Disable web security in Cypress just for one test

Question

After reading the Cypress documentation on web security and when to disable it, I've decided I indeed need to do it. Is there a way to disable this just for one particular test/test suite? I'm using version 3.4.1 and this config is being set in cypress.json - therefore it's global for all tests.

Is there a way to disable web security just for one test? Thanks!

Pigbrainflower · Answer 1 · 2019-09-23T21:57:39.047

1

Original answer:

Does this work for you?

describe("test the config json", function () {
    it("use web security false here", function () {
      Cypress.config('chromeWebSecurity',false);
      cy.visit("https://www.google.com");
      console.log(Cypress.config('chromeWebSecurity'));
    });

    it("use web security true here", function () {
      Cypress.config('chromeWebSecurity',true);
      cy.visit("https://www.google.com");
      console.log(Cypress.config('chromeWebSecurity'));
    });
  });

The config is changed as you can see from the console log.

See document here https://docs.cypress.io/guides/references/configuration.html#Cypress-config

Updates:

After I saw DurkoMatKo's comment I managed to find an URL to test this 'chromeWebSecurity' option. It did not work as expected. I think changing this config might not work during running the same browser as this is more like a browser feature which will determine when start. In this case what I can think of is only to run Cypress with different configurations.

The cypress doc here shows clear steps to do this. hope this helps.

edited Sep 23 '19 at 21:57

answered Sep 22 '19 at 20:31

Pigbrainflower

480
3
12

Wow! Will try it today in the evening and let you know. thanks! – DurkoMatko Sep 23 '19 at 06:49
Thank's for your time, but it doesn't seem to work :/ I still get the cross-origin error. If I disable it using `cypress.json`, then I don't get the error anymore. – DurkoMatko Sep 23 '19 at 17:15
1

Apologise that I did not have a valid url to test. I think you are right. The config is changed but not applied on the running cypress. I have not found an ideal way to do it. I updated my answer for only a workaround. Please let me know too if you have a better solution. Thanks. – Pigbrainflower Sep 23 '19 at 21:58
Thanks a lot for your help. I'll go in the direction you pointed me (multiple config files). Is is fine with you if I don't accept the answer as we didn't find the solution to disable websecurity on the fly for just one test? Maybe someone will come in the future and once it's possible and will answer it...Not sure how SO rules are in such scenario – DurkoMatko Sep 25 '19 at 08:14
In my case it if works. but I need to set the `cypress.json` file with `{"chromeWebSecurity": false}` so in my test change the setting to "true" with `Cypress.config('chromeWebSecurity',true);` – Jasp402 Jun 08 '21 at 20:21
@Jasp402 could you elaborate, I have `{"chromeWebSecurity": false}` in my `cypress.json` and try to toggle the flag with `Cypress.config('chromeWebSecurity', true);` either in `context` or `it` without success. – Édouard Lopez Jul 13 '21 at 14:56
Hi, I am trying to turn it off for all the tests, I've edited cypress.config.ts and added chromeWebSecurity: false. But still when I click a button that opens google sign in page, cypress throws an error saying: Cypress detected a cross origin error happened on page load: > Blocked a frame with origin "http://localhost:3000" from accessing a cross-origin frame. Before the page load, you were bound to the origin policy: > http://localhost:3000 A cross origin error happens when your application navigates to a new URL which does not match the origin policy above. What to do? – Femn Dharamshi Aug 04 '22 at 01:56

score 0 · Answer 2 · answered Jul 14 '21 at 15:34

In my case it worked as follows.
the first thing was to set chromeWebSecurity to false

//cypress.json 
{
"chromeWebSecurity": false
}

Then what I do is with a before assign it to true with Cypress.config

    //cypress/integration/testing.spec.js
    context('DEMO-01', () => {
    beforeEach(function () {
        Cypress.config('chromeWebSecurity', true);
    });
    describe('CP001 - start dasboard', () => {
        it('P01: open dashboard', () => {
            cy.visit(URL);
        });
    });
});

The other comment suggests the same if I'm not mistaken, or? I tried it back then and it didn't work. But times might have changed :D Thx for ur time! :) — DurkoMatko, Jul 14 '21 at 16:19

Disable web security in Cypress just for one test

2 Answers2

Linked