Learning Something New: 18/07/2018

“When we compare ourselves to others, we reject ourselves. In the moment, we’re defined by that breadth of comparison rather than the extraordinary uniqueness that makes us who we are.”.

Subject: Java Fundamentals

    1. Primitive Data Types for Variables
      • Integer
      • Floating
      • Character
      • Boolean
    2. Data Types - Size in Bits - Min Value - Max Value - Literal Format
    3. Integer Types:
      • long type: uses literal formal 'L'
    4. Floating Types:
      • float type: uses literal format 'f'
      • double type: uses literal format 'd'
    5. Character Types:
      • Literal values are stored in single quotes.
      • Also stores unicode characters.
    6. Boolean Types:
      • Stores either True or False
    7. Primitive Data Types are stored by Value.

    Subject: Web Testing 101 - How to test World Wide Web

    1. ID Elements on Web:
      • Most of the Web applications, I see there are errors in console. 
      • Typical ones are Same Element Id is used twice. I learnt myself, that there should be unique id's instead of duplicate element ids.

    [DOM] Found 2 elements with non-unique id #priceVal_1412: 
    <input type=​"hidden" id=​"priceVal_1412" value=​"20.7">​ 
    <input type=​"hidden" id=​"priceVal_1412" value=​"17.57"> 

    Albert Gareev mentions: That will also impact accessibility. Screen readers rely on id to describe relationships; for example, edit box and its label.

    Follow HTML guidelines

    Web browsers are designed with the HTML specification in mind, and going against it can lead to unexpected issues with your web page. This means:
    Element id attributes should be unique: no two elements should have the same id.

    References: https://www.chromium.org/developers/design-documents/create-amazing-password-forms

    Posted in , , | Leave a comment

    Learning Something New: 17/07/2018

    "It always seems impossible until it's done."

    Subject: Java Fundamentals

    1. Variables
    2. Declaration of Variables
    3. Assignment of Values to Variables
    4. Variables = Ability to store and manipulate values (Named Data Storage)
    5. Declaration and Assignment of Values in a single statement
    6. Naming Variables
      • Combination of Rules and Conventions.
      • Rules: Allows use of letters, numbers, $ and underscore
      • Convention: Only letters and numbers are used.
      • Rules: First character is not a number
      • Convention: First character is always a letter
      • Convention: Follow "Camel Casing"
        • First letter is lowerCase
        • Start of each word after first is UpperCase
        • All other letters are lower case.
    7. We can assign a value to variable and later modify it to other.
    8. Local Variables: 
      • Variables declared inside the main method
     public class Variables {  
          public static void main(String[] args) {  
                * Declaring only the local variable and printing the variable.  
                * int myVar;  
                * System.out.println(myVar);  
                * Error during compilation:  
                * Exception in thread "main" java.lang.Error: Unresolved compilation problem:   
                * The local variable myVar may not have been initialized  
                * at Variables.main(Variables.java:8)  
               int myVar; //Declaring the local variable  
               myVar = 50; //Assigning the value to local variable  
               System.out.println("myVar=" + myVar);  
               int anotherVar = 100; //Declaring and assigning another local variable  
               System.out.println("anotherVar=" + anotherVar);  
               myVar = anotherVar ; //Assigning copy of value of anotherVar to myVar  
               System.out.println("myVar=" + myVar);  
               System.out.println("anotherVar=" + anotherVar);  
               anotherVar=200; //Assigning another value to anotherVar. As it is already declared earlier.  
               System.out.println("myVar=" + myVar);  
               System.out.println("anotherVar=" + anotherVar);  

      Subject: Web Application Security


      1. OWASP - #4: Insecure Cryptographic Storage
        • When you register a user, find out how the passwords are stored in application.
        • If it is Plain text, then it is leads to security vulnerability.
        • Passwords should never be stored in unencrypted format: plain text on server.
        • Better way is to store using one-way cryptographic hash of user's password.
        • While logging to the application, Password is computed with hash function and compares the hashed password with stored hash password. If both matches, Login is granted.
        • Benefits: Only one-way hash, cannot compute the string from hash.
        • Hash Functions: SHA-1 , SHA-512 etc.
        • More better way to secure is: Adding Salt (Random text) to the password, before computing the hash function. This maximizes the password cryptography.
        • Without Salt, when user creates a password as "Hello" and another user creates the same password as "Hello". When they are computed through Hash function. Both Hashed Passwords will be same.
        • Reference: Web Application Security - What Testers can do.
      2. OWASP - #5: Failure to Restrict URL Access
        • Keep unauthorized users out of access of modules from UI Navigation and By URL.

      Posted in , , | Leave a comment

      Learning Something New: 16/07/2018

      "Be more consistent than everyone around you and you will win

      Subject: Web Application Security

      1. OWASP - #1: Broken Authentication and Session Management
        • What is HTTP
        • How web server communicates with web application
        • What is meant by Stateless protocol.
        • What is Session Identifier (ID)
        • Why do web applications use Session ID
        • Identify the pattern of Session ID's in your application.
        • Is your session ID displaying in the URL of the web aplication?
          • Can anyone use the same URL and impersonate the session

      Subject: Accessibility Testing

      1. Tool used to evaluate the web application for Accessibility.
          • WAVE - http://wave.webaim.org/
      2. Understanding the tool, how it works.

      Exercise: Enter the URL of the website and Hit Enter.
      Summary will display errors, warnings, information etc.

          Posted in , , | Leave a comment