4.3.1 Testing process
The extension was tested through various real-world scenarios to ensure its functionality and performance.
Testing Tools & Environment
● Development Environment:
○ VS Code for writing and editing code.
○ Chrome Developer Tools for inspecting network requests and debugging extensions.
○ Chrome Extension Manifest V3 for background scripts and service workers.
● Testing Tools:
○ Chrome WebRequest API for monitoring HTTP/HTTPS requests.
○ DeclarativeNetRequest API to dynamically add and remove blocking rules for suspicious domains.
○ OpenPhish API (or other threat feeds like PhishTank, Malware Domains) to simulate real-time data about suspicious domains.
Testing Approach
1. Real-Time Blocking Functionality:
○ Simulate access to a suspicious domain from the list fetched dynamically via OpenPhish.
○ Observe whether the extension blocks the suspicious domain and prevents page load.
○ Verify if the logs are updated correctly when a domain is blocked.
○ Ensure that the user receives a notification when a suspicious domain is blocked.
2. Tracker Detection:
○ Test with different URLs, including known tracking services Verify that the extension detects the trackers based on regex patterns .
○ Ensure the extension categorizes and logs tracker requests as "tracker" in the logs.
○ Test behavior with whitelisted domains to verify that the extension does not flag them as trackers.
○ Verify that domains in the blacklist are blocked, even if they appear on the suspicious domain list.
4. Logging and Notifications:
○ Test the log storage by accessing multiple websites and ensuring the log size does not exceed the maximum limit (1000 entries).
○ Verify that logs are correctly categorized: suspicious, tracker, safe.
○ Test if the user gets notified for suspicious activity, with throttling in place.
5. Dynamic Rule Updates:
○ Trigger the updateBlockingRules method by modifying the suspicious domain list and check if the blocking rules update correctly in the browser.
○ Test if the extension adapts to changes in the list of suspicious domains and adjusts blocking rules accordingly.
6. Performance Testing:
○ Monitor the extension’s performance when processing a large number of network requests.
○ Ensure that dynamic updates to blocking rules and log entries do not cause significant delays in browsing or extension performance.
The testing process confirmed the extension’s ability to block suspicious domains and detect trackers with high accuracy. However, the controlled testing environment limited the ability to evaluate real-world traffic diversity fully. Performance metrics such as latency and memory usage indicated that the extension remains efficient under moderate traffic but may require optimization for high-traffic scenarios. Challenges during testing included ensuring dynamic rule updates under heavy network activity, which occasionally caused slight delays.
4.3.2 Testing scenario
Scenario Preconditions Steps Expected Outcome
Block a Suspicious
Extension has fetched a list of
1. Access a webpage from a suspicious domain.
- Domain is blocked and page does not
domains. Domain is not in whitelist.
blocked.
3. Verify if the notification is triggered.
4. Check if the log is updated with the blocked domain.
- Notification about blocking appears.
- Log reflects blocked domain as
"suspicious".
Detect and Block a Tracker
Extension is active and configured to detect trackers using regex patterns.
1. Load a webpage that includes tracking content.
2. Observe if the extension detects the tracker.
3. Check if the tracker is logged.
4. Verify if the notification is triggered if configured to notify for trackers.
- Tracker is detected and logged correctly.
- Notification is triggered if
configured to notify for trackers.
Add/Rem ove Domain from Whitelist
User wants to whitelist a domain to prevent it from being blocked.
1. Add a domain to the whitelist.
2. Verify that the site is not flagged as suspicious.
3. Remove the domain from whitelist and check if it gets blocked if it appears on the suspicious list.
- Domain is
successfully added to the whitelist and remains accessible.
- Upon removal, domain is subject to blocking.
Clear Logs and Download Logs
Extension has clear log entries.
1. Click the "Clear Logs"
button.
2. Verify that all logs are cleared from storage.
3. Click the "Download Logs" button.
4. Open the downloaded log
- Logs are cleared when the "Clear Logs" button is clicked.
- Logs are correctly downloaded in JSON format.
updated.
3. Verify that new domains are added to the blocking rules and outdated domains are removed.
dynamically based on the updated list.
Monitor Performan ce Under High Traffic
Extension is active.
Traffic includes a mix of safe, suspicious, and tracker domains.
1. Simulate multiple
network requests to various domains.
2. Monitor the extension’s performance using
Chrome’s performance tools.
3. Check for lag, memory usage, and extension responsiveness.
-Extension performs without significant lag or excessive memory usage.
- It handles high traffic effectively.
While the domain blocking functionality was robust, notifications were sometimes perceived as intrusive during testing. Future updates could refine notification frequency or provide customizable notification settings to improve user experience. The tracker detection worked well for common patterns, but advanced tracking techniques, such as JavaScript-based trackers, went undetected. This limitation suggests the need to expand detection methods in future versions. Although the extension demonstrated stable performance under high traffic, memory usage spiked slightly during prolonged testing.
This indicates an opportunity to optimize logging and rule management processes to enhance scalability.