feat(tracker): option to create a list of permitted links for injecting a token

2023-08-21 14:41:22 +02:00 · 2023-08-21 14:41:22 +02:00 · 80b698e280
commit 80b698e280
parent 55b4d0f244
4 changed files with 28 additions and 0 deletions
--- a/tracker/tracker/src/main/modules/Network/fetchProxy.ts
+++ b/tracker/tracker/src/main/modules/Network/fetchProxy.ts
@ -125,6 +125,7 @@ export class FetchProxyHandler<T extends typeof fetch> implements ProxyHandler<T
    private readonly sanitize: (data: RequestResponseData) => RequestResponseData,
    private readonly sendMessage: (item: NetworkRequest) => void,
    private readonly isServiceUrl: (url: string) => boolean,
+    private readonly tokenUrls: string[],
  ) {}

  public apply(target: T, _: typeof window, argsList: [RequestInfo | URL, RequestInit]) {
@ -144,6 +145,14 @@ export class FetchProxyHandler<T extends typeof fetch> implements ProxyHandler<T
    this.beforeFetch(item, input as RequestInfo, init)

    this.setSessionTokenHeader((name, value) => {
+      if (this.tokenUrls.length > 0) {
+        const isWhitelisted = this.tokenUrls.some((url) => {
+          return item.url.includes(url)
+        })
+        if (!isWhitelisted) {
+          return
+        }
+      }
      if (argsList[1] === undefined && argsList[0] instanceof Request) {
        return argsList[0].headers.append(name, value)
      } else {
@ -293,6 +302,7 @@ export default class FetchProxy {
    sanitize: (data: RequestResponseData) => RequestResponseData,
    sendMessage: (item: NetworkRequest) => void,
    isServiceUrl: (url: string) => boolean,
+    tokenUrls: string[],
  ) {
    return new Proxy(
      fetch,
@ -302,6 +312,7 @@ export default class FetchProxy {
        sanitize,
        sendMessage,
        isServiceUrl,
+        tokenUrls,
      ),
    )
  }
--- a/tracker/tracker/src/main/modules/Network/index.ts
+++ b/tracker/tracker/src/main/modules/Network/index.ts
@ -14,6 +14,7 @@ export default function setProxy(
  sanitize: (data: RequestResponseData) => RequestResponseData,
  sendMessage: (message: NetworkRequest) => void,
  isServiceUrl: (url: string) => boolean,
+  tokenUrls: string[],
 ) {
  if (context.XMLHttpRequest) {
    context.XMLHttpRequest = XHRProxy.create(
@ -22,6 +23,7 @@ export default function setProxy(
      sanitize,
      sendMessage,
      isServiceUrl,
+      tokenUrls,
    )
  } else {
    getWarning('XMLHttpRequest')
@ -33,6 +35,7 @@ export default function setProxy(
      sanitize,
      sendMessage,
      isServiceUrl,
+      tokenUrls,
    )
  } else {
    getWarning('fetch')
--- a/tracker/tracker/src/main/modules/Network/xhrProxy.ts
+++ b/tracker/tracker/src/main/modules/Network/xhrProxy.ts
@ -22,6 +22,7 @@ export class XHRProxyHandler<T extends XMLHttpRequest> implements ProxyHandler<T
    private readonly sanitize: (data: RequestResponseData) => RequestResponseData,
    private readonly sendMessage: (message: NetworkRequest) => void,
    private readonly isServiceUrl: (url: string) => boolean,
+    private readonly tokenUrls: string[],
  ) {
    this.XMLReq = XMLReq
    this.XMLReq.onreadystatechange = () => {
@ -43,6 +44,14 @@ export class XHRProxyHandler<T extends XMLHttpRequest> implements ProxyHandler<T
        return this.getOpen(target)
      case 'send':
        this.setSessionTokenHeader((name: string, value: string) => {
+          if (this.tokenUrls.length > 0) {
+            const isWhitelisted = this.tokenUrls.some((url) => {
+              return this.item.url.includes(url)
+            })
+            if (!isWhitelisted) {
+              return
+            }
+          }
          target.setRequestHeader(name, value)
        })
        return this.getSend(target)
@ -228,6 +237,7 @@ export default class XHRProxy {
    sanitize: (data: RequestResponseData) => RequestResponseData,
    sendMessage: (data: NetworkRequest) => void,
    isServiceUrl: (url: string) => boolean,
+    tokenUrls: string[],
  ) {
    return new Proxy(XMLHttpRequest, {
      construct(original: any) {
@ -241,6 +251,7 @@ export default class XHRProxy {
            sanitize,
            sendMessage,
            isServiceUrl,
+            tokenUrls,
          ),
        )
      },
--- a/tracker/tracker/src/main/modules/network.ts
+++ b/tracker/tracker/src/main/modules/network.ts
@ -56,6 +56,7 @@ export interface Options {
  sanitizer?: Sanitizer
  axiosInstances?: Array<AxiosInstance>
  useProxy?: boolean
+  tokenUrls?: Array<string>
 }

 export default function (app: App, opts: Partial<Options> = {}) {
@ -68,6 +69,7 @@ export default function (app: App, opts: Partial<Options> = {}) {
      captureInIframes: true,
      axiosInstances: undefined,
      useProxy: false,
+      tokenUrls: [],
    },
    opts,
  )
@ -136,6 +138,7 @@ export default function (app: App, opts: Partial<Options> = {}) {
        sanitize,
        (message) => app.send(message),
        (url) => app.isServiceURL(url),
+        options.tokenUrls as string[],
      )
    }
    /* ====== Fetch ====== */