* fix: Improve TypeScript support for custom queries
* Typo fix
* Fix TS more
* Move 'ensures' off of cy and onto Cypress
* Type fixes
* One missed replacement
* Test fixes
* Properly pass in to ensureRunnable
* Add .eslintignores to quiet down warnings
* Review feedback
* Update cli/types/cypress.d.ts
Co-authored-by: Emily Rohrbough <emilyrohrbough@users.noreply.github.com>
Co-authored-by: Emily Rohrbough <emilyrohrbough@users.noreply.github.com>
* fix: on a canceled request, end waiting on an intercepted alias
* Add tests, fix ts
* skip firefox
* add doc
* try to fix flake
* delay?
* Use http proxy instead of cdp.
* 'fix' safari
* test updates
* PR updates
* test updates
* fix: throw error if the cy.origin origin is in the same superDomainOrigin as top.
* testing test tweaks
* 'fix' cypress in cypress tests
* Inject cross origin in google subdomains when not same-origin
* style tweaks
* Ensure strict same-origin check works for google.
* test fixes
* we don't need the location object when we just want the href.
* what is in a name?
* Address PR Comments
* chore: only inject when html is going to be rendered AND if a
content-type exists, make sure it contains html (which is valid for
xhtml and other mime types)
* rename isHTML is isNotJavascript to be a bit more accurate
* chore: remove isNotJavascript function for restContentTypeIsJavascript for experimental ast rewriter
* chore: enforce strict origin spec bridges
chore: refactor spec bridges to strictly enforce same origin
fix: wrap fullCrossOrigin injection around feature flag inside buffered response
* fix: do NOT set the initial cypress cookie inside the spec bridge as it is sending unecessary cookies
* chore: simplify the finding cypress in the injection code
* chore: change order in which callback fn is declared
* chore: add spec bridge performance issue to validation tests
* chore: add documentation to CDP,electron, and web extension for selected resource types
* chore: change nomenclature of X-Cypress-Request to X-Cypress-Is-XHR-Or-Fetch
* chore: remove no longer applicable comment for socket code
* chore: add comments to the resourceType/credential manager
* test: add correct cookie_behavior assertions before work on server
(currently failing)
* chore: add types needed in the socket and middlewares
* feat: add socket code to server-base (no tests here) to be used in request/response middleware
* feat: fill out the ExtractCypressMetadataHeaders implementation
* feat: add attach cookie logic to requests based on xhr/fetch requests
* feat: add attaching cookies to response logic w/ tests
* Update packages/proxy/lib/http/request-middleware.ts
Co-authored-by: Matt Henkes <mjhenkes@gmail.com>
Co-authored-by: Matt Henkes <mjhenkes@gmail.com>
* chore: add utility functions in proxy to be used in the near future in the request/response middleware(s)
* fix: add isAUTIframe check inside the shouldAttachAndSetCookies, move the siteContext info to the cookies package, simplify top-simulation util, and add better method documentation
* chore: refactor originPolicy to use superDomainOriginPolicy nomenclature and add sameSite/superDomainOrigin policy functions and make originMatch functions match fully same origin policy including sub domains
* chore: change doesAutMatchTopSuperOriginPolicy to doesAUTMatchTopSuperDomainOriginPolicy
* chore: rename originPolicy references to just be origin. Rename superDomainOriginPolicy to superDomainOrigin
* fix: remove duplicate origin keys and add check for remote.origin to return null
* chore: further rename variables to fit origin paradigm
* chore: remove latestActiveSuperDomainOrigin as it is no longer used
* fix: key order in consoleProps yielded test
* remove isAnticipatingCrossOriginResponse as it is no longer available
* chore: update documentation to urlMatchesSameSiteProps to show why the strictPortMatch is an option
* chore: refactor cors package to use a single parse function and update unit tests
* chore: refactor getOrigin to use url origin
* chore: update same-site documentation to now be dependent on cookies
* chore: update same-site policy to be schemeful-same-site policy as we consider protocol mismatches to be not same-site
* chore: remove cannot_visit_previous_origin error message as it is no longer used
* fix: wrap MaybeEndRequestWithBufferedResponse fullCrossOrigin check around feature flag
* test: add failing unit test for expected behavior
* fix: add regex to strip out dynamic setAttribute integrity setting when modifyObstructiveThirdPartyCode is enabled
* fix: properly replace integrity tags inside script resources when experimentalModifyObstructiveThirdPartyCode is true
* test: fix regex rewritter to handle a few other cases of rewriting
integrity. Now accurately applies to other broad strokes
* rename html integrity re to general as this replaces both html and javascript integrity tags in certain cases
* chore: rephrase comments in regex rewriter for MO third party code
* feat: add X-Cypress-Request header in extension
* feat: add X-Cypress-Request header in CDP
* feat: add X-Cypress-Request header in electron
* feat: add ExtractRequestedWithAndCredentialsIfApplicable middleware stub to remove the newly added x-cypress-request header
* chore: change defaultHeaders variable name to requestModifications to more accurately reflect usage
* chore: condense ExtractIsAUTFrameHeader and ExtractRequestedWithAndCredentialsIfApplicable into ExtractCypressMetadataHeaders middleware
* test: add anti assertion for x-cypress-request and remove setting request verbage (as it does nothing yet)
* Initial async changes
* Small fixes and test updates.
* updating tests
* Fixes for cookie login tests
* remove the onlys
* Most tests passing
* Fix driver tests?
* fix firefox test?
* fix unit tests
* fix tests??
* a better check
* fix integration tests
* minor cleanup
* Comment out tyler fix for 10.0 origin issue
* also fix integration tests
* remove fixmes
* Adding Retries for cookie actions. May break other error tests.
* Address (some) PR comments
* update to warn about cross origin command AUT in assertions
* Fix type errors
* Move document.cookie patch to injection
* Adding iframe patching.
* forward errors prior to attaching
* Add error message when using visit to visit a cross origin site with the onLoad or onBeforeLoad options.
* Attempt to fix test errors.
* more fixes, but not all
* use the origin policy
* Fix types
* more fixes
* consider chromeWebSecurity when checking if you can communicate with the AUT
* firefox
* prevent hangs if before unload happens after on load.
* Fix some ToDos
* code cleanup
* remove quotes
* Code review changes
* more cr changes
* fix tests possibly
* for realz this time
* roll back change
* Fix some flake
* Fix flakey xhr test hopefully.
* oops, forgot communicator changes. need those.
* modify error message to not lose the original error
* read config right derp
* simpler check
* no unused vars
* don't put config on window
* Make isRunnerAbleToCommunicateWithTheAUT a util function instead of attaching it to cypress.
* fix a race condition maybe
* clear document when window is cross origin... we'll see if this breaks anything.
* Retry if querying against the wrong AUT
* use timeout
* Don't print the retrying string unless you're retrying due to command aut origin mismatch
* try handling undefined document
* Code review updates. What could go wrong??
* Apply suggestions from code review
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* minor fixes
* try aut location and move the async state collection.
* fix flake around the loading message, probably
* Fix system tests and some flake around redirect counts.
* Improve error handler prior to attaching.
* Code review suggestions
* use a generated ID when promisifying post message
* clean up promise helper
* skip xhr test until issue is resolved.
* Apply suggestions from code review
Co-authored-by: Chris Breiding <chrisbreiding@users.noreply.github.com>
* use state directly
* Apply suggestions from code review
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* Update packages/driver/src/cypress/error_messages.ts
Co-authored-by: Chris Breiding <chrisbreiding@users.noreply.github.com>
Co-authored-by: Bill Glesias <bglesias@gmail.com>
Co-authored-by: Chris Breiding <chrisbreiding@users.noreply.github.com>
* test: refactor and add tests in the cors package
* fix: add areUrlsSameSite method to cookies package and fix
sameSiteContext calculation method and add tests
* fix: always use Set-Cookie optimistically whether or not we keep track of the cookie or not in the server side cookie jar
* chore: add failing unit tests for postpending cookies
* chore: add tough cookie integration tests to verify we append cookies appropriately to request header Cookie
* fix: do not duplicate cookies in request if existing in the cookie jar. Add additional tests to verify expected behavior
* test: add cookie behavior tests that document current expected behavior vs what spec behavior should/will be
* test: add misc tests that check for cookie order
* chore: update debug logs in request to discern cookies
* test: fix assertions in firefox as same-site cookies are actually set correctly
* fix test incorrect assertions. cookies currently exist in primary that are same-site regardless of browser
* skip SameSite=none test in firefox as we currently low insecure samesite none cookies in firefox
* chore: apply suggestions from code review
* chore: change expects to expect
* chore: add documentation for why we need an additional HTTPS port
* remove X-Set-Cookie fixmes
* fix: Time out unmatched prerequests in proxy to avoid leaking memory (and generally improve proxy performance)
* Fix types, whoops
* More type fixes? Plz?
* One more TS attempt.
* Revert GQL changes that break TS
* Revert accidental config change
* Rewrote debug messages for clarity
* One more logging change
* Add test around pre-request garbage collection
* Add test around pre-request garbage collection
* Typo
* Typo again
* Apply suggestions from code review
Co-authored-by: Emily Rohrbough <emilyrohrbough@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* Clean up interval in prerequest tests
Co-authored-by: Emily Rohrbough <emilyrohrbough@users.noreply.github.com>
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* add generic to cy.origin type
* fix log type, update/add comments
* fix comment indentation
* specific generic
* move RemoteState to internal types
* add on links to experimental flag descriptions
* chore: reduce nesting by flipping condition
* fix test title
* simplify failing log
* rename variable
* delete error property
* fix types
* fix type
* remove unnecessary todo
* update wait test
* jquery -> this
* update comment
* remove vestigial autoRun
* use finally
* re-throw non-security errors
* move back getting index
* add new state types
* remove unnecessary export
* startsWith -> includes
* it -> them
* update system test
* remove use of promise constructor
* Revert "remove use of promise constructor"
This reverts commit 35ccc28b6f.
* log errors from Page.getFrameTree
* test if anything breaks when removing optional chaining operator
* remove vestigial file
* handle queue ending in cross-origin driver
* fix coordinates spec
* improve chrome/firefox check in extension
* improve secure cookie regex
* use production mode for cross-origin driver bundle
* adding remoteStates.getPrimary
* catch and ignore queue errors
* remove optional chaining in postMessage handler
* removed unnecessary async
* update frame tree on cri client reconnect
* fix formatting
* renaming remoteStates variable
* prevent requests from being paused if experimentalSessionAndOrigin flag is off
Co-authored-by: Matt Schile <mschile@cypress.io>
* chore: [Multi-domain] Rename isMultiDomain for the driver and the server
* A couple more changes
* Update packages/driver/src/cy/commands/navigation.ts
Co-authored-by: Matt Schile <mschile@gmail.com>
Co-authored-by: Matt Schile <mschile@gmail.com>
