Current behavior:
I have a site running on https, its server serving resources with the Feature Policy header document-domain directive set to none
Feature Policy: document-domain 'none'
As expected, not setting
"chromeWebSecurity": false
in cypress.json will result in Cypress failing to even reaching the site
If I set chromeWebSecurity to true, Cypress will be able to reach and perform actions on the site (in this case, logging in), but
- In the console I can still see an error being thrown about
document.domain being disabled by the Feature Policy
- no XHR requests are being logged on the test runner
- most importantly, no XHR requests get intercepted by
cy.route(), meaning that it's impossible to wait for them, or inspect their response, or mock their response
If I get rid of the document-domain directive, then the error is gone and the XHR requests are getting logged and intercepted as expected
Desired behavior:
The desired behaviour would be that setting
"chromeWebSecurity": false
would bypass the document-domain: none directive
Versions
cypress: 4.0.2
OS: macOS Catalina 10.15.3
browser: Chrome 80
Current behavior:
I have a site running on https, its server serving resources with the
Feature Policyheaderdocument-domaindirective set tononeAs expected, not setting
in cypress.json will result in Cypress failing to even reaching the site
If I set
chromeWebSecuritytotrue, Cypress will be able to reach and perform actions on the site (in this case, logging in), butdocument.domainbeing disabled by theFeature Policycy.route(), meaning that it's impossible to wait for them, or inspect their response, or mock their responseIf I get rid of the
document-domaindirective, then the error is gone and the XHR requests are getting logged and intercepted as expectedDesired behavior:
The desired behaviour would be that setting
would bypass the
document-domain: nonedirectiveVersions
cypress: 4.0.2
OS: macOS Catalina 10.15.3
browser: Chrome 80