-
Notifications
You must be signed in to change notification settings - Fork 3.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cy.clearCookies should clear *ALL* cookies of all domains #408
Comments
I think I'm having this same issue (that they are not cleared at the moment). I have the following script:
Right now this fails in some situations. I find it hard to get a clear repro, but it seems to be when already logged in before. The workaround I found (which sounds the same as this issue) is to first do a Maybe in the meantime we should update the docs to make this a bit more clear. |
is there a timeline when this will be resolved? |
Is there any update on this issue? |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Similarly, we want to ensure localStorage is cleared for all domains when using cy.clearLocalStorage() #2573 |
This is a genuine issue for us:
|
This would be very useful for apps that might use a hosted login page from another domain. |
Hi team, Is there a timeline on when we can expect this particular issue to be resolved? This is hindering some automation tests I'm building when utilizing I hope someone can respond soon - it seems many others are also relying on this issue to be fixed, and it's been a year since there's been any update on this thread from a team member. If there's another spot we should look to for updates, it would be helpful to let us know of that as well (apologies in advance if that's been pointed out/documented as well). Thanks! |
I use a thirdparty service to handle authentication this means that the authentication cookies are set on a different domain to the one I'm actually testing. Until this new feature is introduced is there a workaround? How can I remove the cookies for all domains between test runs for now? |
I was just browsing through different issues regarding this problem and found something in this this #5657 PR. The topic of the PR seems not to be relevant at first but this comment #5657 (comment) in there says:
I tried this out although its not documented that the So what is it @brian-mann @jennifer-shehane ? Is it undocumented functionality or is not supposed to be used ? |
For me doing |
You can add in the support folder an index.d.ts file and overwrite the clearCookies function. // eslint-disable-next-line spaced-comment
/// <reference types="cypress" />
interface IClearCookies {
domain?: string | null;
}
declare namespace Cypress {
interface Chainable {
clearCookies(
options?:
| Partial<Cypress.Loggable & Cypress.Timeoutable>
| IClearCookies
| undefined,
): Cypress.Chainable<null>;
} Also, it works for me on Cypress 6.3.0 |
Clearing an individual cookie with Feels icky. const lastRequest = response.allRequestResponses[response.allRequestResponses.length - 1];
const cookies = lastRequest['Request Headers'].cookie.split('; ').map(cookie => cookie.split('='));
cy.clearCookies({ domain: null });
for (const [key, value] of cookies.filter(([key]) => key !== 'cookie-to-remove')) {
cy.setCookie(key, value, { domain: '.example.com' });
} |
Hey Guys, any update on this? |
Wasted a big chunk of my day trying to figure out why my session is still in place after clearing cookies. It's been almost 5 years. Surely this should be a simple thing to change? edit: Calling |
Spent all day on this too. |
How is this still not implemented after five years? |
This is still broken. Clearcookies() does not work |
related to #24265 |
@chrisbreiding does your cookie work address this issue? |
@nagash77 This will be addressed when we add |
In v12.0.0 (soon-to-be-released), we are introducing the concept of Test Isolation which partially covers the ask in this issue since it will clear all cookies in all domains before each tests. The remaining work will be handled in #24265 which @chrisbreiding is working. |
The code for this is done in cypress-io/cypress#25012, but has yet to be released. |
Released in This comment thread has been locked. If you are still experiencing this issue after upgrading to |
After extensive R&D we've decided to deviate from the Webdriver spec and enhance clearing cookies to include all domains.
By default, Webdriver will only ever clear cookies based on the current domain context. So if you are visiting
http://localhost
and you issue HTTP requests to other domains (which set cookies) - those cookies will not be cleared.We currently respect this spec, and our own cookie implementations also have this same restriction.
However, this is really just a limitation of Webdriver - and not necessarily something Cypress ever has to abide to. We've built Cypress with cross browser functionality in mind, and any time we deviate from the Webdriver spec, we are forced to ensure we can create compatibility across all other browsers.
Even though we don't support cross browsers now, it's a fundamental part of our strategy and we intend to support them down the road.
What is the proposed change?
cy.clearCookies
will clear all cookies on all domains, irrespective of the current browsing contextHow will Cypress be able to consistently clear all cookies?
Cypress's architecture is completely different than that of Webdriver, which puts us in a unique situation to do lots of low level network tricks to pull this off.
While this is subject to change, the way this can be done is by inspecting all of the network traffic that goes through the browser (and therefore Cypress, as we already do), and for all domains, we can manually keep track of all the domains with cookies having been set on them.
At the end of the test, or on a
cy.clearCookies
command, we can then issue multiple HTTP requests out of the browser (through the Cypress driver) to these various endpoints.Instead of allowing those requests to pass onto the remote server, Cypress will trap the requests, and automatically respond to the requests by issuing a
Set-Cookie
header for each cookie that needs to be cleared by setting theMax-Age
orExpires
directive.The browser will then run its natural course and clear all of the cookies. This will be a bit slower than programatic API's, but will only have to be done when the browser does not expose any kind of automation API to achieve the same result programatically.
Related issues
The text was updated successfully, but these errors were encountered: