webRequest 侦听器看不到“cookie"、“referer"、“origin"等标头
我们编写了一个 Chrome 扩展,它使用 onBeforeSendHeaders 事件为每个 Web 请求添加一个 cookie:
chrome.webRequest.onBeforeSendHeaders.addListener(addCookie, {网址:["<all_urls>"]}, ["blocking", "requestHeaders"]);功能 addCookie(详细信息){if (details.url.match(/ourWebsite/)) {details.requestHeaders.forEach(function (requestHeader) {if (requestHeader.name.toLowerCase() === "cookie") {//添加带有值的cookie的代码}});返回 {requestHeaders: details.requestHeaders};}}除了我自己的以外,它在每个人的 Chrome 上都可以正常工作.在调试扩展时,我注意到 details.requestHeaders 数组没有 cookie 标头(这总是错误的:requestHeader.name.toLowerCase()=== "cookie").
我的第一个想法是另一个扩展程序搞砸了我们的,所以我尝试隐身(不允许其他扩展程序)但它不起作用.
在扩展程序的清单中,我们在 permissions 下同时拥有cookies"和webRequest".
有什么想法吗?提前致谢!
解决方案据此https://developer.chrome.com/extensions/webRequest
<块引用>从 Chrome 72 开始,不提供以下请求标头,并且如果未在 opt_extraInfoSpec 中指定extraHeaders",则无法修改或删除:
- 接受语言
- 接受编码
- 推荐人
- Cookie
自 Chrome 79 起:
- 原产地
- CORS 预检请求
<块引用>
其他侦听器的响应标头,例如 onHeadersReceived:
- 自 Chrome 72 起:
- 设置-Cookie
- 您想要在 CORB 已应用
- 自 Chrome 79 起:
- CORS 预检响应
所以你应该添加extraHeaders";到 webRequest 侦听器的第三个参数,对于您的示例,它应该是 [blocking", requestHeaders", extraHeaders"].
请注意,它不会在不了解 extraHeaders 的旧的 pre-72 Chrome 中运行,因此您可以使用以下技巧来拥有一个通用兼容的侦听器:
chrome.webRequest.onBeforeSendHeaders.addListener(添加Cookie,{urls: ["<all_urls>"]},[阻塞",请求标头",chrome.webRequest.OnBeforeSendHeadersOptions.EXTRA_HEADERS].filter(Boolean));We wrote a Chrome-extension that, using the onBeforeSendHeaders event, adds a cookie to each web request:
chrome.webRequest.onBeforeSendHeaders.addListener(addCookie, {
urls: ["<all_urls>"]
}, ["blocking", "requestHeaders"]);
function addCookie(details) {
if (details.url.match(/ourWebsite/)) {
details.requestHeaders.forEach(function (requestHeader) {
if (requestHeader.name.toLowerCase() === "cookie") {
//Code that adds a cookie with a value
}
});
return {requestHeaders: details.requestHeaders};
}
}
It works fine on everyone's Chrome but my own. While debugging the extension, I noticed that the details.requestHeaders array doesn't have the cookie header (this is always false: requestHeader.name.toLowerCase() === "cookie").
My first thought was another extension is messing up with ours, so I tried in incognito (where no other extensions are allowed) but it didn't work.
In the extension's manifest we have both "cookies" and "webRequest" under permissions.
Any ideas? Thanks in advance!
解决方案According to this https://developer.chrome.com/extensions/webRequest
Starting from Chrome 72, the following request headers are not provided and cannot be modified or removed without specifying 'extraHeaders' in opt_extraInfoSpec:
- Accept-Language
- Accept-Encoding
- Referer
- Cookie
since Chrome 79:
- Origin
- CORS preflight requests
Response headers for other listeners like onHeadersReceived:
- since Chrome 72:
- Set-Cookie
- any header you want to modify before CORB is applied
- since Chrome 79:
- CORS preflight responses
So you should add "extraHeaders" to the third parameter of the webRequest listener and it should be ["blocking", "requestHeaders", "extraHeaders"] for your example.
Note that it won't run in old pre-72 Chrome, which doesn't know about extraHeaders, so you can use the following trick to have a universally compatible listener:
chrome.webRequest.onBeforeSendHeaders.addListener(
addCookie,
{urls: ["<all_urls>"]},
["blocking", "requestHeaders",
chrome.webRequest.OnBeforeSendHeadersOptions.EXTRA_HEADERS].filter(Boolean)
);
相关文章