SlideShare a Scribd company logo

Web API Fragility: How Robust Is Your Mobile Application?

Download as PPTX, PDF
Andy Zaidman, profile picture
Andy Zaidman

The document analyzes the robustness of mobile applications against web API fragility, highlighting that many apps fail silently when faced with API response mutations. It identifies common issues, such as application crashes and errors due to specific types of response message alterations. Recommendations for improvement include adopting hateoas versioning, enhancing error reporting, and implementing validity checks for API responses.

Mobile
1 of 16
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Web API Fragility How Robust Is Your Mobile Application? Tiago Espinha, Andy Zaidman, Gerd Gross MobileSoft 2015, Firenze, Italy
Web API Fragility: How Robust Is Your Mobile Application?
Web API Fragility: How Robust Is Your Mobile Application?
Web API Fragility: How Robust Is Your Mobile Application?
Web API Fragility: How Robust Is Your Mobile Application?
Developer decides when Web API provider decides when
Web API Fragility: How Robust Is Your Mobile Application?
v1 v2
What is the damage?
43 Android apps Proxy server
Web API Fragility: How Robust Is Your Mobile Application?
Mutation operators on response message - Remove node - Add irrelevant node - Malformed response - Empty message response - Change of implicit data type - Data formatting disruption
Mutation operators on response message - Remove node - Add irrelevant node - Malformed response - Empty message response - Change of implicit data type - Data formatting disruption
App behaviour • Force close • Error message (no silent fail) • Timeout (versus indefinitely loading) • No indication
What happens? Undesirable
• >50% apps fail silently • Most apps fairly robust (30% crash on field removal) Recommendations • HATEAOS versioning of Web APIs • Better error reporting for users • Built-in validity checks for Web API response • Design for change when dealing with Web APIs

More Related Content

PDF
How to Find Vulnerabilities and Bugs in Mobile Applications
Josiah Renaudin
 
PPTX
ATAGTR2017 SPEAKING EYE for differently abled people to see the web content
Agile Testing Alliance
 
PPTX
Making the Transition from Manual to Automated Testing
Sauce Labs
 
PDF
Functional to Visual: AI-powered UI Testing from Testim and Applitools
Applitools
 
PDF
Continuous Testing Odyssey: Learn Best Practices for End-to-End Web App Testing
Sauce Labs
 
PPTX
CMG imPACt2016 - Mobile performance testing - Vendor training - Federico Tole...
Federico Toledo
 
PPTX
Get More out of Appium
Perfecto by Perforce
 
PDF
Measuring your way_to_successful_automation_webinar
Sauce Labs
 
How to Find Vulnerabilities and Bugs in Mobile Applications
Josiah Renaudin
 
ATAGTR2017 SPEAKING EYE for differently abled people to see the web content
Agile Testing Alliance
 
Making the Transition from Manual to Automated Testing
Sauce Labs
 
Functional to Visual: AI-powered UI Testing from Testim and Applitools
Applitools
 
Continuous Testing Odyssey: Learn Best Practices for End-to-End Web App Testing
Sauce Labs
 
CMG imPACt2016 - Mobile performance testing - Vendor training - Federico Tole...
Federico Toledo
 
Get More out of Appium
Perfecto by Perforce
 
Measuring your way_to_successful_automation_webinar
Sauce Labs
 

What's hot (20)

PDF
Key note Manish and Deepa
vodQA
 
PDF
Learnings from Hybrid App Testing Jijesh Mohan
vodQA
 
PPTX
ATAGTR2017 Wearable App Testing
Agile Testing Alliance
 
PDF
Testing Mobile App Performance
TechWell
 
PDF
SauceCon 2017: Making Your Mobile App Automatable
Sauce Labs
 
PDF
Awesome Test Automation Made Simple w/ Dave Haeffner
Sauce Labs
 
PPTX
Mobile App Testing Best Practices
Keynote Mobile Testing
 
PDF
SauceCon 2017: test.allTheThings(): Digital Edition
Sauce Labs
 
PDF
Quality at Speed: More API Testing, Less UI Testing
Sauce Labs
 
PDF
Using Selenium To Test Mobile? Meet Appium!
Sauce Labs
 
PPTX
CA CD for Linkedin
Prakash Vyas (CEng)
 
PDF
SauceCon 2017: Building a Continuous Delivery Pipeline with Testing in Mind
Sauce Labs
 
PPTX
The Essentials of Mobile App Performance Testing and Monitoring
Correlsense
 
PDF
YAGNI, YMMV and APIs: building a hybrid strategy for your API platform.
Diogo Lucas
 
PDF
Appium for RubyMotion
Isaac Murchie
 
PPTX
Integrate Visual AI Into Your Appium Scripts in Minutes
Applitools
 
PDF
2018 State of Testing Survey Results
SmartBear
 
PDF
SauceCon 2017: Testing @ the Speed of Concurrency
Sauce Labs
 
PDF
Automation Pyramid - Make it right!
Sachin Natu
 
PPTX
Dimensions CM Summer VUG Presentation
Serena Software
 
Key note Manish and Deepa
vodQA
 
Learnings from Hybrid App Testing Jijesh Mohan
vodQA
 
ATAGTR2017 Wearable App Testing
Agile Testing Alliance
 
Testing Mobile App Performance
TechWell
 
SauceCon 2017: Making Your Mobile App Automatable
Sauce Labs
 
Awesome Test Automation Made Simple w/ Dave Haeffner
Sauce Labs
 
Mobile App Testing Best Practices
Keynote Mobile Testing
 
SauceCon 2017: test.allTheThings(): Digital Edition
Sauce Labs
 
Quality at Speed: More API Testing, Less UI Testing
Sauce Labs
 
Using Selenium To Test Mobile? Meet Appium!
Sauce Labs
 
CA CD for Linkedin
Prakash Vyas (CEng)
 
SauceCon 2017: Building a Continuous Delivery Pipeline with Testing in Mind
Sauce Labs
 
The Essentials of Mobile App Performance Testing and Monitoring
Correlsense
 
YAGNI, YMMV and APIs: building a hybrid strategy for your API platform.
Diogo Lucas
 
Appium for RubyMotion
Isaac Murchie
 
Integrate Visual AI Into Your Appium Scripts in Minutes
Applitools
 
2018 State of Testing Survey Results
SmartBear
 
SauceCon 2017: Testing @ the Speed of Concurrency
Sauce Labs
 
Automation Pyramid - Make it right!
Sachin Natu
 
Dimensions CM Summer VUG Presentation
Serena Software
 
Ad

Similar to Web API Fragility: How Robust Is Your Mobile Application? (20)

PPTX
The Best of Both Worlds - Combining Performance and Functional Mobile App Tes...
Bitbar
 
PPTX
Monitoring Solutions for APIs
Apigee | Google Cloud
 
PDF
[TTT Meetup] Enhance mobile app testing with performance-centric strategies (...
NITHIN S.S
 
PPTX
Metrics Driven DevOps - Automate Scalability and Performance Into your Pipeline
Andreas Grabner
 
PPTX
Atmosphere 2016 - Andreas Grabner - Metrics Driven-DevOps: Delivering High Qu...
PROIDEA
 
PDF
Encontrando la Aguja en el Rendimiento de Aplicaciones
Software Guru
 
PPTX
Interview questions for an Android Developer
Interview Mocha
 
PDF
Improve App Performance: Key Tips Explained
Shiv Technolabs Pvt. Ltd.
 
PPTX
Mobile App Testing on Cloud
pCloudy
 
PPTX
Operationalize all the network things
Lori MacVittie
 
PPTX
Operationalize All the Network Things by Lori MacVittie
DevOps4Networks
 
PPTX
Chapter 1. Why Performance Test
Juan David Giraldo Marín
 
PPTX
Twelve factor-app
José Javier Vélez Colón
 
PPTX
Progressive Web App
Saleh Rahimzadeh
 
PDF
How to deal with mobile traffic expansion
Mevlana M. Gürbulak
 
PDF
Webinar effective mobile performance testing using real devices
Perfecto Mobile
 
PDF
Mobile apps & Server Apis, the weak link? par Emanuele Pecorari
Olivier DASINI
 
PDF
Connect Ops and Security with Flexible Web App and API Protection
DevOps.com
 
PDF
Thinking about the full stack to create great mobile experiences
New Relic
 
PPTX
How to Monitor Your Java & .NET Applications with eG Enterprise
eG Innovations
 
The Best of Both Worlds - Combining Performance and Functional Mobile App Tes...
Bitbar
 
Monitoring Solutions for APIs
Apigee | Google Cloud
 
[TTT Meetup] Enhance mobile app testing with performance-centric strategies (...
NITHIN S.S
 
Metrics Driven DevOps - Automate Scalability and Performance Into your Pipeline
Andreas Grabner
 
Atmosphere 2016 - Andreas Grabner - Metrics Driven-DevOps: Delivering High Qu...
PROIDEA
 
Encontrando la Aguja en el Rendimiento de Aplicaciones
Software Guru
 
Interview questions for an Android Developer
Interview Mocha
 
Improve App Performance: Key Tips Explained
Shiv Technolabs Pvt. Ltd.
 
Mobile App Testing on Cloud
pCloudy
 
Operationalize all the network things
Lori MacVittie
 
Operationalize All the Network Things by Lori MacVittie
DevOps4Networks
 
Chapter 1. Why Performance Test
Juan David Giraldo Marín
 
Twelve factor-app
José Javier Vélez Colón
 
Progressive Web App
Saleh Rahimzadeh
 
How to deal with mobile traffic expansion
Mevlana M. Gürbulak
 
Webinar effective mobile performance testing using real devices
Perfecto Mobile
 
Mobile apps & Server Apis, the weak link? par Emanuele Pecorari
Olivier DASINI
 
Connect Ops and Security with Flexible Web App and API Protection
DevOps.com
 
Thinking about the full stack to create great mobile experiences
New Relic
 
How to Monitor Your Java & .NET Applications with eG Enterprise
eG Innovations
 
Ad

More from Andy Zaidman (7)

PDF
Show Your True Testing Color: The Environmental Impact of Software Testing
Andy Zaidman
 
PPTX
Automatic for the People
Andy Zaidman
 
PPTX
Software Analytics
Andy Zaidman
 
PPTX
Fact or Fiction? What Software Analytics Can Do For Us
Andy Zaidman
 
PPTX
Software Analytics: The Dark Side and the Test Side
Andy Zaidman
 
PPTX
First steps in testing analytics: Does test code quality matter?
Andy Zaidman
 
PPTX
Studying Late Propagations in Code Clone Evolution Using Software Repository ...
Andy Zaidman
 
Show Your True Testing Color: The Environmental Impact of Software Testing
Andy Zaidman
 
Automatic for the People
Andy Zaidman
 
Software Analytics
Andy Zaidman
 
Fact or Fiction? What Software Analytics Can Do For Us
Andy Zaidman
 
Software Analytics: The Dark Side and the Test Side
Andy Zaidman
 
First steps in testing analytics: Does test code quality matter?
Andy Zaidman
 
Studying Late Propagations in Code Clone Evolution Using Software Repository ...
Andy Zaidman
 

Recently uploaded (6)

PDF
Lesson 13- HEREDITY _ pedSAWEREGFVCXZDSASEWFigree.pdf
glennpauloani
 
PDF
heheheueueyeyeyegehehehhehshMedia-Literacy.pdf
judekimwellnombre15
 
DOC
Camb毕业证学历认证,格罗斯泰斯特主教大学毕业证仿冒文凭毕业证
zavofe
 
DOC
证书学历UoA毕业证,澳大利亚中汇学院毕业证国外大学毕业证
byysy
 
PPTX
ASMS Telecommunication company Profile
Mukesh604998
 
PDF
6-UseCfgfhgfhgfhgfhgfhfhhaseActivity.pdf
FadyFady9
 
Lesson 13- HEREDITY _ pedSAWEREGFVCXZDSASEWFigree.pdf
glennpauloani
 
heheheueueyeyeyegehehehhehshMedia-Literacy.pdf
judekimwellnombre15
 
Camb毕业证学历认证,格罗斯泰斯特主教大学毕业证仿冒文凭毕业证
zavofe
 
证书学历UoA毕业证,澳大利亚中汇学院毕业证国外大学毕业证
byysy
 
ASMS Telecommunication company Profile
Mukesh604998
 
6-UseCfgfhgfhgfhgfhgfhfhhaseActivity.pdf
FadyFady9
 

Web API Fragility: How Robust Is Your Mobile Application?

  • 1. Web API Fragility How Robust Is Your Mobile Application? Tiago Espinha, Andy Zaidman, Gerd Gross MobileSoft 2015, Firenze, Italy
  • 6. Developer decides when Web API provider decides when
  • 9. What is the damage?
  • 12. Mutation operators on response message - Remove node - Add irrelevant node - Malformed response - Empty message response - Change of implicit data type - Data formatting disruption
  • 13. Mutation operators on response message - Remove node - Add irrelevant node - Malformed response - Empty message response - Change of implicit data type - Data formatting disruption
  • 14. App behaviour • Force close • Error message (no silent fail) • Timeout (versus indefinitely loading) • No indication
  • 16. • >50% apps fail silently • Most apps fairly robust (30% crash on field removal) Recommendations • HATEAOS versioning of Web APIs • Better error reporting for users • Built-in validity checks for Web API response • Design for change when dealing with Web APIs