Framebusting on 3rd party sites break Cypress automation #886
Comments
A study of common framebusting / clickjacking techniques. https://seclab.stanford.edu/websec/framebusting/framebust.pdf We will likely implement enough to cover the bases described here on page 3
|
brian-mann
added a commit
that referenced
this issue
Feb 11, 2018
…ting and clickjacking security measures - add modifyObjectiveCode config, true by default
This was referenced Feb 12, 2018
Closed
Closed
Released in |
I have encountered a script that is not correctly fixed by the current Cypress network layer modification. What would be the best place to discuss how to update the framebuster support to cover this? Specifically, it is a Xsolla login iframe https://xsolla.com/products/login |
@miohtama Please open a new issue with a fully reproducible example that we can run. There may be a specific edge case with the issue that we need more detail to fix. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Sites that implement old school security measures such as clickjacking or framebusting break Cypress.
The text was updated successfully, but these errors were encountered: