From c7af4ad735758cbb9451ae34f080f9b52a3e7872 Mon Sep 17 00:00:00 2001
From: Bill Glesias <bglesias@gmail.com>
Date: Wed, 26 Apr 2023 10:10:51 -0400
Subject: [PATCH] chore: ensure same origin match to apply cookies [run ci]

---
 .circleci/workflows.yml                        | 15 ++++-----------
 packages/proxy/lib/http/response-middleware.ts |  4 ++--
 packages/proxy/lib/http/util/top-simulation.ts |  2 +-
 packages/server/lib/remote_states.ts           | 12 ++++++------
 packages/server/lib/server-base.ts             |  4 ++--
 5 files changed, 15 insertions(+), 22 deletions(-)

diff --git a/.circleci/workflows.yml b/.circleci/workflows.yml
index 2338737cb514..852d8329d6d5 100644
--- a/.circleci/workflows.yml
+++ b/.circleci/workflows.yml
@@ -43,9 +43,7 @@ macWorkflowFilters: &darwin-workflow-filters
     - equal: [ develop, << pipeline.git.branch >> ]
     # use the following branch as well to ensure that v8 snapshot cache updates are fully tested
     - equal: [ 'update-v8-snapshot-cache-on-develop', << pipeline.git.branch >> ]
-    - equal: [ 'cacie/dep/electron-27', << pipeline.git.branch >> ]
-    - equal: [ 'fix/force_colors_on_verify', << pipeline.git.branch >> ]
-    - equal: [ 'ryanm/fix/service-worker-capture', << pipeline.git.branch >> ]
+    - equal: [ 'same-origin-match-for-cookie-jar', << pipeline.git.branch >> ]
     - matches:
         pattern: /^release\/\d+\.\d+\.\d+$/
         value: << pipeline.git.branch >>
@@ -56,9 +54,7 @@ linuxArm64WorkflowFilters: &linux-arm64-workflow-filters
     - equal: [ develop, << pipeline.git.branch >> ]
     # use the following branch as well to ensure that v8 snapshot cache updates are fully tested
     - equal: [ 'update-v8-snapshot-cache-on-develop', << pipeline.git.branch >> ]
-    - equal: [ 'cacie/dep/electron-27', << pipeline.git.branch >> ]
-    - equal: [ 'fix/force_colors_on_verify', << pipeline.git.branch >> ]
-    - equal: [ 'em/circle2', << pipeline.git.branch >> ]
+    - equal: [ 'same-origin-match-for-cookie-jar', << pipeline.git.branch >> ]
     - matches:
         pattern: /^release\/\d+\.\d+\.\d+$/
         value: << pipeline.git.branch >>
@@ -81,10 +77,7 @@ windowsWorkflowFilters: &windows-workflow-filters
     - equal: [ develop, << pipeline.git.branch >> ]
     # use the following branch as well to ensure that v8 snapshot cache updates are fully tested
     - equal: [ 'update-v8-snapshot-cache-on-develop', << pipeline.git.branch >> ]
-    - equal: [ 'cacie/dep/electron-27', << pipeline.git.branch >> ]
-    - equal: [ 'fix/force_colors_on_verify', << pipeline.git.branch >> ]
-    - equal: [ 'lerna-optimize-tasks', << pipeline.git.branch >> ]
-    - equal: [ 'mschile/mochaEvents_win_sep', << pipeline.git.branch >> ]
+    - equal: [ 'same-origin-match-for-cookie-jar', << pipeline.git.branch >> ]
     - matches:
         pattern: /^release\/\d+\.\d+\.\d+$/
         value: << pipeline.git.branch >>
@@ -154,7 +147,7 @@ commands:
           name: Set environment variable to determine whether or not to persist artifacts
           command: |
             echo "Setting SHOULD_PERSIST_ARTIFACTS variable"
-            echo 'if ! [[ "$CIRCLE_BRANCH" != "develop" && "$CIRCLE_BRANCH" != "release/"* && "$CIRCLE_BRANCH" != "publish-binary" && "$CIRCLE_BRANCH" != "fix/force_colors_on_verify" && "$CIRCLE_BRANCH" != "cacie/dep/electron-27" ]]; then
+            echo 'if ! [[ "$CIRCLE_BRANCH" != "develop" && "$CIRCLE_BRANCH" != "release/"* && "$CIRCLE_BRANCH" != "publish-binary" && "$CIRCLE_BRANCH" != "update-v8-snapshot-cache-on-develop" && "$CIRCLE_BRANCH" != "same-origin-match-for-cookie-jar" ]]; then
                 export SHOULD_PERSIST_ARTIFACTS=true
             fi' >> "$BASH_ENV"
   # You must run `setup_should_persist_artifacts` command and be using bash before running this command
diff --git a/packages/proxy/lib/http/response-middleware.ts b/packages/proxy/lib/http/response-middleware.ts
index 171fcc7ffa39..6231bbf8b7be 100644
--- a/packages/proxy/lib/http/response-middleware.ts
+++ b/packages/proxy/lib/http/response-middleware.ts
@@ -771,7 +771,7 @@ const MaybeInjectHtml: ResponseMiddleware = function () {
       wantsSecurityRemoved: this.res.wantsSecurityRemoved,
       isNotJavascript: !resContentTypeIsJavaScript(this.incomingRes),
       useAstSourceRewriting: this.config.experimentalSourceRewriting,
-      modifyObstructiveThirdPartyCode: this.config.experimentalModifyObstructiveThirdPartyCode && !this.remoteStates.isPrimarySuperDomainOrigin(this.req.proxiedUrl),
+      modifyObstructiveThirdPartyCode: this.config.experimentalModifyObstructiveThirdPartyCode && !this.remoteStates.isPrimaryOrigin(this.req.proxiedUrl),
       shouldInjectDocumentDomain: cors.shouldInjectDocumentDomain(this.req.proxiedUrl, {
         skipDomainInjectionForDomains: this.config.experimentalSkipDomainInjection,
       }),
@@ -820,7 +820,7 @@ const MaybeRemoveSecurity: ResponseMiddleware = function () {
   this.incomingResStream = this.incomingResStream.pipe(rewriter.security({
     isNotJavascript: !resContentTypeIsJavaScript(this.incomingRes),
     useAstSourceRewriting: this.config.experimentalSourceRewriting,
-    modifyObstructiveThirdPartyCode: this.config.experimentalModifyObstructiveThirdPartyCode && !this.remoteStates.isPrimarySuperDomainOrigin(this.req.proxiedUrl),
+    modifyObstructiveThirdPartyCode: this.config.experimentalModifyObstructiveThirdPartyCode && !this.remoteStates.isPrimaryOrigin(this.req.proxiedUrl),
     modifyObstructiveCode: this.config.modifyObstructiveCode,
     url: this.req.proxiedUrl,
     deferSourceMapRewrite: this.deferSourceMapRewrite,
diff --git a/packages/proxy/lib/http/util/top-simulation.ts b/packages/proxy/lib/http/util/top-simulation.ts
index 36e1384b2413..1ecc6c15ddca 100644
--- a/packages/proxy/lib/http/util/top-simulation.ts
+++ b/packages/proxy/lib/http/util/top-simulation.ts
@@ -10,5 +10,5 @@ export const doesTopNeedToBeSimulated = <T>(ctx: HttpMiddlewareThis<T>): boolean
 
   // only simulate top if the AUT is NOT the primary super domain origin, meaning that we should treat the AUT as top
   // or the request is the AUT frame, which is common for redirects and navigations.
-  return !ctx.remoteStates.isPrimarySuperDomainOrigin(currentAUTUrl) || ctx.req.isAUTFrame
+  return !ctx.remoteStates.isPrimaryOrigin(currentAUTUrl) || ctx.req.isAUTFrame
 }
diff --git a/packages/server/lib/remote_states.ts b/packages/server/lib/remote_states.ts
index 2ffb14b43149..334765b11189 100644
--- a/packages/server/lib/remote_states.ts
+++ b/packages/server/lib/remote_states.ts
@@ -53,7 +53,7 @@ export class RemoteStates {
   }
 
   get (url: string) {
-    const state = this.remoteStates.get(cors.getSuperDomainOrigin(url))
+    const state = this.remoteStates.get(cors.getOrigin(url))
 
     debug('getting remote state: %o for: %s', state, url)
 
@@ -74,8 +74,8 @@ export class RemoteStates {
     return state
   }
 
-  isPrimarySuperDomainOrigin (url: string): boolean {
-    return this.primaryOriginKey === cors.getSuperDomainOrigin(url)
+  isPrimaryOrigin (url: string): boolean {
+    return this.primaryOriginKey === cors.getOrigin(url)
   }
 
   reset () {
@@ -92,7 +92,7 @@ export class RemoteStates {
     return this.get(this.currentOriginKey) as Cypress.RemoteState
   }
 
-  set (urlOrState: string | Cypress.RemoteState, options: { auth?: {} } = {}, isPrimarySuperDomainOrigin: boolean = true): Cypress.RemoteState {
+  set (urlOrState: string | Cypress.RemoteState, options: { auth?: {} } = {}, isPrimaryOrigin: boolean = true): Cypress.RemoteState {
     let state
 
     if (_.isString(urlOrState)) {
@@ -122,11 +122,11 @@ export class RemoteStates {
       state = urlOrState
     }
 
-    const remoteOrigin = cors.getSuperDomainOrigin(state.origin)
+    const remoteOrigin = cors.getOrigin(state.origin)
 
     this.currentOriginKey = remoteOrigin
 
-    if (isPrimarySuperDomainOrigin) {
+    if (isPrimaryOrigin) {
       // convert map to array
       const stateArray = Array.from(this.remoteStates.entries())
 
diff --git a/packages/server/lib/server-base.ts b/packages/server/lib/server-base.ts
index 1137a8135e92..611ec0ee9058 100644
--- a/packages/server/lib/server-base.ts
+++ b/packages/server/lib/server-base.ts
@@ -760,7 +760,7 @@ export class ServerBase<TSocket extends SocketE2E | SocketCt> {
 
     let handlingLocalFile = false
     const previousRemoteState = this._remoteStates.current()
-    const previousRemoteStateIsPrimary = this._remoteStates.isPrimarySuperDomainOrigin(previousRemoteState.origin)
+    const previousRemoteStateIsPrimary = this._remoteStates.isPrimaryOrigin(previousRemoteState.origin)
     const primaryRemoteState = this._remoteStates.getPrimary()
 
     // nuke any hashes from our url since
@@ -932,7 +932,7 @@ export class ServerBase<TSocket extends SocketE2E | SocketCt> {
                   restorePreviousRemoteState(previousRemoteState, previousRemoteStateIsPrimary)
                 }
 
-                details.isPrimarySuperDomainOrigin = this._remoteStates.isPrimarySuperDomainOrigin(newUrl!)
+                details.isPrimaryOrigin = this._remoteStates.isPrimaryOrigin(newUrl!)
 
                 return resolve(details)
               })