Comments (5)
Hi, @NZepeda!
It may not be the best idea to use @mswjs/cookie
that way. You are interfering with how MSW picks up cookies that way, it seems. If you want to have an initial cookie set, mutate document.cookie
instead. In other words, do what your app would do.
I also have a concern that you aren't testing anything in your test: https://github.com/NZepeda/msw-cookies-example/blob/d7d900d6e0202c8b8a522b1c88b4958b8782c181/src/test/mock.test.ts. What the test cases assert right now is that MSW handles cookies correctly. If this is a trimmed test case you created to illustrate the issue then it's okay. But if it's not, don't test third-party libraries, test your code instead.
from msw.
Hi @kettanaito,
What we are trying to simulate is a prod setup with an Http-Only, Secure cookie.
In a browser Http-Only are not readable/mutable through document.cookie
.
Is there no way to set this up in msw
+ jsdom
?
This is related to #1586
from msw.
Since you cannot read the HttpOnly cookie in JavaScript, what would you test then? Nothing in your application can depend on it. I suspect you are talking about forwarding that cookie to the server request (i.e. credentials)? If that's the case, it's done by the browser for you.
Please tell me more about your test case.
from msw.
We use a cookie to authenticate a WebSocket connection to the server.
We get that cookie by sending a request to the server with a JWT, and if it is valid the server responds with a Set-Cookie
header where the cookie is HttpOnly
and Secure
.
The cookie is stored in the browser securely (as it's not accessible through JavaScript with document.cookie
), and sent upon further server requests (we adapt the credentials
request property if necessary for cross-domain deployments).
As mentioned above, this allows to then open a WebSocket in particular, but the cookie can also be used to authenticate any other further HTTP request to the server (our Java uses Spring security and this is the default behavior).
When the UI assets (JS, HTML, css, etc.) are served by the server itself (which is the deployment that we recommended), then when you try connecting to the UI, you must first pass the Spring security layer before the UI assets can be fetched.
In that case, by the time any JavaScript is run, the session cookie is already set in the user's browser.
We are looking to test all this authentication flow with msw
.
from msw.
To add on to this, @kettanaito, as you recommended above, I've removed usage of the @mswjs/cookie
package to set the cookie and instead, I'm directly mutating document.cookie
. The same error persists. I've updated the linked repo to demonstrate the issue.
For the test, I've set up a server
with three handlers, two of which depend on the cookies
object given by the resolver function. These handlers check the cookie similarly by comparing cookies[sessionCookieName]
to an expected cookie value.
Within the test suite itself, I set the session cookie once by mutating document.cookie
within the beforeAll
. There are two tests, each hitting a different handler. The first test passes because the cookie
has the expected value. The second test fails because the cookie
value is now unexpected.
This seems like a bug within msw
because I expect that both tests should pass because the cookie was only mutated once in the beforeAll
. I do not expect the cookies
object given by the resolver to change between handlers simply due to their order within the setupServer
function.
For more clarity:
This is the value of the cookies
object given by the resolver in the first handler:
{ MyCookie: 'ABCD1234' } <- This is good
This is the value of the cookies
object given the resolver in the third handler:
{ MyCookie: 'ABCD1234, MyCookie=ABCD1234' } <- This is bad
Can you confirm whether or not this is expected?
from msw.
Related Issues (20)
- "InvalidStateError: The object is in invalid state" when mocking rest api
- Unable to use msw/node for testing solid-js due to `resolve.conditions` set to `browser` HOT 5
- drop CommonJS support HOT 2
- quiet: true should supress RESPONSE LISTENER logs HOT 4
- Narrowing the response body type in `HttpResponse.json` HOT 16
- Error: No known conditions for "./browser" specifier in "msw" package HOT 5
- "Cannot read properties of undefined (reading 'get')" when using generators/async generators as resolvers HOT 2
- `TypeError: crypto.randomUUID is not a function` with msw 2.2.12 HOT 3
- When running Cypress tests in Electron, MSW activation occurs after test completion, causing tests to fail
- Chrome unregisters MSW after 5 mins of inactivity / idle HOT 13
- First-class Server-Sent Events (SSE) API
- The currently registered Service Worker has been generated by a different version of MSW (undefined) HOT 1
- disable prettier as well HOT 1
- Issue with response resolver types after recent upgrade HOT 2
- "TypeError: response.body.getReader is not a function" for HTTPResponse of JSON type HOT 5
- Preserve the original request URL in "onUnhandledRequest" warnings HOT 3
- Calls to worker.use() remove handlers to same endpoint with different method HOT 2
- Unable to use HttpResponse.error() with TypeScript HOT 3
- How do I implement MSW in a NextJS backend?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from msw.