Description
Current behavior:
In Electron, when an anchor is clicked that downloads a file from the server, a "Save" dialog is shown thus preventing the rest of the test case from completing / succeeding. No dialog is shown in Chrome, at least currently, but this appears to be just because that's Chrome's default behaviour.
Furthermore, there is no way of specifying the desired location of file downloads.
Desired behavior:
- No "Save" dialog should be ever shown.
- Not as crucial (i.e. with rather easy workaround in the CI), but we should be able to configure browser (both Chrome and Electron, and any browsers supported in the future) with the location where files should be downloaded.
This should work both for files downloaded from the server (with Content-Disposition
HTTP header), as well as for files downloaded using in-browser Blob
+ dynamically generated anchor approach.
How to reproduce:
Given any site that contains an <a href="">...</a>
pointing to a file served with Content-Disposition
header, use a test script similar to the one posted below:
Test code:
describe('Lorem', function() {
it('Ipsum', function() {
cy.visit("https://localhost")
.get("a.download-link").click()
// This blocks in Electron because of the "Save" popup.
.readFile("/Users/kls/Downloads/file.txt")
.then(function() {
// Do something with the file.
});
})
})
Additional Info (images, stack traces, etc)
This functionality is needed in cases where it is not possible to verify validity of the download using other methods suggested in the FAQ:
- When downloaded file is dynamically generated on the server based on a data that browser sends over to it, in case when this data is sensitive and cannot be sent over in the file URL. Imagine a file path such as
https://bank/transaction-history/34964483209802/pdf
, where34964483209802
is a credit card number. This is unacceptable from the security / compliance perspective, because HTTP URL's are oftentimes logged in proxies or web servers. One solution is to send sensitive data over secure comms, i.e. WebSockets, just after user clicks the anchor. But this makes it impossible to just look at URL and issuecy.request()
. - When downloaded file is dynamically generated in the browser using a
Blob
+ transient<a>
with data URI technique, in which case no request is made to the server at all.