Onecore

Sample Test Cases For Website Cookie Testing

software templates

In this article, I have jotted down sample test cases for cookie testing.

Before you go ahead to the cookie testing test scenarios, please do refresh your memory on these fundamentals.

What is Cookie?
Cookie is a file used to store the session content and other session related information inside browser. Some sites use cookies for payment gateway and some sites use it for authentication session. You can create cookie on your own using web-application code or if your website is served by content management system then it can do it for you.

How Cookies works?
When a surfer (reader) checks a website in the browser, the website starts a session (provided that the website is not static) and stores a cookie. This cookie is used by browser to decide the behavior of website during the session.

cookie testing

Why Test Cookies?
European union has asked the EU based sites to notify the surfers if their site uses advertisement which require cookies to be installed in the browser. So such cookies are often require testing so that they are in compliance with the terms of EU or FTC(US). Other than that cookie testing is very important task before releasing web applications that has authentication and transaction features.

If you are interested in testing the cookies for your web application. You may want to make use of the test cases mentioned in this article.

Here are some of the sample test cases.

  • Check if the cookie stored by one website is not being used by another website.
  • Check if the website stores the cookie in proper location of the browsers cookie storage location.
  • Check each of the browser cookie storage location are unique.
  • Check if the cookie does not contain sensitive information like password, username or credit card number and CVV numbers.
  • Check if the login credentials of one website are not used by obtaining same cookie in another website.
  • Check if the cookie deletion changes the behavior of website that doesn’t require login or authentication.
  • Check if the behavior of the website changes after cookie deletion for sites that require authentication.
  • Check if the website overuses the cookies in an application.
  • Check the behavior of website if the cookies are disabled.
  • Check the behavior if the website can’t store the cookies in browser.
  • Modify the cookie information and observe the behavior of the website or the web service.

You can come up with more test scenarios and add more test cases to above list. I suggest creating a spreadsheet and come up with as many scenarios for the cookie testing as you can that applies to your web application.

You may also want to check the cookie policies that apply to the EU and US FTC. As that will give you enough information about what needs to be tested. The information compliance of the cookies can be used in various ways like setting up your own privacy policies and also denying the advertisers manipulation etc.

I hope the information in the article helped. If you have any suggestions and improvements, feel free to let me know. 🙂

ENDORSEMENT DISCLOSURE: In order for us to support our website activities, we may receive monetary compensation or other types of remuneration for our endorsement, recommendation, testimonial and/or link to any products or services from this website.