Saturday, 21 April 2012

How to do Cookies Testing

Below is a list of major scenarios for cookies testing of a website. Multiple test cases can be generated from
these scenarios by performing various combinations.

  1. Check if the application is writing cookies properly or not.
  2. Test to make sure that no personal or sensitive data is stored in the cookie. If it is there in cookies, it should be in encrypted format.
  3. If the application under test is a public website, there should not be overuse of cookies. It may result in loss of website traffic if browser is prompting for cookies more often.
  4. Close all browsers, delete all previously written cookies and disable the cookies from your browser settings. Navigate or use that part of web site which use cookies. It should display appropriate messages like "For smooth functioning of this site please enable cookies on your browser."
  5. Set browser options to prompt whenever cookie is being stored / saved in your system. Navigate or use that part of web site which use cookies. It will prompt and ask if you want to accept or reject the cookie. Application under test should display an appropriate message if you reject the cookies. Also, check that if pages are getting crashed or data is getting corrupted.
  6. Close all browsers windows and manually delete all cookies. Navigate various web pages and check and see if these web pages show unexpected behavior.
  7. Edit few cookies manually in notepad or some other editor. Make modifications like alter the cookie content, name of the cookie, change expiry date etc. Now, test the site functionality. Corrupted cookies should not allow to read the data inside it.
  8. Cookies written by one web site should not be accessible by other website.
  9. If you are testing an online shopping portal, Check if reaching to your final order summary page deletes the cookie of previous page of shopping cart properly and no invalid action or purchase got executed from same logged in user.
  10. Check if the application under test is writing the cookies properly on different browsers as intended and site works properly using these cookies. This test can be done on browsers like different versions of internet explorer, Mozilla Firefox, Netscape, Opera etc.
  11. If the application under test is using cookies to maintain the logging state for users. Check if some id is being displayed in the address bar. Now, change the id & press enter. It should display an access denied message and and you should not be able to see other user's account.

Wednesday, 4 April 2012


1. Identify the module to which the use case belongs to.
 A: Security module.

2. Identify the functionality of the use case with the request of total functionality.
 A: Authentication.

3. Identify the actors involved in the use case.
A: Normal user/Admin user.

 4. Identify the inputs required for testing.
A: Valid and invalid user names and passwords.

 5. Identify whether the use case is linked with other use case or not.
 A: It is linked with Home page and Admin page use cases.

 6. Identify the pre conditions.
A: LOGIN Screen must be available.

7. Identify the post conditions.
A: Either Home page/Admin page for valid users, and error msgs for invalid users.

 8. Identify the functional points and prepare the functional point document.

9. Understand the main flow of the application.
10. Understand the alternative flow of the application.
11. Understand the special requirements.

12. Document the test cases for main flow.
13. Document the test cases for alternative flow.
14. Document the test cases for the special requirements.
15. Prepare the cross reference metrics or traceability metrics.


Functional Point: The point at which the user can perform some actions in the application can be considered as Functional Point.

Test Scenario: The situation where we can do testing.

There are 3 types of flow:
1. Main flow: Main page/Home Page.
2. Alternative flow: Error message page.
3. Exceptional flow: Server problems/Network problems.

Testing process related Documents: