I have a web app that opens and closes background process on the server. I want to simulate multiple users logging in and out of the site as well as pressing all the buttons (general interaction). I am testing the app in general as well as how well the background process are juggled.
Are there specific libraries that i should look at that would simulate a web client? This is system level testing as opposed to unit testing..i think.
Try Selenium or Watir.
Related
Does a mobile application written with Nativescript, which utilizes a cross-platform Javascript runtime, have the same XSS vulnerability as a website?
Well, in the strictest sense of the definition of XSS, no. However security vulnerabilities in general -- I guess that depends on several factors about your application. In the strictest sense a normal app the answer would be no; because in a normal application it is not written to download or run any external or user code. So since you don't download or run any external code; that eliminates that risk.
So in a normal application; no. However, if you make some app that actually allows a third-person to run there own JS inside your app; then yes by running any JS you open up the opportunity to compromise your app. But that really wouldn't be XSS, it would just be a security vulnerability you created as you are allowing others to run code in your app. (This is the same with ANY environment, the minute you allow someone to run code in your app; you open the doors for all sorts of mischief)
Now if this "extra" code is downloadable from a website; then you could get a XSS like issue where "BadGuy" posts a JS file on your website and then while extolling the virtues of how cool his script is, "NaiveGuy" downloads and runs it. Bam, NaiveGuy has his phone compromised by a script that you have on your website... But again this is something you would HAVE to specifically make this type of system to allow this to occur; this is not an issue built into NativeScript...
Two notes;
Any platform can suffer from this issue; NativeScript, React Native, Ionic, Cordova, WebSites, Node, Java, C, etc -- you allow a BadGuy to run code inside your app; you are in deep trouble security wise...
If you are using a WebView component in your NativeScript App (or any other language), then the WebView component itself can have XSS issues totally unrelated to NativeScript based on the website have it go to, as the WebView is a true Web browser component and it will do exactly what Chrome or Firefox would do on the site... But any XSS issues in the WebView caused by the website doesn't correlate to an issue inside NativeScript as the WebView is isolated from NativeScript...
I've designed a desktop app using PyQt GUI toolkit and now I need to embed this app on my Django website. Do I need to clone it using django's own logic or is there a way to get it up on website using some interface. Coz I need this to work on my website same way it works as desktop. Do I need to find out packages in django to remake it over the web or is there way to simplify the task?
Please help.
I'm not aware of any libraries to port a PyQT desktop app to a django webapp. Django certainly does nothing to enable this one way or another. I think, you'll find that you have to rewrite it for the web. Django is a great framework and depending on the complexity of your app, it might not be too difficult. If you haven't done much with web development, there is a lot to learn!
If it seemed like common sense to you that you should be able to run a desktop app as a webapp, consider this:
Almost all web communication that you likely encounter is done via HTTP. HTTP is a protocol for passing data between servers and clients (often, browsers). What this means is that any communication that takes place must be resolved into discrete chunks. Consider an example flow:
You go to google in your browser.
Your browser then hits a DNS server (or cache) that resolves the name google.com to some IP address.
Cool, now your browser makes a request to that IP address and says "get me some stuff".
Google decides to send you back a minimal amount of HTML and lots of minified JavaScript in the page.
Your browser realizes that there are some image links in the HTML and so it makes additional requests to google to get each of the images so that it can display them.
Now all the content is loaded on your browser so it starts to execute the JavaScript code, and that code needs some more data from google so it starts sending requests to google too.
This is just a small example of how fundamentally different a web application operates than how a desktop application does. On a desktop app you have the added convenience that any operation doesn't need to be "packaged up" and sent, then have an action taken, etc (unless you're using a messaging architecture, but that's relatively uncommon outside of enterprise apps).
I am very comfortable with Django, and I was wondering about whether there is some way to convert a Django web app into a Desktop app (may be not 100%), so that I can distribute it to users, instead of learning a GUI framework.
Thanks
Maybe not exactly what you are looking for, but if you really, really don't want to learn a GUI framework, in your place I'd consider packaging your Django web application with a small web server in the distributable package, with the Django app configured to run on localhost on the web server. Then I'd include a script that launches a browser pointing at the starting page of your Django app as the "executable".
If not configured properly this could be considered weak from a security point of view.
I'm attempting to use qUnit to perform some unit testing that requires the screens generated by my web app to run. My idea is to put my application into an iframe embedded in my qUnit test page. However this does not seem to work (in chrome) I don't seem to be able to access the web app's iframe. If I do this in chrome's console I get undefined:
frames['myApp'].document
I think this is to do with some kind of cross domain scripting security but, both my web app and my test page are being served from localhost so I don't see why this is occurring, also I have started Chrome with the --disable-web-security parameter but this has not fixed.
Is there a better way to do unit testing that requires output from my application?
You can try publish these tests on localhost by any simple http server, for example if you have a node you can use https://github.com/nodeapps/http-server.
I have a similar situation tests are running in iframe and this work without problems.
Dear everyone, I am just curious, is it possible to create standalone GUI application which further can be easily migrated to the web? Or, even better, will be able to work in two modes locally and remotely through web browser. Since the main application logic is already written on C++ I read a little about Qt Quick. As I understood it is somehow possible to mix web application and standalone one, but I haven't found direct example illustrating the case I am interested in. Any ideas?
Depends on what your application does. If it is heavy UI bound and not calculation intense you will not get very far with Qt. There are a few toolkits for Java like GWT which help you to program an AJAX app like you would program a normal desktop GUI - but i don't know any C++ framework doing the same.
For a non heavy UI bound application i would convert the UI to HTML5 and just deploy the webserver infrastructure with your application and a self written Browser based on QT. With this it is trivial to switch between local and remote apps.
For a heavy UI bound application, use GWT.
If you write your back in terms of services, then your stand-alone and web front ends can both use them. That lets you have multiple user interfaces without affecting the processing. Easy to add mobile, too.