[Feature] Trace viewer: allow fetching traces from origins that require credentials #28501
Labels
Comments
pmattj
changed the title
pmattj
added a commit
to pmattj/playwright
that referenced
this issue
Dec 5, 2023
…traces cross-origin Add the "'credentials': include" option on the trace fetch so the browser can include cookies when fetching from a different origin, assuming the origin returns the correct Access-Control-Allow-Origin and Access-Control-Allow-Credentials headers. Fixes microsoft#28501
|
Reopening since the fix was reverted in #29024. |
|
Note: For the next time we implement it, we should add a URL parameter like |
Why was this issue closed?Thank you for your involvement. This issue was closed due to limited engagement (upvotes/activity), lack of recent activity, and insufficient actionability. To maintain a manageable database, we prioritize issues based on these factors. If you disagree with this closure, please open a new issue and reference this one. More support or clarity on its necessity may prompt a review. Your understanding and cooperation are appreciated. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
My team is working to allow our developers to load traces directly in the online trace viewer. Our ideal scenario is that a developer could open a test result document and jump directly to the trace in the viewer with a simple click of a link.
Our CI infrastructure uploads traces to a location protected by credentials — to fetch a trace, the request needs to contain valid authentication cookies. These cookies are sent if we open the trace URL in the browser directly, but we've found that the online trace viewer does the trace fetch without cookies, even though the origin sends
Access-Control-Allow-Credentials: true.[1]We suspected this could be due to the trace viewer not applying the
credentialsoption on the fetch request. We tested this theory by deploying the trace viewer locally and adding acredentials: 'include'option on this line, and this allowed our local trace viewer to load the trace.Our request is for this option to be added upstream. This would allow us to use the Playwright-hosted trace viewer rather than hosting it ourselves, and I suspect it would unblock other customers whose traces are credential-protected (assuming their origins also send the proper
Access-Control-Allow-OriginandAccess-Control-Allow-Credentialsheaders).[1] https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
The text was updated successfully, but these errors were encountered: