* feat: implement BiDi automation client base (without full extension cutover). [run ci]
* chore: implement suggestions from code review. [run ci]
* update error text to be in line with documentation
* address comments from code review
* address comments from code review
* make bidi, cdp, and both active protocols object enumerations to make the code easier to read
* address additional comments from code review
* fix errors from refactor
* update firefox warning
* remove experimentalSkipDomainInjection, add and deprecate injectDocumentDomain
* remove experimentalSkipDomainInjection, add injectDocumentDomain
* begin rethreading domain injection
* complete document domain transition
* move some cookie specs to separate test run
* origin and privileged commands with default docdom inject
* fix privileged channel when injecting document domain
* rm unnecessary .getOrigin abstraction in cors lib
* move remote-states in prep for refactor Replace Conditional with Polymorphism
* refactor remote states to strategy pattern
* cookie commands work as expected w cross origin bridge on different origins
* some origin tests updated
* run tests with document domain enabled
* run tests actually
* use correct config, swap conditional
* check-ts
* inject documetn domain for webkit tests
* do not exec injectDocumetnDomain in parallel
* fix ServerBase construction in tests to include cfg now
* pass cfg to ServerBase
* improved integration tests
* remove document domain checks for all server integration specs - will add injectDocumentDomain cases
* tests for injecting document domain when configured to
* square away server integration tests
* ensure cookies are set correctly, potentially
* errors pkg snapshots
* fix config tests
* fixing config tests
* somewhat improves tests for cors policies in packages/network
* fix ts err in server-base
* enable injectDocumentDomain for cy in cy tests
* fix Policy type ref
* refactor cypress-schematic ct spec to be less prone to timeouts
* run vite-dev-server tests with injectDocumentDomain
* rm document domain assertion from page_loading system test
* add system tests that test with injectDocumentDomain and others that test with cy.origin
* fix results_spec snapshot
* update experimentalSkipDomainInjection system test
* different behavior for certain net_stubbing tests based on injectDocumentDomain or not
* fix ts
* extract origin key logic from remote states, for now
* move server-base and response-middleware over to new pattern
* WIP - reentry
* fix build, remove console.log
* check-ts
* fix spec frame injection
* remove injection for localhost
* mostly fix vite-dev-server app integration tests
* fix codeframe in certain cases in chrome
* drop internal stack frames from stacks intended for determining code frame data
* some improvements to vite ct error codeframes
* fix proxy unit tests to use document domain injection util class
* rm .only
* fix all vite ct error specs
* rm console.log
* slight refactor to util class to make easier to test
* fix refactor - missing rename in files.js
* several tests do not set testingtype in config, so just check against component instead of checking for e2e
* revert changes to getInvocationDetails to see if that breaks tests
* re-enable stack stripping in invocation details for chrome
* new snapshots with more accurate invocation details
* test for same-site cross-origin cookie behavior
* ignore window.top ts errors
* revert forcing injectDocumentDomain in vite-dev-server cy config
* fix normalized whitespace for firefox "loading_failed" error
* always trim trailing wsp from stack before appending additional content
* force normalization of whitespace to three \n when adding additional stack details
* normalize wsp between stack and additional stack to "\n \n" in firefox
* remove stack_utils attempt at normalizing wsp
* various cleanup: remove commented console logs, add more detailed comments
* add on links to error messages
* remove experimentalSkipDomainInjection from exported type defs
* Update system-tests/test/experimental_skip_domain_injection_spec.ts
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* Update packages/driver/cypress/e2e/e2e/origin/cookie_misc.cy.ts
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* no need to coerce a boolean value to a booleanc
* export base config from primary cypress config in driver for use in inject-document-domain test subset
* lift experimentalSkipDomainInjection breaking option to root
* rollback config/options changes
* rm invalid comment
* use hostname instead of origin to create cookie from automation cookie
* clarify stack regex in results_spec
* lint
* take a stab at the changelog entries for this
* Update cli/CHANGELOG.md
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* Update cli/CHANGELOG.md
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* reenable locally-failing test
* changelog
* snapshot updatesfor experimental skip domain injection err msg
* remove packageManager declaration in package.json
---------
Co-authored-by: Bill Glesias <bglesias@gmail.com>
Co-authored-by: Jennifer Shehane <jennifer@cypress.io>
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* chore: set up instrumentation and instrument middleware
* chore: set up console exporter
* chore: add parent span option to telemetry package
* chore: set up telemetry verbose mode
* chore: instrument the network proxy - part 1
* chore: make sure to terminate spans when request is aborted
* fix telemetry, create/end the request middle prior to sending the outbound request
* avoid telemetry ts build step, create entrypoint into packages/telemetry using TS conventions
* allow env vars to be "true" or "1"
* when creating child span, inherit their attributes directly from the parent
* create custom honeycomb exporter and span processor to log traces
* remove duplicate code that's already called in this.setRootContext
* cleanup
* more clean up
* update honeycomb network:proxy attributes, update console.log message
* yarn lock
* chore: remove performance API in middleware
* chore: end response on correct event
* recursively gather parent attributes on close
* added key and some clean up
* github action detector, move verbose into index, verbose log commands
* some tests
* clean up honeycomb exporter
* some renaming
* testing console trace link exporter
* Don't lose the top span when running in verbose.
* link to the right place for prod/dev
* changes to verbose to make sure it is read in the browser
* Apply suggestions from code review
* pass parent attributes between telemetry instances
* default to false
* 'fix' build issues
* src not dist
* add back on start span
* once more with feeling
* Fix some tests
* try this i guess
* revert auto build
* Apply suggestions from code review
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* support failed commands
* Address PR comments
* Address PR Comments
* error handling
* handle all the errors
---------
Co-authored-by: Bill Glesias <bglesias@gmail.com>
Co-authored-by: Brian Mann <brian.mann86@gmail.com>
* begin setting log with the backend
* revert backend changes
* update interface now that we are only doing static log
* change existing logging logic to run in proxy layer instead
* add tests, fix small bugs
run ci
* fix tests
* add changelog
* run ci
* run ci
* fix cl
run ci
* Update cli/CHANGELOG.md
---------
Co-authored-by: Matt Henkes <mjhenkes@gmail.com>
* feat: set up experimentalUseDefaultDocumentDomain to disallow document.domain overwritting
* use default domain around experimentalUseDefaultDocumentDomain in main iframe and spec bridge iframes. Also adapt CORS policy to use same-origin if experimental flag is set
* run ci
* fix: add insertion of experimental flag where is was needed/missing
* chore: add system test to exercise experimental flag for expected behavior
* fix: fix issues with template updates to conform to squirrelly v7
* fix: update config tests to include new experimental flag
* run ci
* fix: trailing whitespace [run ci]
* chore: update snapshot
* run ci
* fix: update proxy unit tests to account for experimentalUseDefaultDocumentDomain
* run ci
* fix: Allow component tests with special characters in filepath (#25299)
feat: cut over experimental flag to take list of known problematic domains via string/glob pattern
run ci
chore: update system test and fix broken config
* fix: fix server unit and integration tests. integration tests should no longer use google to test against injection as we do not inject document.domain on google domains
* run ci
* run ci
* fix: server integration tests where google documents are expected to receive document.domain injection. Kept test same by changing URL
* run ci
* fix: update server test with mssing unupdated assertions
* run ci
* fix: turn off experimental flag by default while recommending sane defaults to users to configure
* run ci
* chore: fix typings [run ci]
* run ci
* chore: make experiment an e2e option only
* run ci
* chore: address comments in code review
* chore: rename experimentalUseDefaultDocumentDomain to experimentalSkipDomainInjection
* fix regression in shouldInjectionDocumentDomain utility function and add unit tests
* run ci
* chore: rename documentSuperDomainIfExists to superDomain [run ci]
* chore: address comments from code review
* chore: just pass opts through to policyForDomain
* run ci
Co-authored-by: Mike Plummer <mike-plummer@users.noreply.github.com>
* fix: throw error if the cy.origin origin is in the same superDomainOrigin as top.
* testing test tweaks
* 'fix' cypress in cypress tests
* Inject cross origin in google subdomains when not same-origin
* style tweaks
* Ensure strict same-origin check works for google.
* test fixes
* we don't need the location object when we just want the href.
* what is in a name?
* Address PR Comments
* chore: enforce strict origin spec bridges
chore: refactor spec bridges to strictly enforce same origin
fix: wrap fullCrossOrigin injection around feature flag inside buffered response
* fix: do NOT set the initial cypress cookie inside the spec bridge as it is sending unecessary cookies
* chore: simplify the finding cypress in the injection code
* chore: change order in which callback fn is declared
* chore: add spec bridge performance issue to validation tests
* chore: add documentation to CDP,electron, and web extension for selected resource types
* chore: change nomenclature of X-Cypress-Request to X-Cypress-Is-XHR-Or-Fetch
* chore: remove no longer applicable comment for socket code
* chore: add comments to the resourceType/credential manager
* test: add correct cookie_behavior assertions before work on server
(currently failing)
* chore: add types needed in the socket and middlewares
* feat: add socket code to server-base (no tests here) to be used in request/response middleware
* feat: fill out the ExtractCypressMetadataHeaders implementation
* feat: add attach cookie logic to requests based on xhr/fetch requests
* feat: add attaching cookies to response logic w/ tests
* Update packages/proxy/lib/http/request-middleware.ts
Co-authored-by: Matt Henkes <mjhenkes@gmail.com>
Co-authored-by: Matt Henkes <mjhenkes@gmail.com>
* chore: remove cannot_visit_previous_origin error message as it is no longer used
* fix: wrap MaybeEndRequestWithBufferedResponse fullCrossOrigin check around feature flag
* feat: add X-Cypress-Request header in extension
* feat: add X-Cypress-Request header in CDP
* feat: add X-Cypress-Request header in electron
* feat: add ExtractRequestedWithAndCredentialsIfApplicable middleware stub to remove the newly added x-cypress-request header
* chore: change defaultHeaders variable name to requestModifications to more accurately reflect usage
* chore: condense ExtractIsAUTFrameHeader and ExtractRequestedWithAndCredentialsIfApplicable into ExtractCypressMetadataHeaders middleware
* test: add anti assertion for x-cypress-request and remove setting request verbage (as it does nothing yet)
* test: refactor and add tests in the cors package
* fix: add areUrlsSameSite method to cookies package and fix
sameSiteContext calculation method and add tests
* fix: always use Set-Cookie optimistically whether or not we keep track of the cookie or not in the server side cookie jar
* chore: add failing unit tests for postpending cookies
* chore: add tough cookie integration tests to verify we append cookies appropriately to request header Cookie
* fix: do not duplicate cookies in request if existing in the cookie jar. Add additional tests to verify expected behavior
* test: add cookie behavior tests that document current expected behavior vs what spec behavior should/will be
* test: add misc tests that check for cookie order
* chore: update debug logs in request to discern cookies
* test: fix assertions in firefox as same-site cookies are actually set correctly
* fix test incorrect assertions. cookies currently exist in primary that are same-site regardless of browser
* skip SameSite=none test in firefox as we currently low insecure samesite none cookies in firefox
* chore: apply suggestions from code review
* chore: change expects to expect
* chore: add documentation for why we need an additional HTTPS port
* remove X-Set-Cookie fixmes
* chore: [Multi-domain] Rename isMultiDomain for the driver and the server
* A couple more changes
* Update packages/driver/src/cy/commands/navigation.ts
Co-authored-by: Matt Schile <mschile@gmail.com>
Co-authored-by: Matt Schile <mschile@gmail.com>
* chore: use import type across repo
* chore: use import type across repo
* chore: use import type across repo
* chore: use import type across repo
* update exports
* update test
* update import type
* update types
* use import type in driver
* correctly export function
* revert test
* remove unrelated code
* revert code
* improve type imports
* override for reporter
* force websockets transport
* wip: ensure ws connections take place thru a known socket
* clean up yesterday's work
* remove dead code (request is undefined)
* update websocket tests
* add websocket tests
* update socket + server specs
* add token auth for file_server
* Fix cy.visit file_server
* restrict non-proxied URLs, serve error on runner URL non-proxied
* add e2e test for server splash page
* fix types
* use clientRoute, fix tests
* only run 6_non_proxied in electron
* use browser.path
* improve empty options type
* add ws assertions in e2e tests
* fix server_spec
* refactor socket whitelisting logic
* update server_spec
* respond to PR feedback
- added tests for non-clientRoute redirecting to clientRoute when not behind proxy
- cleaned up comments
- cleaned up logic in server.coffee
- moved error html to own file
- added unit test for socket whitelist + fixed removal bug
* renames
* Refactor proxy into own package, implement middleware pattern
don't need these mocha opts anymore
fix test
no more zunder
READMEs
fix test
* pass request by reference
* fix cors path
* Move replace_stream to proxy, concat-stream util in network
* Pin dependency versions
* Revert addDefaultPort behavior
* Add READMEs for proxy, network
* Update README.md
* eslint --fix
* set to null not undefined
* use delete and bump node types
* import cors from package now
* parse-domain@2.3.4
* proxy package needs common-tags
* move pumpify dep
* load through where it's needed, remove unused passthru_stream
* remove unneeded getbuffer call
Co-authored-by: Gleb Bahmutov <gleb.bahmutov@gmail.com>
Bill Glesias