test: listen always on 127.0.0.1 for client certificate tests (#32677)

packages/playwright-core/src/server/fetch.ts

@@ -263,6 +263,7 @@ export abstract class APIRequestContext extends SdkObject {
       try {
         return await this._sendRequest(progress, url, options, postData);
       } catch (e) {
+        e = rewriteOpenSSLErrorIfNeeded(e);
         if (maxRetries === 0)
           throw e;
         if (i === maxRetries || (options.deadline && monotonicTime() + backoff > options.deadline))
@@ -475,7 +476,7 @@ export abstract class APIRequestContext extends SdkObject {
         body.on('data', chunk => chunks.push(chunk));
         body.on('end', notifyBodyFinished);
       });
-      request.on('error', error => reject(rewriteOpenSSLErrorIfNeeded(error)));
+      request.on('error', reject);
 
       const disposeListener = () => {
         reject(new Error('Request context disposed.'));

tests/config/proxy.ts

@@ -57,14 +57,14 @@ export class TestProxy {
     this._prependHandler('request', (req: IncomingMessage) => {
       this.requestUrls.push(req.url);
       const url = new URL(req.url);
-      url.host = `localhost:${port}`;
+      url.host = `127.0.0.1:${port}`;
       req.url = url.toString();
     });
     this._prependHandler('connect', (req: IncomingMessage) => {
       if (!options?.allowConnectRequests)
         return;
       this.connectHosts.push(req.url);
-      req.url = `localhost:${port}`;
+      req.url = `127.0.0.1:${port}`;
     });
   }
 
@@ -138,10 +138,10 @@ export async function setupSocksForwardingServer({
     connections.get(payload.uid)?.destroy();
     connections.delete(payload.uid);
   });
-  await socksProxy.listen(port, 'localhost');
+  await socksProxy.listen(port, '127.0.0.1');
   return {
     closeProxyServer: () => socksProxy.close(),
-    proxyServerAddr: `socks5://localhost:${port}`,
+    proxyServerAddr: `socks5://127.0.0.1:${port}`,
     connectHosts,
   };
 }

tests/library/client-certificates.spec.ts

@@ -28,7 +28,6 @@ const { createHttpsServer, createHttp2Server } = require('../../packages/playwri
 
 type TestOptions = {
   startCCServer(options?: {
-    host?: string;
     http2?: boolean;
     enableHTTP1FallbackWhenUsingHttp2?: boolean;
     useFakeLocalhost?: boolean;
@@ -68,8 +67,8 @@ const test = base.extend<TestOptions>({
         }
         res.end(parts.map(({ key, value }) => `<div data-testid="${key}">${value}</div>`).join(''));
       });
-      await new Promise<void>(f => server.listen(0, options?.host ?? 'localhost', () => f()));
+      await new Promise<void>(f => server.listen(0, '127.0.0.1', () => f()));
-      const host = options?.useFakeLocalhost ? 'local.playwright' : 'localhost';
+      const host = options?.useFakeLocalhost ? 'local.playwright' : '127.0.0.1';
       return `https://${host}:${(server.address() as net.AddressInfo).port}/`;
     });
     if (server)
@@ -195,7 +194,7 @@ test.describe('fetch', () => {
   });
 
   test('pass with trusted client certificates and when a socks proxy is used', async ({ playwright, startCCServer, asset }) => {
-    const serverURL = await startCCServer({ host: '127.0.0.1' });
+    const serverURL = await startCCServer();
     const serverPort = parseInt(new URL(serverURL).port, 10);
     const { proxyServerAddr, closeProxyServer, connectHosts } = await setupSocksForwardingServer({
       port: test.info().workerIndex + 2048 + 2,
@@ -366,13 +365,13 @@ test.describe('browser', () => {
     });
     expect(proxyServer.connectHosts).toEqual([]);
     await page.goto(serverURL);
-    expect([...new Set(proxyServer.connectHosts)]).toEqual([`localhost:${new URL(serverURL).port}`]);
+    expect([...new Set(proxyServer.connectHosts)]).toEqual([`127.0.0.1:${new URL(serverURL).port}`]);
     await expect(page.getByTestId('message')).toHaveText('Hello Alice, your certificate was issued by localhost!');
     await page.close();
   });
 
   test('should pass with matching certificates and when a socks proxy is used', async ({ browser, startCCServer, asset, browserName }) => {
-    const serverURL = await startCCServer({ useFakeLocalhost: browserName === 'webkit' && process.platform === 'darwin', host: '127.0.0.1' });
+    const serverURL = await startCCServer({ useFakeLocalhost: browserName === 'webkit' && process.platform === 'darwin' });
     const serverPort = parseInt(new URL(serverURL).port, 10);
     const { proxyServerAddr, closeProxyServer, connectHosts } = await setupSocksForwardingServer({
       port: test.info().workerIndex + 2048 + 2,
@@ -390,7 +389,7 @@ test.describe('browser', () => {
     });
     expect(connectHosts).toEqual([]);
     await page.goto(serverURL);
-    expect(connectHosts).toEqual([`localhost:${serverPort}`]);
+    expect(connectHosts).toEqual([`127.0.0.1:${serverPort}`]);
     await expect(page.getByTestId('message')).toHaveText('Hello Alice, your certificate was issued by localhost!');
     await page.close();
     await closeProxyServer();
@@ -625,7 +624,7 @@ test.describe('browser', () => {
   });
 
   test('should pass with matching certificates on context APIRequestContext instance', async ({ browser, startCCServer, asset, browserName }) => {
-    const serverURL = await startCCServer({ host: '127.0.0.1' });
+    const serverURL = await startCCServer();
     const baseOptions = {
       certPath: asset('client-certificates/client/trusted/cert.pem'),
       keyPath: asset('client-certificates/client/trusted/key.pem'),
@@ -688,7 +687,7 @@ test.describe('browser', () => {
       }],
     });
     {
-      await page.goto(serverURL.replace('localhost', 'local.playwright'));
+      await page.goto(serverURL.replace('127.0.0.1', 'local.playwright'));
       await expect(page.getByTestId('message')).toHaveText('Sorry, but you need to provide a client certificate to continue.');
       await expect(page.getByTestId('alpn-protocol')).toHaveText('h2');
       await expect(page.getByTestId('servername')).toHaveText('local.playwright');
@@ -714,7 +713,7 @@ test.describe('browser', () => {
       }],
     });
     {
-      await page.goto(serverURL.replace('localhost', 'local.playwright'));
+      await page.goto(serverURL.replace('127.0.0.1', 'local.playwright'));
       await expect(page.getByTestId('message')).toHaveText('Sorry, but you need to provide a client certificate to continue.');
       await expect(page.getByTestId('alpn-protocol')).toHaveText('http/1.1');
     }