Testing Checklist for Web Applications

Designing websites can be a long and complicated process. Dealing with clients, designing prototypes, coding, programming, and testing – there’s a lot to keep track of and a lot to make sure gets done. That’s where checklists can make your life a whole lot easier. With lists of points covering multiple areas from content to usability to accessibility to standards, you’re a lot less likely to overlook important parts of a site.

Keep in mind that there is no golden rule that fit your Website Testing. If one rule is suitable for testing of one website, it is not true for another website. In this blog I’ve listed the Testing Checklist for Web Application. This does not mean that you should follow this Website testing cheat-list for all types of Website Testing. This is the kind of checklist to remember while testing your website. The chance of Success (or failure) is deeply depends on the particular context!

This way you will not miss any important step and will keep a check on quality too. If you doesn’t make any checklist or forget to include any task in it then it is possible that you might miss some of the important defects.

Tailor your approach and ensure that your testing strategy is as effective, efficient, and timely as possible. Below is the checklist to make your design process easier and more organized. Consider using this checklist as a jumping off point for creating your own customized list, based on your own needs.


  • Check that the link takes you to the respective page.
  • Ensure to have no orphan pages (a page that has no links to it)
  • Check all of your links to other websites
  • Are all referenced web sites or email addresses hyperlinked?
  • If we have removed some of the pages from our own site, set up a custom 404 page that redirects your visitors to your home page (or a search page) when the user try to access a page that no longer exists.
  • Check all mailto links and whether it reaches properly


  • Acceptance of invalid input
  • Optional versus mandatory fields
  • Input longer than field allows
  • Text box accepted character limit
  • Default values on page load/reload(Also terms and conditions should be disabled)
  • Is Command Button can be used for HyperLinks and Continue Links ?
  • Is all the datas inside combo/list box are arranged in chronolgical order?
  • Are all of the parts of a table or form present and correctly laid out?
  • Does a scrollbar appear if required?
  • Assure that leap years are validated correctly & do not cause errors/miscalculations.

Numeric fields

  • Assure that lowest and highest values are handled correctly.
  • Assure that numeric fields with a blank in position 1 are processed or reported as an error.
  • Assure that fields with a blank in the last position are processed or reported as an error an error.
  • Assure that both + and – values are correctly processed.
  • Assure that division by zero does not occur.
  • Include value zero in all calculations.
  • Assure that upper and lower values in ranges are handled correctly. (Using BVA)

Alphanumeric fields

  • Use blank and non-blank data.
  • Include lowest and highest values.[Character limits]
  • Include invalid characters & symbols.
  • Include valid characters.
  • Include data items with first position blank.
  • Include data items with last position blank.

Search functionality

  • Search with invalid characters
  • Search with valid characters
  • Check for filter options like search by date, time, name, price etc
  • Search result is displayed as “search on go” / dynamic
  • Verify sorting is done properly

UI Test Scenarios:

  • Check either screen is responsive
  • Check the site behavior in top priority browsers
  • All fonts and text should be same as per the requirements.
  • Verify graphical data representations [Pie chart, bar chart, Linear graph, histogram, etc] are shown correctly according to available data
  • Verify pagination is done if auto-scroll feature is not implemented.
  • Web page content should be correct without any spelling or grammatical errors
  • All the error messages should be correct without any spelling or grammatical errors and the error message should match with the field label.
  • Tool tip text should be there for every field.
  • All the fields should be properly aligned.
  • Enough space should be provided between field labels, columns, rows, and error messages.
  • All the buttons should be in a standard format and size.
  • Home link should be there on every single page.
  • Disabled fields should be grayed out.
  • Check for broken links and images.
  • Confirmation message should be displayed for any kind of update and delete operation.
  • Check the site on different resolutions (640 x 480, 600×800 etc.?)
  • Check for error key values
  • Check the tab should work properly.
  • Scroll bar should appear only if required.
  • If there is an error message on submit, the information filled by the user should be there.
  • Title should display on each web page
  • All fields (Textbox, dropdown, radio button etc) and buttons should be accessible by keyboard shortcuts and the user should be able to perform all operations by using keyboard.
  • Check if the dropdown data is not truncated due to the field size and also check whether the data is hardcoded or managed via administrator.
  • Check copyright year information

Security Testing

  • Verify that cookies can be used/cannot be used as per the requirement or regional rule.
  • Verify the web page which contains important data like password, credit card numbers, secret answers for security question etc should be submitted via HTTPS (SSL).
  • Verify the important information like password, credit card numbers etc should display in encrypted format.
  • Verify password rules are implemented on all authentication pages like Registration, forgot password, change password.
  • Verify if the password is changed the user should not be able to login with the old password.
  • Verify the error messages should not display any important information.
  • Verify if the user is logged out from the system or user session was expired, the user should not be able to navigate the site.
  • Verify to access the secured and non secured web pages directly without login.
  • Verify the “View Source code” option is disabled and should not be visible to the user.[ For data sensitive web applications like banking, finance, logistics etc ]
  • Verify the user account gets locked out if the user is entering the wrong password several times.
  • Verify the cookies should not store passwords.
  • Verify if, any functionality is not working, the system should not display any application, server, or database information. Instead, it should display the custom error page.
  • Verify the user roles and their rights. For Example The requestor should not be able to access the admin page.
  • Verify the important operations are written in log files, and that information should be traceable.
  • Verify the session values are in an encrypted format in the address bar.
  • Verify the cookie information is stored in encrypted format.
  • Check either robots.txt is accessible [ http://www.robotstxt.org/robotstxt.html ]
  • Verify for list of User-agents, links allowed in robots.txt
  • Verify either disallowed user-agents/links specified in robots.txt are not able to access

These are some of the main terms which should be included in the Testing Checklist, however every organization has different approach and the Testing Checklist may vary. It is always a good practice to make a checklist so that testing can be done in a proper way and no important point should be missed.


Test Engineer,

Mallow Technologies

Leave a Comment

Your email address will not be published. Required fields are marked *