* chore: add type linting + compilation checks to runner package
* empty commit
* A bunch of tslint fixes
* wow it is building
* Fix issue with CT not mounting correctly with comments within it
* Fix net-stubbing.ct.ts failures
* Fix tslint: disable comment
* move target into compilerOptions
* fix tslint disable comment
* update proxy-logging to undo changes
* standardize the tslint:disable comments
* fix comment
* fix the banner content not displaying and write a test for this situation
* fix ct reference
* put target to es2020
* actually set the property with replaced title
* Update packages/reporter/src/hooks/hook-model.ts
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* Fix eslint/tslint settings for system-tests with vue 3
* bump CI cache
* update types/react resolution
* add return
* lint fix
* tslint disable for empty blocks
* exclude dist files from ts linting
* update to exclude all dist folder
* exclude dist file
* change to await
* fix line numbers of stack trace with linting updating vue file
---------
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* remove experimentalSkipDomainInjection, add and deprecate injectDocumentDomain
* remove experimentalSkipDomainInjection, add injectDocumentDomain
* begin rethreading domain injection
* complete document domain transition
* move some cookie specs to separate test run
* origin and privileged commands with default docdom inject
* fix privileged channel when injecting document domain
* rm unnecessary .getOrigin abstraction in cors lib
* move remote-states in prep for refactor Replace Conditional with Polymorphism
* refactor remote states to strategy pattern
* cookie commands work as expected w cross origin bridge on different origins
* some origin tests updated
* run tests with document domain enabled
* run tests actually
* use correct config, swap conditional
* check-ts
* inject documetn domain for webkit tests
* do not exec injectDocumetnDomain in parallel
* fix ServerBase construction in tests to include cfg now
* pass cfg to ServerBase
* improved integration tests
* remove document domain checks for all server integration specs - will add injectDocumentDomain cases
* tests for injecting document domain when configured to
* square away server integration tests
* ensure cookies are set correctly, potentially
* errors pkg snapshots
* fix config tests
* fixing config tests
* somewhat improves tests for cors policies in packages/network
* fix ts err in server-base
* enable injectDocumentDomain for cy in cy tests
* fix Policy type ref
* refactor cypress-schematic ct spec to be less prone to timeouts
* run vite-dev-server tests with injectDocumentDomain
* rm document domain assertion from page_loading system test
* add system tests that test with injectDocumentDomain and others that test with cy.origin
* fix results_spec snapshot
* update experimentalSkipDomainInjection system test
* different behavior for certain net_stubbing tests based on injectDocumentDomain or not
* fix ts
* extract origin key logic from remote states, for now
* move server-base and response-middleware over to new pattern
* WIP - reentry
* fix build, remove console.log
* check-ts
* fix spec frame injection
* remove injection for localhost
* mostly fix vite-dev-server app integration tests
* fix codeframe in certain cases in chrome
* drop internal stack frames from stacks intended for determining code frame data
* some improvements to vite ct error codeframes
* fix proxy unit tests to use document domain injection util class
* rm .only
* fix all vite ct error specs
* rm console.log
* slight refactor to util class to make easier to test
* fix refactor - missing rename in files.js
* several tests do not set testingtype in config, so just check against component instead of checking for e2e
* revert changes to getInvocationDetails to see if that breaks tests
* re-enable stack stripping in invocation details for chrome
* new snapshots with more accurate invocation details
* test for same-site cross-origin cookie behavior
* ignore window.top ts errors
* revert forcing injectDocumentDomain in vite-dev-server cy config
* fix normalized whitespace for firefox "loading_failed" error
* always trim trailing wsp from stack before appending additional content
* force normalization of whitespace to three \n when adding additional stack details
* normalize wsp between stack and additional stack to "\n \n" in firefox
* remove stack_utils attempt at normalizing wsp
* various cleanup: remove commented console logs, add more detailed comments
* add on links to error messages
* remove experimentalSkipDomainInjection from exported type defs
* Update system-tests/test/experimental_skip_domain_injection_spec.ts
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* Update packages/driver/cypress/e2e/e2e/origin/cookie_misc.cy.ts
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* no need to coerce a boolean value to a booleanc
* export base config from primary cypress config in driver for use in inject-document-domain test subset
* lift experimentalSkipDomainInjection breaking option to root
* rollback config/options changes
* rm invalid comment
* use hostname instead of origin to create cookie from automation cookie
* clarify stack regex in results_spec
* lint
* take a stab at the changelog entries for this
* Update cli/CHANGELOG.md
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* Update cli/CHANGELOG.md
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* reenable locally-failing test
* changelog
* snapshot updatesfor experimental skip domain injection err msg
* remove packageManager declaration in package.json
---------
Co-authored-by: Bill Glesias <bglesias@gmail.com>
Co-authored-by: Jennifer Shehane <jennifer@cypress.io>
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* fix: HTTP response with invalid headers doesn't throw error #28865
When receiving the described HTTP response Cypress resets the headers.
This would cause the validateHeaderName method from node to be called
which would cause an error, since the headers where invalid.
Now Crypress verifies all the headers before reseting them,
discards invalid ones and sends a warning in the console
when debug module is on.
* fix: improved warning display to the command line
When cutting off invalid headers from the response the user
is informed of such headers in the command line
* fix: added undefined verification and catched missing error
Fixed a typescript error where validateHeaderValue was being called
with value possibly being undefined. Fixed catching missing error
where code is 'ERROR_INVALID_CHAR' and rethrows other errors
* Update cli/CHANGELOG.md
---------
Co-authored-by: Jennifer Shehane <jennifer@cypress.io>
Co-authored-by: Cacie Prins <cacieprins@users.noreply.github.com>
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* chore: update browser internal images to chrome 124 and firefox 125 [run ci]
* update screenshot sizes for chrome as they have changed in the chrome 124 and is ultimately out of our control since the options passed into the CLI are STILL not respected [run ci]
* fix cypress-in-cypress tests for chrome 119 and up
* remove windows app integration code added in 29198
* run windows build [run ci]
* fix some failing system tests [run ci]
* update non proxied png [run ci]
* fix system tests failing [run ci]
* fix afterEach [run ci]
* chore: update documentation in response middleware
* fix: Add existential operators to properties before calling split
* empty commit
* changelog entry
* Add note about regression
* remove duplicate dep in changelog
* Add link to issue
* Update packages/proxy/lib/http/util/service-worker-manager.ts
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* Update packages/proxy/lib/http/util/service-worker-manager.ts
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
---------
Co-authored-by: Ryan Manuel <ryanm@cypress.io>
* fix: issue with service workers in test replay when they're initiated from a support file
* add changelog
* Update cli/CHANGELOG.md
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* PR comment
* get prerelease
* PR comments
* Update .circleci/workflows.yml
* Update .circleci/workflows.yml
Co-authored-by: Matt Schile <mschile@cypress.io>
---------
Co-authored-by: Bill Glesias <bglesias@gmail.com>
Co-authored-by: Matt Schile <mschile@cypress.io>
* feat: Selective CSP header directive stripping from HTTPResponse
- uses `stripCspDirectives` config option
* feat: Selective CSP header directive permission from HTTPResponse
- uses `experimentalCspAllowList` config option
* Address Review Comments:
- Add i18n for `experimentalCspAllowList`
- Remove PR link in changelog
- Fix docs link in changelog
- Remove extra typedef additions
- Update validation error message and snapshot
- Fix middleware negated conditional
* chore: refactor driver test into system tests to get better test
coverage on experimentalCspAllowList options
* Address Review Comments:
- Remove legacyOption for `experimentalCspAllowList`
- Update App desc for `experimentalCspAllowList` to include "Content-Security-Policy-Report-Only"
- Modify CHANGELOG wording
- Specify “never” overrideLevel
- Remove unused validator (+2 squashed commits)
- Add "Addresses" note in CHANGELOG to satisfy automation
- Set `canUpdateDuringTestTime` to `false` to prevent confusion
* chore: Add `frame-src` and `child-src` to conditional CSP directives
* chore: Rename `isSubsetOf` to `isArrayIncludingAny`
* chore: fix CLI linting types
* chore: fix server unit tests
* chore: fix system tests within firefox and webkit
* chore: add form-action test
* chore: update system test snapshots
* chore: skip tests in webkit due to form-action flakiness
* chore: Move 'sandbox' and 'navigate-to' into `unsupportedCSPDirectives`
- Add additional system tests
- Update snapshots and unit test
* chore: update system test snapshots
* chore: fix system tests
* chore: do not run csp tests within firefox or webkit due to flake issues in CI
* chore: attempt to increase intercept delay to avoid race condition
* chore: update new snapshots with video defaults work
* chore: update changelog
---------
Co-authored-by: Bill Glesias <bglesias@gmail.com>
Co-authored-by: Matt Schile <mschile@cypress.io>
* chore: set up instrumentation and instrument middleware
* chore: set up console exporter
* chore: add parent span option to telemetry package
* chore: set up telemetry verbose mode
* chore: instrument the network proxy - part 1
* chore: make sure to terminate spans when request is aborted
* fix telemetry, create/end the request middle prior to sending the outbound request
* avoid telemetry ts build step, create entrypoint into packages/telemetry using TS conventions
* allow env vars to be "true" or "1"
* when creating child span, inherit their attributes directly from the parent
* create custom honeycomb exporter and span processor to log traces
* remove duplicate code that's already called in this.setRootContext
* cleanup
* more clean up
* update honeycomb network:proxy attributes, update console.log message
* yarn lock
* chore: remove performance API in middleware
* chore: end response on correct event
* recursively gather parent attributes on close
* added key and some clean up
* github action detector, move verbose into index, verbose log commands
* some tests
* clean up honeycomb exporter
* some renaming
* testing console trace link exporter
* Don't lose the top span when running in verbose.
* link to the right place for prod/dev
* changes to verbose to make sure it is read in the browser
* Apply suggestions from code review
* pass parent attributes between telemetry instances
* default to false
* 'fix' build issues
* src not dist
* add back on start span
* once more with feeling
* Fix some tests
* try this i guess
* revert auto build
* Apply suggestions from code review
Co-authored-by: Bill Glesias <bglesias@gmail.com>
* support failed commands
* Address PR comments
* Address PR Comments
* error handling
* handle all the errors
---------
Co-authored-by: Bill Glesias <bglesias@gmail.com>
Co-authored-by: Brian Mann <brian.mann86@gmail.com>
* begin setting log with the backend
* revert backend changes
* update interface now that we are only doing static log
* change existing logging logic to run in proxy layer instead
* add tests, fix small bugs
run ci
* fix tests
* add changelog
* run ci
* run ci
* fix cl
run ci
* Update cli/CHANGELOG.md
---------
Co-authored-by: Matt Henkes <mjhenkes@gmail.com>
* feat: set up experimentalUseDefaultDocumentDomain to disallow document.domain overwritting
* use default domain around experimentalUseDefaultDocumentDomain in main iframe and spec bridge iframes. Also adapt CORS policy to use same-origin if experimental flag is set
* run ci
* fix: add insertion of experimental flag where is was needed/missing
* chore: add system test to exercise experimental flag for expected behavior
* fix: fix issues with template updates to conform to squirrelly v7
* fix: update config tests to include new experimental flag
* run ci
* fix: trailing whitespace [run ci]
* chore: update snapshot
* run ci
* fix: update proxy unit tests to account for experimentalUseDefaultDocumentDomain
* run ci
* fix: Allow component tests with special characters in filepath (#25299)
feat: cut over experimental flag to take list of known problematic domains via string/glob pattern
run ci
chore: update system test and fix broken config
* fix: fix server unit and integration tests. integration tests should no longer use google to test against injection as we do not inject document.domain on google domains
* run ci
* run ci
* fix: server integration tests where google documents are expected to receive document.domain injection. Kept test same by changing URL
* run ci
* fix: update server test with mssing unupdated assertions
* run ci
* fix: turn off experimental flag by default while recommending sane defaults to users to configure
* run ci
* chore: fix typings [run ci]
* run ci
* chore: make experiment an e2e option only
* run ci
* chore: address comments in code review
* chore: rename experimentalUseDefaultDocumentDomain to experimentalSkipDomainInjection
* fix regression in shouldInjectionDocumentDomain utility function and add unit tests
* run ci
* chore: rename documentSuperDomainIfExists to superDomain [run ci]
* chore: address comments from code review
* chore: just pass opts through to policyForDomain
* run ci
Co-authored-by: Mike Plummer <mike-plummer@users.noreply.github.com>
* fix: change sweep interval from 1s -> 10s
* binaries
* update variable name
* use DI to make PreRequest class more testable
* revert code [skip ci]
* try tweaking test
Co-authored-by: Matt Henkes <mjhenkes@gmail.com>
* Revert "chore: remove document.domain usage for cross-origin testing (#24945)"
This reverts commit a3d3074e70.
* fix: set origin-agent-cluster=?0 for the spec bridge iframe
* re apply comment that was reverted in 1fa1246b5c
* Update packages/server/lib/routes-e2e.ts
Co-authored-by: Matt Schile <mschile@cypress.io>
* chore: update document.domain immutable target from chrome 106 -> chrome 109
Co-authored-by: Matt Schile <mschile@cypress.io>
* fix: on a canceled request, end waiting on an intercepted alias
* Add tests, fix ts
* skip firefox
* add doc
* try to fix flake
* delay?
* Use http proxy instead of cdp.
* 'fix' safari
* test updates
* PR updates
* test updates
* fix: throw error if the cy.origin origin is in the same superDomainOrigin as top.
* testing test tweaks
* 'fix' cypress in cypress tests
* Inject cross origin in google subdomains when not same-origin
* style tweaks
* Ensure strict same-origin check works for google.
* test fixes
* we don't need the location object when we just want the href.
* what is in a name?
* Address PR Comments
* chore: only inject when html is going to be rendered AND if a
content-type exists, make sure it contains html (which is valid for
xhtml and other mime types)
* rename isHTML is isNotJavascript to be a bit more accurate
* chore: remove isNotJavascript function for restContentTypeIsJavascript for experimental ast rewriter
Jennifer Shehane