|
Published Articles >> Table of Contents >> Abstract
28th Annual International Computer Software and Applications Conference - Workshops and Fast Abstracts - (COMPSAC'04)
pp. 106-109
Web Application Bypass Testing
Jeff Offutt, George Mason University
Ye Wu, George Mason University
Xiaochen Du, George Mason University
Hong Huang, George Mason University
Full Article Text:
  
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CMPSAC.2004.1342687
Send link to a friend
| Abstract |
|
Input validation refers to checking user
inputs to a program to ensure that they conform to
expectations of the program. Input validation is used to
check the format of numbers and strings, check the length
of strings, and to ensure that strings do not contain invalid
characters. Input validation testing (IVT) is particularly
important for software that has a heavy reliance on user
inputs, including Web applications. A common technique
in Web applications is to perform input validation on the
client by using HTML attributes and scripting languages
such as JavaScript. An insidious problem with performing
input validation on the client is that end users have
the ability to bypass this validation. Bypass testing is a
unique and novel way to create test cases that is available
only because of the unusual mix of client-server, HTML
GUI, and JavaScript technologies that are used in Web
applications. This workshop paper presents the issues and
concerns that allow bypass testing, the preliminary concepts
behind the technique, and some early results on applying
it. How effective and useful bypass testing can be in testing
Web applications will be determined through ongoing
research and automation.
|
 Additional Information
|
Citation:
Jeff Offutt, Ye Wu, Xiaochen Du, Hong Huang,
"Web Application Bypass Testing,"
compsac,
pp. 106-109,
28th Annual International Computer Software and Applications Conference - Workshops and Fast Abstracts - (COMPSAC'04),
2004
|
|
