April 15, 2014

Testing Applications on the Web by Hung Q. Nguyen, Bob Johnson, Michael Hackett (2003)

I've just finished to read this book and decided to write an opinion about it.

In short - I didn't like it. It's too obvious, too direct, too general and too big.

Examples of why obvious:
There are multiple browsers and browser versions available for PCs, Macintosh computers, and UNIX computers. (page 130)
Remember, for any valid condition, there is always an invalid condition. (page 259)

Examples of why direct:
In testing for DLL-related errors, do the following: ... (page 143)
In a server-side installation, the user (usually an administrator) must, at a minimum, be able to specify the following: ... (page 374)

Example of why general:
Simply put, an effective UI design is one that provides the highest usability to the users. (page 247)

Why big? I think, all information that is written on 644 pages could be shortened to 100 pages, or even less.

So, I can't suggest this book for experienced testers, because I don't think they find anything that expands their knowledge or makes them think in a new way. And I also can't suggest this book for new unexperienced testers, because normal person can't keep in mind 644 pages of todo lists and document templates and, again, because it doesn't make reader to think.

Also some things are not valid nowadays: for example, chapter about response time (internet is way more faster now); or some suggested tools; or some links are broken now (and there are lots of links in the book).

But there are a few things that I liked. First of all, it's a first book where I've read about The Combinatorial Method (page 78, Chapter 3).
Basically, with that method you can extract from, for example, 27 unique combinations 9 that are worth testing (I've even thought about using that algorithm in my next extension).

Also chapter 18 "Web Security Testing" is not bad. It is very long chapter (maybe that's why it seems to be quite thorough). And I think that it's introduction explains quite well why this topic is interesting:
Security issues are becoming the gravest concern of many companies. Despite this fact, security testing often remains the least understood and least well-defined testing activity.

In conclusion, I would like to tell that this book is not worth the time that it requires.


  1. Спасибо, Ирина, за Ваш пост. Собирался (как начинающий тестировщик) прочитать эту книгу (хотя уровень английского у меня и не очень), теперь передумал. Вы сэкономили мне уйму времени! Спасибо!