Sensitive Data Storage
Ensure no sensitive or personal data, such as credit card details or other customer banking information, is stored in the cookies. If storing such data is unavoidable, make sure it is encrypted.
Procedure:
Identify any cookies used by the application and their content.
Verify that no sensitive information is stored directly within cookies.
Test for encryption if sensitive data storage in cookies is necessary.
Deleting Cookies
Delete the cookie files and test the behaviour of the web application. The application should continue to function smoothly without page crashes or issues.
Procedure:
Delete cookies manually or use browser settings to clear cookies.
Access the web application and navigate through different pages.
Observe if the application maintains its functionality and does not crash or display errors.
Cross-Browser Compatibility
Verify that cookies are properly stored and used across all specified browsers.
Procedure:
Test the application on various browsers (e.g., Chrome, Firefox, Safari, Edge).
Check that cookies are consistently set and retrieved in each browser.
Validate that the application’s behaviour remains consistent across different browsers.
Corrupting Cookies
Manually corrupt the cookies by editing the cookie file in a text editor. Change parameters such as the cookie expiry date, content, or name, and check the application’s response. Ensure the application alerts the user if the cookies are corrupted and prevent unauthorized access to other users’ accounts.
Procedure:
Close all browsers and delete existing cookies to ensure no old data interferes with the test.
Edit the cookie files in a text editor and manually change the parameters.
Observe the behaviour of the web application and ensure it handles corrupted cookies appropriately, including displaying alerts and preventing unauthorized access.
Ensuring Application Resilience
Ensure the application alerts the user if the cookies are corrupted and prevents unauthorized access to other users’ accounts.
Procedure:
Corrupt cookies by altering key data within the cookie file.
Access the application and check for alerts or error messages.
Verify that unauthorized access is prevented and proper security measures are in place.