chore: ensure same origin match to apply cookies [run ci]

cypress-io · Nov 26, 2024 · 6646d61 · 6646d61 · cypress-bot · Nov 26, 2024
1 parent 12df40e
commit 6646d61
Show file tree

Hide file tree

Showing 5 changed files with 16 additions and 15 deletions.
diff --git a/.circleci/workflows.yml b/.circleci/workflows.yml
@@ -32,6 +32,7 @@ mainBuildFilters: &mainBuildFilters
         - 'update-v8-snapshot-cache-on-develop'
         - 'chore/update_reporter_mobx'
         - 'publish-binary'
+        - 'same-origin-match-for-cookie-jar'
 
 # usually we don't build Mac app - it takes a long time
 # but sometimes we want to really confirm we are doing the right thing
@@ -42,7 +43,7 @@ macWorkflowFilters: &darwin-workflow-filters
     - equal: [ develop, << pipeline.git.branch >> ]
     # use the following branch as well to ensure that v8 snapshot cache updates are fully tested
     - equal: [ 'update-v8-snapshot-cache-on-develop', << pipeline.git.branch >> ]
-    - equal: [ 'chore/update_reporter_mobx', << pipeline.git.branch >> ]
+    - equal: [ 'same-origin-match-for-cookie-jar', << pipeline.git.branch >> ]
     - matches:
         pattern: /^release\/\d+\.\d+\.\d+$/
         value: << pipeline.git.branch >>
@@ -53,7 +54,7 @@ linuxArm64WorkflowFilters: &linux-arm64-workflow-filters
     - equal: [ develop, << pipeline.git.branch >> ]
     # use the following branch as well to ensure that v8 snapshot cache updates are fully tested
     - equal: [ 'update-v8-snapshot-cache-on-develop', << pipeline.git.branch >> ]
-    - equal: [ 'chore/update_reporter_mobx', << pipeline.git.branch >> ]
+    - equal: [ 'same-origin-match-for-cookie-jar', << pipeline.git.branch >> ]
     - matches:
         pattern: /^release\/\d+\.\d+\.\d+$/
         value: << pipeline.git.branch >>
@@ -76,7 +77,7 @@ windowsWorkflowFilters: &windows-workflow-filters
     - equal: [ develop, << pipeline.git.branch >> ]
     # use the following branch as well to ensure that v8 snapshot cache updates are fully tested
     - equal: [ 'update-v8-snapshot-cache-on-develop', << pipeline.git.branch >> ]
-    - equal: [ 'chore/update_reporter_mobx', << pipeline.git.branch >> ]
+    - equal: [ 'same-origin-match-for-cookie-jar', << pipeline.git.branch >> ]
     - matches:
         pattern: /^release\/\d+\.\d+\.\d+$/
         value: << pipeline.git.branch >>
@@ -152,7 +153,7 @@ commands:
           name: Set environment variable to determine whether or not to persist artifacts
           command: |
             echo "Setting SHOULD_PERSIST_ARTIFACTS variable"
-            echo 'if ! [[ "$CIRCLE_BRANCH" != "develop" && "$CIRCLE_BRANCH" != "release/"* && "$CIRCLE_BRANCH" != "chore/update_reporter_mobx" ]]; then
+            echo 'if ! [[ "$CIRCLE_BRANCH" != "develop" && "$CIRCLE_BRANCH" != "release/"* && "$CIRCLE_BRANCH" != "chore/fix_kitchensink_against_staging_job" && "$CIRCLE_BRANCH" != "same-origin-match-for-cookie-jar" ]]; then
                 export SHOULD_PERSIST_ARTIFACTS=true
             fi' >> "$BASH_ENV"
   # You must run `setup_should_persist_artifacts` command and be using bash before running this command

diff --git a/packages/proxy/lib/http/response-middleware.ts b/packages/proxy/lib/http/response-middleware.ts
@@ -831,7 +831,7 @@ const MaybeInjectHtml: ResponseMiddleware = function () {
       wantsSecurityRemoved: this.res.wantsSecurityRemoved,
       isNotJavascript: !resContentTypeIsJavaScript(this.incomingRes),
       useAstSourceRewriting: this.config.experimentalSourceRewriting,
-      modifyObstructiveThirdPartyCode: this.config.experimentalModifyObstructiveThirdPartyCode && !this.remoteStates.isPrimarySuperDomainOrigin(this.req.proxiedUrl),
+      modifyObstructiveThirdPartyCode: this.config.experimentalModifyObstructiveThirdPartyCode && !this.remoteStates.isPrimaryOrigin(this.req.proxiedUrl),
       shouldInjectDocumentDomain: cors.shouldInjectDocumentDomain(this.req.proxiedUrl, {
         skipDomainInjectionForDomains: this.config.experimentalSkipDomainInjection,
       }),
@@ -880,7 +880,7 @@ const MaybeRemoveSecurity: ResponseMiddleware = function () {
   this.incomingResStream = this.incomingResStream.pipe(rewriter.security({
     isNotJavascript: !resContentTypeIsJavaScript(this.incomingRes),
     useAstSourceRewriting: this.config.experimentalSourceRewriting,
-    modifyObstructiveThirdPartyCode: this.config.experimentalModifyObstructiveThirdPartyCode && !this.remoteStates.isPrimarySuperDomainOrigin(this.req.proxiedUrl),
+    modifyObstructiveThirdPartyCode: this.config.experimentalModifyObstructiveThirdPartyCode && !this.remoteStates.isPrimaryOrigin(this.req.proxiedUrl),
     modifyObstructiveCode: this.config.modifyObstructiveCode,
     url: this.req.proxiedUrl,
     deferSourceMapRewrite: this.deferSourceMapRewrite,

diff --git a/packages/proxy/lib/http/util/top-simulation.ts b/packages/proxy/lib/http/util/top-simulation.ts
@@ -10,5 +10,5 @@ export const doesTopNeedToBeSimulated = <T>(ctx: HttpMiddlewareThis<T>): boolean
 
   // only simulate top if the AUT is NOT the primary super domain origin, meaning that we should treat the AUT as top
   // or the request is the AUT frame, which is common for redirects and navigations.
-  return !ctx.remoteStates.isPrimarySuperDomainOrigin(currentAUTUrl) || ctx.req.isAUTFrame
+  return !ctx.remoteStates.isPrimaryOrigin(currentAUTUrl) || ctx.req.isAUTFrame
 }
diff --git a/packages/server/lib/remote_states.ts b/packages/server/lib/remote_states.ts
@@ -53,7 +53,7 @@ export class RemoteStates {
   }
 
   get (url: string) {
-    const state = this.remoteStates.get(cors.getSuperDomainOrigin(url))
+    const state = this.remoteStates.get(cors.getOrigin(url))
 
     debug('getting remote state: %o for: %s', state, url)
 
@@ -74,8 +74,8 @@ export class RemoteStates {
     return state
   }
 
-  isPrimarySuperDomainOrigin (url: string): boolean {
-    return this.primaryOriginKey === cors.getSuperDomainOrigin(url)
+  isPrimaryOrigin (url: string): boolean {
+    return this.primaryOriginKey === cors.getOrigin(url)
   }
 
   reset () {
@@ -92,7 +92,7 @@ export class RemoteStates {
     return this.get(this.currentOriginKey) as Cypress.RemoteState
   }
 
-  set (urlOrState: string | Cypress.RemoteState, options: { auth?: {} } = {}, isPrimarySuperDomainOrigin: boolean = true): Cypress.RemoteState {
+  set (urlOrState: string | Cypress.RemoteState, options: { auth?: {} } = {}, isPrimaryOrigin: boolean = true): Cypress.RemoteState {
     let state
 
     if (_.isString(urlOrState)) {
@@ -122,11 +122,11 @@ export class RemoteStates {
       state = urlOrState
     }
 
-    const remoteOrigin = cors.getSuperDomainOrigin(state.origin)
+    const remoteOrigin = cors.getOrigin(state.origin)
 
     this.currentOriginKey = remoteOrigin
 
-    if (isPrimarySuperDomainOrigin) {
+    if (isPrimaryOrigin) {
       // convert map to array
       const stateArray = Array.from(this.remoteStates.entries())
 

diff --git a/packages/server/lib/server-base.ts b/packages/server/lib/server-base.ts
@@ -760,7 +760,7 @@ export class ServerBase<TSocket extends SocketE2E | SocketCt> {
 
     let handlingLocalFile = false
     const previousRemoteState = this._remoteStates.current()
-    const previousRemoteStateIsPrimary = this._remoteStates.isPrimarySuperDomainOrigin(previousRemoteState.origin)
+    const previousRemoteStateIsPrimary = this._remoteStates.isPrimaryOrigin(previousRemoteState.origin)
     const primaryRemoteState = this._remoteStates.getPrimary()
 
     // nuke any hashes from our url since
@@ -932,7 +932,7 @@ export class ServerBase<TSocket extends SocketE2E | SocketCt> {
                   restorePreviousRemoteState(previousRemoteState, previousRemoteStateIsPrimary)
                 }
 
-                details.isPrimarySuperDomainOrigin = this._remoteStates.isPrimarySuperDomainOrigin(newUrl!)
+                details.isPrimaryOrigin = this._remoteStates.isPrimaryOrigin(newUrl!)
 
                 return resolve(details)
               })