Knjohnson Testing an Ecommerce Shopping Cart Site

Published on June 2016 | Categories: Documents | Downloads: 34 | Comments: 0 | Views: 174
of 25
Download PDF   Embed   Report

Comments

Content

Presentation Bio

P R E S E N T A T I O N

T13
Thursday, November 1, 2001 1:30 PM

TESTING AN ECOMMERCE SHOPPING CART SITE
Karen Johnson
Peapod, Inc.

International Conference On Software Testing Analysis & Review October 29-November 2, 2001 San Jose, CA USA

Testing an E-Commerce Site

Karen Johnson Peapod, Inc. StarWest 2001

An Introduction

Peapod, Inc. § An online grocer serving several major metropolitan areas. § Peapod has been in business since 1989. Karen Johnson, QA Manager of E-Commerce § 16 years in IT: 9 years of QA experience, 7 years tech writing § Experience with functional, regression, automation, load and performance testing.

Karen Johnson/StarWest 2001

2

Testing an E-Commerce Site
§ § § § § § § § § § Browsers The Cart Cookies Customers Registration SSL: Secure Pages Credit Cards Sessions Servers Regression testing

Karen Johnson/StarWest 2001

3

Browsers
§ Know what browsers your users have § Stay current on browser releases § Be conscience of what parts of your site are affected by the browser and browser version § Tips on what to test with different browsers can be found in my article Mining the Gold from Your Web Server logs – STQE January issue. The article can be found on the sticky minds site.

Karen Johnson/StarWest 2001

4

The cart: adding items

Verify the item is added to the cart § Where in the store was the item added to the cart? For example is there a specials page, discount rack, banner ad, etc. § Is the buying functionality the same throughout the store? For example if the customer buys from the banner ad versus from a regular item page - is the buying functionality the same.

Karen Johnson/StarWest 2001

5

The cart: changing item quantity

Verify item quantity is increased/decreased § Are there quantity restrictions? For example, your site may restrict the quantity that may be purchased. § Are there restricted products? For example, some products may not be shippable in all states. Products such as alcohol have many restrictions.

Karen Johnson/StarWest 2001

6

The cart: removing items
Verify the item is removed from the cart § Are there fees, taxes or discounts to be adjusted For example when the consumer removes an item, (or adds or changes the item quantity) are the corresponding delivery/shipping fees, taxes, and coupons adjusted as needed. § Are there item specific details that need to be removed? For example does an item have gift wrapping or special handling/shipping details or substitution information that needs to be removed from the order details if the item is removed from the order.
Karen Johnson/StarWest 2001 7

Cookies: What they are

According to O’Reilly’s book Javascript:The Definitive Guide*
A cookie is a small amount of named data stored by the web browser and associated with a particular web page or web site. Cookies serve to give the web browser a memory, so that it can use data that was input on one page in another page, or so it can recall user preferences or other state variables when the user leaves a page and returns. Cookie data is automatically transmitted between web browser and web server, so CGI scripts on the server can read and write cookie values that are stored on the client.
§ * permission granted by O’Reilly

Karen Johnson/StarWest 2001

8

Cookies: Facts to know
§ Cookies are small files stored on the client workstation. What information they contain varies completely by the site. § Cookies have an expire date. Some cookies are only valid for the length of the session. § Cookies have a domain associated to them. This means cookies by your company and your company’s domain are not readable by other sites. § Cookies have a path which specifies on which pages a cookie can be read. § Cookies have a security setting. Most cookies are available on insecure pages but in some cases, a cookie could be valid and read only on a secure page.

Karen Johnson/StarWest 2001

9

Cookies: What to test
§ Test your site’s cookies according to the content of the cookie. § Test with cookies and without. § Test the expire date, domain, path and security setting. § Test with Internet Explorer and Netscape.

Karen Johnson/StarWest 2001

10

Cookies: Where to find them and how to remove them
§ Internet Explorer
The cookie is stored in a separate file and the location depends on the operating system. Windows 95 and 98 c:/windows/cookies Windows NT c:/winnt/profiles/username/cookies Windows 2000 c:/winnt/cookies Delete the specific cookie.

Netscape
The cookie is stored in one large file with all the Netscape cookies. C:/program files/netscape/username/cookies Delete the file.

Karen Johnson/StarWest 2001

11

Customers

§ What information is maintained about each customer? § Is your site customized? § What information is stored encrypted? § What are the rules for sending emails?

Karen Johnson/StarWest 2001

12

Registration

§ Unique user id Verify each user has a unique account. § Address information Does your site restrict service or delivery based on which state or address the order is being shipped to? Does your site validate the street address during registration? § Passwords Are they stored encrypted? Are they encrypted in your user logs?

Karen Johnson/StarWest 2001

13

Registration
§ The overall process How does the process work? Does registration handle user that use the back and forward buttons in the browser? § SSL Is the registration process secure? Can the user break out of registration – do the pages rotate from secure to insecure as needed? § Field validation Are required fields working as expected? Is there javascript for field validation?

Karen Johnson/StarWest 2001

14

SSL: What it is
According to O’Reilly’s book Web Security & Commerce: SSL is a layer that exists between the raw TCP/IP protocol and the application layer. While the standard TCP/IP protocol simply sends an anonymous error-free stream of information between two computers (or between two processes running on the same computer), SSL adds numerous features to that stream, including: § Authentication and non-repudiation of the server, using digital signatures § Authentication and non-repudiation of the client, using digital signatures § Data confidentiality through the use of encryption § Data integrity through the use of message authentication codes
§ * permission granted by O’Reilly

Karen Johnson/StarWest 2001

15

SSL: Where and how to test

§ verify pages that should be secure are secure § verify secure pages cannot be bookmarked § verify secure pages work correctly on each server § verify secure pages work on at least one version of IE and Netscape

Karen Johnson/StarWest 2001

16

The Credit Card

§ check the credit card types allowed § check the expiration dates of the card whether adding or updating the card info § check the credit card billing address whether the address is updated or the card is updated

Karen Johnson/StarWest 2001

17

The Credit Card number

Card MasterCard Visa American Express Discover

Prefix 51-55 4 34, 37 6011

Length 16 13 or 16 15 16

Karen Johnson/StarWest 2001

18

Session

§ Session timeout § Unique session IDs § Session caching § User logs

Karen Johnson/StarWest 2001

19

Servers

§ Server re-directs § SSL § Configuration files § User logs

Karen Johnson/StarWest 2001

20

Regression Testing

§ Create a base set of user scenarios that must be tested each release. § Identify for each release the areas of greatest risk and code that could be affected. § Balance risk vs likelihood and plan testing accordingly.

Karen Johnson/StarWest 2001

21

More Information
SSL § http://home.netscape.com/eng/mozilla/2.0/handbook/doc/appans /html#C35 § http://www.faqs.org/faqs/computer-security/ssl-talk-faq Credit Cards § Web Commerce Cookbook By Gordon McComb Wiley Press Cookies § http://www.netscape.com/newsref/std/cookie_spec.html § Javascript: The Definitive Guide O’Reilly press
Karen Johnson/StarWest 2001 22

More Information
Web Testing § Testing Applications on the Web by Hung Nguyen Wiley press § The Web Testing Handbook by Stefan P. Jaskiel/Steven Splaine § seminars by Dale Perry - check SQE for details

Karen Johnson/StarWest 2001

23

Karen Johnson Karen Johnson is the E-Commerce Quality Assurance Manager at Peapod, Inc. Peapod is an online grocer serving several cities throughout the U.S. Peapod’s website can be found at http://www.peapod.com Karen has more than 16 years experience in computer software; for the past nine years she has been involved in quality assurance. In Karen’s current position she is responsible for functional, regression, cross browser, load, and performance testing of the company’s website. In previous positions, she has been responsible for client-server testing including installation, multiple-user testing, data replication to palm pilots, functional and performance testing. She has worked closely with Oracle, Sybase, SQLServer, Informix, and SQLAnywhere databases. Karen also has seven years experience as a technical writer documenting manufacturing and financial applications. Karen lives in a suburb of Chicago and can be reached at [email protected]

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close