.

- Most of the web pages have been built dynamically with the sources from the HTML (hyper text mark up language).

- The attacker can easily change the content and when the particular web page is accessed by a browser, the location comes of the same domain as the user expected but the user does not come to know that the content is not legitimate instead it is shrouded one.

- As this is not enough to harm a web site, some attackers even manage to send malicious links to the users through emails and messages.

- In some cases the malicious links can be enforced up on the users following a cross site scripting attack.

- When the user clicks that link, he/ she visits the web page designed by the attacker with the malicious URL (uniform resource locator).

- The user will not come to know about this that he/ she is actually viewing am unauthentic web page.

- They will unknowingly believe that the spoofed content that they are viewing is purely authentic but this is not the case.

- Content spoofing does nothing but spoils the trust that the user has on the web site.

- The technique of content spoofing is being used like anything for the creation of fake web sites including fake login pages, press releases and defacement.

- Another point to be noted is that if you can fall victim to a cross site scripting attack, then the chances are that you may fall prey to content spoofing attacks as well.

- Content spoofing is a type of exploitation activity used by the hackers who have wrong intentions like presenting certain web pages to the user as if they are legitimate and not from an external source.

- This is somewhat similar to the SQL injection attacks. In both the cases the victims are defrauded like in phishing.

- Some attackers can even access the data base of a web application stored in a server and alter the contents.

- Content spoofing cannot be readily detected since there is large apparent difference between the actual and the spoofed content.

- The content spoofing carried out with the help of dynamic hyper text mark up language or DHTML is considered to be the most dangerous type since it can be used to form fake login pages.

- When any user inputs his sensitive data (can be a password, credit card number etc) in that page, the data goes directly to the attacker without the knowledge of the user that he has fallen victim to an identity theft.

Saturday, October 1, 2011

Estimation Techniques - For Web Engineering Projects

Early estimation is required during planning even though there is a huge chance that these are proven wrong. Some uncertainty is unacceptable and some solid techniques and concrete procedures help reduce the inaccuracy of estimates.

Estimating techniques for web engineering projects adapt the agile process model. Along with the agile estimation approach, a modified function point (FP) measure can be used to develop an estimate for a web application. Roetzheim suggests for web application estimation, the information domain values while adapting function points are:

- Inputs include maintenance screen, input screen or form or each tab using a tab notebook.
- Outputs include static web page, dynamic web page script, each report whether web based or administrative in nature.
- Tables include logical tables in database, each XML object if XML is used to store data.
- Interfaces are logical files into our out of the system boundaries.
- Queries are a message oriented interface and they are externally published.

According to Mendes:
The best way to determine the volume of the web application is by :
- predictor variables that are associated with application like page count, function count, media count,
- web page characteristics like page complexity, linking and graphic complexity,
- media characteristics like media duration,
- functional characteristics like code length.

Empirical estimation models for:
- total project effort
- page authoring effort
- media authoring effort
- scripting effort
can be evaluated by using these measures.

Monday, September 5, 2011

What are different web engineering project metrics?

The objective of a good web application is that it delivers a combination of good content and appropriate functionality for the end user. Web engineering project metrics are defined that assess its internal productivity and quality are:

- Number of static web pages measure provides an indication of the overall size of the application and the effort required to develop it. This measure has less complexity and requires less effort to get construct.
- Number of dynamic web pages measure high complexity and more effort to get construct. It provides an indication of the overall size of the application and effort required to develop it.
- Number of internal page links measure gives an indication of degree of architectural coupling within the web application. Effort on navigation and construction increases as the number of page links increase.
- As Number of persistent data objects increases, the complexity and effort to implement it also grows.
- As Number of external systems interfaced increases, the complexity of the system and effort required for the development also increases.
- Number of static content objects includes static text, graphics, video, animation and audio within the application. Multiple content objects appear on single web page.
- Number of dynamic content objects includes objects based on end user action and includes text, graphic, video, animation and audio within the application. Multiple content objects appear on single web page.
- As the Number of executable functions increases, the modeling and construction effort also increases. A metric can be defined reflecting the degree of end user customization required for web application. An executable function provides a computational service to end user.

Web application metrics can be computed and correlated with measures like effort, errors and defects uncovered, models or documentation pages produced.