Cookie Testing

Cookie is a piece of information which is passed between web pages stored on server.Often personal information like login credentials are stored.So cookie testing is part of security testing.

Here are some of the test cases
1)Test if sensitive information is stored in cookie.

2)Remove cookies
In mozilla
-Right click,Select View Page Info
-Go to Security Tab,Click on View Cookies
-Remove one or more cookies
In IE
-Go to Internet options->General tab->Browser history settings button->View files,where you can delete cookie files which are website specific eg: cookie:username@aol.com

3)Disable cookie
In mozilla
-Go to Tools->Options->Privacy
-Select dropdown Firefox with'User custom settings for history'
-Uncheck Accept cookies from sites option.
In IE
-Go to Internet Options->Privacy tab
-Select a setting for Internet Zone->High

4)Test cookie in different browsers.

5)Corrupt cookies
Install add-ons for editing cookies
https://addons.mozilla.org/en-US/firefox/addon/6683/
Mozilla cookies are stored in cookies.txt in ~\Mozilla\Firefox\Profiles\j72pd7xa.default\cookies.sqlite
http://www.snapfiles.com/get/iecookies.html
These add-ons help to edit,delete and various actions on cookies
http://www.newsqa.com/edit-cookies-in-your-browser/
6)Change USERID and check if any other user's information is revealed or not.