* chore: force CloudRequest to use 443 for https requests
* Update packages/network/lib/agent.ts
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* Update CHANGELOG.md
---------
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* fix: normalize options passed via axios to the agent layer
* improvements to testing, using debugging-proxy
* clean up & add test cases for authorization
* add follow-redirects as explicit dependency
* chore(deps): update dependency sinon-chai to v3.7.0
* empty commit
* bump circle cache
* add sinon-chai to base package.json as its used to test base level scripts
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Jennifer Shehane <shehane.jennifer@gmail.com>
* chore: replace mocha.opts with .mocharc.js for packages that are mocha version 6+
* move the mocharc file into the package root
* fix mocha reporter config location
* fix route to reporter-config
* store artifacts for unit tests
* move cli mocharc file to root of package
* remove storing artifacts
* remove js extension from errors mocharc
* patch axios for v8 snapshots
* export httpsAgent and httpAgent discretely
* set up axios interceptors for logging and error response transformation
* use unified error transform fn
* create instance api reqs, timeouts, tests
* move axios middleware to its own dir & refactor
* refactor error handling, enable retries in createInstance
* fix invocation of createInstance - not caught by ts because record.js is js
* retry on 500 - according to system test, this is expected behavior
* resolve snapshots, report retries to stdout
* fix cdp connection usage of shouldRetry due to newly unknown error type
* axios doesnt fully follow RequestOptions shape when adding request to https agent
* note why uri is treated as optional
* hail mary on getting axios to work with v8 snapshots
* update lockfile, force no-rewrite on more axios files
* attempt to fix v8 snapshots
* add verbose debugging to api request logging
* enable verbose api debugging on server unit tests
* fix nock pattern for createInstance
* remove request logging unit test - sinon/mocha does not assert correctly
* fix a few unit tests
* use runAllAsync rather than waiting an arbitrary time for sinon fake timer
* move create_instance spec to ts file, remove redundant test
* rm debug on ci
* clarify comment on change inpackages/network
* correct .uri property on patched RequestOptions to be optional
* rm unused log_requests.ts, DRY error messages
* resolve types with record.ts migration
---------
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* chore: add type linting + compilation checks to runner package
* empty commit
* A bunch of tslint fixes
* wow it is building
* Fix issue with CT not mounting correctly with comments within it
* Fix net-stubbing.ct.ts failures
* Fix tslint: disable comment
* move target into compilerOptions
* fix tslint disable comment
* update proxy-logging to undo changes
* standardize the tslint:disable comments
* fix comment
* fix the banner content not displaying and write a test for this situation
* fix ct reference
* put target to es2020
* actually set the property with replaced title
* Update packages/reporter/src/hooks/hook-model.ts
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* Fix eslint/tslint settings for system-tests with vue 3
* bump CI cache
* update types/react resolution
* add return
* lint fix
* tslint disable for empty blocks
* exclude dist files from ts linting
* update to exclude all dist folder
* exclude dist file
* change to await
* fix line numbers of stack trace with linting updating vue file
---------
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* remove experimentalSkipDomainInjection, add and deprecate injectDocumentDomain
* remove experimentalSkipDomainInjection, add injectDocumentDomain
* begin rethreading domain injection
* complete document domain transition
* move some cookie specs to separate test run
* origin and privileged commands with default docdom inject
* fix privileged channel when injecting document domain
* rm unnecessary .getOrigin abstraction in cors lib
* move remote-states in prep for refactor Replace Conditional with Polymorphism
* refactor remote states to strategy pattern
* cookie commands work as expected w cross origin bridge on different origins
* some origin tests updated
* run tests with document domain enabled
* run tests actually
* use correct config, swap conditional
* check-ts
* inject documetn domain for webkit tests
* do not exec injectDocumetnDomain in parallel
* fix ServerBase construction in tests to include cfg now
* pass cfg to ServerBase
* improved integration tests
* remove document domain checks for all server integration specs - will add injectDocumentDomain cases
* tests for injecting document domain when configured to
* square away server integration tests
* ensure cookies are set correctly, potentially
* errors pkg snapshots
* fix config tests
* fixing config tests
* somewhat improves tests for cors policies in packages/network
* fix ts err in server-base
* enable injectDocumentDomain for cy in cy tests
* fix Policy type ref
* refactor cypress-schematic ct spec to be less prone to timeouts
* run vite-dev-server tests with injectDocumentDomain
* rm document domain assertion from page_loading system test
* add system tests that test with injectDocumentDomain and others that test with cy.origin
* fix results_spec snapshot
* update experimentalSkipDomainInjection system test
* different behavior for certain net_stubbing tests based on injectDocumentDomain or not
* fix ts
* extract origin key logic from remote states, for now
* move server-base and response-middleware over to new pattern
* WIP - reentry
* fix build, remove console.log
* check-ts
* fix spec frame injection
* remove injection for localhost
* mostly fix vite-dev-server app integration tests
* fix codeframe in certain cases in chrome
* drop internal stack frames from stacks intended for determining code frame data
* some improvements to vite ct error codeframes
* fix proxy unit tests to use document domain injection util class
* rm .only
* fix all vite ct error specs
* rm console.log
* slight refactor to util class to make easier to test
* fix refactor - missing rename in files.js
* several tests do not set testingtype in config, so just check against component instead of checking for e2e
* revert changes to getInvocationDetails to see if that breaks tests
* re-enable stack stripping in invocation details for chrome
* new snapshots with more accurate invocation details
* test for same-site cross-origin cookie behavior
* ignore window.top ts errors
* revert forcing injectDocumentDomain in vite-dev-server cy config
* fix normalized whitespace for firefox "loading_failed" error
* always trim trailing wsp from stack before appending additional content
* force normalization of whitespace to three \n when adding additional stack details
* normalize wsp between stack and additional stack to "\n \n" in firefox
* remove stack_utils attempt at normalizing wsp
* various cleanup: remove commented console logs, add more detailed comments
* add on links to error messages
* remove experimentalSkipDomainInjection from exported type defs
* Update system-tests/test/experimental_skip_domain_injection_spec.ts
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* Update packages/driver/cypress/e2e/e2e/origin/cookie_misc.cy.ts
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* no need to coerce a boolean value to a booleanc
* export base config from primary cypress config in driver for use in inject-document-domain test subset
* lift experimentalSkipDomainInjection breaking option to root
* rollback config/options changes
* rm invalid comment
* use hostname instead of origin to create cookie from automation cookie
* clarify stack regex in results_spec
* lint
* take a stab at the changelog entries for this
* Update cli/CHANGELOG.md
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* Update cli/CHANGELOG.md
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* reenable locally-failing test
* changelog
* snapshot updatesfor experimental skip domain injection err msg
* remove packageManager declaration in package.json
---------
Co-authored-by: Bill Glesias <bglesias@gmail.com>
Co-authored-by: Jennifer Shehane <jennifer@cypress.io>
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* fix sync script with updateds npm-packlist
* chore: update lerna from 6.6.2 to 8.1.8 and ran lerna repair
* chore: pin typescript to ~5.4.5 to avoid importsNotUsedAsValues that was removed in 5.5 and edit workflows and scripts to correctly scope learna packages on v8 snapshot tests [run ci]
* fix indentation in comments
* remove console.log reference to print current package directory in sync exported npm with cli script
* fix: update the monorepo to typescript 5
* chore: updating v8 snapshot cache
* chore: updating v8 snapshot cache
* chore: updating v8 snapshot cache
* run ci to see problems [run ci]
* update vue-tsc and typings that conflict with update
* regen snapshot
* fix typescript errors ui test as stack trace behavior has changed
* fix server unit tests
* update cy.origin() spec based on stack traces and code frames
* update spec to include source map url
* run ci
* fix check-ts
* chore: fix system tests [run ci]
* add preprocessor tests to batteries included to exercise new logic
* run ci
* refactor unit tests to be a bit more dry
* pin typescript to ~5.4 and adjust config to ignroe deprecations but keep importsNotUsedAsValues
* add changelog entry
* add fixme issue to stack trace mismatches inside evaled context
* use import type webpack as webpack as a lib isn't actually invboked in the runner webpack config
* fix system test as adding 4 lines of comments impacts the stack trace line 4 lines (duh)
---------
Co-authored-by: cypress-bot[bot] <+cypress-bot[bot]@users.noreply.github.com>
* Patch node-fetch to set defaultPort based on protocol
* unit test that proper host headers are sent with fetch
* changelog
* make patch more robust
---------
Co-authored-by: Jennifer Shehane <jennifer@cypress.io>
* chore: (for eslint-plugin-dev only is breaking) update eslint-plugin dev minimum to eslint 7. Remove support for coffeescript and reconfigured required peer deps
* correctly configure eslint-plugin-json-format for the monorepo and run linting on all json files (previously was not running)
* properly support no duplicate imports
* feat: support webpack-dev-server-5 for @cypress/webpack-dev-server [run ci]
* sidestep Forge types installed by webpack dev server [run ci]
* add changelog entry
* remove webpack 4 types
* format changelog
* Update cli/CHANGELOG.md
* Update npm/webpack-dev-server/src/helpers/sourceRelativeWebpackModules.ts
Co-authored-by: Matt Schile <mschile@cypress.io>
* add back in importsNotUsedAsValues and update system test snapshot
---------
Co-authored-by: Jennifer Shehane <jennifer@cypress.io>
Co-authored-by: Matt Schile <mschile@cypress.io>
* chore: update tough-cookie from 4.0.0 to 4.1.3. requires v8 snapshot update
* fix: tough-cookie as of 4.1 doesn't default sameSite undefined to none any longer. However, we want to set sameSite === undefined to lax as the default as this is the case in every standard browser, except firefox. We did this previously and this is behavior we want to continue to preserve, even for security reasons
* chore: update v8 snapshots
* fix issue with global toString
* chore: run ci
* chore: update @cypress/request to 2.88.22 and @cypress/request-promise to 4.2.7 [run ci]
* remove jsdom and start-server-and-test
* revert @cypress/request back to 2.88.12
* update changelog entry
* remove uneeded deps
---------
Co-authored-by: Bill Glesias <bglesias@gmail.com>
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* feat: set up experimentalUseDefaultDocumentDomain to disallow document.domain overwritting
* use default domain around experimentalUseDefaultDocumentDomain in main iframe and spec bridge iframes. Also adapt CORS policy to use same-origin if experimental flag is set
* run ci
* fix: add insertion of experimental flag where is was needed/missing
* chore: add system test to exercise experimental flag for expected behavior
* fix: fix issues with template updates to conform to squirrelly v7
* fix: update config tests to include new experimental flag
* run ci
* fix: trailing whitespace [run ci]
* chore: update snapshot
* run ci
* fix: update proxy unit tests to account for experimentalUseDefaultDocumentDomain
* run ci
* fix: Allow component tests with special characters in filepath (#25299)
feat: cut over experimental flag to take list of known problematic domains via string/glob pattern
run ci
chore: update system test and fix broken config
* fix: fix server unit and integration tests. integration tests should no longer use google to test against injection as we do not inject document.domain on google domains
* run ci
* run ci
* fix: server integration tests where google documents are expected to receive document.domain injection. Kept test same by changing URL
* run ci
* fix: update server test with mssing unupdated assertions
* run ci
* fix: turn off experimental flag by default while recommending sane defaults to users to configure
* run ci
* chore: fix typings [run ci]
* run ci
* chore: make experiment an e2e option only
* run ci
* chore: address comments in code review
* chore: rename experimentalUseDefaultDocumentDomain to experimentalSkipDomainInjection
* fix regression in shouldInjectionDocumentDomain utility function and add unit tests
* run ci
* chore: rename documentSuperDomainIfExists to superDomain [run ci]
* chore: address comments from code review
* chore: just pass opts through to policyForDomain
* run ci
Co-authored-by: Mike Plummer <mike-plummer@users.noreply.github.com>
* fix: Improve TypeScript support for custom queries
* Typo fix
* Fix TS more
* Move 'ensures' off of cy and onto Cypress
* Type fixes
* One missed replacement
* Test fixes
* Properly pass in to ensureRunnable
* Add .eslintignores to quiet down warnings
* Review feedback
* Update cli/types/cypress.d.ts
Co-authored-by: Emily Rohrbough <emilyrohrbough@users.noreply.github.com>
Co-authored-by: Emily Rohrbough <emilyrohrbough@users.noreply.github.com>
* fix: throw error if the cy.origin origin is in the same superDomainOrigin as top.
* testing test tweaks
* 'fix' cypress in cypress tests
* Inject cross origin in google subdomains when not same-origin
* style tweaks
* Ensure strict same-origin check works for google.
* test fixes
* we don't need the location object when we just want the href.
* what is in a name?
* Address PR Comments
* chore: enforce strict origin spec bridges
chore: refactor spec bridges to strictly enforce same origin
fix: wrap fullCrossOrigin injection around feature flag inside buffered response
* fix: do NOT set the initial cypress cookie inside the spec bridge as it is sending unecessary cookies
* chore: simplify the finding cypress in the injection code
* chore: change order in which callback fn is declared
* chore: add spec bridge performance issue to validation tests
* chore: refactor originPolicy to use superDomainOriginPolicy nomenclature and add sameSite/superDomainOrigin policy functions and make originMatch functions match fully same origin policy including sub domains
* chore: change doesAutMatchTopSuperOriginPolicy to doesAUTMatchTopSuperDomainOriginPolicy
* chore: rename originPolicy references to just be origin. Rename superDomainOriginPolicy to superDomainOrigin
* fix: remove duplicate origin keys and add check for remote.origin to return null
* chore: further rename variables to fit origin paradigm
* chore: remove latestActiveSuperDomainOrigin as it is no longer used
* fix: key order in consoleProps yielded test
* remove isAnticipatingCrossOriginResponse as it is no longer available
* chore: update documentation to urlMatchesSameSiteProps to show why the strictPortMatch is an option
* chore: refactor cors package to use a single parse function and update unit tests
* chore: refactor getOrigin to use url origin
* chore: update same-site documentation to now be dependent on cookies
* chore: update same-site policy to be schemeful-same-site policy as we consider protocol mismatches to be not same-site
* test: refactor and add tests in the cors package
* fix: add areUrlsSameSite method to cookies package and fix
sameSiteContext calculation method and add tests
* fix: always use Set-Cookie optimistically whether or not we keep track of the cookie or not in the server side cookie jar
* chore: add failing unit tests for postpending cookies
* chore: add tough cookie integration tests to verify we append cookies appropriately to request header Cookie
* fix: do not duplicate cookies in request if existing in the cookie jar. Add additional tests to verify expected behavior
* test: add cookie behavior tests that document current expected behavior vs what spec behavior should/will be
* test: add misc tests that check for cookie order
* chore: update debug logs in request to discern cookies
* test: fix assertions in firefox as same-site cookies are actually set correctly
* fix test incorrect assertions. cookies currently exist in primary that are same-site regardless of browser
* skip SameSite=none test in firefox as we currently low insecure samesite none cookies in firefox
* chore: apply suggestions from code review
* chore: change expects to expect
* chore: add documentation for why we need an additional HTTPS port
* remove X-Set-Cookie fixmes
Cacie Prins