Skip to content

Stop Playwright tracing during E2E login to prevent credential exposure#7191

Merged
ryancbahan merged 5 commits into
mainfrom
e2e-scrub-credentials-from-traces
Apr 6, 2026
Merged

Stop Playwright tracing during E2E login to prevent credential exposure#7191
ryancbahan merged 5 commits into
mainfrom
e2e-scrub-credentials-from-traces

Conversation

@ryancbahan

@ryancbahan ryancbahan commented Apr 3, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Stops Playwright tracing before entering credentials in the E2E login flow and restarts it after login completes
  • Navigates to about:blank before restarting tracing so the first snapshot doesn't capture residual form state
  • Removes page HTML dump from login error messages since filled input values could appear in the DOM

Ref: shopify/bugbounty#3638393

Test plan

  • Verify E2E tests still pass on this branch
  • Download the playwright-report and playwright-results artifacts after CI runs
  • Inspect trace files and HTML report to confirm email/password are no longer present
  • Verify [e2e] Tracing paused for credential entry and [e2e] Tracing resumed after credential entry appear in CI logs

Playwright traces capture page.fill() values verbatim, and traces are
uploaded as publicly downloadable CI artifacts. This stops tracing before
entering credentials and restarts it after login completes, navigating to
about:blank before restart so the first snapshot doesn't capture residual
form state. Also removes page HTML dump from login error messages since
filled input values could appear in the DOM.

Ref: shopify/bugbounty#3638393

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@ryancbahan ryancbahan marked this pull request as ready for review April 3, 2026 20:50
@ryancbahan ryancbahan requested a review from a team as a code owner April 3, 2026 20:50
ryancbahan and others added 3 commits April 3, 2026 14:53
The previous approach (context.tracing.stop()) did not work — Playwright's
test runner instruments API calls at a level above context.tracing, so
fill() values are logged in traces regardless. Using evaluate() to set
input values via the DOM bypasses the Playwright action log entirely, so
credentials never appear in trace files or HTML reports.

Ref: shopify/bugbounty#3638393

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Fix prettier formatting for error string concatenation
- Avoid HTMLInputElement (not in tsconfig types: ["node"]) by casting
  through unknown

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Drop explicit Element type annotation (not in node-only tsconfig)
- Inline string concatenation to fix no-useless-concat

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

@dmerand dmerand left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm no expert in Playwright, but after a pretty extensive web search, the robots found a few things

Comment thread packages/e2e/helpers/browser-login.ts
Comment thread packages/e2e/helpers/browser-login.ts
Comment thread packages/e2e/helpers/browser-login.ts Outdated
Navigate to about:blank in the catch block before rethrowing so that
failure artifacts (screenshots, trace snapshots) do not capture the
login form with credentials still populated.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@ryancbahan ryancbahan requested a review from dmerand April 3, 2026 21:39

@dmerand dmerand left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's give it a try.

@ryancbahan ryancbahan added this pull request to the merge queue Apr 6, 2026
Merged via the queue into main with commit 10645fc Apr 6, 2026
51 of 68 checks passed
@ryancbahan ryancbahan deleted the e2e-scrub-credentials-from-traces branch April 6, 2026 15:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants