Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Can't access cookie on localhost inside app #2103

Closed
green-arrow opened this issue Feb 6, 2018 · 7 comments
Closed

Can't access cookie on localhost inside app #2103

green-arrow opened this issue Feb 6, 2018 · 7 comments
Assignees
Labels
STATE: Auto-locked An issue has been automatically locked by the Lock bot. SYSTEM: hammerhead

Comments

@green-arrow
Copy link

Are you requesting a feature or reporting a bug?

Bug

What is the current behavior?

Calling document.cookie returns an empty string within the application being tested.

What is the expected behavior?

Calling document.cookie returns all cookies on localhost.

How would you reproduce the current behavior (if this is a bug)?

Our situation is a little unique in that we have our login page on a separate subdomain from the app we're testing. Upon logging in, the API returns an XSRF-TOKEN cookie set to the root domain (for this case, localhost). The application then reads document.cookie to inject the token into future request headers.

Sample response header:

Set-Cookie:XSRF-TOKEN=<some token>; Domain=localhost; Path=/

This works fine in our deployed environment, where we have www.ourapp.com and my.ourapp.com domains, and the cookie specifies .ourapp.com as the domain for the XSRF-TOKEN cookie. This only occurs on localhost. The two application run on separate ports on localhost, one on port 8080 and one on 3000.

Specify your

  • operating system: macOS Sierra
  • testcafe version: 0.18.6
  • node.js version: 8.9.4

Please let me know if you need any additional details. As a temporary measure we are disabling CSRF protection locally, but this is not a long term solution for us unfortunately.

Thanks!

@miherlosev
Copy link
Collaborator

Hi @green-arrow
Please, describe in more detail how you do this:

Calling document.cookie returns an empty string within the application being tested.

Did you write a ClientFunction that returns document.cookie? Or you just call document.cookie in DevTools Console?

@green-arrow
Copy link
Author

@miherlosev - The document.cookie call is within the actual application being tested. The app gets the XSRF-TOKEN cookie to set it as a header on other calls to our API when creating / modifying resources.

@miherlosev miherlosev self-assigned this Feb 8, 2018
@Farfurix Farfurix self-assigned this Feb 8, 2018
@miherlosev
Copy link
Collaborator

Ok, I understand you. We need additional time to reproduce the problem.
When it is done, I'll notify you about the result.

@green-arrow
Copy link
Author

Thanks for looking into this!

@miherlosev
Copy link
Collaborator

We found the problem looks like the one described above.
See the separate issue in our proxy repository - DevExpress/testcafe-hammerhead#1491

@green-arrow
Copy link
Author

Thanks for the investigation! I’ll close this issue since it’s tracked in the other repo.

@lock
Copy link

lock bot commented Mar 28, 2019

This thread has been automatically locked since it is closed and there has not been any recent activity. Please open a new issue for related bugs or feature requests. We recommend you ask TestCafe API, usage and configuration inquiries on StackOverflow.

@lock lock bot added the STATE: Auto-locked An issue has been automatically locked by the Lock bot. label Mar 28, 2019
@lock lock bot locked as resolved and limited conversation to collaborators Mar 28, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
STATE: Auto-locked An issue has been automatically locked by the Lock bot. SYSTEM: hammerhead
Projects
None yet
Development

No branches or pull requests

3 participants