auto-testing.xml

Delivered as text/xml

[ hide source ] | [ make this the default ]

File Contents

<?xml version='1.0' ?>
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
               "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
<!ENTITY % myvars SYSTEM "../variables.ent">
%myvars;
]>
<sect1 id="automated-testing-best-practices">
  <title>Automated Testing</title>

<authorblurb>
<para>By <ulink url="mailto:davis@xarg.net">Jeff Davis</ulink></para>
</authorblurb>
  
  <para>Best practices in writing OpenACS automated tests</para>
  <itemizedlist>
    <listitem>
      <formalpara>
        <title>Special characters in Tcl</title>
        <para>
Try strings starting with a <computeroutput>-Bad</computeroutput> and strings containing <computeroutput>[BAD]</computeroutput>, <computeroutput>{</computeroutput>, <computeroutput>\077</computeroutput>, and <computeroutput>$Bad</computeroutput>.  For user input, <computeroutput>[BAD]</computeroutput> should never be evaluated, <computeroutput>\077</computeroutput> should not be turned into a <computeroutput>?</computeroutput> and <computeroutput>$Bad</computeroutput> should not be interpolated.  The string <computeroutput>-Bad [BAD] \077 { $Bad</computeroutput> should be valid user input, should pass through the system unaltered, and if it isn&#39;t that&#39;s a bug.
</para>
      </formalpara>
    </listitem>
    <listitem>
      <formalpara>
        <title>Quoting issues</title>
        <para>Put some html in plain text fields and make sure the result is
properly quoted anywhere it shows up (I use "&lt;b&gt;bold&lt;/b&gt;"
usually).  Look out especially for quoting errors in the context bar
and in round trips via an edit form. For fields that disallow html
tags you can use <computeroutput>&amp;amp;</computeroutput> to check that the field is quoted
properly.  If it is not displayed as <computeroutput>&amp;amp;</computeroutput> then the quoting for the field is incorrect. (It&#39;s not clear whether this
should be considered an error but given that data for text fields can
come from various sources if it&#39;s text it should be properly quoted
and we should not rely on input validation to prevent XSS security
holes.)</para>
      </formalpara>
    </listitem>
    <listitem>
      <formalpara>
        <title>Whitespace input</title>
        <para>Check that whitespace is not considered valid input for a field
if it does not make sense.  For example, the subject of a forum post is
used to construct a link and if it is " " it will have a link of
<computeroutput>&lt;a href="..."&gt; &lt;/a&gt;</computeroutput> which would not be clickable if whitespace was allowed as a valid input.
</para>
      </formalpara>
    </listitem>
    <listitem>
      <formalpara>
        <title>Double-click</title>
        <para>
Make sure that if you submit a form, use the back button, and submit
again that the behavior is reasonable (correct behavior depends on
what the form is for, but a server error is not reasonable).
</para>
      </formalpara>
    </listitem>
    <listitem>
      <formalpara>
        <title>Duplicate names</title>
        <para>
Make sure that if a duplicate name is entered that there is a
reasonable error rather than a server error.  Check for
insert, move, copy, and rename.
</para>
      </formalpara>
    </listitem>
  </itemizedlist>


<para><phrase role="cvstag">($Id: auto-testing.xml,v 1.4.2.1 2019/08/09 20:04:23 gustafn Exp $)</phrase></para>

</sect1>