We'll start by discussing what cookies are and how they operate.
When you understand how cookies operate, it will be much easier for you to comprehend the test cases for testing cookies. How can cookies end up on your computer's hard drive? Also, how can we change our Cookie preferences?
A cookie is a little piece of data that a web server stores in a text file on the user are hard disc. The web browser then uses this information to obtain information from that machine.
The cookie, in general, includes customized user data or information that is used to communicate across websites.
Cookies are simply the user's identification, and they are used to monitor where the user traveled across the website pages. Stateless communication exists between a web browser and a web server.
If you visit the domain http://www.example.com/1.html your web browser will simply ask the example.com web server for page 1.html. If you write the page as http://www.example.com/2.html the next time, a fresh request will be made to the example.com web server for sending the 2.html page, and the webserver has no idea who the prior page 1.html was provided to.
What if you want to see the history of this user's interactions with the webserver? Somewhere, the user state and interaction between a web browser and a web server must be maintained. This is when the cookie comes into play. Cookies are used to keep user interactions with websites going.
Cookie Testing is a form of software testing that examines cookies produced in your web browser. A cookie is a little piece of information that the web server stores in a text file on the user's (client's) hard disc. Each time the browser requests a page from the server, this information is transmitted back to the server. Cookies often include customized user data or information that is used to communicate between websites. The screenshot below displays cookies on various websites.
To put it another way, cookies are nothing more than a user's identification and are used to monitor where the user traveled across the website's pages. A cookie's aim is to allow users and websites to communicate quickly. Cookies can be used to provide a shopping cart, a personalized online experience, user tracking, marketing, user sessions, and other applications.
The HTTP protocol, which is used to communicate information files on the internet, is used to keep cookies.
HTTP protocols are classified into two kinds. There are two HTTP protocols: stateless HTTP and stateful HTTP. The stateless HTTP protocol does not maintain track of previously visited web pages. While the Stateful HTTP protocol does preserve some history of prior web browser and web server interactions, cookies employ this protocol to maintain user interactions.
When a user returns to the same page or site, this cookie is retrieved from the disc and used to identify the user's second visit to that domain. The expiration time is set when the cookie is created. This time is set by the program that will use the cookie.
Session Cookies − This cookie remains active as long as the browser that set it is open. This session cookie is erased when we exit the browser. The cookie can sometimes be configured to expire after a 20-minute session.
Persistent Cookies − These are cookies that are stored on the user's computer indefinitely and can last months or years.
The cookie is made up of three major components.
The name of the server from which the cookie was sent
Lifetime of Cookies
A monetary value. This is generally a one-of-a-kind number created at random.
Any web page program that writes a cookie saves it in a text file on the user's hard drive. The location of the cookies is determined by the browser. Cookies are stored in various routes by different browsers.
Cookies, for example, maybe seen in the browser settings in Mozilla Firefox. To see it, go to Tools -> Options -> Privacy and then “Remove Individual Cookies.”
Cookies are stored on the location "C:\Documents and Settings\Default User\Cookies” in the Internet Explorer browser.
The following is an important checklist and step-by-step guide on how to test cookies on a website −
Cookies must be disabled − Disable all cookies and try to utilize the site's main features.
Cookies tainted − Manually modify the cookie in a notepad and replace the parameters with some arbitrary ones.
Encrypting cookies − Passwords and usernames, for example, should be encrypted before being transferred to our computer.
Cookie testing with a variety of browsers − Check that your internet page is correctly writing cookies on a separate browser as intended.
Cookie rejection on a case-by-case basis − Delete all of the websites' cookies and see how the website behaves.
Cookies are accessible − Cookies created by one website should not be accessible to other websites.
Cookies should not be used excessively − If the program under test is a public website, cookies should not be used excessively.
Experimenting with various settings − Testing should be done thoroughly to ensure that the website works correctly with various cookie settings.
Separately categorize cookies − Cookies should not be classified in the same category as viruses, spam, or malware.
A test that is specific Check if the same Cookies are allowed in all environments for multi-environment sites. The usage of wildcards in the Cookie path might be the reason (so-called supercookies). If this is a need, certain access difficulties may arise as a result of the alternative encryption key being utilized (for.Net it is a machine key that usually is unique unless specified otherwise).
These are some of the most important test scenarios to keep in mind while evaluating website cookies. You may create many test cases from these test cases by combining them in different ways. If you have an alternative application situation, please share it in the comments section below.
To implement the shopping cart − Cookies are used to keep an online ordering system running smoothly. Cookies keep track of what the user wishes to purchase. What if a consumer adds certain goods to their shopping cart and then decides not to buy them this time because of whatever reason and shuts the browser window? When the same user returns to the buy page, he will be able to see all of the goods he put in his shopping basket on his previous visit.
Personalized sites − When a person views a certain website, they are asked which other pages they do not wish to see. User preferences are saved in a cookie, and those pages are not displayed to the user until he is online.
User tracking − Counting the number of unique visitors who are online at any one moment.
User sessions − Using a user ID and password, cookies may monitor user sessions to a certain domain.
Too many Cookies − If you are writing too many cookies on every page navigation and the user has enabled the option to warn before writing the Cookie, this may turn away users from your site.
Security Concerns − Personal information about users is sometimes saved in Cookies, and if the Cookie is hacked, the hacker can access your personal information. Even damaged cookies can be read by several websites, posing security risks.
Sensitive Information − Some websites may write and keep sensitive information about you in cookies, which is not permitted owing to privacy concerns. This should be sufficient to understand what Cookies are.