Alan Richardson, profile picture
Uploaded byAlan Richardson
PDF, PPTX9,145 views

Black Ops Testing Workshop from Agile Testing Days 2014

The document summarizes notes from a testing workshop on the Redmine project management application. Participants tested various aspects of Redmine and identified 15 bugs, including issues with PDF exports not containing all data, character encoding problems in CSVs, ability to delete the only admin account, and other data validation and synchronization bugs. Workshop leaders provided hints and interrupts to prompt deeper investigation and testing of areas like HTTP traffic, DOM manipulation, and breaking file exports.

Download as PDF, PPTX
Black Ops Testing Workshop Agile Testing Days Tony Bruce Steve Green Alan Richardson
January 2015 Workshop, London www.BlackOpsTesting.com
Introduction ● 3 * 5 minute lightning talks ● We expect you to test stuff ● We will coach & ask questions as you test ● We may periodically debrief
What you are about to test ● Redmine ○ www.redmine.org ● Project Planning App ○ GUI, Rest API, Feeds, DB, Web Server
Alan’s Bit at the start ● Model, Observe, Interrogate, Reflect, Manipulate ● Tools help me observe and manipulate ● Note Taking
A model of how Alan tests ● Model ○ What I think I understand. Different viewpoints. ● Observe ○ at different points to corroborate/invalidate model ● Reflect ○ find gaps, lack of depth, derive intent ● Interrogate ○ Focussed, deep dive observation with intent ● Manipulate ○ Hypothesis exploration and “how we do stuff”
Tools help me... … Observe and Manipulate
Browser
Risks
Tools
...extend the model
Note Taking ● Why: ○ Questions, Ideas, Risks, etc. ● What: ○ ToDos, Issues, Observations, Notes, etc. ● When: ○ Timestamps, sequential order ● Where: ○ urls, environment, users, etc. ● How: ○ commands, methods, tools used, etc. Evidence: ● logs, screenshots, output, files, etc.
Tony’s bit ● Test ideas ● Tools ● Information & Intelligence
Explore for test ideas Prep - Notes - Summary - Important bits - Ideas - Comments - Questions - Thoughts - Six Honest Men "I Keep Six Honest Serving Men ..." I KEEP six honest serving-men (They taught me all I knew); Their names are What and Why and When And How and Where and Who. …….. Rudyard Kipling
Tools Browser - Add-ons - Extensions - Developer tools - Others - Accessibility - Security - Debugging -
Bob Stewart Leadership Under Pressure: Tactics from the Front Line
Information
Steve’s bit What are we going to test? ● What’s new? ● What’s changed? ● What’s important? ● What are known buggy areas? ● What has not been tested previously?
What are we going to test?
What might be difficult?
What might be difficult? ● How can we create enough data? ● How can we test time-related features? ● How do we know if the right thing happened?
Lightning Talk Debrief Extras? Questions? Comments?
Collaboration Rules ● Don’t load test the app, we are all using it ○ If you accidentally bring it down through a clever then that’s fine, ● Don’t change data you didn’t create
Where is the app? ● You can install it locally if you want ○ http://redmine.org ● You can get an install or VM from bitnami ○ https://bitnami.com/stack/redmine ● You can use the redmine demo ○ http://demo.redmine.org/ ● You can use our server ○ ….
Where is the app? ● Links removed as only valid at the time we conducted the workshop
Testing Phase 1 ● Consider what we said ● Test the app in new ways, take notes, try new tools ● Black Ops Team will mingle - do ask for help ● We will debrief prior to the break
“...no plan of operations extends with any certainty beyond the first contact with the main hostile force.” Field Marshall Helmuth Carl Bernard Graf von Moltke, 1871
Test the **** out of Redmine
Hints... Are you monitoring the HTTP traffic? Have you changed the DOM? Cookies? Internationalisation? Logged issues? ...
Debrief Observations Questions
Break (30 mins) Feel free to carry on testing if you want
Testing Phase 2 ● You tell us
Interrupt 1 Structure your data to make testing easier. ● Unique values (where possible) ● Sequenced
Interrupt 2 Testing maxlength and truncation.
Interrupt 2 Testing maxlength and truncation. 0005x0010x0015x0020x0025x0030x0035x004 0x0045x0050x0055x0060x0065x0070x0075x0 080x0085x0090x0095x0100x0105x0110x0115 x0120x0125x0130x0135x0140x0145x0150x01 55x0160x0165x0170x0175x0180x0185x0190x 0195x0200x0205x0210x0215x0220x0225x023
Interrupt 2 Testing maxlength and truncation. http://bit.ly/1B7gQlx
Interrupt 2a ● We have a broken app - can you get in? ● Links removed as only valid at the time of the workshop
Interrupt 3 Recording data flow.
Interrupt 4 Can we break the CSV, Atom or PDF exports? What might do that?
Debrief Phase
Bugs we found 1 ● The PDF does not contain the Start Date, Estimated Time, % Done or File Description for the attachments that are included in the New Issue form. ● The PDF does not contain the Target Version and Spent Time values that are included in the View Issue form.
Bugs we found 2 The Atom feed from the View Issue page has no content when it is viewed immediately after creating an issue. It did have content after adding a quote to the issue.
Bugs we found 2
Bugs we found 3 The File Description for an image is not saved if too many characters are entered in the New Issue form. We did not investigate where the boundary is.
Bugs we found 4 The PDF that is generated from the Gantt page always shows the default zoom level regardless of the zoom level that has been selected. The URL of the PDF link contains a ‘zoom’ parameter (which does nothing). Changing the ‘months’ parameter has the desired effect.
Bugs we found 5 Some non-Roman characters are displayed correctly on all HTML pages but they are not displayed in PDFs.
Bugs we found 6 Some non-Roman characters are not displayed correctly in CSVs.
Bugs we found 7 You’re able to delete all user accounts, including admin. There is only 1 admin (as far as I could see) Tell us how….
Bugs we found 7 cont. Record browser traffic while deleting a account. Find the delete POST
Bugs we found 8 "Your account has been activated. You can now log in. " System says I am already "logged in as eris" and I am on my account page Minor issue about wording
Bugs we found 9 Error message about emails already in use when registering - privacy concern “Email has already been taken”
Bugs we found 10 Maximum length of email is 60 chars but needs to accept 254
Bugs we found 11 Can use an invalid language when registering a user.
Bugs we found 12 Truncation on project identifier with no error or warning message i.e. create project with 255 char identifier - truncated to 100
Bugs we found 13 When creating a project, the ID and name are populated via javascript but if I change the name then the identifier is not kept in sync.
Bugs we found 14 Can create an invalid enabled_modules entry by submitting a module name which does not exist when creating a project
Bugs we found 15 Change url to have csv or pdf views System should respond differently to csv and pdf on projects when GUI request rather than an API request 406 is better for API, 404 with html or 406 with html payload might be better
Rathole 1 - Password Alan thought there was a bug with password lengths, and storing in a varchar 40, since password can be very long. But, a ‘hash’ is stored, not the password, this took time to discover.

More Related Content

ODP
How to Improve Your Technical Test Ability - AADays 2015 Keynote
byAlan Richardson
 
PDF
Abstraction Layers Test Management Summit Faciliated Session 2014
byAlan Richardson
 
PDF
Technical Testing Webinar
byAlan Richardson
 
PDF
Confessions of an Accidental Security Tester
byAlan Richardson
 
PDF
If you want to automate, you learn to code
byAlan Richardson
 
PDF
Add More Security To Your Testing and Automating - Saucecon 2021
byAlan Richardson
 
PDF
Automating to Augment Testing
byAlan Richardson
 
PDF
Technology Based Testing
byAlan Richardson
 
How to Improve Your Technical Test Ability - AADays 2015 Keynote
byAlan Richardson
 
Abstraction Layers Test Management Summit Faciliated Session 2014
byAlan Richardson
 
Technical Testing Webinar
byAlan Richardson
 
Confessions of an Accidental Security Tester
byAlan Richardson
 
If you want to automate, you learn to code
byAlan Richardson
 
Add More Security To Your Testing and Automating - Saucecon 2021
byAlan Richardson
 
Automating to Augment Testing
byAlan Richardson
 
Technology Based Testing
byAlan Richardson
 

What's hot

PDF
Practical Test Automation Deep Dive
byAlan Richardson
 
PDF
TestIstanbul May 2013 Keynote Experiences With Exploratory Testing
byAlan Richardson
 
PPTX
Risk Mitigation Using Exploratory and Technical Testing - QASymphony Webinar ...
byAlan Richardson
 
PDF
Automating Pragmatically - Testival 20190604
byAlan Richardson
 
PDF
Test Bash Netherlands Alan Richardson "How to misuse 'Automation' for testing...
byAlan Richardson
 
PDF
Secrets and Mysteries of Automated Execution Keynote slides
byAlan Richardson
 
PDF
Devfest 2019-slides
byAlan Richardson
 
PDF
The Evil Tester's Guide to HTTP proxies Tutorial
byAlan Richardson
 
PDF
Automating Tactically vs Strategically SauceCon 2020
byAlan Richardson
 
PDF
Evil testers guide to technical testing
byAlan Richardson
 
PDF
Effective Software Testing for Modern Software Development
byAlan Richardson
 
PDF
Odinstar 2017 - Real World Automating to Support Testing
byAlan Richardson
 
PDF
How To Test With Agility
byAlan Richardson
 
PDF
Technical and Testing Challenges: Using the "Protect The Square" Game
byAlan Richardson
 
PDF
Joy of Coding Conference 2019 slides - Alan Richardson
byAlan Richardson
 
PDF
Agile Testing Days 2014 Keynote - Helping Testers Add Value on Agile Projects
byAlan Richardson
 
PDF
Selenium Clinic Eurostar 2012 WebDriver Tutorial
byAlan Richardson
 
PDF
Push Functional Testing Further
byAlan Richardson
 
PDF
Real World Selenium Testing
byMary Jo Sminkey
 
PDF
Your Automated Execution Does Not Have to be Flaky
byAlan Richardson
 
Practical Test Automation Deep Dive
byAlan Richardson
 
TestIstanbul May 2013 Keynote Experiences With Exploratory Testing
byAlan Richardson
 
Risk Mitigation Using Exploratory and Technical Testing - QASymphony Webinar ...
byAlan Richardson
 
Automating Pragmatically - Testival 20190604
byAlan Richardson
 
Test Bash Netherlands Alan Richardson "How to misuse 'Automation' for testing...
byAlan Richardson
 
Secrets and Mysteries of Automated Execution Keynote slides
byAlan Richardson
 
Devfest 2019-slides
byAlan Richardson
 
The Evil Tester's Guide to HTTP proxies Tutorial
byAlan Richardson
 
Automating Tactically vs Strategically SauceCon 2020
byAlan Richardson
 
Evil testers guide to technical testing
byAlan Richardson
 
Effective Software Testing for Modern Software Development
byAlan Richardson
 
Odinstar 2017 - Real World Automating to Support Testing
byAlan Richardson
 
How To Test With Agility
byAlan Richardson
 
Technical and Testing Challenges: Using the "Protect The Square" Game
byAlan Richardson
 
Joy of Coding Conference 2019 slides - Alan Richardson
byAlan Richardson
 
Agile Testing Days 2014 Keynote - Helping Testers Add Value on Agile Projects
byAlan Richardson
 
Selenium Clinic Eurostar 2012 WebDriver Tutorial
byAlan Richardson
 
Push Functional Testing Further
byAlan Richardson
 
Real World Selenium Testing
byMary Jo Sminkey
 
Your Automated Execution Does Not Have to be Flaky
byAlan Richardson
 

Similar to Black Ops Testing Workshop from Agile Testing Days 2014

PPT
Agile Testing
byAnand Ramdeo
 
ODP
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
byMatt Tesauro
 
PDF
Teaching and Learning TDD in the Coding Dojo
byEmily Bache
 
PPTX
SAD15 - Maintenance
byMichael Heron
 
PPT
Dmitry Lebedev: Agile Testing Using Agile Tools
byAgile Lietuva
 
PDF
Codemotion Berlin 2015 recap
byTorben Dohrn
 
PDF
Agile Testing 2020
byarzu TR
 
ODP
Passing The Joel Test In The PHP World
byLorna Mitchell
 
ODP
Making security-agile matt-tesauro
byMatt Tesauro
 
PPTX
Continuous Quality - Moving Beyond Bug Reports
byNeil Studd
 
KEY
33rd degree
byDariusz Kordonski
 
PPT
Agile Testing and Release Management
bycraigparsons77
 
PPT
DevOps / Agile Tools Seminar 2013
byEthan Ram
 
PDF
Taking AppSec to 11 - BSides Austin 2016
byMatt Tesauro
 
PDF
Agile Testing Pasadena JUG Aug2009
byGrig Gheorghiu
 
PPTX
Testing & should i do it
byMartin Sykora
 
PDF
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things Better
byMatt Tesauro
 
PDF
Introduction to Automated Testing
byLars Thorup
 
PDF
Introduction to-automated-testing
byBestBrains
 
PDF
Developers Nepal Meetup #4 Report
byPunit Jajodia
 
Agile Testing
byAnand Ramdeo
 
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
byMatt Tesauro
 
Teaching and Learning TDD in the Coding Dojo
byEmily Bache
 
SAD15 - Maintenance
byMichael Heron
 
Dmitry Lebedev: Agile Testing Using Agile Tools
byAgile Lietuva
 
Codemotion Berlin 2015 recap
byTorben Dohrn
 
Agile Testing 2020
byarzu TR
 
Passing The Joel Test In The PHP World
byLorna Mitchell
 
Making security-agile matt-tesauro
byMatt Tesauro
 
Continuous Quality - Moving Beyond Bug Reports
byNeil Studd
 
33rd degree
byDariusz Kordonski
 
Agile Testing and Release Management
bycraigparsons77
 
DevOps / Agile Tools Seminar 2013
byEthan Ram
 
Taking AppSec to 11 - BSides Austin 2016
byMatt Tesauro
 
Agile Testing Pasadena JUG Aug2009
byGrig Gheorghiu
 
Testing & should i do it
byMartin Sykora
 
Taking AppSec to 11: AppSec Pipeline, DevOps and Making Things Better
byMatt Tesauro
 
Introduction to Automated Testing
byLars Thorup
 
Introduction to-automated-testing
byBestBrains
 
Developers Nepal Meetup #4 Report
byPunit Jajodia
 

More from Alan Richardson

PDF
Open source tools - Test Management Summit - 2009
byAlan Richardson
 
PDF
The Future of Testing Webinar
byAlan Richardson
 
PDF
Programming katas for Software Testers - CounterStrings
byAlan Richardson
 
PDF
About Consultant Alan Richardson Compendium Developments Evil Tester
byAlan Richardson
 
PDF
Shift left-testing
byAlan Richardson
 
PDF
Automating and Testing a REST API
byAlan Richardson
 
PDF
TDD - Test Driven Development - Java JUnit FizzBuzz
byAlan Richardson
 
PDF
What is Testability vs Automatability? How to improve your Software Testing.
byAlan Richardson
 
PDF
What is Agile Testing? A MindMap
byAlan Richardson
 
PDF
Evil Tester's Guide to Agile Testing
byAlan Richardson
 
PDF
The Evil Tester Show - Episode 001 Halloween 2017
byAlan Richardson
 
PDF
What is Regression Testing?
byAlan Richardson
 
PDF
Simple ways to add and work with a `.jar` file in your local maven setup
byAlan Richardson
 
PDF
Re-thinking Test Automation and Test Process Modelling (in pictures)
byAlan Richardson
 
PDF
Automating Strategically or Tactically when Testing
byAlan Richardson
 
PDF
Learning in Public - A How to Speak in Public Workshop
byAlan Richardson
 
PDF
How to Practise to Remove Fear of Public Speaking
byAlan Richardson
 
Open source tools - Test Management Summit - 2009
byAlan Richardson
 
The Future of Testing Webinar
byAlan Richardson
 
Programming katas for Software Testers - CounterStrings
byAlan Richardson
 
About Consultant Alan Richardson Compendium Developments Evil Tester
byAlan Richardson
 
Shift left-testing
byAlan Richardson
 
Automating and Testing a REST API
byAlan Richardson
 
TDD - Test Driven Development - Java JUnit FizzBuzz
byAlan Richardson
 
What is Testability vs Automatability? How to improve your Software Testing.
byAlan Richardson
 
What is Agile Testing? A MindMap
byAlan Richardson
 
Evil Tester's Guide to Agile Testing
byAlan Richardson
 
The Evil Tester Show - Episode 001 Halloween 2017
byAlan Richardson
 
What is Regression Testing?
byAlan Richardson
 
Simple ways to add and work with a `.jar` file in your local maven setup
byAlan Richardson
 
Re-thinking Test Automation and Test Process Modelling (in pictures)
byAlan Richardson
 
Automating Strategically or Tactically when Testing
byAlan Richardson
 
Learning in Public - A How to Speak in Public Workshop
byAlan Richardson
 
How to Practise to Remove Fear of Public Speaking
byAlan Richardson
 

Recently uploaded

DOCX
From Text to Tune: How AI Music Generators Are Changing the Way We Create Songs
bycooperation2
 
PPTX
🚀 Appnigma AI – No-Code Salesforce App Builder for Faster Native Development
byssuser412e60
 
PDF
Softaken OCR Image to Text Extractor Tool
byaimberdphilomena
 
PDF
"SiyanoAV: Preventing Data Breaches in 2025"
byyogeshchauhanoffice
 
PDF
Enterprise Data Sync via Navision Integration Service Provider
byNavision India
 
PPTX
Hall-Pass-Management-Software-Transforming-School-Safety-and-Efficiency.pptx
byinfoswipesolutionsin
 
PDF
Evolution of Microsoft Project Portfolio Management - What Modern PMOs Are Do...
byOnePlan Solutions
 
PPTX
Lead Scoring Models in the Wild: What Works & What Doesn’t
bybbedford2
 
PDF
The future Android App Development in 2025
byLoudOwls Solutions Private Limited
 
PDF
AI-Powered Alert Analysis with ClickHouse Cloud Databases.pdf
byAlkin Tezuysal
 
PDF
Simplify Finances with Qandle’s Expense Software.pdf
byQandle
 
PPTX
College Management System.pptx
bygehlotyash2005
 
PDF
product realizatio n software.pdf
byJames Cameron
 
PDF
Speculative Automated Refactoring of Imperative Deep Learning Programs to Gra...
byRaffi Khatchadourian
 
PDF
Custom eCommerce App Development for Modern Retail Stores.pdf
byInexture Solutions
 
PPTX
Intoduction_to_Maven best java tool for project management
byparasbramhankar02
 
PDF
Top Django Questions for Preparation .pdf
bysenseacademy2
 
PDF
White-Label Development vs In-House Tech Teams: Key Differences
byShiv Technolabs Pvt. Ltd.
 
PPTX
EMR software | Best EMR software | EasyClinic
byEasy Clinic
 
PDF
Patterns of Patterns and why we need them
bydescri1
 
From Text to Tune: How AI Music Generators Are Changing the Way We Create Songs
bycooperation2
 
🚀 Appnigma AI – No-Code Salesforce App Builder for Faster Native Development
byssuser412e60
 
Softaken OCR Image to Text Extractor Tool
byaimberdphilomena
 
"SiyanoAV: Preventing Data Breaches in 2025"
byyogeshchauhanoffice
 
Enterprise Data Sync via Navision Integration Service Provider
byNavision India
 
Hall-Pass-Management-Software-Transforming-School-Safety-and-Efficiency.pptx
byinfoswipesolutionsin
 
Evolution of Microsoft Project Portfolio Management - What Modern PMOs Are Do...
byOnePlan Solutions
 
Lead Scoring Models in the Wild: What Works & What Doesn’t
bybbedford2
 
The future Android App Development in 2025
byLoudOwls Solutions Private Limited
 
AI-Powered Alert Analysis with ClickHouse Cloud Databases.pdf
byAlkin Tezuysal
 
Simplify Finances with Qandle’s Expense Software.pdf
byQandle
 
College Management System.pptx
bygehlotyash2005
 
product realizatio n software.pdf
byJames Cameron
 
Speculative Automated Refactoring of Imperative Deep Learning Programs to Gra...
byRaffi Khatchadourian
 
Custom eCommerce App Development for Modern Retail Stores.pdf
byInexture Solutions
 
Intoduction_to_Maven best java tool for project management
byparasbramhankar02
 
Top Django Questions for Preparation .pdf
bysenseacademy2
 
White-Label Development vs In-House Tech Teams: Key Differences
byShiv Technolabs Pvt. Ltd.
 
EMR software | Best EMR software | EasyClinic
byEasy Clinic
 
Patterns of Patterns and why we need them
bydescri1
 

Black Ops Testing Workshop from Agile Testing Days 2014

  • 1.
    Black Ops Testing Workshop Agile Testing Days Tony Bruce Steve Green Alan Richardson
  • 2.
    January 2015 Workshop,London www.BlackOpsTesting.com
  • 3.
    Introduction ● 3* 5 minute lightning talks ● We expect you to test stuff ● We will coach & ask questions as you test ● We may periodically debrief
  • 4.
    What you areabout to test ● Redmine ○ www.redmine.org ● Project Planning App ○ GUI, Rest API, Feeds, DB, Web Server
  • 5.
    Alan’s Bit atthe start ● Model, Observe, Interrogate, Reflect, Manipulate ● Tools help me observe and manipulate ● Note Taking
  • 6.
    A model ofhow Alan tests ● Model ○ What I think I understand. Different viewpoints. ● Observe ○ at different points to corroborate/invalidate model ● Reflect ○ find gaps, lack of depth, derive intent ● Interrogate ○ Focussed, deep dive observation with intent ● Manipulate ○ Hypothesis exploration and “how we do stuff”
  • 7.
    Tools help me... … Observe and Manipulate
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
    Note Taking ●Why: ○ Questions, Ideas, Risks, etc. ● What: ○ ToDos, Issues, Observations, Notes, etc. ● When: ○ Timestamps, sequential order ● Where: ○ urls, environment, users, etc. ● How: ○ commands, methods, tools used, etc. Evidence: ● logs, screenshots, output, files, etc.
  • 13.
    Tony’s bit ●Test ideas ● Tools ● Information & Intelligence
  • 14.
    Explore for testideas Prep - Notes - Summary - Important bits - Ideas - Comments - Questions - Thoughts - Six Honest Men "I Keep Six Honest Serving Men ..." I KEEP six honest serving-men (They taught me all I knew); Their names are What and Why and When And How and Where and Who. …….. Rudyard Kipling
  • 15.
    Tools Browser -Add-ons - Extensions - Developer tools - Others - Accessibility - Security - Debugging -
  • 16.
    Bob Stewart LeadershipUnder Pressure: Tactics from the Front Line
  • 17.
  • 18.
    Steve’s bit Whatare we going to test? ● What’s new? ● What’s changed? ● What’s important? ● What are known buggy areas? ● What has not been tested previously?
  • 19.
    What are wegoing to test?
  • 20.
    What might bedifficult?
  • 21.
    What might bedifficult? ● How can we create enough data? ● How can we test time-related features? ● How do we know if the right thing happened?
  • 22.
    Lightning Talk Debrief Extras? Questions? Comments?
  • 23.
    Collaboration Rules ●Don’t load test the app, we are all using it ○ If you accidentally bring it down through a clever then that’s fine, ● Don’t change data you didn’t create
  • 24.
    Where is theapp? ● You can install it locally if you want ○ http://redmine.org ● You can get an install or VM from bitnami ○ https://bitnami.com/stack/redmine ● You can use the redmine demo ○ http://demo.redmine.org/ ● You can use our server ○ ….
  • 25.
    Where is theapp? ● Links removed as only valid at the time we conducted the workshop
  • 26.
    Testing Phase 1 ● Consider what we said ● Test the app in new ways, take notes, try new tools ● Black Ops Team will mingle - do ask for help ● We will debrief prior to the break
  • 27.
    “...no plan ofoperations extends with any certainty beyond the first contact with the main hostile force.” Field Marshall Helmuth Carl Bernard Graf von Moltke, 1871
  • 28.
    Test the ****out of Redmine
  • 29.
    Hints... Are youmonitoring the HTTP traffic? Have you changed the DOM? Cookies? Internationalisation? Logged issues? ...
  • 30.
  • 31.
    Break (30 mins) Feel free to carry on testing if you want
  • 32.
    Testing Phase 2 ● You tell us
  • 33.
    Interrupt 1 Structureyour data to make testing easier. ● Unique values (where possible) ● Sequenced
  • 34.
    Interrupt 2 Testingmaxlength and truncation.
  • 35.
    Interrupt 2 Testingmaxlength and truncation. 0005x0010x0015x0020x0025x0030x0035x004 0x0045x0050x0055x0060x0065x0070x0075x0 080x0085x0090x0095x0100x0105x0110x0115 x0120x0125x0130x0135x0140x0145x0150x01 55x0160x0165x0170x0175x0180x0185x0190x 0195x0200x0205x0210x0215x0220x0225x023
  • 36.
    Interrupt 2 Testingmaxlength and truncation. http://bit.ly/1B7gQlx
  • 37.
    Interrupt 2a ●We have a broken app - can you get in? ● Links removed as only valid at the time of the workshop
  • 38.
  • 39.
    Interrupt 4 Canwe break the CSV, Atom or PDF exports? What might do that?
  • 40.
  • 41.
    Bugs we found1 ● The PDF does not contain the Start Date, Estimated Time, % Done or File Description for the attachments that are included in the New Issue form. ● The PDF does not contain the Target Version and Spent Time values that are included in the View Issue form.
  • 42.
    Bugs we found2 The Atom feed from the View Issue page has no content when it is viewed immediately after creating an issue. It did have content after adding a quote to the issue.
  • 43.
  • 44.
    Bugs we found3 The File Description for an image is not saved if too many characters are entered in the New Issue form. We did not investigate where the boundary is.
  • 45.
    Bugs we found4 The PDF that is generated from the Gantt page always shows the default zoom level regardless of the zoom level that has been selected. The URL of the PDF link contains a ‘zoom’ parameter (which does nothing). Changing the ‘months’ parameter has the desired effect.
  • 46.
    Bugs we found5 Some non-Roman characters are displayed correctly on all HTML pages but they are not displayed in PDFs.
  • 47.
    Bugs we found6 Some non-Roman characters are not displayed correctly in CSVs.
  • 48.
    Bugs we found7 You’re able to delete all user accounts, including admin. There is only 1 admin (as far as I could see) Tell us how….
  • 49.
    Bugs we found7 cont. Record browser traffic while deleting a account. Find the delete POST
  • 50.
    Bugs we found8 "Your account has been activated. You can now log in. " System says I am already "logged in as eris" and I am on my account page Minor issue about wording
  • 51.
    Bugs we found9 Error message about emails already in use when registering - privacy concern “Email has already been taken”
  • 52.
    Bugs we found10 Maximum length of email is 60 chars but needs to accept 254
  • 53.
    Bugs we found11 Can use an invalid language when registering a user.
  • 54.
    Bugs we found12 Truncation on project identifier with no error or warning message i.e. create project with 255 char identifier - truncated to 100
  • 55.
    Bugs we found13 When creating a project, the ID and name are populated via javascript but if I change the name then the identifier is not kept in sync.
  • 56.
    Bugs we found14 Can create an invalid enabled_modules entry by submitting a module name which does not exist when creating a project
  • 57.
    Bugs we found15 Change url to have csv or pdf views System should respond differently to csv and pdf on projects when GUI request rather than an API request 406 is better for API, 404 with html or 406 with html payload might be better
  • 58.
    Rathole 1 -Password Alan thought there was a bug with password lengths, and storing in a varchar 40, since password can be very long. But, a ‘hash’ is stored, not the password, this took time to discover.