From efc2d52db0bcf734d08c99eab80966d9a24daec8 Mon Sep 17 00:00:00 2001 From: Zach Bloomquist Date: Tue, 3 Dec 2019 10:27:09 -0500 Subject: [PATCH 1/5] use correct tough.match param order --- packages/server/lib/browsers/cdp_automation.ts | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/server/lib/browsers/cdp_automation.ts b/packages/server/lib/browsers/cdp_automation.ts index 6ab94f9a2ea5..1da4b28f44c6 100644 --- a/packages/server/lib/browsers/cdp_automation.ts +++ b/packages/server/lib/browsers/cdp_automation.ts @@ -20,16 +20,16 @@ interface CyCookie { type SendDebuggerCommand = (message: string, data?: any) => Bluebird -const cookieMatches = (cookie: CyCookie, data) => { - if (data.domain && !tough.domainMatch(cookie.domain, data.domain)) { +const cookieMatches = (cookie: CyCookie, filter) => { + if (filter.domain && !tough.domainMatch(filter.domain, cookie.domain)) { return false } - if (data.path && !tough.pathMatch(cookie.path, data.path)) { + if (filter.path && !tough.pathMatch(filter.path, cookie.path)) { return false } - if (data.name && data.name !== cookie.name) { + if (filter.name && filter.name !== cookie.name) { return false } From f040e6fe875507622ddbc26e1026bb3d1614c434 Mon Sep 17 00:00:00 2001 From: Zach Bloomquist Date: Tue, 3 Dec 2019 11:47:15 -0500 Subject: [PATCH 2/5] add chrome extension types --- packages/server/package.json | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/server/package.json b/packages/server/package.json index 73747d4acf37..26147743a476 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -143,6 +143,7 @@ "@cypress/json-schemas": "5.33.0", "@cypress/sinon-chai": "1.1.0", "@types/chai-as-promised": "7.1.2", + "@types/chrome": "0.0.91", "babel-plugin-add-module-exports": "1.0.2", "babelify": "10.0.0", "bin-up": "1.2.2", From 0a10723c58e13f5cfd079bdf16849a41d9e57485 Mon Sep 17 00:00:00 2001 From: Zach Bloomquist Date: Tue, 3 Dec 2019 11:59:50 -0500 Subject: [PATCH 3/5] fix CDP cookie matching algorithm --- .../server/lib/browsers/cdp_automation.ts | 19 +++++++++++-------- packages/server/tsconfig.json | 5 ++++- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/packages/server/lib/browsers/cdp_automation.ts b/packages/server/lib/browsers/cdp_automation.ts index 1da4b28f44c6..bae59cab467a 100644 --- a/packages/server/lib/browsers/cdp_automation.ts +++ b/packages/server/lib/browsers/cdp_automation.ts @@ -3,7 +3,6 @@ import Bluebird from 'bluebird' import cdp from 'devtools-protocol' import { cors } from '@packages/network' import debugModule from 'debug' -import tough from 'tough-cookie' const debugVerbose = debugModule('cypress-verbose:server:browsers:cdp_automation') @@ -18,14 +17,18 @@ interface CyCookie { httpOnly: boolean } +// Cypress uses the webextension-style filtering +// https://developer.chrome.com/extensions/cookies#method-getAll +type CyCookieFilter = chrome.cookies.GetAllDetails + type SendDebuggerCommand = (message: string, data?: any) => Bluebird -const cookieMatches = (cookie: CyCookie, filter) => { - if (filter.domain && !tough.domainMatch(filter.domain, cookie.domain)) { +const cookieMatches = (cookie: CyCookie, filter: CyCookieFilter) => { + if (filter.domain && (!cookie.domain || !cookie.domain.endsWith(filter.domain))) { return false } - if (filter.path && !tough.pathMatch(filter.path, cookie.path)) { + if (filter.path && filter.path !== cookie.path) { return false } @@ -86,7 +89,7 @@ export const CdpAutomation = (sendDebuggerCommandFn: SendDebuggerCommand) => { return cookie } - const getAllCookies = (filter) => { + const getAllCookies = (filter: CyCookieFilter) => { return sendDebuggerCommandFn('Network.getAllCookies') .then((result: cdp.Network.GetAllCookiesResponse) => { return normalizeGetCookies(result.cookies) @@ -100,7 +103,7 @@ export const CdpAutomation = (sendDebuggerCommandFn: SendDebuggerCommand) => { }) } - const getCookiesByUrl = (url) => { + const getCookiesByUrl = (url): Bluebird => { return sendDebuggerCommandFn('Network.getCookies', { urls: [url], }) @@ -109,8 +112,8 @@ export const CdpAutomation = (sendDebuggerCommandFn: SendDebuggerCommand) => { }) } - const getCookie = (data): Bluebird => { - return getAllCookies(data) + const getCookie = (filter: CyCookieFilter): Bluebird => { + return getAllCookies(filter) .then((cookies) => { return _.get(cookies, 0, null) }) diff --git a/packages/server/tsconfig.json b/packages/server/tsconfig.json index ffda540c3654..22ca75091ddd 100644 --- a/packages/server/tsconfig.json +++ b/packages/server/tsconfig.json @@ -6,5 +6,8 @@ ], "files": [ "./../ts/index.d.ts" - ] + ], + "compilerOptions": { + "types": ["mocha", "node", "chrome"] + } } From 9c457607bf5f0701ad9c5e305b270de18efadd6e Mon Sep 17 00:00:00 2001 From: Zach Bloomquist Date: Wed, 4 Dec 2019 17:41:39 -0500 Subject: [PATCH 4/5] improve domain suffix match --- packages/server/lib/browsers/cdp_automation.ts | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/packages/server/lib/browsers/cdp_automation.ts b/packages/server/lib/browsers/cdp_automation.ts index bae59cab467a..cda9c9165814 100644 --- a/packages/server/lib/browsers/cdp_automation.ts +++ b/packages/server/lib/browsers/cdp_automation.ts @@ -23,8 +23,15 @@ type CyCookieFilter = chrome.cookies.GetAllDetails type SendDebuggerCommand = (message: string, data?: any) => Bluebird -const cookieMatches = (cookie: CyCookie, filter: CyCookieFilter) => { - if (filter.domain && (!cookie.domain || !cookie.domain.endsWith(filter.domain))) { +export const _domainIsWithinSuperdomain = (domain: string, suffix: string) => { + const suffixParts = suffix.split('.').filter(_.identity) + const domainParts = domain.split('.').filter(_.identity) + + return _.isEqual(suffixParts, domainParts.slice(domainParts.length - suffixParts.length)) +} + +export const _cookieMatches = (cookie: CyCookie, filter: CyCookieFilter) => { + if (filter.domain && !(cookie.domain && _domainIsWithinSuperdomain(cookie.domain, filter.domain))) { return false } @@ -94,7 +101,7 @@ export const CdpAutomation = (sendDebuggerCommandFn: SendDebuggerCommand) => { .then((result: cdp.Network.GetAllCookiesResponse) => { return normalizeGetCookies(result.cookies) .filter((cookie: CyCookie) => { - const matches = cookieMatches(cookie, filter) + const matches = _cookieMatches(cookie, filter) debugVerbose('cookie matches filter? %o', { matches, cookie, filter }) From bf0f50a7e7507ec816f093267c49e92c2447bcb8 Mon Sep 17 00:00:00 2001 From: Zach Bloomquist Date: Wed, 4 Dec 2019 17:41:52 -0500 Subject: [PATCH 5/5] add tests for cookie matching utils --- .../unit/browsers/cdp_automation_spec.coffee | 58 ++++++++++++++++++- 1 file changed, 57 insertions(+), 1 deletion(-) diff --git a/packages/server/test/unit/browsers/cdp_automation_spec.coffee b/packages/server/test/unit/browsers/cdp_automation_spec.coffee index afd87a23520c..67d12428bc8f 100644 --- a/packages/server/test/unit/browsers/cdp_automation_spec.coffee +++ b/packages/server/test/unit/browsers/cdp_automation_spec.coffee @@ -1,7 +1,63 @@ require("../../spec_helper") -{ CdpAutomation } = require("#{root}../lib/browsers/cdp_automation") +{ + CdpAutomation, + _cookieMatches, + _domainIsWithinSuperdomain +} = require("#{root}../lib/browsers/cdp_automation") context "lib/browsers/cdp_automation", -> + context "._domainIsWithinSuperdomain", -> + it "matches as expected", -> + [ + { + domain: 'a.com' + suffix: 'a.com' + expected: true + } + { + domain: 'a.com' + suffix: 'b.com' + expected: false + } + { + domain: 'c.a.com' + suffix: 'a.com' + expected: true + } + { + domain: 'localhost' + suffix: 'localhost' + expected: true + } + { + domain: '.localhost' + suffix: '.localhost' + expected: true + } + { + domain: '.localhost' + suffix: 'reddit.com' + expected: false + } + ].forEach ({ domain, suffix, expected }, i) => + expect(_domainIsWithinSuperdomain(domain, suffix)).to.eq(expected) + + context "._cookieMatches", -> + it "matches as expected", -> + [ + { + cookie: { domain: 'example.com' } + filter: { domain: 'example.com' } + expected: true + } + { + cookie: { domain: 'example.com' } + filter: { domain: '.example.com' } + expected: true + } + ].forEach ({ cookie, filter, expected }) => + expect(_cookieMatches(cookie, filter)).to.eq(expected) + context ".CdpAutomation", -> beforeEach -> @sendDebuggerCommand = sinon.stub()