breaking: no longer inject document.domain by default #30770
Conversation
… add injectDocumentDomain cases
|
|
||
| if << parameters.inject-document-domain >> ; then | ||
| YARN_CMD="cypress:run:inject-document-domain" | ||
| PARALLEL="" |
There was a problem hiding this comment.
This can't be parallel because it ends up with the same build id but a different set of specs from the run without injectDocumentDomain
| @@ -3000,6 +3046,8 @@ linux-x64-workflow: &linux-x64-workflow | |||
| - driver-integration-tests-firefox | |||
| - driver-integration-tests-chrome | |||
| - driver-integration-tests-chrome-beta | |||
| - driver-integration-tests-chrome-inject-document-domain | |||
| - driver-integration-tests-chrome-beta-inject-document-domain | |||
There was a problem hiding this comment.
adding firefox and electron to this mix was going to be pretty cumbersome - I'd like to refactor workflows.yml to use matrix parameters, which would make all of this so much easier.
| @@ -70,8 +70,7 @@ declare namespace Cypress { | |||
| strategy: 'file' | 'http' | |||
| origin: string | |||
| fileServer: string | null | |||
| props: Record<string, any> | |||
| visiting: string | |||
| props: Record<string, any> | null | |||
There was a problem hiding this comment.
visiting was never used or set internally that I could find, and props not being nullable was inconsistent with the implementation. Potential improvement: import this type directly from packages/server/lib/remote_states so it stays consistent with the implementation
| const projectPath: string = Fixtures.projectPath(project) | ||
|
|
||
| beforeEach(async () => { | ||
| await Fixtures.scaffoldProject(project) |
There was a problem hiding this comment.
moving the scaffoldAngularProject function inline into a beforeEach here keeps the DRY while improving the readability of the spec
There was a problem hiding this comment.
should we consider moving these changes into its own PR for a quick review and to reduce changeset here?
There was a problem hiding this comment.
I think so - This refactor was done to help understand why the tests were failing, and don't actually change the nature of the tests other than clarification of stdout.
| }, timeout) | ||
|
|
||
| afterEach(() => { | ||
| Fixtures.removeProject(project) |
There was a problem hiding this comment.
Moving the cleanup to an afterEach ensures that the project is removed after the last it(), rather than left in place
| @@ -316,10 +324,6 @@ export class CypressError extends Error { | |||
| } | |||
| } | |||
|
|
|||
| const getUserInvocationStackFromError = (err) => { | |||
There was a problem hiding this comment.
This function removed for clarity sake
| if (specWindow.Cypress && specWindow.Cypress.isBrowser('firefox')) { | ||
| stack = stackWithLinesDroppedFromMarker(stack, '__cypress/tests', true) | ||
| // firefox and chrome throw stacks that include lines from cypress | ||
| // So we drop the lines until we get to the spec stackframe (includes __cypress) |
There was a problem hiding this comment.
expanding this from __cypress/tests ensures that cy in cy component tests retain the correct stack
| @@ -164,6 +163,7 @@ export class SocketBase { | |||
| const cdpIo = this._cdpIo = this.createCDPIo(socketIoRoute) | |||
|
|
|||
| automation.use({ | |||
| // @ts-ignore - this error is new, but not introduced in the most recent edit. TODO: fix | |||
There was a problem hiding this comment.
I think this was causing issues with linting; VScode was showing an error here with the file open, but lint only started failing against it when I changed it. For ref,
onPush is defined as a NullableMiddlewareHook = (() => void) | null, which means either this function never receives the expected props, or onPush actually being NullableMiddlewareHook instead of something else is in question.
There was a problem hiding this comment.
This is all CDP/BiDi signature related so I would be surprised if the change was introduced here
| it('logs error and exits when project folder has read permissions only and cannot write cypress.config.js', function () { | ||
| // this test is skipped because its failure causes websocket integration tests to fail. | ||
| // this test should be revisited, as the error it's asserting on probably can never be | ||
| // actually thrown by Cypress. |
There was a problem hiding this comment.
This test is never run in CI (where tests are run as root), and it always fails locally.
The ERROR_WRITING_FILE error is thrown by _logWriteErr in packages/server/lib/util/settings.ts, which is referenced by _write() in the same file. _write() is only referenced by writeForTesting() in the same file, which is only referenced in tests, and not runtime code.
There was a problem hiding this comment.
maybe not all of these extra files are necessary - I'm spending some time going through and pruning unnecessary ones. (maybe these should be snapshots instead of fixtures, since they're expected data instead of test input data)
cacieprins
changed the title
cacieprins
requested review from
brian-mann and
jennifer-shehane
as code owners
There was a problem hiding this comment.
@cacieprins Please feel free to bypass Brian and I as codeowner approvals and merge once you get 2 review approvals. The exposure of the injectDocumentDomain config and removal of experimental is acceptable as an exposed portion of our public API.
cli/types/cypress.d.ts
Outdated
| @@ -3113,6 +3112,12 @@ declare namespace Cypress { | |||
| * @default null | |||
| */ | |||
| experimentalSkipDomainInjection: string[] | null | |||
There was a problem hiding this comment.
@cacieprins This experimentalSkipDomainInjection type should be removed.
There was a problem hiding this comment.
Looks to need some adjustments in @packages.config where we need to remove the option experimentalSkipDomainInjection as well as adding an option that it was removed here and updating EXPERIMENTAL_USE_DEFAULT_DOCUMENT_DOMAIN_E2E_ONLY to the new option
There was a problem hiding this comment.
I think full removal of experimentalSkipDomainInjection should be in a follow-up PR, to keep the scope of this as manageable as possible
packages/errors/src/errors.ts
Outdated
| @@ -1350,19 +1350,29 @@ export const AllCypressErrors = { | |||
| return errTemplate`\ | |||
| The ${fmt.highlight(`justInTimeCompile`)} configuration is only supported for Component Testing.` | |||
| }, | |||
| // TODO: link to docs on the new injectDocumentDomain config option | |||
There was a problem hiding this comment.
@cacieprins Is this wanted to be done before 14 releases? If so, I would add an on link and we can route it to the https://docs.cypress.io/app/references/error-messages where the specific error explanation would be in the 14 docs branch.
There was a problem hiding this comment.
Yep, that work is in progress
cli/types/cypress.d.ts
Outdated
| @@ -3113,6 +3112,12 @@ declare namespace Cypress { | |||
| * @default null | |||
| */ | |||
| experimentalSkipDomainInjection: string[] | null | |||
There was a problem hiding this comment.
Looks to need some adjustments in @packages.config where we need to remove the option experimentalSkipDomainInjection as well as adding an option that it was removed here and updating EXPERIMENTAL_USE_DEFAULT_DOCUMENT_DOMAIN_E2E_ONLY to the new option
| const projectPath: string = Fixtures.projectPath(project) | ||
|
|
||
| beforeEach(async () => { | ||
| await Fixtures.scaffoldProject(project) |
There was a problem hiding this comment.
should we consider moving these changes into its own PR for a quick review and to reduce changeset here?
| @@ -278,5 +278,6 @@ | |||
| "devtools-protocol": "0.0.1346313", | |||
| "sharp": "0.29.3", | |||
| "vue-template-compiler": "2.6.12" | |||
| } | |||
| }, | |||
| "packageManager": "[email protected]+sha512.ff4579ab459bb25aa7c0ff75b62acebe576f6084b36aa842971cf250a5d8c6cd3bc9420b22ce63c7f93a0857bc6ef29291db39c3e7a23aab5adfd5a4dd6c5d71" | |||
There was a problem hiding this comment.
I think develop is on 1.22.22 which gets set via yarn set version. We might need to merge develop into 14 which I can look into shortly
| @@ -218,6 +220,7 @@ exports['config/src/index .getPublicConfigKeys returns list of public config key | |||
| 'experimentalRunAllSpecs', | |||
| 'experimentalMemoryManagement', | |||
| 'experimentalModifyObstructiveThirdPartyCode', | |||
| 'injectDocumentDomain', | |||
| 'experimentalSkipDomainInjection', | |||
There was a problem hiding this comment.
this should be removed from the snapshots
| 'experimentalSkipDomainInjection', | |
| '', |
| validation: validate.isBoolean, | ||
| requireRestartOnChange: 'server', | ||
| }, | ||
| { | ||
| name: 'experimentalSkipDomainInjection', |
There was a problem hiding this comment.
shouldn't need this anymore as well
| @@ -164,6 +163,7 @@ export class SocketBase { | |||
| const cdpIo = this._cdpIo = this.createCDPIo(socketIoRoute) | |||
|
|
|||
| automation.use({ | |||
| // @ts-ignore - this error is new, but not introduced in the most recent edit. TODO: fix | |||
There was a problem hiding this comment.
This is all CDP/BiDi signature related so I would be surprised if the change was introduced here
packages/server/lib/socket-base.ts
Outdated
|
|
||
| cookieJar.setCookie(automationCookieToToughCookie(cookie, domain), url, sameSiteContext) | ||
| cookieJar.setCookie(automationCookieToToughCookie(cookie, origin), url, sameSiteContext) |
There was a problem hiding this comment.
does it set the origin or the domain on the cookie? I see this is just a port of the existing logic, but I wonder if it's correct. For example:
for URL https://www.foobar.com/baz the
origin:https://www.foobar.comdomain:www.foobar.com
my guess is tough-cookie parses this out for us but I want to double check here. Are you able to verify that?
There was a problem hiding this comment.
It looks like they are handling things correctly on there end and it shouldn't matter. I don't think there are existing bugs with this I just wanted to be sure that origin ultimately translates to domain on the tough-cookie side of things
There was a problem hiding this comment.
This is a good catch - I'll change this to hostname to more accurately match the RFC that tough-cookie implements.
There was a problem hiding this comment.
Addressed in fb1219c
system-tests/test/results_spec.ts
Outdated
| @@ -27,7 +24,7 @@ const normalizeResults = (resultsJson) => { | |||
| .replace(majorVersionRegex, '"$1": "X"') | |||
| .replace(osNameRegex, '"$1": "linux"') | |||
| .replace(archRegex, '"arch": "x64"') | |||
| .replace(stackLineRegex, '"displayError": "$1 <stack lines>"') | |||
| .replace(/(\Wn {4}at.+)"/g, ' <stack lines>"') | |||
There was a problem hiding this comment.
Can we add a comment to what is this regex doing? I'm not great at reading it on first glance 😅
There was a problem hiding this comment.
Would we not want the definition of this regex to be outside of these function calls?
Co-authored-by: Bill Glesias <[email protected]>
Co-authored-by: Bill Glesias <[email protected]>
|
also wonder if we can remove the |
…nject-document-domain test subset
…ub.com/cypress-io/cypress into cacie/29590/document-domain-subdomains
Docs PR: cypress-io/cypress-documentation#5974
Additional details
Chrome is in the process of deprecating the setter for
document.domain. As well, our usage ofdocument.domaincaused issues with certain sites that used origin agent clusters for security.Cypress used
document.domainto allow for navigation between subdomains in a single test without requiring the use ofcy.origin().With the deprecation ofdocument.domain, Cypress can no longer rely on the availability of a setter ondocument.domain.Because this is a fairly disruptive change for users who rely on
cy.origin()to navigate between subdomains, a new configuration option is being introduced.injectDocumentDomaincan be set totruein order to re-enable the injection ofdocument.domainsetters in Cypress. This configuration option is marked as deprecated, and you will receive a warning when Cypress is launched with this option set totrue. It will be removed in Cypress 15.Steps to test
How has the user experience changed?
The
cy.origin()command must now be used when navigating between subdomains, unless theinjectDocumentDomaine2e configuration option is enabled. When this option is enabled, there will be a warning when Cypress starts.PR Tasks
cypress-documentation? Config option - injecting document.domain cypress-documentation#5974type definitions?