Why Cookie is needed?
As you know Stateless (HTTP) protocol which does not record previous
interaction, it treat every request as new. Suppose your browser wanted to
interact with some XYZ server.So,Browser send first request to the XYZ server
using stateless HTTP Protocol, Then XYZ server send response of your first
request, once you received first request and again browser send second request
to XYZ server that time XYZ server treat second request as new request.It
doesn’t bother about what it send earlier? It doesn’t keep the record. So,Now can
you imagine how stateless http work in ecommerce site, shopping site ?how theses site keep record of the
purchase item? User identity and all?
Answer of all is Cookies.
What is Cookie?
The cookie is a text file saved in your browser's directory
or folder and It stored in RAM while your browser is running. Cookie generated by a
web server and stored in the user's computer, ready for future access. Normally
Web sites use cookies to store personal preferences or tracking data.
There are two types of cookies
1. Persistence Cookies: The cookies that
written permanently on the user machine. Max age of this cookie is 1 year.
2.Session Cookies: The cookies active till
the browser open when we close the browser cookie get deleted .
Where the Cookies stored?
Cookies are stored in a cookie.txt file located in user profile directory
C:\Documents and Settings\Username\Application
Data\Mozilla\Firefox\ cookies.txt
IIN IE browser you can easily find the cookie path where the
cookie is stored on the computer.
Go to tool>>internet option >>General tab>>under Browsing
history>>Click on setting>>there you find current location of cookies
Basically you can change your browser setting according to
your need. If you want that before storing the cookies by web site it will shows
prompt message or something warning so you can change the setting or Even you
can disable the cookies also.
Cookie Attribute:
Cookie basically come with name-value pair, apart from that
server set expiration time, path, cookie domain ,maximum age.
Now the next questing is how to test Cookie? How to do Cookie testing?
Disabling/Deleting the Cookie:
Delete the all cookie set by site which under test. One
thing which is important that deleting Cookie you need to close browser so that
no pre-session cookies in memory.
After that test those feature and function of the site
which require the cookie ,you will come to know that those feature doesn’t work
because of deleting those cookies which help to run the feature. That doesn't
mean it's bug, it’s happened because of the disabling the cookies. It's
might possible that not every user keep the cookie enable, In that case those
site require cookie need to be enabled to work the site then the site has to be
send message to user that cookie need to be enable to work the site.
Reject Cookie:
You can do testing of cookie by accepting some cookies and
rejecting other and check the functionality howspan style="mso-spacerun:yes">
iit work by rejecting cookie. For that you need to set your browser’s
cookie option to prompt you whenever website attempts to set a cookie and then
exercise the functionality.
Corrupt the Cookie:
For that you need to know whether the cookies are stored.
Then change the cookie parameter like cookie name, expiry date, session id and
all.
Check that Cookie generated by different browser:
Here the site which is under test which need to be check
different browser. That different browser site generated the cookie or not
.
It's important that sensitive data need to be stored in
encrypted format.Sensitiva data like User credit card ID,User Data etc.So even
if some one open the cookies file then can not mess with the data. So that need
to be check how the cookie stored the sensitive data.
