Clear login page on auth failure to prevent credential capture

ryancbahan · claude · ryancbahan · commit cf2cc00ef4de · 2026-04-03T15:38:23.000-06:00
Navigate to about:blank in the catch block before rethrowing so that
failure artifacts (screenshots, trace snapshots) do not capture the
login form with credentials still populated.

Co-Authored-By: Claude Opus 4.6 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/packages/e2e/helpers/browser-login.ts b/packages/e2e/helpers/browser-login.ts
@@ -46,9 +46,10 @@ export async function completeLogin(page: Page, loginUrl: string, email: string,
       // No confirmation page — expected
     }
   } catch (error) {
-    // Intentionally omit page HTML from the error — it may contain filled
-    // credential values in input elements, which would leak into test reports.
     const pageUrl = page.url()
+    // Clear the page so failure artifacts (screenshots, trace snapshots) do
+    // not capture the login form with credentials still populated.
+    await page.goto('about:blank').catch(() => {})
     throw new Error(`Login failed at ${pageUrl}\nOriginal error: ${error}`)
   }
 }

Original file line number	Diff line number	Diff line change
`@@ -46,9 +46,10 @@ export async function completeLogin(page: Page, loginUrl: string, email: string,`
`46`	`46`	`// No confirmation page — expected`
`47`	`47`	`}`
`48`	`48`	`} catch (error) {`
`49`		`- // Intentionally omit page HTML from the error — it may contain filled`
`50`		`- // credential values in input elements, which would leak into test reports.`
`51`	`49`	`const pageUrl = page.url()`
	`50`	`+ // Clear the page so failure artifacts (screenshots, trace snapshots) do`
	`51`	`+ // not capture the login form with credentials still populated.`
	`52`	`+ await page.goto('about:blank').catch(() => {})`
`52`	`53`	throw new Error(`Login failed at ${pageUrl}\nOriginal error: ${error}`)
`53`	`54`	`}`
`54`	`55`	`}`