browser.wait fails on pages with Content-Security-Policy

[torfmaster]

Describe the bug browser.wait fails on pages with Content-Security-Policy with the following error message:

frame.waitForFunction: Evaluation failed: EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'self'".

To Reproduce

• Open a page using Content Security Policy directive: "default-src 'self.
• wait for an element which doesn't appear immediately

Expected behavior wait waits until the object is there.

Actual behavior The beforementioned error occurs.

Additional context The problem presumably comes from the underlying playwright library. In playwright bypassCSP can be passed to browser.newPage but elements does not expose this option. Putting this option by force into TestSettings solves the problem (at least for chromium).

[simonflk]

I'm experiencing the same problem. It's a total blocker, unfortunately.

@torfmaster where are you putting bypassCSP? Are you modifying element modules directly?

[torfmaster]

You can put this option to the test setting by using an object as follows:

const cheatTestSettings = {
   bypassCSP: true
};
const testSettings: TestSettings = { ...cheatTestSettings };

[markmacumber]

Im having the same issues as what is being reported here, I have added the bypassCSP property into the TestSettings as @torfmaster has suggested, which appears to work for local development using a single user, but when I move into multiple mu's using stages and ramps in the test, I can see these same errors occuring again and again.

Is there anyone in the flood-io team that can comment here on this issue?