fix issues with web security spec having a false negative

cypress-io · Mar 2, 2022 · dbb6c1b · dbb6c1b
1 parent 8fb1a96
commit dbb6c1b
Show file tree

Hide file tree

Showing 2 changed files with 66 additions and 130 deletions.
diff --git a/system-tests/__snapshots__/web_security_spec.js b/system-tests/__snapshots__/web_security_spec.js
@@ -1,3 +1,67 @@
+exports['e2e web security / when disabled / passes'] = `
+
+====================================================================================================
+
+ (Run Starting)
+
+ ┌────────────────────────────────────────────────────────────────────────────────────────────────┐
+ │ Cypress: 1.2.3 │
+ │ Browser: FooBrowser 88 │
+ │ Specs: 1 found (web_security_spec.js) │
+ │ Searched: cypress/integration/web_security_spec.js │
+ └────────────────────────────────────────────────────────────────────────────────────────────────┘
+
+
+────────────────────────────────────────────────────────────────────────────────────────────────────
+ 
+ Running: web_security_spec.js (1 of 1)
+
+
+ web security
+ ✓ fails when clicking <a> to another origin
+ ✓ fails when submitted a form and being redirected to another origin
+ ✓ fails when using a javascript redirect to another origin
+ ✓ fails when doing a CORS request cross-origin
+
+
+ 4 passing
+
+
+ (Results)
+
+ ┌────────────────────────────────────────────────────────────────────────────────────────────────┐
+ │ Tests: 4 │
+ │ Passing: 4 │
+ │ Failing: 0 │
+ │ Pending: 0 │
+ │ Skipped: 0 │
+ │ Screenshots: 0 │
+ │ Video: true │
+ │ Duration: X seconds │
+ │ Spec Ran: web_security_spec.js │
+ └────────────────────────────────────────────────────────────────────────────────────────────────┘
+
+
+ (Video)
+
+ - Started processing: Compressing to 32 CRF 
+ - Finished processing: /XXX/XXX/XXX/cypress/videos/web_security_spec.js.mp4 (X second)
+
+
+====================================================================================================
+
+ (Run Finished)
+
+
+ Spec Tests Passing Failing Pending Skipped 
+ ┌────────────────────────────────────────────────────────────────────────────────────────────────┐
+ │ ✔ web_security_spec.js XX:XX 4 4 - - - │
+ └────────────────────────────────────────────────────────────────────────────────────────────────┘
+ ✔ All specs passed! XX:XX 4 4 - - - 
+
+
+`
+
 exports['e2e web security / when enabled / fails'] = `
 
 ====================================================================================================
@@ -150,132 +214,3 @@ https://on.cypress.io/cross-origin-violation
 
 
 `
-
-exports['e2e web security / when disabled / passes'] = `
-
-====================================================================================================
-
- (Run Starting)
-
- ┌────────────────────────────────────────────────────────────────────────────────────────────────┐
- │ Cypress: 1.2.3 │
- │ Browser: FooBrowser 88 │
- │ Specs: 1 found (web_security_spec.js) │
- │ Searched: cypress/integration/web_security_spec.js │
- └────────────────────────────────────────────────────────────────────────────────────────────────┘
-
-
-────────────────────────────────────────────────────────────────────────────────────────────────────
- 
- Running: web_security_spec.js (1 of 1)
-
-
- web security
- ✓ fails when clicking <a> to another origin
- ✓ fails when submitted a form and being redirected to another origin
- ✓ fails when using a javascript redirect to another origin
- ✓ fails when doing a CORS request cross-origin
-
-
- 4 passing
-
-
- (Results)
-
- ┌────────────────────────────────────────────────────────────────────────────────────────────────┐
- │ Tests: 4 │
- │ Passing: 4 │
- │ Failing: 0 │
- │ Pending: 0 │
- │ Skipped: 0 │
- │ Screenshots: 0 │
- │ Video: true │
- │ Duration: X seconds │
- │ Spec Ran: web_security_spec.js │
- └────────────────────────────────────────────────────────────────────────────────────────────────┘
-
-
- (Video)
-
- - Started processing: Compressing to 32 CRF 
- - Finished processing: /XXX/XXX/XXX/cypress/videos/web_security_spec.js.mp4 (X second)
-
-
-====================================================================================================
-
- (Run Finished)
-
-
- Spec Tests Passing Failing Pending Skipped 
- ┌────────────────────────────────────────────────────────────────────────────────────────────────┐
- │ ✔ web_security_spec.js XX:XX 4 4 - - - │
- └────────────────────────────────────────────────────────────────────────────────────────────────┘
- ✔ All specs passed! XX:XX 4 4 - - - 
-
-
-`
-
-exports['e2e web security / firefox / displays warning when firefox and chromeWebSecurity:false'] = `
-
-====================================================================================================
-
- (Run Starting)
-
- ┌────────────────────────────────────────────────────────────────────────────────────────────────┐
- │ Cypress: 1.2.3 │
- │ Browser: FooBrowser 88 │
- │ Specs: 1 found (simple_passing_spec.js) │
- │ Searched: cypress/integration/simple_passing_spec.js │
- └────────────────────────────────────────────────────────────────────────────────────────────────┘
-
-
-────────────────────────────────────────────────────────────────────────────────────────────────────
- 
- Running: simple_passing_spec.js (1 of 1)
-
-Your project has set the configuration option: chromeWebSecurity to false
-
-This option will not have an effect in Firefox. Tests that rely on web security being disabled will not run as expected.
-
-
- simple passing spec
- ✓ passes
-
-
- 1 passing
-
-
- (Results)
-
- ┌────────────────────────────────────────────────────────────────────────────────────────────────┐
- │ Tests: 1 │
- │ Passing: 1 │
- │ Failing: 0 │
- │ Pending: 0 │
- │ Skipped: 0 │
- │ Screenshots: 0 │
- │ Video: true │
- │ Duration: X seconds │
- │ Spec Ran: simple_passing_spec.js │
- └────────────────────────────────────────────────────────────────────────────────────────────────┘
-
-
- (Video)
-
- - Started processing: Compressing to 32 CRF 
- - Finished processing: /XXX/XXX/XXX/cypress/videos/simple_passing_spec.js.mp4 (X second)
-
-
-====================================================================================================
-
- (Run Finished)
-
-
- Spec Tests Passing Failing Pending Skipped 
- ┌────────────────────────────────────────────────────────────────────────────────────────────────┐
- │ ✔ simple_passing_spec.js XX:XX 1 1 - - - │
- └────────────────────────────────────────────────────────────────────────────────────────────────┘
- ✔ All specs passed! XX:XX 1 1 - - - 
-
-
-`
diff --git a/system-tests/test/web_security_spec.js b/system-tests/test/web_security_spec.js
@@ -40,7 +40,7 @@ const onServer = function (app) {
 
  app.get('/cors', (req, res) => {
  res.send(`<script>
- fetch('https://127.0.0.2:44665/cross_origin')
+ fetch('https://www.foo.com:44665/cross_origin')
  .then((res) => res.text())
  .then(text => {
  if (text.includes('cross origin')) document.write('success!')
@@ -83,6 +83,7 @@ describe('e2e web security', () => {
  },
  snapshot: true,
  browser: ['chrome', 'electron'],
+ expectedExitCode: 0,
  })
  })