What is Cookie Testing?
This article talks about the details step by step description of how cookie testing can be done. Cookie testing is a vital aspect of functional testing for web-based applications especially eCommerce applications.
What is Cookie?
A cookie is little data put away in the content records on the client’s hard drive by the webserver. This data is later utilized by an internet browser to recover data from that machine. By and large, a cookie contains customized client information or data that is utilized to impart between various website pages.
Note: Cookie and Session are two different aspects of the website. Cookies are general-purpose client-side note whereas the session are kept in the server to track the client with all possible information. A cookie can be alive even if the browser is closed but for a session it ends as soon as the client browser ends or get killed. More broadly both are dependent on each other, like a valid session creates a cookie(if allowed). And a session is made the cookie a transporter for all client-related information as buffer storage.
Why Cookies are used?
Cookies are only the client’s identity and used to follow where the client explored all through the site pages. The correspondence between the internet browser and the web server is stateless.
Imagine a scenario where you need the history of this client correspondence with the webserver. You have to keep up the client state and association between an internet browser and web server someplace. This is the place cookie comes into the picture. Cookies effectively maintain the client associations with the web server.
The usage of cookie can be summarized as :
- Purpose of Unique visitor tracking. Mostly used in forums, blogs etc
- Create personalized pages,site,contents,offers,banner’s display etc. Majorly used in commercialized sites.
- Cookie and Shopping cart of an online store goes hand by hand. Cookies can remember the existing shopping cart, abandoned cart, re-initiation of orders, remembers buying habit of clients.
- Online advertisement depends on cookies to determine the type of advertisement that needs to be displayed to the client based on his browsing habit, keywords, search pattern etc.
How do cookies work?
Types of Cookie:
- Session Cookies: These cookies are dynamic until the program that triggers the cookie is open. upon closing the browser this session cookie gets erased.
- Persistent Cookies: These cookies are composed forever on the client machine and it goes on for a considerable length of time or years.
What information Cookie holds?
- The name of the server the cookie was sent from
- The expiry date of the cookie
- An esteem number – as a rule, an arbitrarily produced remarkable number
Where Cookies are put away?
How to enable cookies in different browsers:
IE-6 and older
IE-7/8/910 and Edge
Tools-> Options–>Under the Hood tab–>Click Content settings in the Privacy->Select Allow local data to be set to allow both first-party and third-party cookies. If we want to accept first-party cookies, check the box next to -Block all third-party cookies without exception.
Why are the basic need of Cookie test?
- To ensure that the cookies don’t store classified data.
- To check the number of cookies utilized.
- Ensure that the application keeps up its productivity when turned off or Accept cookies.
- To check application reaction to the harmed cookies.
- Ensure that cookies are put away and evacuated it to the pages on which it is normal and vital.
- Testing that cookies are working effectively in all programs that will be utilized by the application.
- To ensure that the application satisfactorily reacts to erase cookies physically.
- To check that the entrance to various parts of the application should not be possible to sidestep the cookie utilized for confirmation or approval.
How to verify basic Cookie functionality?
- Check if the client’s site allows displaying prompt to display the usage of the cookie or not. Client/user needs to agree to the site to allow writing cookie.
- Check if the site can write contents inside a cookie or the cookie is created or not.
- Disabling or Debilitating cookies: Disable all cookies and endeavour to utilize the site’s significant capacities. Incapacitate the cookies from your browser settings: If we are utilizing cookies on our site, our destinations significant usefulness won’t work by handicapping the cookies. At that point attempt to get to the site under test. we need to explore through the site. and check whether suitable messages are shown to the client like “For smooth working of this site ensure that cookies are empowered on your program”. There ought not to be any page crash because of incapacitating the cookies. (If we don’t mind ensure that we close all programs, erase all recently composed cookies previously playing out this test).The page should not be hanged or froze or crashed due to this test.
- Corrupting or Tainting cookies: Manually alter the cookie in the scratchpad and change the parameters with some arbitrary qualities. A few times clients individual data is put away in cookies and the event that somebody hacks the cookie, at that point programmer can gain admittance to your data. Indeed, even debased cookies can be perused by various spaces and lead to security issues.
- Cookie testing with numerous Browsers: Check your site page is composing the cookies legitimately on an alternate program of course
- Checking the cancellation from your web application page. Once we close the browser cookies must be deleted automatically. Alternatively, we can select some of the websites to allow cookies and for some we disallow. We can cross-check if the disallowed sites did not create cookies.
- Specifically dismissing cookies: Delete every one of the cookies for the sites and perceive how the site responds to it
- Access to cookies: Cookies composed by one site ought not to be open by others. We need to try to put the website into a test if it can read other’s cookie.
- Testing with the diverse setting: Testing ought to be done appropriately to watch that site is functioning admirably with various cookie setting
- Check for session timeout functionality of a cookie. The site should display proper alert.
- If you are composing such a large number of cookies on each page route and if the client has turned on choice to caution before composing cookie, this could dismiss the client from your site. Site traffic is having an inversely proportional relationship with an increment of cookie. We need to test this as well. Notwithstanding composing Cookie is an incredible method to keep up client communication if the client has set program choices to caution before composing any cookie or incapacitated the cookies then site containing cookie will be handicapped and can not play out any task bringing about loss of site traffic.
- We need to test cookie if it is meant to track the client’s login status. It can be seen via the browser’s URL. Altering them can give us better in the side of the cookie. It must provide the correct message.
- We can test the expiry date and validate the same for a cookie.
- we can test the User-specific cookies which should not be altered or deleted by other uses.
We can create positive and negative test cases based on the points mentioned here.