* feat: set up experimentalUseDefaultDocumentDomain to disallow document.domain overwritting
* use default domain around experimentalUseDefaultDocumentDomain in main iframe and spec bridge iframes. Also adapt CORS policy to use same-origin if experimental flag is set
* run ci
* fix: add insertion of experimental flag where is was needed/missing
* chore: add system test to exercise experimental flag for expected behavior
* fix: fix issues with template updates to conform to squirrelly v7
* fix: update config tests to include new experimental flag
* run ci
* fix: trailing whitespace [run ci]
* chore: update snapshot
* run ci
* fix: update proxy unit tests to account for experimentalUseDefaultDocumentDomain
* run ci
* fix: Allow component tests with special characters in filepath (#25299)
feat: cut over experimental flag to take list of known problematic domains via string/glob pattern
run ci
chore: update system test and fix broken config
* fix: fix server unit and integration tests. integration tests should no longer use google to test against injection as we do not inject document.domain on google domains
* run ci
* run ci
* fix: server integration tests where google documents are expected to receive document.domain injection. Kept test same by changing URL
* run ci
* fix: update server test with mssing unupdated assertions
* run ci
* fix: turn off experimental flag by default while recommending sane defaults to users to configure
* run ci
* chore: fix typings [run ci]
* run ci
* chore: make experiment an e2e option only
* run ci
* chore: address comments in code review
* chore: rename experimentalUseDefaultDocumentDomain to experimentalSkipDomainInjection
* fix regression in shouldInjectionDocumentDomain utility function and add unit tests
* run ci
* chore: rename documentSuperDomainIfExists to superDomain [run ci]
* chore: address comments from code review
* chore: just pass opts through to policyForDomain
* run ci
Co-authored-by: Mike Plummer <mike-plummer@users.noreply.github.com>
* Revert "chore: remove document.domain usage for cross-origin testing (#24945)"
This reverts commit a3d3074e70.
* fix: set origin-agent-cluster=?0 for the spec bridge iframe
* re apply comment that was reverted in 1fa1246b5c
* Update packages/server/lib/routes-e2e.ts
Co-authored-by: Matt Schile <mschile@cypress.io>
* chore: update document.domain immutable target from chrome 106 -> chrome 109
Co-authored-by: Matt Schile <mschile@cypress.io>
* fix: throw error if the cy.origin origin is in the same superDomainOrigin as top.
* testing test tweaks
* 'fix' cypress in cypress tests
* Inject cross origin in google subdomains when not same-origin
* style tweaks
* Ensure strict same-origin check works for google.
* test fixes
* we don't need the location object when we just want the href.
* what is in a name?
* Address PR Comments
* chore: [Multi-domain] Rename the last of the domain/multi-domain to origin type names.
* oops
* typo
* Update packages/driver/cypress/integration/e2e/multi-domain/multi_domain_validation_specs.ts
Co-authored-by: Matt Schile <mschile@gmail.com>
* Update packages/driver/cypress/integration/e2e/multi-domain/multi_domain_validation_specs.ts
Co-authored-by: Matt Schile <mschile@gmail.com>
Co-authored-by: Matt Schile <mschile@gmail.com>
* chore: delete a lot of old code
* remove unused code
* update test
* remove dep on cypress_runner for non proxied page
* change binary
* revert scss changes
* delete a lot of code
* update sass
* update jsx
* styles
* revert change
* dont destructure from window.mobx anymore
* update readmes
* revert change to mobx store
* Update packages/runner-shared/README.md
Co-authored-by: Emily Rohrbough <emilyrohrbough@users.noreply.github.com>
* remove old code
* remove html webpack and copy webpack plugins from runner
* Apply suggestions from code review
Co-authored-by: Emily Rohrbough <emilyrohrbough@users.noreply.github.com>
Co-authored-by: Emily Rohrbough <emilyrohrbough@users.noreply.github.com>
Co-authored-by: Barthélémy Ledoux <bart@cypress.io>
* force websockets transport
* wip: ensure ws connections take place thru a known socket
* clean up yesterday's work
* remove dead code (request is undefined)
* update websocket tests
* add websocket tests
* update socket + server specs
* add token auth for file_server
* Fix cy.visit file_server
* restrict non-proxied URLs, serve error on runner URL non-proxied
* add e2e test for server splash page
* fix types
* use clientRoute, fix tests
* only run 6_non_proxied in electron
* use browser.path
* improve empty options type
* add ws assertions in e2e tests
* fix server_spec
* refactor socket whitelisting logic
* update server_spec
* respond to PR feedback
- added tests for non-clientRoute redirecting to clientRoute when not behind proxy
- cleaned up comments
- cleaned up logic in server.coffee
- moved error html to own file
- added unit test for socket whitelist + fixed removal bug
* WIP: rip out handlebars and implement with squirrelly
- handle caching ourselves
- TODO: add tests, make sure escaping and all that jazz works
* fixes squirrelly template handling
* only fire mocha events when in run mode
* add unit tests for template engine rendering + caching
