cypress-har-generator
cypress-har-generator copied to clipboard
Authorization header missing
Hi, I'm trying to generate a har file for a site that is protected by HTTP Basic Auth. However, the HAR file that is generated lacks the Authorization header, so when I replay it, I get a 401 error.
My Cypress test file:
describe("static pages", () => {
before(() => {
// start recording
cy.recordHar({
content: false,
includeHosts: [ '.*.my.domain']
});
});
after(() => {
cy.saveHar();
});
it("Home page", () => {
cy.visit("/");
});
});
I run it using:
npx cypress run --config baseUrl=https://username:[email protected] --browser chrome
The result I get looks like this:
{
"log": {
"version": "1.2",
"pages": [],
"creator": {
"name": "@neuralegion/cypress-har-generator",
"version": "5.3.0",
"comment": "https://github.com/NeuraLegion/cypress-har-generator#readme"
},
"entries": [
{
"startedDateTime": "2022-05-22T19:12:29.519Z",
"time": 32.239000021945685,
"request": {
"method": "GET",
"url": "https://my.domain/",
"httpVersion": "http/1.1",
"headers": [
{
"name": "Accept",
"value": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"
},
{
"name": "Accept-Encoding",
"value": "gzip, deflate, br"
},
{
"name": "Accept-Language",
"value": "en-US"
},
{
"name": "Cache-Control",
"value": "no-cache"
},
{
"name": "Connection",
"value": "keep-alive"
},
{
"name": "Cookie",
"value": "__cypress.initial=true"
},
{
"name": "Host",
"value": "my.domain"
},
{
"name": "Pragma",
"value": "no-cache"
},
{
"name": "Referer",
"value": "https://my.domain/__/"
},
{
"name": "Sec-Fetch-Dest",
"value": "iframe"
},
{
"name": "Sec-Fetch-Mode",
"value": "navigate"
},
{
"name": "Sec-Fetch-Site",
"value": "same-origin"
},
{
"name": "Upgrade-Insecure-Requests",
"value": "1"
},
{
"name": "User-Agent",
"value": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/101.0.4951.64 Safari/537.36"
}
],
"queryString": [],
"cookies": [
{
"name": "__cypress.initial",
"value": "true",
"httpOnly": false,
"secure": false
}
],
"headersSize": 0,
"bodySize": 0
},
"response": {
"status": 200,
"statusText": "OK",
"httpVersion": "HTTP/1.1",
"headers": [
{
"name": "Connection",
"value": "keep-alive"
},
{
"name": "Content-Encoding",
"value": "gzip"
},
{
"name": "Keep-Alive",
"value": "timeout=5"
},
{
"name": "Set-Cookie",
"value": "__Host-session=eyJjc3JmIjoiMGZlYzUzOGUtNjRhMS00YjI1LWIzMjktYWZhNjIwZGNiYjAxIn0%3D.6L95Y8yu0sO2OOqstlVG5%2F6AAE9YxV8BzlUZK1WvxnY; Path=/; HttpOnly; Secure; SameSite=Strict"
},
{
"name": "Set-Cookie",
"value": "__cypress.initial=; Domain=my.domain; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT"
},
{
"name": "Transfer-Encoding",
"value": "chunked"
},
{
"name": "Vary",
"value": "Accept-Encoding, Accept-Encoding"
},
{
"name": "cache-control",
"value": "no-cache, no-store, must-revalidate"
},
{
"name": "content-type",
"value": "text/html; charset=utf-8"
},
{
"name": "cross-origin-embedder-policy",
"value": "require-corp"
},
{
"name": "cross-origin-opener-policy",
"value": "same-origin"
},
{
"name": "cross-origin-resource-policy",
"value": "same-origin"
},
{
"name": "date",
"value": "Sun, 22 May 2022 19:12:29 GMT"
},
{
"name": "expect-ct",
"value": "max-age=0"
},
{
"name": "origin-agent-cluster",
"value": "?1"
},
{
"name": "permissions-policy",
"value": "clipboard-write=(self)"
},
{
"name": "referrer-policy",
"value": "same-origin"
},
{
"name": "strict-transport-security",
"value": "max-age=15724800; includeSubDomains"
},
{
"name": "x-content-type-options",
"value": "nosniff"
},
{
"name": "x-dns-prefetch-control",
"value": "off"
},
{
"name": "x-download-options",
"value": "noopen"
},
{
"name": "x-permitted-cross-domain-policies",
"value": "none"
},
{
"name": "x-xss-protection",
"value": "0"
}
],
"cookies": [],
"content": {
"size": 35666,
"mimeType": "text/html",
"compression": 29387
},
"redirectURL": "",
"headersSize": 1033,
"bodySize": 6279,
"_transferSize": 7312
},
"cache": {},
"timings": {
"blocked": 1.0409999936446548,
"dns": -1,
"ssl": -1,
"connect": -1,
"send": 0.05300000000000005,
"wait": 30.459999992854893,
"receive": 0.6850000354461372
},
"serverIPAddress": "127.0.0.1",
"_priority": "VeryHigh",
"_resourceType": "Document",
"_webSocketMessages": [],
"connection": "23"
}
]
}
}
As you can see: no Authorization
header. I had a look at the cypress-har-generator
but couldn't find any header stripping. Any ideas what might be going on here?
@nfelger please provide a reproducible repository if it is possible
@nfelger seems Cypress automatically sends this header via some kind of proxy, outside of the browser. That is why you are not able to see this header either in the devtools or the resulting HAR.
Perhaps, it can be solved by #59 intercepting the requests made by cy.request
(simular to https://github.com/NeuraLegion/cypress-har-generator/pull/48):
cy.intercept('/', (req: CyHttpMessages.IncomingHttpRequest) => {
console.log('authorization' in req.headers);
});
cy.visit('/', {
auth: { username: 'wile', password: 'coyote' }
});