Cypress: After the SalesForce Login it shows the "Whoops, there is no test to run"

I have the same problem to test the Salesforce site. Is there are any workaround? thanks

This is SF clickjacking protection. It forces the login form action to run on _top.

@johncblandii is right. At some point, probably at a login attempt, there was a script like window.top.location = ... which broke out of the cypress AUT iframe. This is part of the reason we don't recommend testing 3rd party sites, because this is unavoidable

so you should disable the anti-clickjacking code if you're trying to test that page, and if you don't own the code on that page, work around it by logging in via an API or query params in the url

Anyone with a workaround to log in to Salesforce please help me I'm completely stuck. Thanks.

@Bkucera Could you please help how to disable the anti-clickjacking code. Thanks.

@simonmagabe if you control the source code, find the code that calls window.location or window.top and put a flag around it to disable it in a testing/staging/dev environment.

if you don't control the source code, you can't. This is why we suggest not to test pages you don't control. Instead, try logging in programmatically with cy.request to bypass that UI

Turning off anti-clickjacking doesn't work, @Bkucera.

Cypress should look at moving beyond the iframe so it can be used for more than "we own all of the code" scenarios. To help understand why this keeps being an issue, Salesforce testing isn't about testing their sign in. It is about signing into their system and testing custom apps built on the Salesforce stack. By not using an iframe in TestCafe, I signed in easily on SF and wrote tests quickly.

@simonmagabe that is something you have to get Salesforce to do.

I am having the same issue. Is this iframe problem also happening in headless mode?

@johncblandii yes this is the downside of Iframing the app, without rewriting all the AST in the proxy (which is possible).

Current Workaround

We recommend using the Salesforce API to generate a user session, by using cy.request(), which will automatically set cookies for you, and yield you tokens that belong in localStorage or similar session storage.

@Bkucera I'm currently running into the same issue. I'm new to Cypress and was wondering if you could explain how this issue could be bypassed.

@Bkucera, we ditched Cypress long ago for this reason and lack of other browser support. I couldn't make the case for Cypress with these issues.

Making an API request to auth was clunky for us when better solutions existed on other test platforms.

I hope it continues to improve. It is so close to being great.

I don't think the current workaround works. I can create the session using cy.request, but when doing cy.visit to go to https://xxxxxx.lightning.force.com/lightning/setup/SetupOneHome/home I still get the whoops message

Here is my test code

cy.request({
  method: 'POST',
  url: 'https://xxxxxx.my.salesforce.com/services/oauth2/token',
  form: true,
  body:'grant_type=password&client_id=MY_ID&client_secret=MY_SECRET&username=MY_USERNAME&password=MY_PASSWORD'
});  

cy.visit('https://xxxxxx.my.salesforce.com/lightning/setup/SetupOneHome/home')

note the post url isn't to test.salesforce.com but my scratch org domain name
Has anyone been able to get this to work?

^ seeing the same issue

Is there no fix for this? This issue was posted a year ago and its ongoing. Please provide some follow up as we are still having this problem

Current recommended workaround is in this comment: https://github.com/cypress-io/cypress/issues/2367#issuecomment-487972147

We haven't written out a specific example of exactly every piece of code to write to work around this. So, any suggestions from people who have gotten this working is appreciated.

@jennifer-shehane I tried the workaround using the code I posted above, which sends a request that works and returns an access token that we can verify is valid, but we noticed that cy.request does not save the cookie automatically, so then we tried to save the cookie ourselves using;

cy.setCookie('sid', 'access_token')

which does save a cookie but doesn't allow us to bypass the login as suggested we assume this is because setCookie doesn't seem to save any of the cookie options, lastly we tried to set the cookie options as below but then it no longer saves the cookie at all.

cy.setCookie('sid', 'access_token', {
    path:'/',
    httpOnly: true,
    secure: false,
    domain: 'domain_name'
  });

I have not tried any of the above on any other site other than for trying to login to our salesforce scratch org, so I'm not suggesting these methods are broken but I may be using cy.request or cy.setCookie incorrectly or maybe its some salesforce magic that's not allowing it to work. I would say, however, that if what I am doing is correct that the workaround doesn't work.

The actual app we want to test isn't built using salesforce so we are just going to mock the backend and test the UI standalone but it would be nice to be able to run the tests by going through salesforce so if anyone has any luck please let me know as there is very little information out there where people use cypress for testing Salesforce apps.

Hey guys,
I found a way to pass that, if you put the username + password in your cy.visit() it works, you can get through the login page.

Example:

cy.visit("https://test.salesforce.com/un=test.user%40workspace.com&pw=your_password&startURL=%2F001")

the %40 is just the encoded format of @, replacing [email protected] with test.user%40workspace.com

It worked for me, hope it helps :)

Hey guys,
I found a way to pass that, if you put the username + password in your cy.visit() it works, you can get through the login page.

Example:
cy.visit("https://test.salesforce.com/un=test.user%40workspace.com&pw=your_password&startURL=%2F001")

the %40 is just the encoded format of @, replacing test.[email protected] with test.user%40workspace.com

It worked for me, hope it helps :)

Thanks for this, but unfortunately doesn't work for me, when I try it through cypress I get the message CypressError: cy.visit() failed trying to load:, and I get a URL No Longer Exists page when I try this manually, I did a (very) little bit of research and it seems this has been deprecated by salesforce or its specifically for a type of org, glad it works for you though. Do you have a source for where you found this solution? it may lead to other options.

Hey guys,
I found a way to pass that, if you put the username + password in your cy.visit() it works, you can get through the login page.
Example:
cy.visit("https://test.salesforce.com/un=test.user%40workspace.com&pw=your_password&startURL=%2F001")
the %40 is just the encoded format of @, replacing test.[email protected] with test.user%40workspace.com
It worked for me, hope it helps :)

Thanks for this, but unfortunately doesn't work for me, when I try it through cypress I get the message "CypressError: cy.visit() failed trying to load:", and I get a "URL No Longer Exists" page when I try this manually, I did a (very) little bit of research and it seems this has been deprecated by salesforce or its specifically for a type of org, glad it works for you though. Do you have a source for where you found this solution? it may lead to other options.

So I managed to get this to work manually by using the following URL

https://test.salesforce.com/login.jsp?un=user%40scratch.com&pw=thePassword123

oddly when doing it manually if you try it a second time in the same session it complains the password is wrong.

When trying with cypress I get a security error

SecurityError: Blocked a frame with origin "https://DOMAIN_NAME.documentforce.com" from accessing a cross-origin frame.

Which looks like it can be fixed by setting chromeWebSecurity: false however after doing that I now get

Refused to display 'LOGIN_URL' in a frame because it set 'X-Frame-Options' to 'deny'. 

which I'm guessing is a salesforce security option denying this. is there something you @bassolini have set in your org to allow this to work?

Hey guys,
I found a way to pass that, if you put the username + password in your cy.visit() it works, you can get through the login page.
Example:
cy.visit("https://test.salesforce.com/un=test.user%40workspace.com&pw=your_password&startURL=%2F001")
the %40 is just the encoded format of @, replacing test.[email protected] with test.user%40workspace.com
It worked for me, hope it helps :)

Thanks for this, but unfortunately doesn't work for me, when I try it through cypress I get the message "CypressError: cy.visit() failed trying to load:", and I get a "URL No Longer Exists" page when I try this manually, I did a (very) little bit of research and it seems this has been deprecated by salesforce or its specifically for a type of org, glad it works for you though. Do you have a source for where you found this solution? it may lead to other options.

Hey, sorry small mistake, I missed the ? before the un=

https://test.salesforce.com/?un=test.user%40workspace.com&pw=your_password&startURL=%2F001

I'll re-open this for visibility, since it is an issue many users will run into and it is possible we may be able to fix this in the futue

@bassolini your solution worked for me, I’m able to login into Salesforce. It’s a wonky workaround but it works for now. Thanks.

Sent from my iPhone

On Sep 3, 2019, at 7:07 PM, Ben Kucera notifications@github.com wrote:

I'll re-open this for visibility, since it is an issue many users will run into and it is possible we may be able to fix this in the futue

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.

Hey guys,
I found a way to pass that, if you put the username + password in your cy.visit() it works, you can get through the login page.
Example:
cy.visit("https://test.salesforce.com/un=test.user%40workspace.com&pw=your_password&startURL=%2F001")
the %40 is just the encoded format of @, replacing test.[email protected] with test.user%40workspace.com
It worked for me, hope it helps :)

Thanks for this, but unfortunately doesn't work for me, when I try it through cypress I get the message "CypressError: cy.visit() failed trying to load:", and I get a "URL No Longer Exists" page when I try this manually, I did a (very) little bit of research and it seems this has been deprecated by salesforce or its specifically for a type of org, glad it works for you though. Do you have a source for where you found this solution? it may lead to other options.

Hey, sorry small mistake, I missed the ? before the un=

https://test.salesforce.com/?un=test.user%40workspace.com&pw=your_password&startURL=%2F001

Hi yeah, I actually managed to figure that part out in the end but if you see the next comment I ran into a security warning from salesforce that stopped the tests proceeding.

So I had a couple of questions (@simonmagabe, if you could answer these too, that would also be useful) was there some kind of configuration that you needed to set in your org first to get this to work? Also what type of org are you using?

Hey guys,
I found a way to pass that, if you put the username + password in your cy.visit() it works, you can get through the login page.
Example:
cy.visit("https://test.salesforce.com/un=test.user%40workspace.com&pw=your_password&startURL=%2F001")
the %40 is just the encoded format of @, replacing test.[email protected] with test.user%40workspace.com
It worked for me, hope it helps :)

Thanks for this, but unfortunately doesn't work for me, when I try it through cypress I get the message "CypressError: cy.visit() failed trying to load:", and I get a "URL No Longer Exists" page when I try this manually, I did a (very) little bit of research and it seems this has been deprecated by salesforce or its specifically for a type of org, glad it works for you though. Do you have a source for where you found this solution? it may lead to other options.

Hey, sorry small mistake, I missed the ? before the un=
https://test.salesforce.com/?un=test.user%40workspace.com&pw=your_password&startURL=%2F001

Hi yeah, I actually managed to figure that part out in the end but if you see the next comment I ran into a security warning from salesforce that stopped the tests proceeding.

So I had a couple of questions (@simonmagabe, if you could answer these too, that would also be useful) was there some kind of configuration that you needed to set in your org first to get this to work? Also what type of org are you using?

Not really, I'm doing it in my developer sandbox.
Do you mind sharing the error that you've got?

Hey guys,
I found a way to pass that, if you put the username + password in your cy.visit() it works, you can get through the login page.
Example:
cy.visit("https://test.salesforce.com/un=test.user%40workspace.com&pw=your_password&startURL=%2F001")
the %40 is just the encoded format of @, replacing test.[email protected] with test.user%40workspace.com
It worked for me, hope it helps :)

Thanks for this, but unfortunately doesn't work for me, when I try it through cypress I get the message "CypressError: cy.visit() failed trying to load:", and I get a "URL No Longer Exists" page when I try this manually, I did a (very) little bit of research and it seems this has been deprecated by salesforce or its specifically for a type of org, glad it works for you though. Do you have a source for where you found this solution? it may lead to other options.

Hey, sorry small mistake, I missed the ? before the un=
https://test.salesforce.com/?un=test.user%40workspace.com&pw=your_password&startURL=%2F001

Hi yeah, I actually managed to figure that part out in the end but if you see the next comment I ran into a security warning from salesforce that stopped the tests proceeding.
So I had a couple of questions (@simonmagabe, if you could answer these too, that would also be useful) was there some kind of configuration that you needed to set in your org first to get this to work? Also what type of org are you using?

Not really, I'm doing it in my developer sandbox.
Do you mind sharing the error that you've got?

Sure here's the error

SecurityError: Blocked a frame with origin "https://DOMAIN_NAME.documentforce.com" from accessing a cross-origin frame

I am using a scratch org though so maybe thats the problem, also looks like there are some settings I can change, however, i'd need to actually contact salesforce which seems a little daft, hoping there's some other way around it.

Hey guys,
I found a way to pass that, if you put the username + password in your cy.visit() it works, you can get through the login page.
Example:
cy.visit("https://test.salesforce.com/un=test.user%40workspace.com&pw=your_password&startURL=%2F001")
the %40 is just the encoded format of @, replacing test.[email protected] with test.user%40workspace.com
It worked for me, hope it helps :)

Thanks for this, but unfortunately doesn't work for me, when I try it through cypress I get the message "CypressError: cy.visit() failed trying to load:", and I get a "URL No Longer Exists" page when I try this manually, I did a (very) little bit of research and it seems this has been deprecated by salesforce or its specifically for a type of org, glad it works for you though. Do you have a source for where you found this solution? it may lead to other options.

Hey, sorry small mistake, I missed the ? before the un=
https://test.salesforce.com/?un=test.user%40workspace.com&pw=your_password&startURL=%2F001

Hi yeah, I actually managed to figure that part out in the end but if you see the next comment I ran into a security warning from salesforce that stopped the tests proceeding.
So I had a couple of questions (@simonmagabe, if you could answer these too, that would also be useful) was there some kind of configuration that you needed to set in your org first to get this to work? Also what type of org are you using?

Not really, I'm doing it in my developer sandbox.
Do you mind sharing the error that you've got?

Sure here's the error

SecurityError: Blocked a frame with origin "https://DOMAIN_NAME.documentforce.com" from accessing a cross-origin frame

I am using a scratch org though so maybe thats the problem, also looks like there are some settings I can change, however, i'd need to actually contact salesforce which seems a little daft, hoping there's some other way around it.

yeah, It might be related with scratch orgs, I had a couple of issues working with it a few months ago..
btw, if you need for any reason, here's a link with the metadata coverage for scratch orgs, you can literally just search the config that you want to apply and get a sample of you scratch org defition..
https://developer.salesforce.com/docs/metadata-coverage/46

having same issue here. None of these work-arounds work

Hey guys,
I found a way to pass that, if you put the username + password in your cy.visit() it works, you can get through the login page.

Example:
cy.visit("https://test.salesforce.com/un=test.user%40workspace.com&pw=your_password&startURL=%2F001")

the %40 is just the encoded format of @, replacing test.[email protected] with test.user%40workspace.com

It worked for me, hope it helps :)

I was able to login in a Partner Community using the same way.

Great work!!

related, in cy.visit() you'll be able to pass an option specifying queryparams to be appended to the url #5034

I am also facing the same issue while logging in "login.salesforce.com" , Any workaround

I am also facing the same issue while logging in "login.salesforce.com" , Any workaround

I was unable to get any of the workarounds listed here to work with a scratch so we have shelved using Cypress for now, in favour of Puppetteer which works with salesforce fine, admittedly it's not as good as Cypress but it works.

A friend of mine, who's more experienced in Cypress, helped me with a solution to this problem. It considers @bassolini's comment.

cy.request('https://test.salesforce.com/?un=test.user%40workspace.com&pw=your_password&startURL=%2Fhome')
cy.visit('https://your.domain.lightning.force.com/lightning/page/home')

I'm using Cypress v3.4.1.

A friend of mine, who's more experienced in Cypress, helped me with a solution to this problem. It considers @bassolini's comment.

cy.request('https://test.salesforce.com/?un=test.user%40workspace.com&pw=your_password&startURL=%2Fhome') cy.visit('https://your.domain.lightning.force.com/lightning/page/home')

I'm using Cypress v3.4.1.

Hey thanks, this works for me.

I have a working solution, but this will involve the SFDX CLI in the machine where cypress is running.
This is my current code:

cy
    .exec('sfdx force:org:display -u <replace_with_org_alias> --json | sed -r "s/[[:cntrl:]]\[[0-9]{1,3}m//g"')
    .then((response) => {
        let result = JSON.parse(response.stdout).result;
        let sessionId = result.accessToken;
        let instanceUrl = result.instanceUrl;

        cy.request(`${instanceUrl}/secur/frontdoor.jsp?sid=${sessionId}`)
        cy.visit(`${instanceUrl}/lightning/n/Service_Locator`)
    })

Let me break down the solution

• this requires that you have a pre-step of authenticating to your org via sfdx, so that sfdx force:org:display -u <org_alias> --json will return valid session credentials. this will totally replace your username/password combo. you don't need to do that anymore.
• | sed - this removes the color codes that comes with the -- json option
• after that, go ahead and do cy.request and cy.visit using the instance url and sessionId returned by the sfdx command

This solution runs more or less 17 seconds (YMMV). You can also plug this into your CI/CD if you're using one.

A friend of mine, who's more experienced in Cypress, helped me with a solution to this problem. It considers @bassolini's comment.

cy.request('https://test.salesforce.com/?un=test.user%40workspace.com&pw=your_password&startURL=%2Fhome')
cy.visit('https://your.domain.lightning.force.com/lightning/page/home')

I'm using Cypress v3.4.1.

What is test.salesforce.com ? Is it "your.domain.salesforce.com"? Or is there a specific URL for salesforce where you can get the token back from for any domain?

A friend of mine, who's more experienced in Cypress, helped me with a solution to this problem. It considers @bassolini's comment.

cy.request('https://test.salesforce.com/?un=test.user%40workspace.com&pw=your_password&startURL=%2Fhome')
cy.visit('https://your.domain.lightning.force.com/lightning/page/home')

I'm using Cypress v3.4.1.

What is test.salesforce.com ? Is it "your.domain.salesforce.com"? Or is there a specific URL for salesforce where you can get the token back from for any domain?

Hi, @richardszanyi .

• "https://test.salesforce.com" is the URL to your Sandbox's login page.
• "https://your.domain.lightning.force.com/lightning/page/home" is the application's URL after you login into the Sandbox.

I've written an article on Medium with some tips on testing Salesforce with Cypress that may help you.

https://medium.com/smartbox-engineering/using-cypress-to-test-in-salesforce-a0699afe09b7

A friend of mine, who's more experienced in Cypress, helped me with a solution to this problem. It considers @bassolini's comment.

cy.request('https://test.salesforce.com/?un=test.user%40workspace.com&pw=your_password&startURL=%2Fhome')
cy.visit('https://your.domain.lightning.force.com/lightning/page/home')

I'm using Cypress v3.4.1.

What is test.salesforce.com ? Is it "your.domain.salesforce.com"? Or is there a specific URL for salesforce where you can get the token back from for any domain?

Hi, @richardszanyi .

• "https://test.salesforce.com" is the URL to your Sandbox's login page.
• "https://your.domain.lightning.force.com/lightning/page/home" is the application's URL after you login into the Sandbox.

I've written an article on Medium with some tips on testing Salesforce with Cypress that may help you.

https://medium.com/smartbox-engineering/using-cypress-to-test-in-salesforce-a0699afe09b7

Thank you, that is really helpful. We will look into that!

Hey guys,
I found a way to pass that, if you put the username + password in your cy.visit() it works, you can get through the login page.

Example:

cy.visit("https://test.salesforce.com/un=test.user%40workspace.com&pw=your_password&startURL=%2F001")

the %40 is just the encoded format of @, replacing [email protected] with test.user%40workspace.com

It worked for me, hope it helps :)

Hey guys,
I found a way to pass that, if you put the username + password in your cy.visit() it works, you can get through the login page.
Example:
cy.visit("https://test.salesforce.com/un=test.user%40workspace.com&pw=your_password&startURL=%2F001")
the %40 is just the encoded format of @, replacing test.[email protected] with test.user%40workspace.com
It worked for me, hope it helps :)

Thanks for this, but unfortunately doesn't work for me, when I try it through cypress I get the message "CypressError: cy.visit() failed trying to load:", and I get a "URL No Longer Exists" page when I try this manually, I did a (very) little bit of research and it seems this has been deprecated by salesforce or its specifically for a type of org, glad it works for you though. Do you have a source for where you found this solution? it may lead to other options.

Hey, sorry small mistake, I missed the ? before the un=

https://test.salesforce.com/?un=test.user%40workspace.com&pw=your_password&startURL=%2F001

@bassolini Thanks. It worked!