Skip to content

Commit

Permalink
Attempting a system test
Browse files Browse the repository at this point in the history
  • Loading branch information
@mjhenkes
mjhenkes committed Apr 18, 2022
1 parent 8524605 commit 653988b
Show file tree
Hide file tree
Showing 3 changed files with 71 additions and 51 deletions.
106 changes: 55 additions & 51 deletions system-tests/__snapshots__/web_security_spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,11 @@ exports['e2e web security / when enabled / fails'] = `
(Run Starting)
┌────────────────────────────────────────────────────────────────────────────────────────────────┐
│ Cypress: 1.2.3 │
│ Browser: FooBrowser 88 │
│ Specs: 1 found (web_security_spec.js) │
│ Searched: cypress/integration/web_security_spec.js │
│ Cypress: 1.2.3 │
│ Browser: FooBrowser 88 │
│ Specs: 1 found (web_security_spec.js) │
│ Searched: cypress/integration/web_security_spec.js │
│ Experiments: experimentalSessionAndOrigin=true │
└────────────────────────────────────────────────────────────────────────────────────────────────┘
Expand All @@ -22,78 +23,79 @@ exports['e2e web security / when enabled / fails'] = `
2) fails when submitted a form and being redirected to another origin
3) fails when using a javascript redirect to another origin
4) fails when doing a CORS request cross-origin
✓ finds the correct spec bridge even if a previous spec bridge host is a subset of the current host
0 passing
1 passing
4 failing
1) web security
fails when clicking <a> to another origin:
CypressError: Cypress detected a cross origin error happened on page load:
CypressError: Timed out after waiting \`5000ms\` for your remote page to load on origin(s):
> [Cross origin error message]
- \`http://localhost:4466\`
Before the page load, you were bound to the origin policy:
A cross-origin request for \`https://www.foo.com:44665/cross_origin\` was detected.
> http://localhost:4466
A command that triggers cross-origin navigation must be immediately followed by a \`cy.origin()\` command:
A cross origin error happens when your application navigates to a new URL which does not match the origin policy above.
\`cy.origin('https://foo.com:44665', () => {\`
\` <commands targeting https://www.foo.com:44665 go here>\`
\`})\`
A new URL does not match the origin policy if the 'protocol', 'port' (if specified), and/or 'host' (unless of the same superdomain) are different.
If the cross-origin request was an intermediary state, you can try increasing the \`pageLoadTimeout\` value in \`cypress.json\` to wait longer.
Cypress does not allow you to navigate to a different origin URL within a single test.
Browsers will not fire the \`load\` event until all stylesheets and scripts are done downloading.
You may need to restructure some of your test code to avoid this problem.
When this \`load\` event occurs, Cypress will continue running commands.
Alternatively you can also disable Chrome Web Security in Chromium-based browsers which will turn off this restriction by setting { chromeWebSecurity: false } in \`cypress.json\`.
https://on.cypress.io/cross-origin-violation
https://on.cypress.io/origin
[stack trace lines]
2) web security
fails when submitted a form and being redirected to another origin:
CypressError: Cypress detected a cross origin error happened on page load:
> [Cross origin error message]
CypressError: Timed out after waiting \`5000ms\` for your remote page to load on origin(s):
Before the page load, you were bound to the origin policy:
- \`http://localhost:4466\`
> http://localhost:4466
A cross-origin request for \`https://www.foo.com:44665/cross_origin\` was detected.
A cross origin error happens when your application navigates to a new URL which does not match the origin policy above.
A command that triggers cross-origin navigation must be immediately followed by a \`cy.origin()\` command:
A new URL does not match the origin policy if the 'protocol', 'port' (if specified), and/or 'host' (unless of the same superdomain) are different.
\`cy.origin('https://foo.com:44665', () => {\`
\` <commands targeting https://www.foo.com:44665 go here>\`
\`})\`
Cypress does not allow you to navigate to a different origin URL within a single test.
If the cross-origin request was an intermediary state, you can try increasing the \`pageLoadTimeout\` value in \`cypress.json\` to wait longer.
You may need to restructure some of your test code to avoid this problem.
Browsers will not fire the \`load\` event until all stylesheets and scripts are done downloading.
Alternatively you can also disable Chrome Web Security in Chromium-based browsers which will turn off this restriction by setting { chromeWebSecurity: false } in \`cypress.json\`.
When this \`load\` event occurs, Cypress will continue running commands.
https://on.cypress.io/cross-origin-violation
https://on.cypress.io/origin
[stack trace lines]
3) web security
fails when using a javascript redirect to another origin:
CypressError: Cypress detected a cross origin error happened on page load:
CypressError: Timed out after waiting \`5000ms\` for your remote page to load on origin(s):
> [Cross origin error message]
- \`http://localhost:4466\`
Before the page load, you were bound to the origin policy:
A cross-origin request for \`https://www.foo.com:44665/cross_origin\` was detected.
> http://localhost:4466
A command that triggers cross-origin navigation must be immediately followed by a \`cy.origin()\` command:
A cross origin error happens when your application navigates to a new URL which does not match the origin policy above.
\`cy.origin('https://foo.com:44665', () => {\`
\` <commands targeting https://www.foo.com:44665 go here>\`
\`})\`
A new URL does not match the origin policy if the 'protocol', 'port' (if specified), and/or 'host' (unless of the same superdomain) are different.
If the cross-origin request was an intermediary state, you can try increasing the \`pageLoadTimeout\` value in \`cypress.json\` to wait longer.
Cypress does not allow you to navigate to a different origin URL within a single test.
Browsers will not fire the \`load\` event until all stylesheets and scripts are done downloading.
You may need to restructure some of your test code to avoid this problem.
When this \`load\` event occurs, Cypress will continue running commands.
Alternatively you can also disable Chrome Web Security in Chromium-based browsers which will turn off this restriction by setting { chromeWebSecurity: false } in \`cypress.json\`.
https://on.cypress.io/cross-origin-violation
https://on.cypress.io/origin
[stack trace lines]
4) web security
Expand All @@ -107,8 +109,8 @@ https://on.cypress.io/cross-origin-violation
(Results)
┌────────────────────────────────────────────────────────────────────────────────────────────────┐
│ Tests: 4
│ Passing: 0
│ Tests: 5
│ Passing: 1
│ Failing: 4 │
│ Pending: 0 │
│ Skipped: 0 │
Expand Down Expand Up @@ -144,9 +146,9 @@ https://on.cypress.io/cross-origin-violation
Spec Tests Passing Failing Pending Skipped
┌────────────────────────────────────────────────────────────────────────────────────────────────┐
│ ✖ web_security_spec.js XX:XX 4 - 4 - - │
│ ✖ web_security_spec.js XX:XX 5 1 4 - - │
└────────────────────────────────────────────────────────────────────────────────────────────────┘
✖ 1 of 1 failed (100%) XX:XX 4 - 4 - -
✖ 1 of 1 failed (100%) XX:XX 5 1 4 - -
`
Expand All @@ -158,10 +160,11 @@ exports['e2e web security / when disabled / passes'] = `
(Run Starting)
┌────────────────────────────────────────────────────────────────────────────────────────────────┐
│ Cypress: 1.2.3 │
│ Browser: FooBrowser 88 │
│ Specs: 1 found (web_security_spec.js) │
│ Searched: cypress/integration/web_security_spec.js │
│ Cypress: 1.2.3 │
│ Browser: FooBrowser 88 │
│ Specs: 1 found (web_security_spec.js) │
│ Searched: cypress/integration/web_security_spec.js │
│ Experiments: experimentalSessionAndOrigin=true │
└────────────────────────────────────────────────────────────────────────────────────────────────┘
Expand All @@ -175,16 +178,17 @@ exports['e2e web security / when disabled / passes'] = `
✓ fails when submitted a form and being redirected to another origin
✓ fails when using a javascript redirect to another origin
✓ fails when doing a CORS request cross-origin
✓ finds the correct spec bridge even if a previous spec bridge host is a subset of the current host
4 passing
5 passing
(Results)
┌────────────────────────────────────────────────────────────────────────────────────────────────┐
│ Tests: 4
│ Passing: 4
│ Tests: 5
│ Passing: 5
│ Failing: 0 │
│ Pending: 0 │
│ Skipped: 0 │
Expand All @@ -208,9 +212,9 @@ exports['e2e web security / when disabled / passes'] = `
Spec Tests Passing Failing Pending Skipped
┌────────────────────────────────────────────────────────────────────────────────────────────────┐
│ ✔ web_security_spec.js XX:XX 4 4 - - - │
│ ✔ web_security_spec.js XX:XX 5 5 - - - │
└────────────────────────────────────────────────────────────────────────────────────────────────┘
✔ All specs passed! XX:XX 4 4 - - -
✔ All specs passed! XX:XX 5 5 - - -
`
Expand Down
9 changes: 9 additions & 0 deletions system-tests/projects/e2e/cypress/integration/web_security_spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,4 +24,13 @@ describe('web security', function () {
cy.visit('http://localhost:4466/cors')
.contains('success!', { timeout: 500 })
})

it('finds the correct spec bridge even if a previous spec bridge host is a subset of the current host', () => {
// Establish a spec bridge with a 'bar.com' host prior to loading 'foobar.com'
cy.origin('http://www.bar.com:4466', () => undefined)

cy.origin('http://www.app.foobar.com:4466', () => {
cy.visit('/link')
})
})
})
7 changes: 7 additions & 0 deletions system-tests/test/web_security_spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,13 +63,19 @@ describe('e2e web security', () => {
settings: {
hosts: {
'*.foo.com': '127.0.0.1',
'*.bar.com': '127.0.0.1',
'*.foobar.com': '127.0.0.1',
},
},
})

context('when enabled', () => {
systemTests.it('fails', {
spec: 'web_security_spec.js',
config: {
experimentalSessionAndOrigin: true,
pageLoadTimeout: 5000,
},
snapshot: true,
expectedExitCode: 4,
})
Expand All @@ -80,6 +86,7 @@ describe('e2e web security', () => {
spec: 'web_security_spec.js',
config: {
chromeWebSecurity: false,
experimentalSessionAndOrigin: true,
},
snapshot: true,
browser: ['chrome', 'electron'],
Expand Down

0 comments on commit 653988b

Please sign in to comment.