Open scottohara opened 4 years ago
Suspecting it may be something to do with the /#!/
in the path, also tried different combinations of:
// cypress.json - "baseUrl": "http://localhost:5000"
cy.visit("/#!/accounts");
// cypress.json - "baseUrl": "http://localhost:5000/#!"
cy.visit("/accounts");
// cypress.json - "baseUrl": "http://localhost:5000/#!/"
cy.visit("accounts");
Same result each time.
On further inspection (after having removed & re-added chromeWebSecurity: false
numerous times) is that setting this option controls the --disable-web-security
command-line argument when launching Chrome:
In turn, this command-line argument controls numerous things in Chrom(e|ium), including CORS.
Another error we have seen is cannot set property name of which has only a getter, which is resolved by disabling web security.
As described in the Cypress docs, same-origin policy can cause issues with cross-origin iframes etc.
However we don't use cross-origin iframes, navigate to other domains or perform any JS redirects. We're an SPA with client-side routing, and the URL never changes.
So it is unclear why we still need to set
chromeWebSecurity: false
in ourcypress.json
config?Without this setting, when calling
cy.visit("/#!/some/route");
(which should not change the origin or do anything with iframes), we get the following error:Would like to understand why Cypress thinks this is a cross-origin frame.