New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Framebusting on 3rd party sites break Cypress automation #886
Comments
A study of common framebusting / clickjacking techniques. https://seclab.stanford.edu/websec/framebusting/framebust.pdf We will likely implement enough to cover the bases described here on page 3
|
…ting and clickjacking security measures - add modifyObjectiveCode config, true by default
Released in |
I have encountered a script that is not correctly fixed by the current Cypress network layer modification. What would be the best place to discuss how to update the framebuster support to cover this? Specifically, it is a Xsolla login iframe https://xsolla.com/products/login |
@miohtama Please open a new issue with a fully reproducible example that we can run. There may be a specific edge case with the issue that we need more detail to fix. |
Sites that implement old school security measures such as clickjacking or framebusting break Cypress.
The text was updated successfully, but these errors were encountered: