cy.clearCookies should clear *ALL* cookies of all domains

After extensive R&D we’ve decided to deviate from the Webdriver spec and enhance clearing cookies to include all domains.

By default, Webdriver will only ever clear cookies based on the current domain context. So if you are visiting http://localhost and you issue HTTP requests to other domains (which set cookies) - those cookies will not be cleared.

We currently respect this spec, and our own cookie implementations also have this same restriction.

However, this is really just a limitation of Webdriver - and not necessarily something Cypress ever has to abide to. We’ve built Cypress with cross browser functionality in mind, and any time we deviate from the Webdriver spec, we are forced to ensure we can create compatibility across all other browsers.

Even though we don’t support cross browsers now, it’s a fundamental part of our strategy and we intend to support them down the road.

What is the proposed change?

• cy.clearCookies will clear all cookies on all domains, irrespective of the current browsing context
• Between tests Cypress automatically clears cookies as well, and it will also clear all cookies across all domains.

How will Cypress be able to consistently clear all cookies?

Cypress’s architecture is completely different than that of Webdriver, which puts us in a unique situation to do lots of low level network tricks to pull this off.

While this is subject to change, the way this can be done is by inspecting all of the network traffic that goes through the browser (and therefore Cypress, as we already do), and for all domains, we can manually keep track of all the domains with cookies having been set on them.

At the end of the test, or on a cy.clearCookies command, we can then issue multiple HTTP requests out of the browser (through the Cypress driver) to these various endpoints.

Instead of allowing those requests to pass onto the remote server, Cypress will trap the requests, and automatically respond to the requests by issuing a Set-Cookie header for each cookie that needs to be cleared by setting the Max-Age or Expires directive.

The browser will then run its natural course and clear all of the cookies. This will be a bit slower than programatic API’s, but will only have to be done when the browser does not expose any kind of automation API to achieve the same result programatically.

Related issues

• https://github.com/cypress-io/cypress/issues/391