search

cypress-io / cypress

Fast, easy and reliable testing for anything that runs in a browser.
https://cypress.io
MIT License
46.97k stars 3.18k forks source link

Explore X-Cypress-Is-AUT-Frame over __cypress.initial cookie #24446

Open AtofStryker opened 1 year ago

AtofStryker commented 1 year ago

What would you like?

Explore leveraging X-Cypress-Is-AUT-Frame over __cypress.initial cookie when injecting into the AUT.

Why is this needed?

Using __cypress.initial when determining injection has been a bit buggy when injecting into datatypes that are not html like. We can likely reduce this and make this more deterministic with checking the X-Cypress-Is-AUT-Frame header so we know we are only injecting into the AUT, and not necessarily the first request that has the initial cookie set.

In some cases, it is difficult to determine whether or not to inject into the AUT based solely on mimetype. Like using a combination of X-Cypress-Is-AUT-Frame and mimetype headers gives us a more accurate point of injection moving forward.

Other

No response

AtofStryker commented 1 year ago

Related to #24395

AtofStryker commented 1 year ago

Related to #2599

AtofStryker commented 1 year ago

Spike branch is spike/cy_initial and CI. Looks like we can leverage isAUTFrame in Cypress 12 and likely should be able to get rid of the initial cypress cookie. Some of the injection rules need to be tweaked in the branch, especially partial as e2e same origin iframes need partial injection. Fixing these systems tests and updating the unit/integration tests should render this working

AtofStryker commented 1 year ago

@mjhenkes I don't think we can add this to the initial 12.0.0 scope with the fear we might break injection with already a large list of changes, but this shouldn't be a breaking change but might cause side effects. Maybe a minor release in 12 along the way?