Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Warning for 'integrity' attribute, unknown error while trying to verify integrity with `experimentalSourceRewriting` on

See original GitHub issue

Test code to reproduce the issue

it('fails to pass SRI', function () {
  cy.visit('https://mail.protonmail.com/login')
})

Current behavior:

When running Cypress against the site, resources on the page are immediately blocked due to invalid hashes and Cypress crashing.

Console error:

Screenshot 2020-05-21 at 16 38 21

Versions:

Cypress 4.6.0 Chrome 81.0.4044.138 macOS Catalina 10.15.13

cypress-crash-log.txt

Issue Analytics

  • State:open
  • Created 3 years ago
  • Reactions:1
  • Comments:5 (4 by maintainers)

github_iconTop GitHub Comments

2reactions
jennifer-shehanecommented, May 22, 2020

Thanks for opening an issue and providing a reproducible example!

I can recreate the issue and verify that passing experimentalSourceRewriting to true does not resolve the original integrity issue from #2393.

it('fails to pass SRI', () => {
  cy.visit('https://mail.protonmail.com/login')
})

4.6.0 with experimentalSourceRewriting: false

Failed to find a valid digest in the ‘integrity’ attribute for resource ‘https://mail.protonmail.com/9.4a8bc1d8ab.chunk.js’ with computed SHA-256 integrity ‘duD4TSuSwqCtKe2Nmu/LdEGYR/fxs4A55+Rhjl6AUjw=’. The resource has been blocked.

Script tags

<script 
  type=text/javascript 
  src=vendors~index.43850aa473.chunk.js 
  defer=defer 
  integrity=sha384-6lkdxYt9QNm3HPmqy8GQe+yRXaYuQNcRL6vBXH+luSCFNfRMgl42/nZtikZpSp6Z 
  crossorigin=anonymous></script>
<script 
  type=text/javascript 
  src=index.36da68f082.js 
  defer=defer 
  integrity=sha384-gBxPomvRfn4tUtCdIyP34p4Uc7wr4Q8oee+G4k2fKXw3fCOH7X1cTBrD4iNnNtoa 
  crossorigin=anonymous></script>
Screen Shot 2020-05-22 at 1 01 50 PM

4.6.0 with experimentalSourceRewriting: true

Failed to find a valid digest in the ‘integrity’ attribute for resource ‘https://mail.protonmail.com/openpgp.worker.min.5640aaebbced65f397acfa772ec10501a3dfbec5.js’ with computed SHA-256 integrity ‘K45XrRvdkoerxKLkoocmu2/I1JSeE3DfqdWpYs5z9mg=’. The resource has been blocked. Unknown error occurred while trying to verify integrity.

Script tags

The SHA’s are actually the same in the stripped version as the non-stripped.

<script 
  type="text/javascript" 
  src="vendors~index.43850aa473.chunk.js" 
  defer="defer" 
  cypress:stripped-integrity="sha384-6lkdxYt9QNm3HPmqy8GQe+yRXaYuQNcRL6vBXH+luSCFNfRMgl42/nZtikZpSp6Z" 
  crossorigin="anonymous"></script>
<script 
  type="text/javascript" 
  src="index.36da68f082.js" 
  defer="defer" 
  cypress:stripped-integrity="sha384-gBxPomvRfn4tUtCdIyP34p4Uc7wr4Q8oee+G4k2fKXw3fCOH7X1cTBrD4iNnNtoa" 
  crossorigin="anonymous"></script>
Screen Shot 2020-05-22 at 1 03 15 PM
0reactions
flotwigcommented, May 28, 2020

I suppose we could attempt to rewrite all calls to window.fetch and fetch so that the integrity property is ignored (with experimentalSourceRewriting: true). Outside of that, I don’t see a solution.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Blazor WebAssembly Application fails to load due to integrity ...
Unknown error occurred while trying to verify integrity. Failed to load resource: the server responded with a status of 403 (forbidden); Failed ...
Read more >
Unknown error occurred while trying to verify Failed to find a ...
Unknown error occurred while trying to verify Failed to find a valid digest in the 'integrity' attribute for resource wth computed SHA-256 integrity....
Read more >
Changelog - Cypress Documentation
Configuring a custom browser no longer logs a warning when trying to use that ... This fixes spawn UNKNOWN errors when launching Cypress...
Read more >
i have faced an error on blazor webassembly when i refresh ...
Failed to find a valid digest in the 'integrity' attribute for resource ... login:1 Unknown error occurred while trying to verify integrity.
Read more >
cli/types/cypress.d.ts - Fossies
1484 * Invoking by a property path will always result in any. ... NOTE: Setting this flag to true removes Subresource Integrity (SRI)....
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Error: could not find CRI target (Cypress 4.6.0)

Next page

tsc type definition conflicts, duplicate identifiers in @types/mocha chai etc