feat: make cookies have sameSite key by default #7790
Conversation
|
Thanks for taking the time to open a PR!
|
BREAKING CHANGE: modifies the shape of Cookie objects
|
Test summary
Run details
View run in Cypress Dashboard ➡️ This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. You can manage this integration in this project's settings in the Cypress Dashboard |
flotwig
requested review from
a team,
brian-mann and
kuceb
and removed request for
a team
jennifer-shehane
added
the
type: breaking change
|
I think that since users with |
|
I think in this case that's probably fine, but since we're doing the I think that approach is much better than to silently pass because anyone looking at the code later will be sufficiently confused - won't be able to find the option anywhere in the docs, and will wonder if this is actually taking effect anywhere. Throwing forces the user to update their code, but it's the cleanest way to communicate the intention. Additionally, imagine if we had a situation where the options of the I can think of a few other scenarios but those are the ones off the top of my head. I believe we already have logic in |
|
I guess it's either make the user pay the cost now, by forcing them to update their config, or pay the cost later, by potentially confusing users that have not read the migration guide/seen the issue comment telling them to remove the config option. Adding a deprecation notice to |
|
Okay cool. Use the existing config warning/deprecation machinery. |
| @@ -923,6 +923,11 @@ const getMsgByType = function (type, arg1 = {}, arg2, arg3) { | |||
| Enable write permissions to this directory to ensure screenshots and videos are stored. | |||
|
|
|||
| If you don't require screenshots or videos to be stored you can safely ignore this warning.` | |||
| case 'EXPERIMENTAL_SAMESITE_REMOVED': | |||
| return stripIndent`\ | |||
| The \`experimentalGetCookiesSameSite\` configuration option was removed in Cypress 5. Yielding the \`sameSite\` property is now the default behavior of the \`cy.cookie\` commands. | |||
There was a problem hiding this comment.
I think the convention when listing versions is to say in Cypress version x.x.x
There was a problem hiding this comment.
This was the only prior art I could find, which also isn't that:
cypress/packages/server/lib/errors.js
Lines 140 to 141 in c00f6cd
There was a problem hiding this comment.
In our migration guide we usually say Cypress 5, so as not to be restricted of it only applying to Cypress 5.0.0 and not to 5.1.0, etc.
BREAKING CHANGE: modifies the shape of Cookie objects
sameSitevalue to objects yielded bycy.getCookie/setCookie/getCookiesthe default #6892User facing changelog
cy.setCookie,cy.getCookie, andcy.getCookieswill now always contain asameSiteattribute.experimentalGetCookiesSameSiteconfiguration flag, since this behavior is now the default.Additional details
How has the user experience changed?
PR Tasks
cypress-documentation? docs: document experimentalGetCookiesSameSite removal cypress-documentation#2918type definitions?cypress.schema.json?