Skip to main content


If you'd like to try out what we're working on in Cypress, you can enable specific experimental features for your project using the Cypress configuration options described below.


⚠️ The experimental features might change or ultimately be removed without making it into the core product. Our primary goal for experiments is to collect real-world feedback during their development. For more information, see the documentation for all Cypress Release Stages.


You can pass the Cypress configuration options below to enable or disable experiments. See our Configuration Guide on how to pass configuration to Cypress.

experimentalCspAllowListfalseIndicates the Content-Security-Policy directives to be permitted during a test run. See Content-Security-Policy for more information.
experimentalFetchPolyfillfalseAutomatically replaces window.fetch with a polyfill that Cypress can spy on and stub. Note: experimentalFetchPolyfill has been deprecated in Cypress 6.0.0 and will be removed in a future release. Consider using cy.intercept() to intercept fetch requests instead.
experimentalInteractiveRunEventsfalseAllows listening to the before:run, after:run, before:spec, and after:spec events in the setupNodeEvents function during interactive mode.
experimentalMemoryManagementfalseEnables support for improved memory management within Chromium-based browsers.
experimentalModifyObstructiveThirdPartyCodefalseWhether Cypress will search for and replace obstructive code in third party .js or .html files. NOTE: Setting this flag removes Subresource Integrity (SRI).
experimentalSourceRewritingfalseEnables AST-based JS/HTML rewriting. This may fix issues caused by the existing regex-based JS/HTML replacement algorithm. See #5273 for details.
experimentalWebKitSupportfalseEnable experimental support for running tests in WebKit. When set, installs of playwright-webkit will be detected and available in Cypress. See Launching Browsers for more information.

Experimental CSP Allow List

Cypress by default strips all CSP headers (Content-Security-Policy and Content-Security-Policy-Report-Only) from the response before it is sent to the browser. The experimentalCspAllowList option allows for more granular control over which CSP directives are stripped from the CSP response headers, allowing you to test your application with CSP enabled. Valid values for this option are false (the default), true, or an array of CSP directive names.

false (default)experimentalCspAllowList=false

Strip All CSP Headers

The value experimentalCspAllowList=false (default) will remove all CSP headers from the response before it is sent to the browser. This option should be used if you do not depend on CSP for any tests in your application.

Strip Minimum CSP Directives

If you need to test your application with CSP enabled, setting the experimentalCspAllowList option will allow all CSP headers to be sent to the browser except those that could prevent Cypress from functioning normally.

The following CSP directives will always be stripped:

Stripped DirectiveAllowableReason
frame-ancestorsNoPrevents Cypress from loading a test application into an iframe.
navigate-toNoAffects Cypress' ability to navigate to different URLs.
require-trusted-types-forNoMight prevent Cypress from rewriting the DOM.
sandboxNoCan restrict access to script and iframe functionality.
trusted-typesNoCould cause Cypress injections to be marked as untrusted.

When experimentalCspAllowList=true the following directives are also stripped in addition to the ones listed above, but can be configured to be allowed to be sent to the browser:

Stripped DirectiveAllowableReason
child-srcYesCould prevent iframes from loading in combination with other Cypress options.
default-srcYesConditionally prevents Cypress from loading scripts and running.
frame-srcYesCould prevent iframes from loading in combination with other Cypress options.
form-actionYesCan prevent Cypress from monitoring form events.
script-srcYesConditionally prevents Cypress from loading scripts and running.
script-src-elemYesConditionally prevents Cypress from loading scripts and running.

Allow Specific CSP Directives

Set the experimentalCspAllowList option to an array of directive names marked as "Allowable" from the list above. This will allow the specified CSP directives to be sent to the browser.

The following configuration would allow the default-src, script-src, and script-src-elem directives to be sent to the browser:

const { defineConfig } = require('cypress')

module.exports = defineConfig({
experimentalCspAllowList: ['default-src', 'script-src', 'script-src-elem'],

Defining experimentalCspAllowList may cause Cypress to be unable to run tests against your application. If you experience issues, reduce the directives specified in your allow list to identify which directive is causing issues.

There is a known issue when using certain directives containing hash algorithm values and the modifyObstructiveCode and/or experimentalSourceRewriting options. Using these options in combination with the experimentalCspAllowList option can cause a mismatch between the original hashed directive value, and the modified HTML or JS value.

Testing Type-Specific Experiments

You can provide configuration options for either E2E or Component Testing by creating e2e and component objects inside your Cypress configuration.

End-to-End Testing

These experiments are available to be specified inside the e2e configuration object:

experimentalStudiofalseGenerate and save commands directly to your test suite by interacting with your app as an end user would.
experimentalRunAllSpecsfalseEnables the "Run All Specs" UI feature, allowing the execution of multiple specs sequentially.
experimentalOriginDependenciesfalseEnables support for require/import within cy.origin.
experimentalSkipDomainInjectionnullRemoves injecting document.domain into text/html pages for any sites that match the provided patterns.

Experimental Skip Domain Injection

Under the hood, Cypress injects document.domain into your test application to lessen the burden of navigation. This is well described in our Cross Origin Testing guide. However, some sites have compatibility issues with this feature.

The experimentalSkipDomainInjection option disables injecting document.domain inside Cypress. When enabled, all cross-origin/subdomain navigation must use cy.origin(), which may make tests a bit more verbose. We only recommend including your site pattern if you are having issues running Cypress out of the box and suspect setting document.domain is interfering with your site's ability to render properly.

Before enabling, verify your application is not implementing frame busting techniques, which you can mitigate with the modifyObstructiveCode and experimentalModifyObstructiveThirdPartyCode flags.

At this point in time, we are aware of the following sites that require the experimentalSkipDomainInjection option to be set to be tested properly:

  • Google
  • Salesforce

This flag can be enabled by passing an array of origin URLs or minimatch glob patterns:

const { defineConfig } = require('cypress')

module.exports = defineConfig({
e2e: {
experimentalSkipDomainInjection: [

If using other Salesforce domains, such as enhanced domains, you will need to add the correct matching glob pattern.

Component Testing

These experiments are available to be specified inside the component configuration object:

experimentalSingleTabRunModefalseRun all specs in a single tab, instead of creating a new tab per spec. This can improve run mode performance, but can impact spec isolation and reliability on large test suites.


12.4.0Added experimentalSkipDomainInjection and experimentalMemoryManagement.
12.0.0Removed experimentalSessionAndOrigin and made it the default behavior. Added experimentalOriginDependencies.
11.2.0Added experimentalRunAllSpecs.
10.8.0Added experimentalWebKitSupport.
10.6.0Added support for experimentalSingleTabRunMode.
10.4.0Added support for experimentalModifyObstructiveThirdPartyCode.
9.6.0Added support for experimentalSessionAndOrigin and removed experimentalSessionSupport.
8.2.0Added support for experimentalSessionSupport.
7.1.0Added support for experimentalInteractiveRunEvents.
7.0.0Removed experimentalComponentTesting and made it the default behavior.
6.7.0Removed experimentalRunEvents and made it the default behavior.
6.3.0Added support for experimentalStudio.
6.2.0Added support for experimentalRunEvents.
6.0.0Removed experimentalNetworkStubbing and made it the default behavior when using cy.intercept().
6.0.0Deprecated experimentalFetchPolyfill.
5.2.0Removed experimentalShadowDomSupport and made it the default behavior.
5.1.0Added support for experimentalNetworkStubbing.
5.0.0Removed experimentalGetCookiesSameSite and made it the default behavior.
4.9.0Added support for experimentalFetchPolyfill.
4.8.0Added support for experimentalShadowDomSupport.
4.6.0Added support for experimentalSourceRewriting.
4.5.0Added support for experimentalComponentTesting.
4.3.0Added support for experimentalGetCookiesSameSite.