Test cases/Scenarios For Web Site Cookie Testing
1) Verified
that on Sensitive and Personal data is stored In cookies.
2)Verified
that if any personal data is stored in cookies it should be stored in encrypted
format.
3)
Verified that there is no overuse of
cookies on your site under test. Overuse of cookies will annoy users if browser
is prompting for cookies more often and this could result in loss of site
traffic and eventually loss of business.
4) Verified
that If you are using cookies on your site, your sites major functionality will
not work by disabling the cookies. There
should not be any page crash due to disabling the cookies. (Please make sure
that you close all browsers, delete all previously written cookies before performing
this test)
5) Verified
that on Disabling the cookies appropriate messages Should be displayed to user
like “For smooth functioning of this site make sure that cookies are enabled on
your browser” while navigate through Site.
6) Verified
that there should not be any page crash due to disabling the cookies.
Note:Please
make sure that you close all browsers, delete all previously written cookies
before performing this test)
7) Verified
that your web application page is writing the cookies properly on different
browsers as intended and site works properly using these cookies. You can test
your web application on Major used browsers like Internet explorer (Various
versions), Mozilla Firefox, Netscape, Opera etc.
8) Verified
that cookies written by one domain can not accessed by another browser.
9) Verified
that Corrupted cookies can not be accessible by other domain.
Note:
Corrupting cookie is easy. You know where cookies are stored. Manually edit the
cookie in notepad and change the parameters to some vague values. Like alter
the cookie content, Name of the cookie or expiry date of the cookie and see the
site functionality. In some cases corrupted cookies allow to read the data
inside it for any other domain. This should not happen in case of your web site
cookies.
10) Accepts/Reject some cookies: The best way to
check web site functionality is, not to accept all cookies. If you are writing
10 cookies in your web application then randomly accept some cookies say accept
5 and reject 5 cookies. For executing this test case you can set browser
options to prompt whenever cookie is being written to disk. On this prompt
window you can either accept or reject cookie. Try to access major
functionality of web site. See if pages are getting crashed or data is getting
corrupted.
11) Delete
cookie: Allow site to write the cookies and then close all browsers and
manually delete all cookies for web site under test. Access the web pages and
check the behavior of the pages.
12) Checking
the deletion of cookies from your web application page: Some times cookie
written by domain say rediff.com may be deleted by same domain but by different
page under that domain. This is the general case if you are testing some
‘action tracking’ web portal. Action tracking or purchase tracking pixel is
placed on the action web page and when any action or purchase occurs by user
the cookie written on disk get deleted to avoid multiple action logging from
same cookie. Check if reaching to your action or purchase page deletes the
cookie properly and no more invalid actions or purchase get logged from same
user.
13) If your
web application is using cookies to maintain the logging state of any user then
log in to your web application using some username and password. In many cases
you can see the logged in user ID parameter directly in browser address bar.
Change this parameter to different value says if previous user ID is 456 then
make it 452 and press enter. The proper access message should be displayed to
user and user should not be able to see other users account.
14) In case
of online shopping portal testing ,Verified that when user reach to final order
summary page,cookie of previous page
i.e. shopping cart page should be deleted properly.
15) Verified
that credit card number should not be stored in cookies not even in encrypted
form.
Comments
Post a Comment