Cypress: cy.visit secure error when _ used in hostname

Created on 27 Dec 2018 · 4Comments · Source: cypress-io/cypress

Current behavior:

When I try to visit my app, which located in JenkinsCI, I encounter an error:

This site can’t provide a secure connection someadresss.tk doesn't adhere to security standards.
ERR_SSL_SERVER_CERT_BAD_FORMAT

When I put URL in the browser app open, this error only in Cypress sandbox

Versions

Operating System: Ubuntu 16.04
Cypress Version: 3.1.3
Browser Version: Chrome 70

wontfix

Source

MikePopov

❤1

Most helpful comment

@alexbridge Thanks so much for leaving a comment!

This does appear to be the root of the issue. I believe this is a legitimate error due to _ being used in the hostname, which is invalid as described in RFC 952

A "name" (Net, Host, Gateway, or Domain name) is a text string up
to 24 characters drawn from the alphabet (A-Z), digits (0-9), minus
sign (-), and period (.). Note that periods are only allowed when
they serve to delimit components of "domain style names". (See
RFC-921, "Domain Name System Implementation Schedule", for
background). No blank or space characters are permitted as part of a
name. No distinction is made between upper and lower case. The first
character must be an alpha character. The last character must not be
a minus sign or period. A host which serves as a GATEWAY should have
"-GATEWAY" or "-GW" as part of its name. Hosts which do not serve as
Internet gateways should not use "-GATEWAY" and "-GW" as part of
their names. A host which is a TAC should have "-TAC" as the last
part of its host name, if it is a DoD host. Single character names
or nicknames are not allowed.

jennifer-shehane on 15 Feb 2019

❤1 👍1

All 4 comments

Could you try setting "chromeWebSecurity": false in cypress.json?

You can always set other flags directly https://github.com/cypress-io/cypress/issues/715#issuecomment-402314281, but I think disabling chromeWebSecurity should work in your case.

masiulis on 27 Dec 2018

I did this first

but it did not help

MikePopov on 27 Dec 2018

We also have same issue with wildcard certificate, issued by Letsencrypt, when we try to run tests against subdomain.

After researches, found out, that underscore _ in subdomain name produced this error with Electron browser.
Switching to subdomain with hyphen - instead, fixed issue.

alexbridge on 14 Feb 2019

❤1 👍1

@alexbridge Thanks so much for leaving a comment!

This does appear to be the root of the issue. I believe this is a legitimate error due to _ being used in the hostname, which is invalid as described in RFC 952

A "name" (Net, Host, Gateway, or Domain name) is a text string up
to 24 characters drawn from the alphabet (A-Z), digits (0-9), minus
sign (-), and period (.). Note that periods are only allowed when
they serve to delimit components of "domain style names". (See
RFC-921, "Domain Name System Implementation Schedule", for
background). No blank or space characters are permitted as part of a
name. No distinction is made between upper and lower case. The first
character must be an alpha character. The last character must not be
a minus sign or period. A host which serves as a GATEWAY should have
"-GATEWAY" or "-GW" as part of its name. Hosts which do not serve as
Internet gateways should not use "-GATEWAY" and "-GW" as part of
their names. A host which is a TAC should have "-TAC" as the last
part of its host name, if it is a DoD host. Single character names
or nicknames are not allowed.