New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove non-working cross-origin download examples #631
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- downloads from cross-origin do work with
chromeWebSecurity: false
. Here is a video of me doing just that!
remote-file-download.mp4
- I could see the potential for confusion when not clearing the downloads before each test, but I also do not think deleting them before the test works, because the users might want to look at all downloaded files later. So I would keep it as is. After all, the users can write a task to clear it.
- we absolutely HAVE to show the cross-origin recipe, even if it works in Chrome only. It is self-defeating to hide it. First, it is possible. Second, users will discover it. Third, users who do not discover it will keep asking about it.
I think what we can do to clearly show it here is to split the spec into same-origin vs cross-origin and add comments explaining the situation. If you want, I can take over this PR to update it.
Sorry Gleb, I now realize I wasn't running the cross-origin server ( I still don't like recommending |
We can recommend or not - but it is there. Users can decide what to do, they don't have to use it, but if they need to test cross-origin, we better show them the right way. Endorsement - I am not sure, we can always say "hey, as always, use disabling chrome web security at your own risk" |
@bahmutov Sorry I misinterpreted some things from the original comment about support. I think that if we are going to discourage turning off Chrome Web Security then we need to really outline why we don't advise it because currently our docs are just like - 'need to turn it off? here's how'. https://docs.cypress.io/guides/guides/web-security.html#Disabling-Web-Security If we had a place in the docs to point to, then I would advise always linking to that section of the docs every time in recipes/blogs that we tell them to turn off chrome web security. |
@bahmutov wrote:
I disagree with this reason. Cypress already cleans up cookies before each test and I think files are in the same category. Moreover, if a developer wants to analyze downloaded files, s/he can do so after running the test because files are only deleted before tests, and never after tests. As a result, I suggest deleting everything before a test start. |
chromeWebSecurity: false
from tests - we should never recommend this.From original discussion in cypress-io/cypress#14749 (comment)