[TIP] Web Application Testing Code of Ethics?
szabgab at gmail.com
Wed Nov 19 23:15:06 PST 2008
On Thu, Nov 20, 2008 at 8:37 AM, Noah Gift <noah.gift at gmail.com> wrote:
> The web is a weird world, because of the mixture of technologies, like PHP,
> dirty functions in a couple of files. I have a friend that has to deploy
> applications quickly for many of these languages, it isn't me I promise :),
> and he often finds that a developer tells him. Oh, it works, don't worry,
> just update the production site...and do it NOW!
> About 50% of the time, things break, when he goes to deploy, and it turns
> out to be a hardcoded database password that is wrong, absolute paths, and
> more. Other than telling this guy to get another job, which is probably a
> wise move, is there a commonly accepted minimum level of testing that a web
> developer should ethically subscribe to across all languages?
> If I was in his position, I would tell the developer(s) that routinely give
> him broken web apps that they were poor developers for not including at
> least some basic tests. These could even be minimal, like a script that
> connects to the database and tests a couple of URL parameters for example.
> Is there anything I could point him to that could help convince the CTO and
> developers at this company that testing is just ethical?
Let me chip in here as I think this is finally a subject where even I might have
things to say.
Unfortunately I am very skeptic about CTOs and other managers buying the
There might be a better chance in convincing them if you point out how bad
it looks when a visitor comes to the web site exactly in the time when
it is broken.
Not only does it look bad, your company is actually *losing money* that way.
Depending on what the company uses the web site it might range from
a few interested people turned away, to major losses due to missed sales
or invalid offers.
e.g. what if because of a mistake the price of a product shown is 10
USD instead of 100 ?
What if by mistake you display passwords of other users?
If you can somehow put an estimated number that any such potential
downtime or breakage
causes then you can make a point much easier.
Gabor Szabo http://szabgab.com/blog.html
Test Automation Tips http://szabgab.com/test_automation_tips.html
More information about the testing-in-python