Approvals Required / Received

The following individuals are required to/have approved this Test Plan:

Name	Title	Department	Approval Date	Method
	QA Manager	Product Integrity	Date	Email
	Software Engineer	Engineering	Date	Email
	EPM	Product Management	Date	Email

Revision History

This section describes the modifications that have been made to this wiki page. A new row has been completed each time the content of this document is updated (small corrections for typographical errors do not need to be recorded). The description of the modification contains the differences from the prior version, in terms of what sections were updated and to what extent.

Date	Version	Author	Description
08/16/2017	1.0	Timea Zsoldos	Created first draft

Overview

Purpose

Detail the purpose of this document. For example:

• The test scope, focus areas and objectives
• The test responsibilities
• The test strategy for the levels and types of test for this release
• The entry and exit criteria
• The basis of the test estimates
• Any risks, issues, assumptions and test dependencies
• The test schedule and major milestones
• The test deliverables

Scope

This wiki details the testing that will be performed by the project team for the Safe Browsing project. It defines the overall testing requirements and provides an integrated view of the project test activities. Its purpose is to document:

• Test pages
  • Malware, phishing, and unwanted software hard-coded test URLs
  • Phishtank (real phishing sites)
  • Google test pages (we don't implement: Clank Warnings, Client-side phishing detection, Bad IP Warnings)
  • Static test pages for specific bugs
• Meta QA bug
• Info on why certain URLs are blocked
• Script to dump the contents of the local store
• UI tests (Marionette)

To turn on debugging output, export the following environment variables:

MOZ_LOG_FILE=/tmp/safebrowsing.log
MOZ_LOG="UrlClassifierDbService:5,nsChannelClassifier:5,UrlClassifierProtocolParser:5,UrlClassifierStreamUpdater:5,UrlClassifierPrefixSet:5"

and also see the browser.safebrowsing.debug pref to see debugging output from the JS pieces of Safe Browsing.

Ownership

Developer contact:Wesly Huang
QAEng:Justin Williams
QA: Timea Zsoldos (:zstimi)
QA Peer: Cristian Comorasu (:CristiComo)

Testing summary

Scope of Testing

In Scope

• Check pages against our Safe Browsing lists based on platform and threat types.
  
• Warn users before they click links in your site that may lead to infected pages.
  
• Prevent users from posting links to known infected pages from your site.

Out of Scope

Detail what is out of scope from a testing perspective for the project team. Note: if usability testing is not in the scope of testing feature.

Requirements for testing

Environments

• Windows 8.1 x64
• Windows 7 x86
• Ubuntu 14.04 x64
• Mac OS 10.12

Builds

This section should contain links for builds with the feature -

• Links for Nightly builds
• Links for Beta builds: https://archive.mozilla.org/pub/firefox/candidates/56.0b4-candidates/

Test Execution Schedule

The following table identifies the anticipated testing period available for test execution.

Project phase	Start Date	End Date
Start project
Study documentation/specs received from developers	08/11/2017
QA - Test plan creation	08/18/2017
QA - Test cases/Env preparation	08/21/2017
QA - Nightly Testing	07/17/2017
QA - Beta Testing	08/28/2017	09/08/2017
Release Date	09/26/2017	09/26/2017

Testing Tools

Detail the tools to be used for testing, for example see the following table:

Process	Tool
Test plan creation	Mozilla wiki
Test case creation	TestSuite
Test case execution	Mid-Nightly
Bugs management	Bugzilla

Status

Overview

First released to Nightly: 07/17/2017 (Firefox 56)
Preliminary sign off report: 09/01/2017 
Pre-Release sign off: 09/08/2017

References

• List and links for specs

 List and links for available specs - documents, user stories, specifications

• Meta bug
  • Bug 1359337 - QA bugs of Safe Browsing v4
  • Bug 1167038 - Add support for version 4 of the Safe Browsing protocol

Testcases

Test Areas

Test Areas	Covered	Details
Private Window	Yes
Multi-Process Enabled
Multi-process Disabled
Theme (high contrast)
UI
Mouse-only operation
Keyboard-only operation
Display (HiDPI)
Interaction (scroll, zoom)
Usable with a screen reader	No	e.g. with NVDA
Usability and/or discoverability testing		Is this feature user friendly
RTL build testing	No
Help/Support
Help/support interface required		Make sure link to support/help page exist and is easy reachable.
Support documents planned(written)		Make sure support documents are written and are correct.
Install/Upgrade
Feature upgrades/downgrades data as expected
Does sync work across upgrades
Requires install testing	No	separate feature/application installation needed (not only Firefox)
Affects first-run or onboarding		Florin/Lawrence are investigating if there is a dedicated QA for this, or we should test? Should be an yes/no and if is yes should add in detail column the team/person assigned.
Does this affect partner builds? Partner build testing		yes/no options, add comment with details about who will lead testing
Enterprise		Raise up the topic to developers to see if they are expecting to work different on ESR builds
Enterprise administration	No
Network proxies/autoconfig	No
ESR behavior changes	No
Locked preferences	No
Data Monitoring
Temporary or permanent telemetry monitoring		List of error conditions to monitor
Telemetry correctness testing
Server integration testing
Offline and server failure testing
Load testing	No
Add-ons		If add-ons are available for testing feature, or is current feature will affect some add-ons, then API testing should be done for the add-on.
Addon API required?
Comprehensive API testing
Permissions
Testing with existing/popular addons
Security		Security is in charge of Matt Wobensmith. We should contact his team to see if security testing is necessary for current feature.
3rd-party security review
Privilege escalation testing
Fuzzing
Web Compatibility		depends on the feature
Testing against target sites
Survey of many sites for compatibility	No
Interoperability		depends on the feature
Common protocol/data format with other software: specification available. Interop testing with other common clients or servers.
Coordinated testing/interop across the Firefoxes: Desktop, Android, iOS
Interaction of this feature with other browser features

Test suite

Full Test suite - Link to test rail - testcases should be added under Firefox Desktop project link
Smoke Test suite - Link with the tests - if available/needed.
Regression Test suite - Link with the tests - if available/needed.

Bug Work

Meta bug: 1167038 - bug summary

• Known issue found while testing this feature for Safe Browsing V4 and V2 protocol:

Full Query

ID	Summary	Priority	Status
1258542	"Help > Report deceptive site..." should report principal or referrer for data: documents	--	RESOLVED
1388574	Application reputation lists should be gated by the safebrowsing.dowloads.enabled pref	P3	VERIFIED
1394056	goog-phish-proto cannot be used on non-official builds	P1	VERIFIED
1394335	goog-unwanted-shavar is unexpectedly added to malware list in V4 only	P1	VERIFIED
1395411	Removing lists from urlclassifier.*Table doesn't remove them from the update checker	P1	VERIFIED

5 Total; 0 Open (0%); 1 Resolved (20%); 4 Verified (80%);

Sign off

Criteria

Checklist

• All test cases should be executed
• Has sufficient automated test coverage (as measured by code coverage tools) - coordinate with RelMan
• All blockers, criticals must be fixed and verified or have an agreed-upon timeline for being fixed (as determined by engineering/RelMan/QA)

Results

Mid-Nightly testing
List of OSes that will be covered by testing

• Testing on nightly 56 on the following systems:
  • Windows 10 x64
  • Ubuntu 16.04 x64
  • Mac OS 10.12(Sierra)

• Link for the tests run
  • Full Test suite, link to TestRail - Tests Runs and Results link
  • Daily Smoke, if needed/available
  • Regression Test suite, if needed/available

Preliminary Pre-Release Sign-off
List of OSes that will be covered by testing

• Testing on 56.0b4 on the following systems:
  • Windows 8.1 x64
  • Windows 7 x86
  • Ubuntu 14.04 x64
  • Mac OS 10.12(Sierra)
• Link for the tests run
  • Full Test suite, send an email on 08.31.2017

Pre-Release Sign-off
List of OSes that will be covered by testing

• Testing on 56.0b9 on the following systems:
  • Windows 8.1 x64
  • Windows 7 x86
  • Ubuntu 14.04 x64
  • Mac OS 10.12(Sierra)
• Link for the tests run
  • Full Test suite, link to TestRail - Tests Runs and Results link

Checklist

Exit Criteria	Status	Notes/Details
Testing Prerequisites (specs, use cases)
Testing Infrastructure setup
Test Plan Creation	[Done]
Test Cases Creation
Automation Coverage	No
Performance Testing	No
All Defects Logged
Critical/Blockers Fixed and Verified
Metrics/Telemetry
Basic/Core functionality Nightly testing
QA mid-Nightly Signoff	[Done]
QA Nightly - Full Testing	[Done]
QA pre-Beta Signoff		Email to be sent
QA Beta - Full Testing
QA pre-Release Signoff		Email to be sent