cypress
cypress copied to clipboard
cypress-io
cy.visit secure error when _ used in hostname
Current behavior:
When I try to visit my app, which located in JenkinsCI, I encounter an error:
This site can’t provide a secure connection someadresss.tk doesn't adhere to security standards.
ERR_SSL_SERVER_CERT_BAD_FORMAT
When I put URL in the browser app open, this error only in Cypress sandbox
Versions
Operating System: Ubuntu 16.04 Cypress Version: 3.1.3 Browser Version: Chrome 70
Could you try setting "chromeWebSecurity": false in cypress.json?
You can always set other flags directly https://github.com/cypress-io/cypress/issues/715#issuecomment-402314281, but I think disabling chromeWebSecurity should work in your case.
but it did not help
We also have same issue with wildcard certificate, issued by Letsencrypt, when we try to run tests against subdomain.
After researches, found out, that underscore _ in subdomain name produced this error with Electron browser.
Switching to subdomain with hyphen - instead, fixed issue.
@alexbridge Thanks so much for leaving a comment!
This does appear to be the root of the issue. I believe this is a legitimate error due to _ being used in the hostname, which is invalid as described in RFC 952
A "name" (Net, Host, Gateway, or Domain name) is a text string up to 24 characters drawn from the alphabet (A-Z), digits (0-9), minus sign (-), and period (.). Note that periods are only allowed when they serve to delimit components of "domain style names". (See RFC-921, "Domain Name System Implementation Schedule", for background). No blank or space characters are permitted as part of a name. No distinction is made between upper and lower case. The first character must be an alpha character. The last character must not be a minus sign or period. A host which serves as a GATEWAY should have "-GATEWAY" or "-GW" as part of its name. Hosts which do not serve as Internet gateways should not use "-GATEWAY" and "-GW" as part of their names. A host which is a TAC should have "-TAC" as the last part of its host name, if it is a DoD host. Single character names or nicknames are not allowed.
I just wanna say that the _ was the issue for my problem. After hours, I found this simple solution in here.
So, the URL was adapted and now I can move on.
Thanks :)
@alexbridge Thanks so much for leaving a comment!
This does appear to be the root of the issue. I believe this is a legitimate error due to
_being used in the hostname, which is invalid as described in RFC 952A "name" (Net, Host, Gateway, or Domain name) is a text string up to 24 characters drawn from the alphabet (A-Z), digits (0-9), minus sign (-), and period (.). Note that periods are only allowed when they serve to delimit components of "domain style names". (See RFC-921, "Domain Name System Implementation Schedule", for background). No blank or space characters are permitted as part of a name. No distinction is made between upper and lower case. The first character must be an alpha character. The last character must not be a minus sign or period. A host which serves as a GATEWAY should have "-GATEWAY" or "-GW" as part of its name. Hosts which do not serve as Internet gateways should not use "-GATEWAY" and "-GW" as part of their names. A host which is a TAC should have "-TAC" as the last part of its host name, if it is a DoD host. Single character names or nicknames are not allowed.
@jennifer-shehane underscores are perfectly valid in sub-domains, which is the reported issue, and also one we encountered. Underscores are not valid in hostnames, but that should be obvious because no one would be able to get a hostname on a network or in a registered domain. A concise summary of the distinction can be found here: https://stackoverflow.com/a/2183140
Can this issue be re-opened?
@DuncanHills Do you have a situation where an underscore in the subdomain is causing an error? Can you give more detail?
@jennifer-shehane a Cypress test harness is getting cert errors when used against with a subdomain that contains underscores, covered by a public wildcard cert. I can follow up with more details soon.
+1 We ran into the same problem. (wildcard certificate, and underscore _ in subdomain name)
@AshrafShaik001 Yes, we changed the name of the host (fortunately, the developer address only).
+1 Just encountered this issue.
According to this: https://stackoverflow.com/questions/2180465/can-domain-name-subdomains-have-an-underscore-in-it subdomains can have underscore(_).
This should be fixed. Until it is fixed, I am forced to change the url, which is not ideal.
This just blocked the company I work at from being able to implement cypress at all. We can't change subdomain names that have an underscore, and subdomains with an underscore are valid. This issue needs to be addressed.
The RFC has a preferred name syntax outlined here.
Note that while upper and lower case letters are allowed in domain names, no significance is attached to the case. That is, two names with the same spelling but different case are to be treated as if identical.
The labels must follow the rules for ARPANET host names. They must start with a letter, end with a letter or digit, and have as interior characters only letters, digits, and hyphen. There are also some restrictions on the length. Labels must be 63 characters or less.
Additionally SSL certs are no longer issued to subdomains with underscores for this exact reason. See this link.
It's clearly strongly recommended to not use underscores in subdomains, but it is not uniformly enforced across browsers.
We haven't personally spent time to look into why this is not working, but would be open to a pull request that allows URLs with underscores to display as they would in a normal browser.
Example test
it('runs', () => {
cy.visit('https://my_sarisari_store.typepad.com/');
});