Subtle Crypto not available in Firefox

[j-berman]

Current behavior

Subtle Crypto (window.crypto.subtle) is undefined in Firefox 84.

First noticed my CI tests in Firefox were failing, then reproduced locally by updating my local Firefox (and Cypress) to the latest.

Desired behavior

Subtle crypto to be available in Firefox Cypress tests.

Test code to reproduce

it('Subtle crypto unavailable', function () {
    cy.visit('./cypress/integration/index.html').then(function (win) {
        expect(win.crypto).to.have.property('subtle')
    })
})

Versions

Failing CI Versions

Firefox 84
Linux Ubuntu - 18.04
Cypress - 4.12.1

Last known working CI Versions

Firefox 83
Linux Ubuntu - 18.04
Cypress - 4.12.1

Failing Local Versions

Firefox 84
Mac OS X - 10.14.6
Cypress - 6.2.1

Last known working local version

Firefox 78
Mac OS X - 10.14.6
Cypress - 6.2.1

Note

Subtle crypto is supposed to be available at localhost, as it's considered a secure context.

From MDN's docs on secure contexts:

Locally-delivered resources such as those with http://127.0.0.1 URLs, http://localhost and http://*.localhost URLs (e.g. http://dev.whatever.localhost/), and file:// URLs are also considered to have been delivered securely.

But it also has this note, which seems to be the culprit for the breaking change in Firefox 84, but I'm not really sure why:

Note: Firefox 84 and later support http://localhost and http://*.localhost URLs as trustworthy origins (earlier versions did not, because localhost was not guaranteed to map to a local/loopback address).

I have access to subtle crypto in Firefox 84 when serving my site from a webpack dev server at localhost, just not within Cypress for some reason.

I figure it has something to do with Cypress' browser environment being incompatible with Firefox 84:

Cypress launches the browser in a way that’s different from a regular browser environment. But it launches in a way that we believe makes testing more reliable and accessible.

[j-berman]

Throwing this out there too: if it's possible to run Cypress CI tests on different browser versions, that would be a nice workaround in the meantime. Haven't been able to figure that out, doesn't seem possible using the Cypress service

[jennifer-shehane]

@j-berman We have docker images where some different browser versions are provided, but we don't have a 'matrix' of browser versions to run against. https://github.com/cypress-io/cypress-docker-images

We proxy a lot of requests through Cypress, so yeah, I imagine there's something we're not taking into account in this situation.

Reproducible example

index.html

<html>
  <body>
    <h1>Hello world</h1>
    <script>
      console.log(window.crypto)
    </script>
  </body>
</html>

spec.js

it('Subtle crypto unavailable', () => {
  cy.visit('index.html').then((win) => {
    // Fails in Firefox 84
    expect(win.crypto).to.have.property('subtle')
  })
})

Firefox 81

Firefox 84

[samal-rasmussen]

I can find crypto.subtle on 127.0.0.1 in Firefox v84, but not on localhost.

[cupcakearmy]

Same issue here on macOS with firefox 88 and a local server running on localhost:3000

[fintechee]

The similar issue

127.0.0.1:8080 --> ok
127.0.0.1:8081 --> ok
localhost:8080 --> ok
http://domain -----> ok
https://domain ---> ok

But

192.168.0.xxx:8080 ---> undefined

[ShuPink]

I'm also having this issue with Firefox 100, Ubuntu 20.04, Cypress 10.0.2 on localhost.

Both Electron and Chrome work normally.
I can access subtle on Firefox from localhost outside of Cypress.

I tried to polyfill using @peculiar/webcrypto but wasn't able to get it working.

[con-cso]

I'm also seeing this in our CI as of late.

• Firefox 101
• Cypress 9.6.0
• Xubuntu 21.10

[sisou]

I just had the same problem, crypto.subtle not being available on localhost.

I found that the about:config setting network.proxy.allow_hijacking_localhost was set to true, but default is false. Resetting it to false made it work on localhost!

[metawise]

I just had the same problem, crypto.subtle not being available on localhost.

I found that the about:config setting network.proxy.allow_hijacking_localhost was set to true, but default is false. Resetting it to false made it work on localhost!

I got same error on FF only, this fixed.

[stoooops]

I am facing this issue while visiting a RainbowKit v1.5 website at 192.168.1.XXX.

Interestingly, my issue is in Brave Browser, but Firefox works okay.

I do not get this issue on localhost when I am on the machine that is running the web server.

[JanZellmer]

Hi @ALL
I'm facing the same problem on firefox for localhost. When I run it manually, the network.proxy.allow_hijacking_localhost is set to false. Only in Cypress, it is true.
For me it worked as I changed the baseUrl key in cypres config from localhost:4200 to 127.0.0.1:4200

[NingXinHui]

I just had the same problem, crypto.subtle not being available on localhost.

I found that the about:config setting network.proxy.allow_hijacking_localhost was set to true, but default is false. Resetting it to false made it work on localhost!

hello how to set

[sisou]

hello how to set

Type about:config in the location (address) bar and press the "Enter" key to open the about:config page, just like you open a website by typing the URL in the location bar.

Then search for the setting name in the config search bar.

[rolfspuler]

Looks like that network.proxy.allow_hijacking_localhost needs to be true though for Cypress to work correctly, doesn't seem to be the solution. If I turn it to false via browser launch options I don't see any cypress related things anymore in the browser window.

[caesar1987sk]

i got issue with window.crypto.subtle
error was window.crypto.subtle is undefined
error was breaking login with msal (msal-angular).
when i set "network.proxy.testing_localhost_is_secure_when_hijacked" to true, it started to work, so this part of code solved my issue:

setupNodeEvents(on) {
      on('before:browser:launch', (browser, launchOptions) => {
        if (browser.family === 'firefox') {
          // launchOptions.preferences is a map of preference names to values
          // login is not working in firefox when testing_localhost_is_secure_when_hijacked is false
          launchOptions.preferences['network.proxy.testing_localhost_is_secure_when_hijacked'] = true;
        }

        return launchOptions;
      });
    }

browser: firefox 114.0.2
application served to 127.0.0.1 (not possible to use localhost)
baseUrl: http://localhost:<port>/

[lmiller1990]

It looks like that should not be necessary @caesar1987sk - we already do this by default:

cypress/packages/server/lib/browsers/firefox.ts

Line 442 in f05f623

'network.proxy.allow_hijacking_localhost': true,

I suspect serving vias 127.0.0.1 is what is fixing this for you? If you do that, but remove the

launchOptions.preferences['network.proxy.testing_localhost_is_secure_when_hijacked'] = true;

Is it causing errors?

[lmiller1990]

I tried this out. The workaround would be to use 127.0.0.1 for now, until we find out why localhost isn't working. It looks like using this comment's recommendation it works. I wonder if

cypress/packages/server/lib/browsers/firefox.ts

Line 442 in f05f623

'network.proxy.allow_hijacking_localhost': true,

is getting overridden at some point. I'll take a look.

Not working:

it("runs", () => {
  cy.visit("http://localhost:8000");
  cy.window().then((win) => expect(win.crypto).to.have.property("subtle"));
 });

Working:

it("runs", () => {
  cy.visit("http://127.0.0.1:8000");
  cy.window().then((win) => expect(win.crypto).to.have.property("subtle"));
 });

If I add

setupNodeEvents(on) {
      on('before:browser:launch', (browser, launchOptions) => {
        if (browser.family === 'firefox') {
          // launchOptions.preferences is a map of preference names to values
          // login is not working in firefox when testing_localhost_is_secure_when_hijacked is false
          launchOptions.preferences['network.proxy.testing_localhost_is_secure_when_hijacked'] = true;
        }

        return launchOptions;
      });
    }

in cypress.config.js, it works with localhost. I'll dig into this.

[cybermelons]

it("runs", () => {
  cy.visit("http://127.0.0.1:8000");
  cy.window().then((win) => expect(win.crypto).to.have.property("subtle"));
 });

If I add

setupNodeEvents(on) {
      on('before:browser:launch', (browser, launchOptions) => {
        if (browser.family === 'firefox') {
          // launchOptions.preferences is a map of preference names to values
          // login is not working in firefox when testing_localhost_is_secure_when_hijacked is false
          launchOptions.preferences['network.proxy.testing_localhost_is_secure_when_hijacked'] = true;
        }

        return launchOptions;
      });
    }

in cypress.config.js, it works with localhost. I'll dig into this.

Adding this to my cypress config works for me. Thanks 👍🏼

[lmiller1990]

I did not end up figuring this out. Anyway, above work around works great.

[cypress-app-bot]

This issue has not had any activity in 180 days. Cypress evolves quickly and the reported behavior should be tested on the latest version of Cypress to verify the behavior is still occurring. It will be closed in 14 days if no updates are provided.

[cypress-app-bot]

This issue has been closed due to inactivity.