QA/Execution/Web Testing/Project Checklist: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
Line 95: Line 95:
* Code is deployed to production
* Code is deployed to production
* Tester verifies bug
* Tester verifies bug
* Tester verifies deployment
* Tester verifies deployment/push/server-ops bug


Devs may fix bugs before triage, they should update Target Milestone to the next release.
Devs may fix bugs before triage, they should update Target Milestone to the next release.

Revision as of 04:33, 22 April 2011

Purpose of this document

This is meant to be a quite-literal checklist for determing "go/no-go" status for your website. Where it doesn't apply, feel free to use it rather as a discussion point, but be sure all points are raised and noted.

Other Wiki Resources

Browser compatibility/coding standards

  • Get the list of supported browsers somewhere in writing (srsly)
  • All supported browsers look "pretty good" and are 100% functional
    • If not, exceptions are noted and called out prior to shipping
  • Team has gone through https://wiki.mozilla.org/WebDev:FrontendCodeStandards

Video Support

  • What are the supported video formats?
    • Appropriate fallback in place and working?
      • No Flash
      • Firefox 3.5
      • Firefox 3.6
      • Firefox 4.0
      • IE 7/8/9
      • Opera (latest)
      • Chrome (latest)
      • Safari (latest)
      • Latest Firefox beta

General

  • In URL paths, / and "" (without the trailing slash) both resolve to the same URI/resource
  • HTML validates: http://html5.validator.nu/ or http://validator.w3.org/
    • Exceptions can be made for social-network/sharing sites, that may have malformed tags or markup

RSS Feeds

  • Validate: http://feedvalidator.org/
  • Links all work
  • l10n: other locales look fine (special chars, Unicode, etc.)
  • Correct timestamps

Logged-in vs. logged-out functionality

  • Ask/test what the difference between the logged-in vs. logged-out functionality is
    • It's probably quite a bit more than you expected

Social media

  • Facebook
  • Twitter
    • Enable "HTTPS Only | Always use HTTPS" (https://twitter.com/settings/account)
    • Length of pre-populated tweets in en-US and other locales (l10n)
    • Unescaped vs. escaped characters (string literals)
    • Unicode chars
  • ShareThis, etc.
  • QR Codes
    • Try different readers (AT&T Scanner, QuickMark, QR Droid, etc.)

Performance/load testing

  • Doesn't tank on YSlow! (Strive for an A with ruleset v2)
    • CDN is hooked up, if needed (static images, CSS, JS, videos) -- see "Site Config" section, too, below
  • Load-tested, if needed?

Accessibility

  • Is the site generally accessible?

JavaScript-disabled

  • Does the site support JavaScript disabled? If so, where?

Security

  • Gone through https://wiki.mozilla.org/WebAppSec/Secure_Coding_QA_Checklist and filed the appropriate bugs
  • Runs on both HTTP / HTTPS? Mixed-content warnings? Cert set up?
    • Should HTTP requests get automatically redirected to HTTPS, by default?
    • Check to see that third-party assets use relative paths, where possible
      • e.g. Webtrends tags, social media, etc.

Project/release-cycle

  1. Has a Webdev bug, filed from https://intranet.mozilla.org/webtools/authenticate/login
  2. Has a test plan (which can augment this, but lists specific bugs, milestones, project owners, etc.)
    1. Reviewed by team
  3. Has clear bug-filing/tracking, either in a new Bugzilla component, existing (with whiteboard, etc.), or in Basecamp
    1. If in Bugzilla, has clear milestones
  4. Listed on https://wiki.mozilla.org/QA/Execution/Web_Testing#Current_Projects
  5. Regular status meetings
  6. If needed, a tracking bug with dependencies set for other groups' work (IT, Webdev, Marketing, etc.)
  7. Make sure to schedule a brief meeting where all parties (Marketing/Webdev/QA) are present and discuss the open issues, and any last-minute (but necessary) changes
  8. Are the third-party developers cc:d on all relevant bugs? If possible (i.e. not "mozilla-confidential" flagged), have them follow the Bugzilla component (and make sure they have accounts).
  9. Has a push bug, and a release checklist, even if you don't think they need it (they do)

Optimal Bugzilla Workflow

Each project can be different, but please use this flow if starting a new project:

  • A bug is filed in the correct product/component
  • Bug is triaged for severity, priority and assigned to a target milestone
  • Bug is fixed in work based on next target milestone release
    • Dev puts bug# in git comment
    • Dev puts commit url in bugzilla comment
  • Dev marks bug RESOLVED:FIXED
  • Tester verifies bug on stage, bug marked RESOLVED:VERIFIED
  • Code is deployed to production
  • Tester verifies bug
  • Tester verifies deployment/push/server-ops bug

Devs may fix bugs before triage, they should update Target Milestone to the next release.

Whiteboard may be used for various reasons:

  • [good first bug] - Communicates a contributor opportunity

Site Config

  • Make sure you get Django-traceback emails
  • Any vanity domains? Registered/set up, and working?
  • Has a favicon? That works in IE, too?
  • reCaptcha APIs on staging?
  • Google Maps API key on staging?
  • Metrics code is correct/working for the site (typically Webtrends)
    • Ask Blake Cutler or Laura Forrest (preferably Laura)
  • Any rewrite/redirect rules are in place and working?
  • Is the site planned to be hooked up to a CDN? Is it set up for testing on staging, and without any cert-signing problems?

Tools

  • You're using as many of the tools as appropriate
    • Suggested:
      • PowerFuzzer
      • NetSparker
      • Xenu
      • XSS Me
Retrieved from "https://wiki.mozilla.org/index.php?title=QA/Execution/Web_Testing/Project_Checklist&oldid=301741"