Unfortunately, testing isn't possible in the current design because it's not predictable when the whole process ("injesting") kicks off. Apparently Chrome plans to do it with a background process, and not in response to any particular web platform API.

If we had some way of kicking this off, we could test things as follows:

* Have the server validate the characteristics of the initial request
* Have the server respond with different Link-header responses (e.g. bad Link headers, good ones, good ones that 404, no Link header, multiple Link headers, 204 vs. 200, non-HTTPS URLs, etc.)
* Have the server validate the characteristics of the manifest request
* Have the server response with different manifest responses
* Validate whether the parsing was done correctly by seeing whether requests get made to the web app manifest URLs specified in the payment method manifest. (So for example, if any of the web app manifest URLs are not HTTPS, or any of supported_origins contain path components, then no requests should be made. Similarly, you should be able to supply strings like "https:example.com\manifest.json" and get a request made to "https://example.com/manifest.json", since the URL parser is invoked.)