🚨 Are your cookies exposing user data? 🔐 What can a Manual QA test in cookies for security? Continuing the security testing topic. Cookies often store sensitive data - and are a common attack target. Even without automation, QA can find critical issues: ✔️ Secure flag - only HTTPS ✔️ HttpOnly - protects from XSS ✔️ SameSite - prevents CSRF ✔️ No sensitive data in cookies ✔️ Proper expiration & logout ✔️ Correct domain & path ✔️ Session ID changes after login 💡 No complex tools needed - just attention to detail. Small checks → Big impact. 👉 What’s the worst cookie issue you’ve found? #QA #SoftwareTesting #SecurityTesting #OWASP #ManualTesting #WebSecurity