From 7ac3b85577935ce73230fdb3b5bf97212d4d8cd5 Mon Sep 17 00:00:00 2001 From: Brian Mann Date: Sun, 1 Jul 2018 02:58:42 -0400 Subject: [PATCH] enable disabling chromeWebSecurity in chrome 67 (#2077) fixes #1951 fixes #2001 --- packages/https-proxy/https.js | 5 ++-- packages/https-proxy/index.js | 4 +-- packages/https-proxy/lib/proxy.coffee | 5 +++- .../https-proxy/test/helpers/certs.coffee | 14 ++++++++++ .../test/helpers/https_server.coffee | 28 ++++++++----------- .../server/__snapshots__/plugins_spec.coffee | 2 +- .../server/__snapshots__/stdout_spec.coffee | 4 +-- .../__snapshots__/user_agent_spec.coffee | 2 +- .../__snapshots__/web_security_spec.coffee | 16 +++++------ packages/server/lib/browsers/chrome.coffee | 4 +++ packages/server/lib/project.coffee | 3 +- .../server/test/e2e/web_security_spec.coffee | 23 +++++++++++---- .../integration/web_security_spec.coffee | 6 ++-- .../server/test/support/helpers/e2e.coffee | 14 ++++++---- 14 files changed, 80 insertions(+), 50 deletions(-) create mode 100644 packages/https-proxy/test/helpers/certs.coffee diff --git a/packages/https-proxy/https.js b/packages/https-proxy/https.js index dd929d8a8b..1756a4729b 100644 --- a/packages/https-proxy/https.js +++ b/packages/https-proxy/https.js @@ -1,2 +1,3 @@ -require("@packages/coffee/register") -require("./test/helpers/https_server").start(8443) +require('@packages/coffee/register') + +module.exports = require('./test/helpers/https_server') diff --git a/packages/https-proxy/index.js b/packages/https-proxy/index.js index aec18141d6..65bd49e8f7 100644 --- a/packages/https-proxy/index.js +++ b/packages/https-proxy/index.js @@ -1,3 +1,3 @@ -require("@packages/coffee/register") +require('@packages/coffee/register') -module.exports = require("./lib/proxy") +module.exports = require('./lib/proxy') diff --git a/packages/https-proxy/lib/proxy.coffee b/packages/https-proxy/lib/proxy.coffee index 37f042d12d..4ecfd4f99d 100644 --- a/packages/https-proxy/lib/proxy.coffee +++ b/packages/https-proxy/lib/proxy.coffee @@ -10,4 +10,7 @@ module.exports = { reset: -> Server.reset() -} \ No newline at end of file + httpsServer: (onRequest) -> + require("../test/helpers/https_server").create(onRequest) + +} diff --git a/packages/https-proxy/test/helpers/certs.coffee b/packages/https-proxy/test/helpers/certs.coffee new file mode 100644 index 0000000000..d245315c8a --- /dev/null +++ b/packages/https-proxy/test/helpers/certs.coffee @@ -0,0 +1,14 @@ +fs = require("fs") +path = require("path") +sslRootCas = require('ssl-root-cas') + +sslRootCas +.inject() +.addFile(path.join(__dirname, "certs", "server", "my-root-ca.crt.pem")) + +options = { + key: fs.readFileSync(path.join(__dirname, "certs", "server", "my-server.key.pem")) + cert: fs.readFileSync(path.join(__dirname, "certs", "server", "my-server.crt.pem")) +} + +module.exports = options diff --git a/packages/https-proxy/test/helpers/https_server.coffee b/packages/https-proxy/test/helpers/https_server.coffee index 7378122b3a..58b4e53ac4 100644 --- a/packages/https-proxy/test/helpers/https_server.coffee +++ b/packages/https-proxy/test/helpers/https_server.coffee @@ -1,20 +1,9 @@ -fs = require("fs") -path = require("path") -https = require("https") -Promise = require("bluebird") -sslRootCas = require('ssl-root-cas') +https = require("https") +Promise = require("bluebird") allowDestroy = require("server-destroy-vvo") +certs = require("./certs") -sslRootCas -.inject() -.addFile(path.join(__dirname, "certs", "server", "my-root-ca.crt.pem")) - -options = { - key: fs.readFileSync(path.join(__dirname, "certs", "server", "my-server.key.pem")) - cert: fs.readFileSync(path.join(__dirname, "certs", "server", "my-server.crt.pem")) -} - -onRequest = (req, res) -> +defaultOnRequest = (req, res) -> console.log "HTTPS SERVER REQUEST URL:", req.url console.log "HTTPS SERVER REQUEST HEADERS:", req.headers @@ -24,10 +13,15 @@ onRequest = (req, res) -> servers = [] +create = (onRequest) -> + https.createServer(certs, onRequest ? defaultOnRequest) + module.exports = { - start: (port) -> + create + + start: (port, onRequest) -> new Promise (resolve) -> - srv = https.createServer(options, onRequest) + srv = create(onRequest) allowDestroy(srv) diff --git a/packages/server/__snapshots__/plugins_spec.coffee b/packages/server/__snapshots__/plugins_spec.coffee index 8c3caf0df2..aba5d9e678 100644 --- a/packages/server/__snapshots__/plugins_spec.coffee +++ b/packages/server/__snapshots__/plugins_spec.coffee @@ -192,7 +192,7 @@ exports['e2e plugins works with user extensions 1'] = ` ┌────────────────────────────────────────────────────────────────────────────────────────────────┐ │ Cypress: 1.2.3 │ - │ Browser: FooBrowser 88 │ + │ Browser: FooBrowser 88 │ │ Specs: 1 found (app_spec.coffee) │ │ Searched: cypress/integration/app_spec.coffee │ └────────────────────────────────────────────────────────────────────────────────────────────────┘ diff --git a/packages/server/__snapshots__/stdout_spec.coffee b/packages/server/__snapshots__/stdout_spec.coffee index 5f686848ed..15489339b8 100644 --- a/packages/server/__snapshots__/stdout_spec.coffee +++ b/packages/server/__snapshots__/stdout_spec.coffee @@ -281,7 +281,7 @@ exports['e2e stdout logs that electron cannot be recorded in headed mode 1'] = ` ┌────────────────────────────────────────────────────────────────────────────────────────────────┐ │ Cypress: 1.2.3 │ - │ Browser: FooBrowser 88 │ + │ Browser: FooBrowser 88 │ │ Specs: 1 found (simple_spec.coffee) │ │ Searched: cypress/integration/simple_spec.coffee │ └────────────────────────────────────────────────────────────────────────────────────────────────┘ @@ -338,7 +338,7 @@ exports['e2e stdout logs that chrome cannot be recorded 1'] = ` ┌────────────────────────────────────────────────────────────────────────────────────────────────┐ │ Cypress: 1.2.3 │ - │ Browser: FooBrowser 88 │ + │ Browser: FooBrowser 88 │ │ Specs: 1 found (simple_spec.coffee) │ │ Searched: cypress/integration/simple_spec.coffee │ └────────────────────────────────────────────────────────────────────────────────────────────────┘ diff --git a/packages/server/__snapshots__/user_agent_spec.coffee b/packages/server/__snapshots__/user_agent_spec.coffee index fcb98b14ff..d96e9b2622 100644 --- a/packages/server/__snapshots__/user_agent_spec.coffee +++ b/packages/server/__snapshots__/user_agent_spec.coffee @@ -5,7 +5,7 @@ exports['e2e user agent passes on chrome 1'] = ` ┌────────────────────────────────────────────────────────────────────────────────────────────────┐ │ Cypress: 1.2.3 │ - │ Browser: FooBrowser 88 │ + │ Browser: FooBrowser 88 │ │ Specs: 1 found (user_agent_spec.coffee) │ │ Searched: cypress/integration/user_agent_spec.coffee │ └────────────────────────────────────────────────────────────────────────────────────────────────┘ diff --git a/packages/server/__snapshots__/web_security_spec.coffee b/packages/server/__snapshots__/web_security_spec.coffee index 66d939c023..91f5629342 100644 --- a/packages/server/__snapshots__/web_security_spec.coffee +++ b/packages/server/__snapshots__/web_security_spec.coffee @@ -165,7 +165,7 @@ https://on.cypress.io/cross-origin-violation ` -exports['e2e web security when disabled fails 1'] = ` +exports['e2e web security when disabled passes 1'] = ` ==================================================================================================== (Run Starting) @@ -182,6 +182,12 @@ exports['e2e web security when disabled fails 1'] = ` Running: web_security_spec.coffee... (1 of 1) +Warning: Cypress can only record videos when using the built in 'electron' browser. + +You have set the browser to: 'chrome' + +A video will not be recorded when using this browser. + web security ✓ fails when clicking to another origin @@ -201,18 +207,12 @@ exports['e2e web security when disabled fails 1'] = ` │ Pending: 0 │ │ Skipped: 0 │ │ Screenshots: 0 │ - │ Video: true │ + │ Video: false │ │ Duration: X seconds │ │ Spec Ran: web_security_spec.coffee │ └────────────────────────────────────────┘ - (Video) - - - Started processing: Compressing to 32 CRF - - Finished processing: /foo/bar/.projects/e2e/cypress/videos/abc123.mp4 (X seconds) - - ==================================================================================================== (Run Finished) diff --git a/packages/server/lib/browsers/chrome.coffee b/packages/server/lib/browsers/chrome.coffee index 20947ae8c8..3e3cb4c86a 100644 --- a/packages/server/lib/browsers/chrome.coffee +++ b/packages/server/lib/browsers/chrome.coffee @@ -41,6 +41,10 @@ defaultArgs = [ "--disable-device-discovery-notifications" "--disable-blink-features=RootLayerScrolling" + ## http://www.chromium.org/Home/chromium-security/site-isolation + ## https://github.com/cypress-io/cypress/issues/1951 + "--disable-site-isolation-trials" + ## the following come frome chromedriver ## https://code.google.com/p/chromium/codesearch#chromium/src/chrome/test/chromedriver/chrome_launcher.cc&sq=package:chromium&l=70 "--metrics-recording-only" diff --git a/packages/server/lib/project.coffee b/packages/server/lib/project.coffee index 83878bed85..ccc17cf3e4 100644 --- a/packages/server/lib/project.coffee +++ b/packages/server/lib/project.coffee @@ -263,8 +263,7 @@ class Project extends EE @emit("socket:connected", id) onSetRunnables: (runnables) -> - debug("onSetRunnables") - debug("runnables", runnables) + debug("recevied runnables %o", runnables) reporter?.setRunnables(runnables) onMocha: (event, runnable) => diff --git a/packages/server/test/e2e/web_security_spec.coffee b/packages/server/test/e2e/web_security_spec.coffee index dbb0ca65ce..b8f7949623 100644 --- a/packages/server/test/e2e/web_security_spec.coffee +++ b/packages/server/test/e2e/web_security_spec.coffee @@ -3,7 +3,7 @@ e2e = require("../support/helpers/e2e") onServer = (app) -> app.get "/link", (req, res) -> - res.send("

link

second") + res.send("

link

second") app.get "/cross_origin", (req, res) -> res.send("

cross origin

") @@ -12,14 +12,14 @@ onServer = (app) -> res.send("""

form

-
+
""") app.post "/submit", (req, res) -> - res.redirect("http://localhost:55665/cross_origin") + res.redirect("https://www.foo.com:55665/cross_origin") app.get "/javascript", (req, res) -> res.send(""" @@ -27,7 +27,7 @@ onServer = (app) ->

javascript

@@ -37,7 +37,7 @@ onServer = (app) -> describe "e2e web security", -> require("mocha-banner").register() - + context "when enabled", -> e2e.setup({ servers: [{ @@ -45,8 +45,14 @@ describe "e2e web security", -> onServer: onServer }, { port: 55665 + https: true onServer: onServer }] + settings: { + hosts: { + "*.foo.com": "127.0.0.1" + } + } }) it "fails", -> @@ -63,16 +69,21 @@ describe "e2e web security", -> onServer: onServer }, { port: 55665 + https: true onServer: onServer }] settings: { chromeWebSecurity: false + hosts: { + "*.foo.com": "127.0.0.1" + } } }) - it "fails", -> + it "passes", -> e2e.exec(@, { spec: "web_security_spec.coffee" + browser: "chrome" snapshot: true expectedExitCode: 0 }) diff --git a/packages/server/test/support/fixtures/projects/e2e/cypress/integration/web_security_spec.coffee b/packages/server/test/support/fixtures/projects/e2e/cypress/integration/web_security_spec.coffee index b9ded292e3..2a154a9510 100644 --- a/packages/server/test/support/fixtures/projects/e2e/cypress/integration/web_security_spec.coffee +++ b/packages/server/test/support/fixtures/projects/e2e/cypress/integration/web_security_spec.coffee @@ -4,7 +4,7 @@ describe "web security", -> cy .visit("http://localhost:5566/link") .get("a").click() - .url().should("eq", "http://localhost:55665/cross_origin") + .url().should("eq", "https://www.foo.com:55665/cross_origin") cy.contains("h1", "cross origin") @@ -12,7 +12,7 @@ describe "web security", -> cy .visit("http://localhost:5566/form") .get("input").click() - .url().should("eq", "http://localhost:55665/cross_origin") + .url().should("eq", "https://www.foo.com:55665/cross_origin") cy.contains("h1", "cross origin") @@ -20,6 +20,6 @@ describe "web security", -> cy .visit("http://localhost:5566/javascript") .get("button").click() - .url().should("eq", "http://localhost:55665/cross_origin") + .url().should("eq", "https://www.foo.com:55665/cross_origin") cy.contains("h1", "cross origin") diff --git a/packages/server/test/support/helpers/e2e.coffee b/packages/server/test/support/helpers/e2e.coffee index 2554576d7d..4acc24d255 100644 --- a/packages/server/test/support/helpers/e2e.coffee +++ b/packages/server/test/support/helpers/e2e.coffee @@ -11,6 +11,7 @@ express = require("express") Promise = require("bluebird") snapshot = require("snap-shot-it") debug = require("debug")("cypress:support:e2e") +httpsProxy = require("@packages/https-proxy") Fixtures = require("./fixtures") fs = require("#{root}../lib/util/fs") allowDestroy = require("#{root}../lib/util/server_destroy") @@ -33,15 +34,15 @@ e2ePath = Fixtures.projectPath("e2e") pathUpToProjectName = Fixtures.projectPath("") stackTraceLinesRe = /(\s+)at\s(.+)/g -browserNameVersionRe = /(Browser\:\s+)(Electron|Chrome|Canary|Chromium)(\s\d+)(\s\(\w+\))?/ +browserNameVersionRe = /(Browser\:\s+)(Electron|Chrome|Canary|Chromium|Firefox)(\s\d+)(\s\(\w+\))?(\s+)/ availableBrowsersRe = /(Available browsers found are: )(.+)/g replaceStackTraceLines = (str) -> str.replace(stackTraceLinesRe, "$1at stack trace line") -replaceBrowserName = (str, p1, p2, p3, p4) -> +replaceBrowserName = (str, p1, p2, p3, p4, p5) -> ## get the padding for the existing browser string - lengthOfExistingBrowserString = _.sum([p2.length, p3.length, _.get(p4, "length", 0)]) + lengthOfExistingBrowserString = _.sum([p2.length, p3.length, _.get(p4, "length", 0), p5.length]) ## this ensures we add whitespace so the border is not shifted p1 + _.padEnd("FooBrowser 88", lengthOfExistingBrowserString) @@ -79,11 +80,14 @@ normalizeStdout = (str) -> .join("\n") startServer = (obj) -> - {onServer, port} = obj + { onServer, port, https } = obj app = express() - srv = http.Server(app) + if https + srv = httpsProxy.httpsServer(app) + else + srv = http.Server(app) allowDestroy(srv)