[ENGG-1689] MV3: Expose onBeforeAjaxRequest hook to forward auth header in cross origin redirects #1664
Conversation
|
Here's the code health analysis summary for commits Analysis Summary
|
browser-extension/mv3/src/service-worker/services/requestProcessor.ts
Outdated
Show resolved
Hide resolved
browser-extension/mv3/src/service-worker/services/rulesManager.ts
Outdated
Show resolved
Hide resolved
browser-extension/mv3/src/service-worker/services/requestProcessor.ts
Outdated
Show resolved
Hide resolved
browser-extension/mv3/src/service-worker/services/requestProcessor.ts
Outdated
Show resolved
Hide resolved
nafees87n
changed the title
browser-extension/mv3/src/client-scripts/ajaxRequestInterceptor.js
Outdated
Show resolved
Hide resolved
| if (Object.values(this.cachedRules).every((rules) => rules.length === 0)) { | ||
| return; | ||
| } | ||
|
|
||
| await this.forwardIgnoredHeadersOnRedirect(tabId, requestDetails); |
There was a problem hiding this comment.
We should move this in a separate method handleRedirectAuthorizationHeader. We can add cases too here only and keep other logic separate from each other
| private forwardIgnoredHeadersOnRedirect = async (tabId: number, requestDetails: AJAXRequestDetails) => { | ||
| if ( | ||
| !IGNORED_HEADERS_ON_REDIRECT.some( | ||
| (header) => requestDetails.requestHeaders[header] || requestDetails.requestHeaders[header.toLowerCase()] | ||
| ) | ||
| ) { | ||
| return; | ||
| } | ||
|
|
||
| const matchedRule = this.findMatchingRule( | ||
| [...this.cachedRules.redirectRules, ...this.cachedRules.replaceRules], | ||
| requestDetails.url | ||
| ); | ||
|
|
||
| if (!matchedRule) { | ||
| return; | ||
| } | ||
|
|
||
| const ignoredHeaderValues = IGNORED_HEADERS_ON_REDIRECT.map((header) => ({ | ||
| name: header, | ||
| value: requestDetails.requestHeaders[header] || requestDetails.requestHeaders[header.toLowerCase()], | ||
| })); | ||
|
|
||
| const redirectedUrl = this.getRedirectedUrl(requestDetails.url, matchedRule); | ||
|
|
||
| return this.updateRequestSpecificRules(tabId, requestDetails.url, { | ||
| action: { | ||
| requestHeaders: ignoredHeaderValues.map((header: { name: string; value: string }) => ({ | ||
| header: header.name, | ||
| value: header.value, | ||
| operation: chrome.declarativeNetRequest.HeaderOperation.SET, | ||
| })), | ||
| type: chrome.declarativeNetRequest.RuleActionType.MODIFY_HEADERS, | ||
| }, | ||
| condition: { | ||
| // Exact URL is not used because for replace rules, a marker query param is add which changes the URL so exact URL doesn't match | ||
| urlFilter: `|${redirectedUrl}`, | ||
| resourceTypes: [chrome.declarativeNetRequest.ResourceType.XMLHTTPREQUEST], | ||
| tabIds: [tabId], | ||
| requestMethods: [requestDetails.method.toLowerCase() as chrome.declarativeNetRequest.RequestMethod], | ||
| excludedInitiatorDomains: ["requestly.io", "requestly.com"], | ||
| }, | ||
| }); | ||
| }; |
There was a problem hiding this comment.
I think we will need this logic more large number of cases in future. Lets create a folder for this as separate out logics
- requestProcessor
- index.ts
- redirectAuthHeader
- initiatorDomainHeader
| private forwardIgnoredHeadersOnRedirect = async (tabId: number, requestDetails: AJAXRequestDetails) => { | ||
| if ( | ||
| !IGNORED_HEADERS_ON_REDIRECT.some( | ||
| (header) => requestDetails.requestHeaders[header] || requestDetails.requestHeaders[header.toLowerCase()] |
There was a problem hiding this comment.
Compare both headers in lowercase.
There might be case when we stored header in lowercase in IGNORED_HEADERS_ON_REDIRECT and the actual header is in uppercase. This logic will fail then
|
|
||
| const ignoredHeaderValues = IGNORED_HEADERS_ON_REDIRECT.map((header) => ({ | ||
| name: header, | ||
| value: requestDetails.requestHeaders[header] || requestDetails.requestHeaders[header.toLowerCase()], |
There was a problem hiding this comment.
Use both lowercase header keys
| const ignoredHeaderValues = IGNORED_HEADERS_ON_REDIRECT.map((header) => ({ | ||
| name: header, | ||
| value: requestDetails.requestHeaders[header] || requestDetails.requestHeaders[header.toLowerCase()], | ||
| })); |
There was a problem hiding this comment.
We should do this for only existing headers. Right now it generates for header values which are not present in the request
| const redirectedUrl = pair.destination || requestUrl.replace(pair.from, pair.to); | ||
| if (redirectedUrl === requestUrl) { | ||
| return null; | ||
| } |
There was a problem hiding this comment.
Will this work in case of wildcard and regex subsitutions?
There was a problem hiding this comment.
Substitutions are not supported in case of replace rules. We need to handle only redirect rule
|
|
||
| tabService.setData(tabId, TAB_SERVICE_DATA.SESSION_RULES_MAP, { | ||
| ...sessionRulesMap, | ||
| [requestUrl]: ruleId, |
There was a problem hiding this comment.
Shouldn't ruleIds be an array or map of rulesIds because there might be case when initiator_domain and auth case applies on same URL
How about this?
{
[requestUrl]: {
auth_header: ruleId,
initiator_domain: ruleId,
}
}
Closes issue:
π Summary of changes:
β Checklist:
π§ͺ Test instructions:
π Other references: