开发者

Test cases for string inputs [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.

Want to improve this question? Update the question so it focuses on one problem only by editing this post.

Closed 5 years ago.

Improve this question

What are some useful test case ideas (and test questions) related to string inputs? Usefulness need not mean applicable everywhere or all the time--just often enough to be worth considering when you address a new problem/system/d开发者_运维知识库omain.

Individual answers may contain questions specific to certain domains (eg email address) but should probably point to a separate wiki-question.

Please add your answer BOTH to the question and to the list of answers so that individual items may be voted upon.

Some answers:

  • See https://github.com/minimaxir/big-list-of-naughty-strings
  • Blank/null string
  • Whitespace only
  • All ASCII/ANSI characters 0-255
  • Extended Ascii characters (e.g. in Outlook)
  • Very long strings (suggest using perlclip to generate a counterstring, eg 2*4*6*8*11*14*17*20*
  • Only one character
  • Unicode characters
  • SQL injection
  • Cross-site scripting, Cross-site request forgery
  • ReDos

Related SO Questions:

  • Other test catalogs


  • localization concerns regarding number formats (decimals / commas)
  • behavior sensitivity of special characters (for example supporting single quotes, but still being capable of parsing a name like Jim O'malley)
  • escape character, and ending a string with the escape character - for example if your escape character is ^, and the user inputs something like See above^
  • new lines in a string intended as single-line.

the list is endless though because it really depends on how you intend to use the string, and where it came from.


ReDos vulnerabilities if a Regular Expression is used

http://msdn.microsoft.com/en-us/magazine/ff646973.aspx

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜