RyanSchlomer.com

Sr QA Consultant

Testing for Beginners: Boundary Testing and Input Validation

Posted by:

|

On:

|

,

Welcome back to the “Testing for Beginners” series. After laying down the foundation with the basics of testing, it’s time to dive deeper into specific testing techniques. In this post, we’ll focus on boundary testing and input validation—two critical aspects of software testing that play a pivotal role in ensuring data integrity and even security for any application.

What is Boundary Testing?

Boundary testing is a technique used to identify issues that occur at the extreme ends, or boundaries, of input domains. The primary goal here is to ensure that the system behaves as expected when pushed to its limits. For example, if a text field is supposed to accept a maximum of 50 characters, what happens when you enter 51? Does it truncate, throw an error, or crash the system? These are the kinds of questions boundary testing aims to answer.

What is Input Validation?

On the other hand, input validation is the process of ensuring that only correct and secure data is accepted by the system. The main objective is to prevent incorrect or even malicious data from entering the application. For instance, if a form field expects an email address, input validation checks that the entered data indeed follows the email format. This not only ensures data integrity but also enhances security by preventing potential injection attacks.

Why Both Are Important

You might wonder why I’m discussing both techniques together. That’s because boundary testing and input validation often go hand in hand. While boundary testing ensures that the system can handle extreme conditions, input validation ensures that the data within those boundaries is correct. These techniques are also crucial for identifying security vulnerabilities, such as buffer overflows or SQL injections. Moreover, proper boundary testing and input validation significantly improve the user experience by preventing errors and enhancing data integrity.

How to Perform Boundary Testing and Input Validation Testing

Performing these tests involves a few key steps. First, identify the boundaries that need to be tested. These could be the minimum and maximum values for a numerical input or the length of a text field. Once you’ve identified these, you can design your test cases specifically for boundary testing. The next step is execution. Run these test cases and analyze the results to identify any anomalies or defects.

Boundary Testing and Input Validation Examples

Let’s look into a real-world example to better understand boundary testing. Imagine you’re testing a ‘Last Name’ field in a form. The requirements for this field are:

  • Accept only letters and special characters like dashes and apostrophes.
  • Allow a maximum of 50 characters.

For this field, you would perform the following tests:

  • Happy Path: Enter a last name that meets all the requirements, such as “O’Connor-Jones,” to ensure it’s accepted.
  • Special Characters: Test each special character individually to ensure only dashes and apostrophes are accepted. For example, try entering last names like “O’Connor” and “Smith-Jones” to make sure they’re accepted, and names like “Smith@Jones” to confirm they’re rejected.
  • Boundary Values: Enter a last name with exactly 50 characters and another with 51. The former should be accepted, and the latter should be rejected.
  • Required Field: Leave the field blank and attempt to submit the form. An error message should be displayed, indicating that the field is required.
  • Minimum Length: Enter a last name with just one character, like “A,” to ensure it’s accepted, as it meets the minimum requirement.

Testing Fields Individually

It’s important to test each field on a web page separately to isolate its behavior and ensure its rules are triggered independently. To do this effectively, enter valid data into all other required fields while focusing on the specific field you’re testing. This approach ensures that you’re truly testing just that one field, making it easier to identify any issues or anomalies specific to it. For example, if you’re testing the ‘Last Name’ field, make sure to fill in valid data for ‘First Name,’ ‘Email,’ and any other required fields to be certain any issues you find are isolated to ‘Last Name.’

However, once all fields have been tested individually, it’s also beneficial to trigger as many validation messages as possible simultaneously. This serves two purposes: first, it ensures that the screen layout is still good even when multiple error messages are displayed; second, it allows you to verify that the form won’t submit until all validation errors are resolved. A good practice here is to fix the errors one at a time, ensuring that the submit action remains disabled until all issues are addressed.

Beyond the UI

It’s hard for me to stop with the UI when discussing input validation and boundary testing. Testers need to make sure this data is stored correctly in the database or sent to the API correctly. If a field can accept 50 characters on the UI, the database and/or API need to accept 50 characters as well. After submitting the maximum characters for all of the fields (both required and optional fields) verify in the database that all the data was saved correctly or that the API handles the data correctly.

Conclusion

In summary, boundary testing and input validation are indispensable techniques in software testing. They help ensure data integrity, enhance security, and improve user experience. Stay tuned for the next post in this series, where we’ll look at another aspect of testing.