- Open Chrome browser
- Navigate to
chrome://extensions/ - Enable "Developer mode" (toggle in top-right corner)
- Click "Load unpacked"
- Select the
smart-security-guardianfolder - You should see the extension installed!
- Click the puzzle piece icon (🧩) in Chrome toolbar
- Find "Smart Website Security & Privacy Guardian"
- Click the pin icon to keep it visible in toolbar
- ✅ Extension appears in Chrome toolbar
- ✅ Green shield icon is visible
- ✅ Click icon to open popup
- ✅ Popup opens with clean, professional design
- ✅ Shows "Scanning..." on first load
- ✅ Displays current site name
Visit these test sites and check the results:
HTTPS Site (Should be HIGH score 80-95):
Expected:
- Green checkmark badge
- Score 80-95
- "This website appears safe" message
- SSL Certificate: ✓ Valid
HTTP Site (Should be LOWER score):
Expected:
- Yellow or red badge
- Lower score (30-60)
- Warning about not using HTTPS
- SSL threat listed
- Open a secure site (https://google.com)
- Badge should show green ✓
- Open an HTTP site (http://example.com)
- Badge should change to yellow ! or red X
- Switch between tabs
- Badge should update for each tab
- Visit several websites
- Open the popup
- Check "Blocked Today" counter
- Should show trackers detected on pages
- Visit any website
- Open Chrome DevTools (F12)
- Go to Console tab
- Look for message: "Smart Security Guardian content script loaded on: [hostname]"
- Check for page analysis messages
- Go to
chrome://extensions/ - Find "Smart Website Security & Privacy Guardian"
- Click "service worker" link under "Inspect views"
- Check console for messages:
- "Service worker loaded"
- "Extension initialized successfully"
- "Tab updated: [url]" when visiting sites
Try these patterns (SAFE test URLs, not real threats):
IP Address URL:
http://192.168.1.1
Expected: Warning about using IP instead of domain
Long URL:
https://example.com/very/long/path/that/goes/on/and/on/and/on/and/on/and/on/and/on/and/on/and/on/and/on/and/on
Expected: Warning about unusually long URL
- Visit https://www.google.com
- Note the "Last scan" time
- Close popup
- Wait 5 seconds
- Open popup again
- Should show cached data (same last scan time)
- Should load instantly
Solution:
- Check that all files are in the correct locations
- Look for errors in
chrome://extensions/ - Click "Reload" on the extension
Solution:
- Right-click popup → Inspect
- Check console for JavaScript errors
- Verify popup.html, popup.css, popup.js are present
Solution:
- Check service worker is running (chrome://extensions/)
- Look for errors in service worker console
- Reload the extension
Solution:
- Refresh the webpage after loading extension
- Check that manifest.json includes content_scripts
- Verify content-script.js exists
- Manifest.json configured
- Extension loads in Chrome
- Popup UI displays correctly
- Service worker runs
- Tab detection works
- Badge updates based on score
- Content script analyzes pages
- Statistics tracking works
- Cache system functional
- VirusTotal API integration
- PhishTank API integration
- Enhanced security scoring
- Persistent cache
- Results display improvements
| Website Type | Score Range | Badge | Status |
|---|---|---|---|
| HTTPS, trusted | 85-100 | Green ✓ | Safe |
| HTTP, basic issues | 60-84 | Yellow ! | Warning |
| Suspicious patterns | 0-59 | Red X | Danger |
| Internal pages | N/A | None | Unsupported |
To enable verbose logging:
- Open service worker console
- All scans are logged with full data
- Open popup with DevTools (right-click → Inspect)
- Check console for UI updates
TESTED ON:
- Browser: Chrome [version]
- OS: [your OS]
- Date: [date]
RESULTS:
✅ Extension loads
✅ Popup displays
✅ Scans work
✅ Badge updates
✅ Statistics track
ISSUES FOUND:
[List any issues]
NOTES:
[Any observations]
Once Phase 2 (Core Security) is implemented, we'll test:
- Real VirusTotal API calls
- PhishTank database lookups
- Enhanced scoring algorithms
- API rate limiting
- Error handling for API failures
Happy Testing! 🚀
Report any issues or unexpected behavior so we can fix them before moving to Phase 2.