Has something changed recently that affects cookie handling?
I’ve faced this too, recently. It seems Cypress changed how cookies are handled with cross-origin and SameSite policies. The thing is, if your app is setting cookies with SameSite=None; Secure, cy.clearCookies() doesn’t always clear them unless you’re working in a fully isolated domain context.
What worked for me was using cy.origin() properly when switching between domains, and adding cy.clearCookies({ domain: null }) to make sure all cookies are cleared regardless of their scope. That did the trick for me!
Ah, I ran into this issue as well. It turned out that cy.clearCookies() wasn’t working for us because we had Chrome Web Security disabled in the cypress.config.js. This led to issues with cookie scoping, especially for third-party cookies.
Also, cy.clearCookies() won’t clear cookies from domains not currently active in the test, so I had to visit the subdomain where the cookies were set before calling cy.clearCookies(). It’s a bit of a hassle, but once I adjusted the test flow, it worked fine again.
I ran into the same issue after upgrading Cypress to version 12.x or 13.x. They’ve tightened up test isolation and cookie management, particularly when using experimentalSessionAndOrigin: true. The issue I saw was that cy.clearCookies() wasn’t clearing the cookies, and I realized Cypress was keeping the session unless I explicitly disabled test isolation.
It’s also worth checking if you’re using beforeEach to re-authenticate, as sometimes cookies persist because they’re being re-set by app logic. So, make sure you have all your configurations set correctly!