Cookie tests
As tests use redirects which set cookies, they must be followed from the URLs listed here. Accessing the end URLs directly makes the TCs INVALID.
Positive functionality
- Standard Cookie (sent)
- Standard Cookie 2 (sent)
- Expires/Delete (set, then old expiry set)
- Path (sent to correct path, not to parent folder
- Secure - unavailable, will be made available with the setup of a secure server
- Max Size (at least 4096 bytes allowed)
- Max Number Per Server (at least 20 allowed)
- Update (set, then change value)
- Header/Javascript equivalence (set, check header == JS, change through JS, check header == JS again, using cookie 2)
Needs JavaScript
- HttpOnly (script cannot access)
Needs JavaScript
- Encoding (UTF-8 in cookies)
- Domain (only sent to proper domain)
- Persistent (through restarts)
Needs restart
- Purge old (set a bunch, reload the first, set a bunch more and verify that the first cookie was not the first to be purged - this is optional for implementors)
- Overwriting (set the same cookies in a subdirectory and outside)
- Order (cookies with more specific paths sent first)
- HttpOnly & XHR (XHR cannot access)
Needs JavaScript
Cookie preferences
- Disable cookies
- Site Specific Preferences
Cookie 2 fields
- Path
- Domain
- Max-Age
- Discard
Needs restart
- Comment and CommentURL
Needs UI
- Port
Error handling and extended tests (Cookie 2)
- Expires
Needs restart
- Path
- Version
- Domain
- Max-Age
- Cookie 2 Attribute Return
- Port
- Other
- Quoting
Backwards bug-compatibility
- $-Cookies (cookie 2)
Needs deletion of all cookies first
- Cookies with spaces
Tests to come
- Secure - with the setup of a secure server
- Third party testsuite - with the setup of a third party server
- Port test - with the setup of additional ports
- Cookie monster bug - with the setup of a public proxy
- IDN - with the setup of a public proxy