An Industrial Case Study of Bypass Testing on Web Applications

I
ICST
2008
2008 International Conference on Software Testing, Verification, and Validation
Abstract - An Industrial Case Study of Bypass Testing on Web Applications

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Jeff Offutt Articles by Qingxiang Wang Articles by Joann Ordille

2008 International Conference on Software Testing, Verification, and Validation

April 09-April 11

ISBN: 978-0-7695-3127-4

	ASCII Text	x
	Jeff Offutt, Qingxiang Wang, Joann Ordille, "An Industrial Case Study of Bypass Testing on Web Applications," Software Testing, Verification, and Validation, 2008 International Conference on, pp. 465-474, 2008 International Conference on Software Testing, Verification, and Validation, 2008.

	BibTex	x
	@article{ 10.1109/ICST.2008.46, author = {Jeff Offutt and Qingxiang Wang and Joann Ordille}, title = {An Industrial Case Study of Bypass Testing on Web Applications}, journal ={Software Testing, Verification, and Validation, 2008 International Conference on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3127-4}, pages = {465-474}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICST.2008.46}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Software Testing, Verification, and Validation, 2008 International Conference on TI - An Industrial Case Study of Bypass Testing on Web Applications SN - 978-0-7695-3127-4 SP465 EP474 A1 - Jeff Offutt, A1 - Qingxiang Wang, A1 - Joann Ordille, PY - 2008 KW - Software testing KW - web applications KW - industry case study VL - 0 JA - Software Testing, Verification, and Validation, 2008 International Conference on ER -

Jeff Offutt

Qingxiang Wang

Joann Ordille

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICST.2008.46

Web applications are interactive programs that are deployed on the world wide web. Their execution is usually controlled very heavily by user choices and user data. This makes them vulnerable to abnormal behavior from invalid inputs as well as security attacks. Thus, web applications invest heavily in validating user inputs according to defined constraints on the values. This work focuses on validation done on the client, which uses two types of technologies; restrictions in HTML form fields and scripts that check values. Unfortunately users have the ability to subvert or skip client-side validation. Bypass testing has been developed to test the behavior of web applications when client-side validation is skipped. This paper presents results from an industry case study of bypass testing applied to a project from Avaya Research Labs, NPP. The paper presents a process for designing, implementing, automating and developing bypass tests. The theory of bypass testing had to be adapted to the unique characteristics of NPP software, which represented a significant engineering challenge. The 184 tests that were generated resulted in 63 unique failures, providing significant experience and numerous lessons learned. The case study also revealed several difficult problems that need to be addressed in future research.

Index Terms:

Software testing, web applications, industry case study

Citation:

Jeff Offutt, Qingxiang Wang, Joann Ordille, "An Industrial Case Study of Bypass Testing on Web Applications," icst, pp.465-474, 2008 International Conference on Software Testing, Verification, and Validation, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.