This post will introduce you with some common tips that you must check in your application before you give it for QA testing. These tips are very simple, short, and general for any language (application).
User Interface Side
(1) Make sure that the max limit is set for all the form fields and not more than the allowed size in the database table.
(2) Proper placeholder or instructions for the form fields are applied where required like:
- enter your First Name
- maximum file upload size is 2MB
- accepted file formats are .png , .jpeg , .gif
- enter the combination of chars and numbers
(3) Proper text wrapping is applied for displaying any field value on the page (in case of long values).
(4) If you are allowing image upload, then make sure that:
- The proper maximum file size is set.
- Allowed file types are defined.
- Images are being deleted on record deletion.
- Default image has been set if no image found (to display)
- Proper alt and title tag values are given.
(5) Check all the spells are correct. Mainly check for those texts that are highlighted, links, or navigation.
(6) Proper messages are set for various actions like:
- success message
- error message
- warning message
- information message
(7) Your design is cross-browser compatible. It would be better if it's responsive.
(8) A well-formed Error page, 404 page, No result found page is designed to be displayed when an error occurs.
(9) If you have implemented an ajax call then make sure that proper processing image or text like processing... or loading... is set that will be displayed until the ajax results load in the respective area.
(10) Proper redirections are set throughout the site. There must not be any wrong redirect.
(11) Proper validations applied to both the client and server-side.
(12) If your application has multiple user roles type then make sure any user with any specific role must not able to login in other user role login section
(13) Your application code logic must be independent of the data values in the database. For example: In the case of data mismatching in the database should not break the application or display syntax or other errors. All such cases should be handled and proper messages with the specific pages should be displayed in such a scenario.
(14) A form having a submit button should be prevented from simultaneous multiple clicks. This will prevent the same data insertion multiple times.
(1) Partition of application into public and restricted areas. Deployment of effective authentication and authorization rules.
(2) Form or parameter manipulations prevention.
(3) Make sure that your application is protected against all kind of Vulnerabilities like:
- Input Data attack
- Attacks are done by adding malicious strings in query strings, cookies, form fields, or in HTTP headers.
- Command execution,
- Cross-site scripting (XSS)
- SQL injection
- Buffer overflow attacks.
(4) All the sessions are protected. For safety, you can encrypt them.
(5) Sensitive data protection. If you are passing any parameter that has a very crucial part in the display of the page then make sure that you have encrypted the action name and parameters like ids in the URL.
(6) Proper exceptions handling.
(7) The file system protection. Users must not be able to see or to access the file structure by entering the path in the URL.
After following the above steps, and before giving your application to QA, Create a separate testing environment for the tester to test the application rather than the main environment. So that any testing practice doesn't damage your application.
These all the tips were from my personal experience as a developer. I have written only those which comes to my mind while writing this article, I'll add others as and when I recall them.