A Three-Tiered Testing Strategy for Cookies

April 09-April 11

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ICST.2008.18

2008 International Conference on Soft ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Andrew Tappenden Articles by James Miller

	ASCII Text	x
	Andrew Tappenden, James Miller, "A Three-Tiered Testing Strategy for Cookies," Software Testing, Verification, and Validation, 2008 International Conference on, pp. 131-140, 2008 International Conference on Software Testing, Verification, and Validation, 2008.

	BibTex	x
	@article{ 10.1109/ICST.2008.18, author = {Andrew Tappenden and James Miller}, title = {A Three-Tiered Testing Strategy for Cookies}, journal ={Software Testing, Verification, and Validation, 2008 International Conference on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3127-4}, pages = {131-140}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICST.2008.18}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Software Testing, Verification, and Validation, 2008 International Conference on TI - A Three-Tiered Testing Strategy for Cookies SN - 978-0-7695-3127-4 SP131 EP140 A1 - Andrew Tappenden, A1 - James Miller, PY - 2008 KW - Cookies KW - Web Technologies KW - Web Application Testing VL - 0 JA - Software Testing, Verification, and Validation, 2008 International Conference on ER -

Andrew Tappenden

James Miller

Cookies, the HTTP state management mechanism, are the backbone of many web applications. Despite a high adoption rate, cookies have remained virtually unexplored by the academic community. This paper presents an EBNF grammatical definition and a three-tiered testing strategy for cookies. The testing strategy builds upon anti-random and grammar-based methodologies examining cookies from three perspectives: cookies collections, individual cookie transformations and application-specific test-case generation. The collection of cookies maintained within a user-agent are explored in light of the anti-random test-suite reduction techniques and the grammatical definition of a cookie, culminating in the definition of a number of seeding test-vectors providing the basis for a scalable test-suite. A number of distinct grammatically correct cookie transformations are presented, providing further scalability to the proposed testing strategy. Finally a discussion of application-specific cookie transformations is presented, with focus upon the security and reliability concerns of modern web applications.

Index Terms:

Cookies, Web Technologies, Web Application Testing

Citation:

Andrew Tappenden, James Miller, "A Three-Tiered Testing Strategy for Cookies," icst, pp.131-140, 2008 International Conference on Software Testing, Verification, and Validation, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.