Test cases for string inputs [closed]
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this questionWhat are some useful test case ideas (and test questions) related to string inputs? Usefulness need not mean applicable everywhere or all the time--just often enough to be worth considering when you address a new problem/system/d开发者_运维知识库omain.
Individual answers may contain questions specific to certain domains (eg email address) but should probably point to a separate wiki-question.
Please add your answer BOTH to the question and to the list of answers so that individual items may be voted upon.
Some answers:
- See https://github.com/minimaxir/big-list-of-naughty-strings
- Blank/null string
- Whitespace only
- All ASCII/ANSI characters 0-255
- Extended Ascii characters (e.g. in Outlook)
- Very long strings (suggest using perlclip to generate a counterstring, eg 2*4*6*8*11*14*17*20*
- Only one character
- Unicode characters
- SQL injection
- Cross-site scripting, Cross-site request forgery
- ReDos
Related SO Questions:
- Other test catalogs
- localization concerns regarding number formats (decimals / commas)
- behavior sensitivity of special characters (for example supporting single quotes, but still being capable of parsing a name like
Jim O'malley
) - escape character, and ending a string with the escape character - for example if your escape character is
^
, and the user inputs something likeSee above^
- new lines in a string intended as single-line.
the list is endless though because it really depends on how you intend to use the string, and where it came from.
ReDos vulnerabilities if a Regular Expression is used
http://msdn.microsoft.com/en-us/magazine/ff646973.aspx
精彩评论