* fix: fix chrome crash when CRI client is disconnected
* chore: build binaries for chrome recovery crash for users to test
* chore: add changelog entry
* feat: Selective CSP header directive stripping from HTTPResponse
- uses `stripCspDirectives` config option
* feat: Selective CSP header directive permission from HTTPResponse
- uses `experimentalCspAllowList` config option
* Address Review Comments:
- Add i18n for `experimentalCspAllowList`
- Remove PR link in changelog
- Fix docs link in changelog
- Remove extra typedef additions
- Update validation error message and snapshot
- Fix middleware negated conditional
* chore: refactor driver test into system tests to get better test
coverage on experimentalCspAllowList options
* Address Review Comments:
- Remove legacyOption for `experimentalCspAllowList`
- Update App desc for `experimentalCspAllowList` to include "Content-Security-Policy-Report-Only"
- Modify CHANGELOG wording
- Specify “never” overrideLevel
- Remove unused validator (+2 squashed commits)
- Add "Addresses" note in CHANGELOG to satisfy automation
- Set `canUpdateDuringTestTime` to `false` to prevent confusion
* chore: Add `frame-src` and `child-src` to conditional CSP directives
* chore: Rename `isSubsetOf` to `isArrayIncludingAny`
* chore: fix CLI linting types
* chore: fix server unit tests
* chore: fix system tests within firefox and webkit
* chore: add form-action test
* chore: update system test snapshots
* chore: skip tests in webkit due to form-action flakiness
* chore: Move 'sandbox' and 'navigate-to' into `unsupportedCSPDirectives`
- Add additional system tests
- Update snapshots and unit test
* chore: update system test snapshots
* chore: fix system tests
* chore: do not run csp tests within firefox or webkit due to flake issues in CI
* chore: attempt to increase intercept delay to avoid race condition
* chore: update new snapshots with video defaults work
* chore: update changelog
---------
Co-authored-by: Bill Glesias <bglesias@gmail.com>
Co-authored-by: Matt Schile <mschile@cypress.io>
* chore: allow users to pass true to videoCompression config and only allow valudes 1-51 inclusively to be passed in
* run ci
* chore: allow zero to be option for CRF as we will coerve it to false and skip compression to have a lossless video, which has the same effect
* Update cli/CHANGELOG.md
* chore: update videoCompression types
* chore: update changelog
* Update cli/CHANGELOG.md
* Update cli/types/cypress.d.ts
Co-authored-by: Emily Rohrbough <emilyrohrbough@users.noreply.github.com>
* Update packages/config/src/validation.ts
Co-authored-by: Emily Rohrbough <emilyrohrbough@users.noreply.github.com>
* chore: update config snapshots
* Update packages/config/test/validation.spec.ts
Co-authored-by: Emily Rohrbough <emilyrohrbough@users.noreply.github.com>
* chore: add system test on videoCompression=true coersion
* chore: document 0 as being false and not a valid CRF option for cypress video compression and make CRF valid values 1-51
* chore: fix types
* chore: fix types
* chore: fix change to log as feature and not bugfix
* chore: fix server side unit tests
---------
Co-authored-by: Emily Rohrbough <emilyrohrbough@users.noreply.github.com>
* chore: set up instrumentation and instrument middleware
* chore: set up console exporter
* chore: add parent span option to telemetry package
* chore: set up telemetry verbose mode
* chore: instrument the network proxy - part 1
* chore: make sure to terminate spans when request is aborted
* fix telemetry, create/end the request middle prior to sending the outbound request
* avoid telemetry ts build step, create entrypoint into packages/telemetry using TS conventions
* allow env vars to be "true" or "1"
* when creating child span, inherit their attributes directly from the parent
* create custom honeycomb exporter and span processor to log traces
* remove duplicate code that's already called in this.setRootContext
* cleanup
* more clean up
* update honeycomb network:proxy attributes, update console.log message
* yarn lock
* chore: remove performance API in middleware
* chore: end response on correct event
* recursively gather parent attributes on close
* added key and some clean up
* github action detector, move verbose into index, verbose log commands
* some tests
* clean up honeycomb exporter
* some renaming
* testing console trace link exporter
* Don't lose the top span when running in verbose.
* link to the right place for prod/dev
* changes to verbose to make sure it is read in the browser
* Apply suggestions from code review
* pass parent attributes between telemetry instances
* default to false
* 'fix' build issues
* src not dist
* add back on start span
* once more with feeling
* Fix some tests
* try this i guess
* revert auto build
* Apply suggestions from code review
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* support failed commands
* Address PR comments
* Address PR Comments
* error handling
* handle all the errors
---------
Co-authored-by: Bill Glesias <bglesias@gmail.com>
Co-authored-by: Brian Mann <brian.mann86@gmail.com>
* initial commit, a kinda working prototype
* Ready to test in CI
* "SyntaxError: Cannot use import statement outside a module" I blame VS code for always inserting the wrong dependency
* try using built js instead of the ts file
* typescript fixes?
* get version correctly, don't use optional chaining in child process.
* trying this, idk
* try running telemetry for driver-integration-tests-chrome
* fix missing spans, add more attributes for some spans
* fix missing spans and add suite spans
* types
* Remove un-used require
* remove spans for describe blocks in favor of the full title for tests
* migrate to sync resource discovery, start new custom exporters for spans
* encrypted
* localhost
* don't do things on child process
* latest changes
* update server start span time / add v8 snapshot span & update command span names
* prepare for sync
* don't send blank key
* make telemetry work again for sending directly to honeycomb
* web-socket exporter
* Add in IPC exporter and message the child process before disconnecting
* Use the cloud api by default
* move cloud span exporter into telemetry package
* shutdown fixes
* fix enabled
* improve types
* run in ci
* yml is the worst
* type!
* add spans for timing insights for visible areas of improvement
* type errors
* lets try sending data to staging
* types
* types again
* remove problematic attributes
* clean up exporters
* i like this better even though it doesn't seem to matter much
* some self review cleanup
* Update comment
* add debug messages
* mocha tests
* actually exit with the right code... oops
* simple mistake... have to look into how to fix with ts...
* try this i guess
* don't return undefined
* read me diagram
* color?
* no rect
* moar diagram
* docs!
* formatting
* build more binaries
* Supposedly fix cypress in cypress test failures
* test 'fixes'
* try this instead
* do not transpile cypress packages dir
* lets try escaping our regex string
* Add some diagnostics to help test the built binary....
* try a more complex solution
* fix tests probably
* just ignore the specific file
* fix unit tests
* cr updates
* Apply suggestions from code review
Co-authored-by: Matt Schile <mschile@cypress.io>
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* Pr updates
* don't change the command queue
* move encoding and decoding telemetry context for ipc to the telemetry package
* build darn it
* plead for mercy from the testing gods, i merely wished to have named test reports, but clearly i have overreached.
* pr updates, send record key
* pr review
* optional chaining fails tests
* Apply suggestions from code review
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* tests for cloud-span-exporter
* bad merge
* adding tests for the remaining exporters
* note
* docs
* Correctly set test under the current run span for component testing
* gate sending the message.
* pr updates
* finally, fingers crossed.
---------
Co-authored-by: Emily Rohrbough <emilyrohrbough@yahoo.com>
Co-authored-by: Matt Schile <mschile@cypress.io>
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* chore: add regression tests for duplicate cookies and bad expiry times
* avoid prepending domain with dot for cookies that are set with the server side jar. This is to avoid the cookie being duplicated if it is set or overridden in a different context (request that can actually set the cookie or via document.domain)
* feat: use cookie.toString() in the cookie patch to more accurately set cookies on the document, which should include other properties besides key=value
* fix: add logic to handle expired cookies in the document.cookie patch, as well as in CDP
* chore: build binary for cookie fixes for users to test
* chore: change name of fixture to something more accurate
* chore: comment why we are using the toughCookie toString method in the patch
* [run ci]
* chore: add changelog entry
* [run ci]
* fix: revert back to key=value when getting document.cookie as those are the only values are displayed (oversight on my end)
* [run ci]
* chore: make compatible with cypress.require
* fix: add tests for hostOnly/non hostOnly cookies to make sure property gets sent up to automation client correctly. No longer need custom cookie prop to determine destination
* [run ci]
* fix: stale unit test
* chore: adjust comments
* [run ci]
* fix: bad domain logic
* [run ci]
* chore: remove irrelevant comment
* [run ci]
* fix: adjust cookie login text to spec hostOnly cookie within the cookie patch. This should yield the same behavior as we are bound to same origin within the spec bridge
* [run ci]
* [run ci]
* fix: allow for cookies on request of same key to take precedence over cookies in the jar, regardless of how many hierachy cookies exist in the jar
* chore: fix cookie misc tests for cy.origin (dont run cy.origin)
* [run ci]
* chore: skip misc cookie tests in webkit as headless behavior doesn't clear cookies between tests correctly
* Revert "fix: allow for cookies on request of same key to take precedence over cookies in the jar, regardless of how many hierachy cookies exist in the jar"
This reverts commit 17de1883ab.
* [run ci]
* chore: split changelog entry into two parts
* chore: update logic to remove else statement and add comments
* [run ci]
* chore: readd windows snapshot branch in workflows
* [run ci]
* chore: fix workflows from bad merge
* [run ci]
* Revert "chore: split changelog entry into two parts"
This reverts commit 4352ef5f3e.
* [run ci]
* feat: set up experimentalUseDefaultDocumentDomain to disallow document.domain overwritting
* use default domain around experimentalUseDefaultDocumentDomain in main iframe and spec bridge iframes. Also adapt CORS policy to use same-origin if experimental flag is set
* run ci
* fix: add insertion of experimental flag where is was needed/missing
* chore: add system test to exercise experimental flag for expected behavior
* fix: fix issues with template updates to conform to squirrelly v7
* fix: update config tests to include new experimental flag
* run ci
* fix: trailing whitespace [run ci]
* chore: update snapshot
* run ci
* fix: update proxy unit tests to account for experimentalUseDefaultDocumentDomain
* run ci
* fix: Allow component tests with special characters in filepath (#25299)
feat: cut over experimental flag to take list of known problematic domains via string/glob pattern
run ci
chore: update system test and fix broken config
* fix: fix server unit and integration tests. integration tests should no longer use google to test against injection as we do not inject document.domain on google domains
* run ci
* run ci
* fix: server integration tests where google documents are expected to receive document.domain injection. Kept test same by changing URL
* run ci
* fix: update server test with mssing unupdated assertions
* run ci
* fix: turn off experimental flag by default while recommending sane defaults to users to configure
* run ci
* chore: fix typings [run ci]
* run ci
* chore: make experiment an e2e option only
* run ci
* chore: address comments in code review
* chore: rename experimentalUseDefaultDocumentDomain to experimentalSkipDomainInjection
* fix regression in shouldInjectionDocumentDomain utility function and add unit tests
* run ci
* chore: rename documentSuperDomainIfExists to superDomain [run ci]
* chore: address comments from code review
* chore: just pass opts through to policyForDomain
* run ci
Co-authored-by: Mike Plummer <mike-plummer@users.noreply.github.com>
* feat: updates to ci params sent to cloud for jenkins
* fix: add more context around git commits via change trigger for jenkins pipelines
* chore: test cleanup
* Revert "chore: remove document.domain usage for cross-origin testing (#24945)"
This reverts commit a3d3074e70.
* fix: set origin-agent-cluster=?0 for the spec bridge iframe
* re apply comment that was reverted in 1fa1246b5c
* Update packages/server/lib/routes-e2e.ts
Co-authored-by: Matt Schile <mschile@cypress.io>
* chore: update document.domain immutable target from chrome 106 -> chrome 109
Co-authored-by: Matt Schile <mschile@cypress.io>
BREAKING CHANGE: Cookie commands now use the the hostname and not the superdomain for the domain by default. This may affect what cookies are returned/set/cleared by cookie commands.
* fix: throw error if the cy.origin origin is in the same superDomainOrigin as top.
* testing test tweaks
* 'fix' cypress in cypress tests
* Inject cross origin in google subdomains when not same-origin
* style tweaks
* Ensure strict same-origin check works for google.
* test fixes
* we don't need the location object when we just want the href.
* what is in a name?
* Address PR Comments
Lachlan Miller