Title :
A Three-Tiered Testing Strategy for Cookies
Author :
Tappenden, Andrew ; Miller, James
Author_Institution :
Alberta Univ., Edmonton, AB
Abstract :
Cookies, the HTTP state management mechanism, are the backbone of many web applications. Despite a high adoption rate, cookies have remained virtually unexplored by the academic community. This paper presents an EBNF grammatical definition and a three- tiered testing strategy for cookies. The testing strategy builds upon anti-random and grammar-based methodologies examining cookies from three perspectives: cookies collections, individual cookie transformations and application-specific test-case generation. The collection of cookies maintained within a user-agent are explored in light of the anti-random test- suite reduction techniques and the grammatical definition of a cookie, culminating in the definition of a number of seeding test-vectors providing the basis for a scalable test-suite. A number of distinct grammatically correct cookie transformations are presented, providing further scalability to the proposed testing strategy. Finally a discussion of application-specific cookie transformations is presented, with focus upon the security and reliability concerns of modern web applications.
Keywords :
Internet; hypermedia; program testing; EBNF grammatical definition; HTTP state management; Web applications; antirandom methodology; antirandom test-suite reduction; application-specific test-case generation; cookies collections; grammar-based methodology; individual cookie transformations; security concerns; seeding test-vectors; three-tiered testing; Application software; Conference management; Formal specifications; Internet; Navigation; Scalability; Security; Software testing; Spine; Standards publication; Cookies; Web Application Testing; Web Technologies;
Conference_Titel :
Software Testing, Verification, and Validation, 2008 1st International Conference on
Conference_Location :
Lillehammer
Print_ISBN :
978-0-7695-3127-4
DOI :
10.1109/ICST.2008.18
