I have just read through the specification of the new declarativeNetRequest API of the Chrome webextension API, which replaces the WebRequest API in the future. I tried to figure out, if I will be able to do the same with declarativeNetRequest, what I currently do with WebRequest. Unfortunately, I think there won't be a replacement, but perhaps I'm wrong and someone can correct me. Here are the two usecases:
In WebRequest.onBeforeRequest: redirect to the URL of my extension and pass the requested URL as parameter. Filtered are local files with "file://" scheme.
In WebRequest.onHeadersReceived: analyze the received headers and redirect depending on header values to the URL of my extension and pass requested URL as parameter. Filtered are <all_urls>.
Thanks for any hints.
Related
I am implementing OAuth 2.0 with Google API's, but the redirect Uri from Google is missing the hash (#) and path. Which causes my parsing to fail. I am building for Web Browsers.
My Request URI to Google:
https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=http%3A%2F%2Flocalhost%3A4002%2Fsso-callback&response_type=token&state=C2ubRxTMwv&client_id=...
The redirect_uri decodes to http://localhost:4002/sso-callback
Google's Redirect URI:
http://localhost:4002/state=C2ubRxTMwv&access_token=...
Which is missing both the /sso-callback path and the # needed to distinguish the OAuth params when using response_type=token
Google API Settings:
Not sure if this is a config issue, or a Google issue.
When I submit this URL by pasting it in the address bar in Chrome:
https://accounts.google.com/o/oauth2/auth?scope=https://mail.google.com/&response_type=token&client_id=111111-aaaaaaaa.apps.googleusercontent.com&state=1&redirect_uri=http://localhost:3000/callback
I receive a redirect to
http://localhost:3000/callback#state=1&access_token=ya29.A0ARrdaM-tPsT7jLIaCoVdhHo5vW71tYF1Z4ESfNNzNAh6SN7e_a4x24V0HVu4M427KF3bpWk8-Sm37oUxUHDpA-mMGJrAQPHgMlDA0suMVW2R0WBR_9vQiaPf8cMB8Tna8EH9wLSrm58PG3g30HJWUio1Ytyh&token_type=Bearer&expires_in=3599&scope=https://mail.google.com/
A few notes: Google auth server seems to only use the first redirect URI configured in Google Console. In your case it is
http://localhost:4002
Try placing your desired redirect URI
http://localhost:4002/sso-callback
in the first position in the Console.
Turns out there was an SSR redirect that was breaking the urls that I did not know about. The answer by Delta George got me to try out a few other urls which made the issue clear.
I am building a chrome extension that redirects the tab to an html file if a url on a blacklist is loaded. This html file includes both continue and back buttons. The only problem is I am using chrome.webRequest.onBeforeRequest and I am unable to find a way to store the url that the request originates from. According to the MDN web docs there is a FrameAncestor property that allows you to access this url, but this is not supported by chrome. Are there any equivalent functions or work arounds?
I want to get the address of a page after redirect. I have the following code
url = 'https://simple.wikipedia.org/wiki/Gcd'
print(urlopen(url).geturl())
But it doesn't work, it prints https://simple.wikipedia.org/wiki/Gcd, while it should print https://simple.wikipedia.org/wiki/Greatest_common_divisor.
So, what is the problem with it?
There is actually no problem. The URL you get when opening https://simple.wikipedia.org/wiki/Gcd is exactly that URL. The only way for the URL to change would be a redirect, and if you look at the response from that URL, you can see that it returns just a 200 status code. So there is no redirect.
However, when you open the URL in the browser, the URL does get changed to https://simple.wikipedia.org/wiki/Greatest_common_divisor. How does this happen when there is no redirect?
This is actually a new MediaWiki feature that rewrites the URL in the browser using the History API. It simply replaces the URL that is displayed in the browser—but without actually making a new request or being a true HTTP redirect.
It’s a functionality that only works in modern browsers with JavaScript enabled. Otherwise, you would stay on the Gcd URL which is also the behavior from older versions of MediaWiki.
You can learn more about this new MediaWiki feature in the Phabricator task T37045.
As for your “problem” with it, you should consider communicating with MediaWiki using the MediaWiki API which will also tell you when a page is a redirect.
I have my api running on node js, where for security reasons, I have set up a middle ware function check the origin header, if it is from my website, then only the api should go ahead. I am finding issues with Chrome Extension, as it does not pass the origin header in the get requests, also in the put requests, it sends something like chrome:// as the origin header. Can somebody help?
Regards,
Manik Mittal
Well, that's how Chrome sets the Origin for extensions. It's not simple to override.
It is, however, possible to override. You'll need to use the webRequest API, specifically a blocking response to onBeforeSendHeaders, to rewrite the origin to whatever you like.
If you add in your manifest.json "permissions": ["https://*/"] you shouldn't have problems with CORS. Or if you want only your API to avoid this, just add your own url.
I have been asked to build an web-app which will have a page where the user can define the url he wants to navigate to (which is an external link) and add additional http headers he can send with that url. The web-app will be build with jsf 2.1
Which headers exactly do you need to set and what exactly are they for?
Answ: They are additional headers H-Version,H-UniqueID etc.
Is it a specific or an arbitrary external URL?
Answ: is an specific url (but it must be absolute)
And, importantingly, what exactly does the first response of a request on that external URL represent? Does it represent a full blown HTML page (thus with all relative references on it such as CSS/JS/images/links), or does it return a special response (e.g. XML/JSON or even a simple HTTP redirect)?
Answ: The target link will call another java-web-app which it's response will be html/CSS/JS/images/links..
Do you guys know any solution for this,
Many thanks!