 Cookie is small information stored in text file on user’s hard drive by web server.  This information is later used by web browser to retrieve information from that machine.  Generally cookie contains personalized user data or information that is used to communicate between different web pages.

 To make sure that the cookies do not store confidential information.  To check the number of cookies used  Make sure that the application maintains its efficiency when switched off or Accept cookies

 To check application response to the damaged cookies  Make sure that cookies are stored and removed it to the pages on which it is expected and necessary  Testing that cookies are working correctly in all browsers that will be used by application

 To make sure that the application adequately responds to delete cookies manually  To verify that the access to different parts of the application can not be done to bypass the cookie used for authentication or authorization

A. Disabling Cookies  This is probably the easiest area of cookie testing  Disable all cookies and attempt to use the site’s major featuresand functions  With cookies disabled,our testing job is somewhat reduced

B. Selective Rejecting Cookie  Start by deleting all cookies from our PC  Analyze site cookie usage in advance and draw up a test plan  Detailing what cookies to reject/accept for each function

C.Corrupting Cookies  Altering the data in the persistent cookies  Allow the cookie to be modified  Selectively deleting cookies

D.Cookies Encryption  By using encryption of thecookiedata  Sensitive information like usernames and passwords should been crypted before it is sent to our computer  A case can certainly be made that certain types of sensitive data – credit card numbers

 Check if the application is writing cookies properly or not.  Test to make sure that no personal or sensitive data is stored in the cookie.If it is there in cookies,it should be in encrypted format.  If the application undertest is a public website,there should not be overuse of cookies

 Close all browsers,delete all previously written cookies and disable the cookies from our browser settings  Set browser options to prompt whenever cookie is being stored/saved in your system  Close all browsers windows and manually delete all cookies

 Cookies shouldn't be put in the same category as the viruses,spam,or spyware  They are the tools to help us and manage our time more efficiently on the web  Testing should be done properly to check that website is working with different cookie setting

 The time-out period assigned to the Session object for the application.  If the user does not refresh or request a page within the time-out period, the session ends.

 1 – Login into specific web application.  2 – Sleep that script for (some time) > timing of one User session.  3 – Then perform some action on the page.  4 – Observe the response of that action.  5 – Application should show alert. If it is not then probably session is not ending properly.

 JavaScript is an interpreted language.  A lightweight programming language.  Client side programming language.  Directly embedded into HTML page.

 Web page doesn’t operate or work abnormally.  Tested websites: ◦ Gmail ◦ Youtube ◦ Vnexpress ◦ Facebook ◦ Mediafire

 Turn off before loading:  Standard HTML:

 Turn off before loading:

 Before turning off javascript:

 After turning off javascript:

 Vnexpress: unable to load dynamic images.  Facebook: unable to use like and comment functions.  Mediafire: ◦ Loading before turning off : ◦ Turning off before loading : unable to load the web.