What is Cookie?
Cookie is a small piece of information that is stored in text file on user's (client) hard drive by web server. This piece of information is then sent back to server each time the browser request a page from the server. Usually cookie contains personalized user data or information that is used to communicate between different web pages. The screen-shot below show cookies for different websites.
In other words cookies are nothing but user's identity and used to track where the user navigated throughout the pages of the website. The purpose of cookie is to make rapid interaction between users and web-sites. Applications where cookies can be used is to implement a shopping cart, personalized web experience, user tracking, marketing, user sessions etc.
In this tutorial we will learn
- What is Content of Cookie?
- Types of Cookies
- Where Cookies are stored?
- How to test Cookies – Sample Test Cases
- Plugins to Test Cookies
- Cookie Modification in Action
- Difference between Cookie and Session
The cookie consists of mainly three things
- The name of the server the cookie was sent from
- Cookies Lifetime
- A value. This is usually a randomly generated unique number
Usually there are two types of cookies written on user machines
- Session Cookies: These cookies are active till the browser that trigger the cookie is open. When we close the browser this session cookie gets deleted
- Persistent Cookies: These cookies are written permanently on the user machine and it lasts for months or years
When any web page application writes cookie, it is stored in a text file on user hard disk drive. The path where the cookies are saved depends on the browser. Different browsers store cookie in different paths.
For example, in Mozilla Firefox browser you can see the cookies in browser options. To view this click on Tools -> Options -> Privacy and then click on "Remove Individual Cookies".
While in Internet Explorer browser it store cookies on path "C:\Documents and Settings\Default User\Cookies"
Following are important test cases to check cookies
- Disabling cookies: Disable all cookies and attempt to use the site's major functions
- Corrupting cookies: Manually edit the cookie in notepad and change the parameters with some random values
- Cookies encryption: Sensitive information like passwords and usernames should be encrypted before it is sent to our computer
- Cookie testing with multiple browser: Check your website page is writing the cookies properly on different browser as expected
- Checking the deletion from your web application page:
- Selectively rejecting cookies: Delete all the cookies for the websites and see how the website reacts to it
- Access to cookies: Cookies written by one website should not be accessible by others
- Testing with different setting: Testing should be done properly to check that website is working well with different cookie setting
- Categorize cookies separately: Cookies should not be kept in the same category of the viruses, spam or spyware
Modern browsers allows viewing/editing of the cookies in the browser itself. There are plugins for Mozilla and Google Chrome both.
- For Mozilla Firefox browser: Mozilla Advance Cookie Manager
- For Google Chrome browser: Edit This Cookie
We will use edit the cookie plugin for Chrome.
Enter the usedid & password to login into the Guru99 bank.