cy.origin() not working when the application redirects to external origin

[idanElitzur]

Current behavior

cy.origin() still not working as expected even I've upgraded to the new release with the related bugfixes over there.
When clicking on some connect pop-up from the application it's redirecting to google account page (external url and totally different from the base url).
Trying to use cy.origin() to be able to reach out the page elements over there but the cy.origin reaching the timeout and return the error below:

Timed out retrying after 30000ms: The command was expected to run against origin https://google.com but the application is at origin https://google.com.

This commonly happens when you have either not navigated to the expected origin or have navigated away unexpectedly.

I've to inform that I'm using cy.session() for login the application by the before() hook, and the cookies preserve over there.

Also I got this error when closing the cypress runner by CMD+C :

Error: write EPIPE
    at afterWriteDispatched (node:internal/stream_base_commons:160:15)
    at writeGeneric (node:internal/stream_base_commons:151:3)
    at Socket._writeGeneric (node:net:795:11)
    at Socket._write (node:net:807:8)
    at writeOrBuffer (node:internal/streams/writable:389:12)
    at _write (node:internal/streams/writable:330:10)
    at Socket.Writable.write (node:internal/streams/writable:334:10)
    at Function.log (/Users/myname/Library/Caches/Cypress/10.9.0/Cypress.app/Contents/Resources/app/node_modules/debug/src/node.js:194:24)
    at debug (/Users/myname/Library/Caches/Cypress/10.9.0/Cypress.app/Contents/Resources/app/node_modules/debug/src/common.js:113:10)
    at App.<anonymous> (/Users/myname/Library/Caches/Cypress/10.9.0/Cypress.app/Contents/Resources/app/packages/server/lib/modes/interactive.js:144:13)
    at Object.onceWrapper (node:events:646:26)
    at App.emit (node:events:526:28)
    at App.emit (node:domain:475:12)

Desired behavior

No response

Test code to reproduce

cypress configuration:

	e2e: {
		supportFile: './../myinfra/cypress/support/e2e.ts',
		downloadsFolder: './../myinfra/cypress/downloads',
		chromeWebSecurity: false,
		experimentalSourceRewriting: false,
		experimentalSessionAndOrigin: true,
		experimentalModifyObstructiveThirdPartyCode: true,
		numTestsKeptInMemory: 1,
		defaultCommandTimeout: 30000,
		requestTimeout: 30000,
		responseTimeout: 30000,
		taskTimeout: 30000,
		pageLoadTimeout: 30000,
		screenshotsFolder: './../myinfra/mochawesome-report/assets',
		screenshotOnRunFailure: true,
		reporter: './../myinfra/node_modules/mochawesome',
		reporterOptions: {
			reportDir: './../myinfra/cypress/report',
			code: false,
			charts: true,
			overwrite: false,
			html: false,
			json: true,
			embeddedScreenshots: true,
		},
		video: false,
		viewportHeight: 1080,
		viewportWidth: 1920,
		waitForAnimations: true
}

chrome 106 driver configuration:

			on('before:browser:launch', (browser, launchOptions) => {
				if (browser.name === 'chrome') {
					launchOptions.args.push(
						'--disable-features=CrossSiteDocumentBlockingIfIsolating,CrossSiteDocumentBlockingAlways,IsolateOrigins,site-per-process',
						'--disable-web-security',
						'--user-data-dir',
						'--disable-gpu',
						'--no-sandbox',
						'--start-maximized',
						'--enable-automation',
						'--safebrowsing-disable-auto-update',
						'--disable-dev-shm-usage',
						'--window-size=1920,1080'
					);
				}
				return launchOptions;
			});

Login file:

import * as loc from './locators';

export const login = (userType: string) => {
  cy.session(userType, () => {
    cy.visit('/login');
    cy.fixture('testUsers').then((user) => {
      cy.get(loc.login.emailField)
        .should('be.visible')
        .type(user[`${userType}`].email);
      cy.get(loc.login.emailField)
        .should('be.visible')
        .and('have.attr', 'value', user[`${userType}`].email);
      cy.get(loc.login.submitEmail).should('be.visible').click();
      cy.get(loc.sideNavBar.buyersPipeline).should('be.visible');
    });
  });
  cy.visit('/app');
};

Test suite file:

describe('check that pipeline works', { tags: 'smoke', defaultCommandTimeout: 30000 },() => {
	beforeEach(() => {
	  login('backofficeAdvisor');
	  cy.reload();
	});

	it('Send email to a user - is shown in the activity', () => {
	    cy.intercept('https://accounts.google.com/**').as(`loginRedirect`)
	    cy.visit('/');
	  cy.get(loc.sideNavBar.buyersPipeline).should('be.visible').click();
	  cy.get(loc.pipelineBuyer.nameColumn)
	    .eq(4)
	    .should('be.visible')
	    .click({ force: true });
	  cy.get(loc.buyerDetails.basicCard).should('be.visible');
	  cy.get(loc.buyerDetails.timelineSendEmailIcon)
	    .should('be.visible')
	    .click();
	    cy.get('div[role="dialog"]')
	        .find('button.MuiButton-root')
	        .should('be.visible')
	        .click();
	    const email = 'qa@myapp.com';
	        cy.wait(`@loginRedirect`).then(() => {
	            cy.origin('accounts.google.com', {args: [email]}, ([email]) => {
	                // @ts-ignore
	                cy.get('input#identifierId').should('be.visible').type(email);
	            })
	        })
	    cy.visit('/')
	});
});		

Cypress Version

10.9.0

Node version

14.19.1

Operating System

macOS 12.3.1

Debug Logs

`
cypress:server:socket-base automation:request get:cookies { superDomain: 'google.com' } +1s
  cypress:server:automation:cookies getting:cookies { superDomain: 'google.com' } +1s
  cypress:server:automation:cookies received get:cookies [ { name: '__stripe_sid', value: 'aaaa-1111-bbbb-2222', path: '/', domain: '.backoffice.myapp.com', secure: true, httpOnly: false, sameSite: 'strict', expiry: 1664723643 }, { name: 'NID', value: 'aaa-1111-bbbb-2222', path: '/', domain: '.google.com', secure: true, httpOnly: true, sameSite: 'no_restriction', expiry: 1680533053.010764 }, { name: '__stripe_mid', value: 'aaa-1111-bbbb-2222', path: '/', domain: '.backoffice.myapp.com', secure: true, httpOnly: false, sameSite: 'strict', expiry: 1696257843 }, { name: 'BACKOFFICE_TOKEN', value: 'aaa-1111-bbbb-2222', path: '/', domain: '.myapp.com', secure: false, httpOnly: false, sameSite: undefined, expiry: 1699280627.749086 }, { name: 'BACKOFFICE_REFRESH_TOKEN', value: 'aaa-1111-bbbb-2222', path: '/', domain: '.myapp.com', secure: false, httpOnly: false, sameSite: undefined, expiry: 1699280627.749267 }, { name: 'APP_CTX_USER_ID', value: 'aaa-1111-bbbb-2222', path: '/', domain: '.myapp.com', secure: false, httpOnly: false, sameSite: undefined, expiry: 1699280627.951294 }, { name: 'm', value: 'aaa-1111-bbbb-2222', path: '/', domain: 'm.stripe.com', secure: true, httpOnly: true, hostOnly: true, sameSite: 'no_restriction', expiry: 1699281843.547881 }, { name: 'APP_CTX_SESSION_ID', value: 'aaa-1111-bbbb-2222', path: '/', domain: '.myapp.com', secure: false, httpOnly: false, sameSite: undefined }, { name: 'randomClientString', value: 'aaa-1111-bbbb-2222', path: '/', domain: 'backoffice.myapp.com', secure: false, httpOnly: false, hostOnly: true, sameSite: undefined } ] +1ms

cypress:net-stubbing:server:intercept-request intercepting request { requestId: 'interceptedRequest346', req: { url: '/generate_204?2nUghQ' } } +5s
  cypress:net-stubbing:server:util sending event to driver { eventName: 'before:request', data: { eventId: 'event347', subscription: { eventName: 'before:request', await: false, routeId: '1664721837253-212' }, browserRequestId: undefined, requestId: 'interceptedRequest346', data: { headers: [Object], url: 'https://accounts.google.com/generate_204?2nUghQ', method: 'GET', httpVersion: '1.1', body: '' } } } +5s
  cypress:network:cors Parsed URL { port: '443', tld: 'com', domain: 'google' } +505ms
  cypress:server:remote-states getting remote state: undefined for: https://accounts.google.com/generate_204?2nUghQ +5s
  cypress:network:cors Parsed URL { port: '443', tld: 'com', domain: 'myapp' } +0ms
  cypress:server:remote-states getting remote state: { auth: null, origin: 'https://backoffice.myapp.com', strategy: 'http', fileServer: null, domainName: 'myapp.com', props: { port: '443', tld: 'com', domain: 'myapp' } } for: https://myapp.com +0ms
  cypress:server:stream_buffer stream buffer writeable final called +5s
  cypress:network:agent addRequest called { isHttps: true, href: 'https://accounts.google.com/generate_204?2nUghQ' } +5s
  cypress:network:agent got family { family: 4, href: 'https://accounts.google.com/generate_204?2nUghQ' } +0ms
  cypress:server:request received status code & headers on request { requestId: 'request348', statusCode: 204, headers: {} } +5s
  cypress:server:request successful response received { requestId: 'request348' } +0ms
  cypress:net-stubbing:server:intercept-response InterceptResponse { req: { url: 'https://accounts.google.com/generate_204?2nUghQ' }, request: InterceptedRequest { subscriptionsByRoute: [ [Object] ], includeBodyInAfterResponse: false, responseSent: false, onResponse: [Function (anonymous)], id: 'interceptedRequest346', req: IncomingMessage { _readableState: [ReadableState], _events: [Object: null prototype], _eventsCount: 1, _maxListeners: undefined, socket: [TLSSocket], httpVersionMajor: 1, httpVersionMinor: 1, httpVersion: '1.1', complete: true, rawHeaders: [Array], rawTrailers: [], aborted: false, upgrade: false, url: 'https://accounts.google.com/generate_204?2nUghQ', method: 'GET', statusCode: null, statusMessage: null, client: [TLSSocket], _consuming: false, _dumped: false, proxiedUrl: 'https://accounts.google.com/generate_204?2nUghQ', next: [Function: next], baseUrl: '', originalUrl: '/generate_204?2nUghQ', _parsedUrl: [Url], params: [Object], query: [Object], res: [ServerResponse], secret: undefined, cookies: [Object], signedCookies: [Object: null prototype] {}, _startAt: [Array], _startTime: 2022-10-02T14:44:17.713Z, _remoteAddress: '127.0.0.1', route: [Route], isAUTFrame: false, browserPreRequest: undefined, requestId: 'interceptedRequest346', body: '', [Symbol(kCapture)]: false, [Symbol(kHeaders)]: [Object], [Symbol(kHeadersCount)]: 32, [Symbol(kTrailers)]: null, [Symbol(kTrailersCount)]: 0, [Symbol(RequestTimeout)]: undefined }, res: ServerResponse { _events: [Object: null prototype], _eventsCount: 2, _maxListeners: undefined, outputData: [], outputSize: 0, writable: true, destroyed: false, _last: false, chunkedEncoding: false, shouldKeepAlive: true, maxRequestsOnConnectionReached: false, _defaultKeepAlive: true, useChunkedEncodingByDefault: true, sendDate: true, _removedConnection: false, _removedContLen: false, _removedTE: false, _contentLength: null, _hasBody: true, _trailer: '', finished: false, _headerSent: false, _closed: false, socket: [TLSSocket], _header: null, _keepAliveTimeout: 5000, _onPendingData: [Function: bound updateOutgoingData], req: [IncomingMessage], _sent100: false, _expect_continue: false, locals: [Object: null prototype] {}, flush: [Function: flush], write: [Function: write], end: [Function: end], on: [Function: on], writeHead: [Function: writeHead], _startAt: undefined, _startTime: undefined, __onFinished: [Function], [Symbol(kCapture)]: false, [Symbol(kNeedDrain)]: false, [Symbol(corked)]: 0, [Symbol(kOutHeaders)]: null }, continueRequest: [Function: next], onError: [Function: onError], _onResponse: [Function: onResponse], matchingRoutes: [ [Object] ], state: { requests: [Object], routes: [Array], pendingEventHandlers: {}, reset: [Function: reset] }, socket: SocketE2E { ensureProp: [Function: ensureProp], supportsRunEvents: false, experimentalSessionAndOrigin: true, ended: false, localBus: [EventEmitter], onTestFileChange: [Function: bound ], testFilePath: '../myapp-backoffice/e2e-tests/test-files/pipeline-tests.cy.ts', onStudioTestFileChange: [Function: bound onStudioTestFileChange], removeOnStudioTestFileChange: [Function: bound removeOnStudioTestFileChange], _io: [SocketIOServer], _sendResetBrowserTabsForNextTestMessage: [AsyncFunction (anonymous)], _sendResetBrowserStateMessage: [AsyncFunction (anonymous)], _sendFocusBrowserMessage: [AsyncFunction (anonymous)], _isRunnerSocketConnected: [Function (anonymous)] }, lastEvent: 'before:request' } } +5s
  cypress:net-stubbing:server:util sending event to driver { eventName: 'response:callback', data: { eventId: 'event349', subscription: { eventName: 'response:callback', await: false, routeId: '1664721837253-212' }, browserRequestId: undefined, requestId: 'interceptedRequest346', data: { headers: [Object], url: 'https://accounts.google.com/generate_204?2nUghQ', method: null, httpVersion: '1.1', statusCode: 204, statusMessage: 'No Content', body: '' } } } +69ms
  cypress:network:cors Parsed URL { port: '443', tld: 'com', domain: 'myapp' } +70ms
  cypress:server:remote-states getting remote state: { auth: null, origin: 'https://backoffice.myapp.com', strategy: 'http', fileServer: null, domainName: 'myapp.com', props: { port: '443', tld: 'com', domain: 'myapp' } } for: https://myapp.com +70ms
  cypress:network:cors Parsed URL { port: '443', tld: 'com', domain: 'google' } +0ms
  cypress:server:remote-states getting primary remote state: { auth: null, origin: 'https://backoffice.myapp.com', strategy: 'http', fileServer: null, domainName: 'myapp.com', props: { port: '443', tld: 'com', domain: 'myapp' } } +0ms
  cypress:network:cors Parsed URL { port: '443', tld: 'com', domain: 'google' } +0ms
  cypress:network:cors Parsed URL { port: '443', tld: 'com', domain: 'myapp' } +0ms
  cypress:server:remote-states getting remote state: { auth: null, origin: 'https://backoffice.myapp.com', strategy: 'http', fileServer: null, domainName: 'myapp.com', props: { port: '443', tld: 'com', domain: 'myapp' } } for: https://myapp.com +0ms
GET /generate_204?2nUghQ 204 575.475 ms - -

### Other

**Chrome v106**


<img width="1117" alt="cy-origin-issue" src="https://user-images.githubusercontent.com/104420464/193461329-bc48bc6c-ab2f-407b-af6c-5882726c0067.png">

[idanElitzur]

[idanElitzur]

@chrisbreiding
Can you please assist?
🙏

[AtofStryker]

Likely related to #23999 and fixed by #23885. I am not going to close the issue but I am going to link it. I believe the same-origin spec bridge changes to cy.origin will fix this problem. Right now the cy.origin block is on domain https://google.com and is trying to communicate with https://accounts.google.com, which is cross origin. This is a problem specifically with chrome as there are strict enforcement around same origin policy communication regardless of document.domain.

@idanElitzur have you tried this in Edge by chance?

[AtofStryker]

related to #23814

[mjhenkes]

I believe @AtofStryker is correct.

[idanElitzur]

@AtofStryker Thanks for your all answers and the nicely support.
I didn't try by another browser, I can try but in the bottom line all the tests should execute on chrome browser.
I'll wait until the upcoming next release and hope it will finally solve out this issue.

[AtofStryker]

@idanElitzur Glad I can help! Chrome should work for your needs once we are able to release #23885. The only reason I ask about trying Edge or another browser is it may work since this is strictly a Google Chrome issue. If it does, I can say for certain that #23885 resolves your issue. Or if you are comfortable waiting for #23885 to release that works too!

[idanElitzur]

Electron don't work with this implementation as well, it's not pass the cookies inside the origin and the google account login over there seems vanilla without the integration to my tested app.
I'm using mac os so i don't have edge on my machine, i can check with firefox as well.

Electron debug logs - cookies (edited the sensitive values):

  cypress:server:automation:cookies received get:cookies [ { name: '__stripe_sid', value: '1111111111111', path: '/', domain: '.backoffice.myapp.com', secure: true, httpOnly: false, sameSite: 'strict', expiry: 1664876995 }, { name: '__stripe_mid', value: '111111111111', path: '/', domain: '.backoffice.myapp.com', secure: true, httpOnly: false, sameSite: 'strict', expiry: 1696411195 }, { name: 'm', value: '111111111111', path: '/', domain: '.m.stripe.com', secure: true, httpOnly: true, sameSite: 'no_restriction', expiry: 1727947181 }, { name: 'm', value: '111111111111', path: '/', domain: 'm.stripe.com', secure: true, httpOnly: true, hostOnly: true, sameSite: 'no_restriction', expiry: 1727947195.878819 }, { name: '__Host-GAPS', value: '111111111111', path: '/', domain: 'accounts.google.com', secure: true, httpOnly: true, hostOnly: true, sameSite: 'lax', expiry: 1727947196 }, { name: 'BACKOFFICE_TOKEN', value: '111111111111', path: '/', domain: '.myapp.com', secure: false, httpOnly: false, sameSite: undefined, expiry: 1751188781 }, { name: 'BACKOFFICE_REFRESH_TOKEN', value: '111111111111', path: '/', domain: '.myapp.com', secure: false, httpOnly: false, sameSite: undefined, expiry: 1751188781 }, { name: 'APP_CTX_USER_ID', value: '111111111111', path: '/', domain: '.myapp.com', secure: false, httpOnly: false, sameSite: undefined, expiry: 1751188781 }, { name: 'APP_CTX_SESSION_ID', value: '111111111111', path: '/', domain: '.myapp.com', secure: false, httpOnly: false, sameSite: undefined }, { name: 'randomClientString', value: '111111111111', path: '/', domain: 'backoffice.myapp.com', secure: false, httpOnly: false, hostOnly: true, sameSite: undefined } ] +1ms

@AtofStryker

[idanElitzur]

With FireFox cy.origin() it works ok but google account connection return security error after typing the email and submit :/
@AtofStryker

[AtofStryker]

@idanElitzur are you running with the experimentalModfyObstructiveThirdPartyCode option enabled? can you try that with electron and see if you get any further?

[AtofStryker]

We likely don't have a close base of support until 10.10.0 is out, but I am interested to see once it's released if you are still running into the secure app issue

[cypress-bot]

The code for this is done in cypress-io/cypress#23885, but has yet to be released.
We'll update this issue and reference the changelog when it's released.

[cypress-bot]

Released in 10.10.0.

This comment thread has been locked. If you are still experiencing this issue after upgrading to
Cypress v10.10.0, please open a new issue.