question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Cypress incorrectly validates domain of cookies in 3.5.0

See original GitHub issue

Current behavior:

Cookies are failing to set for subdomains during cy.request. E.g. we call /auth of auth.test.server and it returns token cookie with .test.server. In this case cookie is not set.

Desired behavior:

Cookie is set in above example.

Steps to reproduce: (app code and test code)

Look at packages/server/lib/request.coffee#setCookiesOnBrowser:

return if not tough.domainMatch(cookie.domain, parsedUrl.hostname)

And at tough-cookie documentation:

domainMatch(str,domStr[,canonicalize=true])
Answers "does this real domain match the domain in a cookie?". The str is the "current" domain-name and the domStr is the "cookie" domain-name. Matches according to RFC6265 Section 5.1.3, but it helps to think of it as a "suffix match".

So it should be:

return if not tough.domainMatch(parsedUrl.hostname, cookie.domain)

Versions

>=3.5.0

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Comments:8 (1 by maintainers)

github_iconTop GitHub Comments

2reactions
tozescommented, Nov 27, 2019

+1, as discussed here, we have exactly the same issue which is stopping us for upgrading from 3.4.1

Read more comments on GitHub >

github_iconTop Results From Across the Web

Incorrect domain when setting cookie · Issue #9158 - GitHub
When setting a cookie with cy.setCookie("foo", "bar") , domain is not set according to doc: Given the current URL is https://another ...
Read more >
Changelog - Cypress Documentation
The Cookie commands now uses the hostname as the domain by default instead of the superdomain . This change aligns Cypress' cookie rules...
Read more >
Cypress + 2 Super Domains + AntiforgeryToken = Cypress ...
The product uses an SSO-based login page with a different super domain from the product. This creates a problem with cookies. Indeed, access...
Read more >
sVL - River Thames Conditions - Environment Agency - GOV.UK
Niche como podre disimular cardona, Sabaton urising, St stephen wiki grateful dead, Why astral projection is good, Share problem windows xp, Overjanje, ...
Read more >
Third-Party Software Acknowledgments - TechDocs
@testing-library/cypress 7.0.1. @testing-library/user-event 12.1.6 ... blackbox-vision/ra-language-spanish 3.5.0 ... validate-commit-msg 2.11.2.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found