[Me]:- Guruji, if I have to do testing on other technologies like Active X or XML, what questions can I formulate?
[Guruji]:- You can ask yourself these questions
1) Are ActiveX controls used? If they are planned in the product, is this product intended to be used anywhere except for Microsoft Internet Explorer on Windows?
2) Do the ActiveX controls allow code to be executed? Do they read or write files? Could they be made to?
3) Do the ActiveX controls create or delete any persisted data?
4) Do the ActiveX controls touch any system files or registry settings? (for example, reading or modifying)?
5) Are any other objects created?
6) Does the object ShellExecute?
7) Does the control expose any personal information? (Think about file names, user login name, paths, and so on.)
8) Are all of your ActiveX controls signed?
9) Are all of your ActiveX controls virus checked?
10) Are Java applets implemented?
11) Is CGI used? If not, can it be disabled on the server?
12) Are XML requests being sent?
13) Can a malformed XML query come from the client?
14) What happens if an XML request is sent to the server without the closing tag </…>? Does the server hang waiting for the end of the request?
Vinay Jagtap
A hard core Technocrat with over a decade of extensive experience in heading complex test projects coupled with real time experience of project management and thought leadership. Extensive experience in Performance, Security and Automation Testing and development of automation frameworks and ability to setup and execute Global service centers and Center of Excellences for testing.
