Test cases:
Some of the major test cases for Web Application Cookie testing are below:
1) As a Cookie privacy policy, ensure from the design documents that no private or sensitive information is getting saved in the cookie.
2) If there is not option other than saving your personal information in a cookie, then ensure that the information saved in cookie should be in an encrypted format.
3) Ensure that the site is not overuse cookies under test. Overuse of it will irritate the end-users by reminding the users for cookies more frequently. This will be result in loss of site traffic and loss of business.
4) Verify the site's behavior by disabling the cookies from your browser settings. If the site is dependent on the cookies then the major functionality will stop working because the cookies are disabled. So, verify the result, make sure that proper message in understandable way should be display to the end-use so that they will enable the cookie again to proceed.
5) Verify the site's behavior by accepting/rejecting some cookies. Accept or reject some cookies then make sure that the major functionality should be working fine.Verify that if pages are getting crashed or data is getting corrupted.
6) Verify the site's behavior after deleting the cookie. Delete all cookies manually and then verify the web pages and their behavior.
7) Verify the site's behavior by corrupting the cookies. Corrupt a cookie like manually alter a cookie content or name or expiry date then verify the site's functionality or behavior. Ensure that your site's cookies should not be able to access by any other domain.
8) Cookie Testing on Multiple browsers: Verify that cookies should be written properly from your web page on different browsers. Also, site should work properly using these cookies. Test your web application on multiple browsers like Internet explorer, Mozilla Firefox, Netscape, Opera etc.
9) If your web application maintains the logging condition of any users by using the cookies then log into with any username and password. In some cases, the logged in user ID parameter may directly display in the browser address bar. Change this user ID from browser's address bar and enter. Then a proper error message should be displayed to the user and the user should not be able to see other users account.
0 Comment(s)