fix(tracker): use url matcher for session token ingestion; fixes #1449

2023-08-23 11:20:27 +02:00 · 2023-08-23 11:20:27 +02:00 · 9784ab8c8e
commit 9784ab8c8e
parent 9915e0b3c8
6 changed files with 20 additions and 23 deletions
--- a/tracker/tracker/CHANGELOG.md
+++ b/tracker/tracker/CHANGELOG.md
@ -1,3 +1,7 @@
+# 9.0.6
+
+- added `tokenUrlMatcher` option to network settings, allowing to ingest session token header to custom allowed urls
+
 # 9.0.5

 - same fixes but for fetch proxy
--- a/tracker/tracker/package.json
+++ b/tracker/tracker/package.json
@ -1,7 +1,7 @@
 {
  "name": "@openreplay/tracker",
  "description": "The OpenReplay tracker main package",
-  "version": "9.0.5",
+  "version": "9.0.6",
  "keywords": [
    "logging",
    "replay"
--- a/tracker/tracker/src/main/modules/Network/fetchProxy.ts
+++ b/tracker/tracker/src/main/modules/Network/fetchProxy.ts
@ -125,7 +125,7 @@ export class FetchProxyHandler<T extends typeof fetch> implements ProxyHandler<T
    private readonly sanitize: (data: RequestResponseData) => RequestResponseData,
    private readonly sendMessage: (item: NetworkRequest) => void,
    private readonly isServiceUrl: (url: string) => boolean,
-    private readonly tokenUrls: string[],
+    private readonly tokenUrlMatcher?: (url: string) => boolean,
  ) {}

  public apply(target: T, _: typeof window, argsList: [RequestInfo | URL, RequestInit]) {
@ -145,11 +145,8 @@ export class FetchProxyHandler<T extends typeof fetch> implements ProxyHandler<T
    this.beforeFetch(item, input as RequestInfo, init)

    this.setSessionTokenHeader((name, value) => {
-      if (this.tokenUrls.length > 0) {
-        const isWhitelisted = this.tokenUrls.some((url) => {
-          return item.url.includes(url)
-        })
-        if (!isWhitelisted) {
+      if (this.tokenUrlMatcher !== undefined) {
+        if (!this.tokenUrlMatcher(item.url)) {
          return
        }
      }
@ -302,7 +299,7 @@ export default class FetchProxy {
    sanitize: (data: RequestResponseData) => RequestResponseData,
    sendMessage: (item: NetworkRequest) => void,
    isServiceUrl: (url: string) => boolean,
-    tokenUrls: string[],
+    tokenUrlMatcher?: (url: string) => boolean,
  ) {
    return new Proxy(
      fetch,
@ -312,7 +309,7 @@ export default class FetchProxy {
        sanitize,
        sendMessage,
        isServiceUrl,
-        tokenUrls,
+        tokenUrlMatcher,
      ),
    )
  }
--- a/tracker/tracker/src/main/modules/Network/index.ts
+++ b/tracker/tracker/src/main/modules/Network/index.ts
@ -14,7 +14,7 @@ export default function setProxy(
  sanitize: (data: RequestResponseData) => RequestResponseData,
  sendMessage: (message: NetworkRequest) => void,
  isServiceUrl: (url: string) => boolean,
-  tokenUrls: string[],
+  tokenUrlMatcher?: (url: string) => boolean,
 ) {
  if (context.XMLHttpRequest) {
    context.XMLHttpRequest = XHRProxy.create(
@ -23,7 +23,7 @@ export default function setProxy(
      sanitize,
      sendMessage,
      isServiceUrl,
-      tokenUrls,
+      tokenUrlMatcher,
    )
  } else {
    getWarning('XMLHttpRequest')
@ -35,7 +35,7 @@ export default function setProxy(
      sanitize,
      sendMessage,
      isServiceUrl,
-      tokenUrls,
+      tokenUrlMatcher,
    )
  } else {
    getWarning('fetch')
--- a/tracker/tracker/src/main/modules/Network/xhrProxy.ts
+++ b/tracker/tracker/src/main/modules/Network/xhrProxy.ts
@ -22,7 +22,7 @@ export class XHRProxyHandler<T extends XMLHttpRequest> implements ProxyHandler<T
    private readonly sanitize: (data: RequestResponseData) => RequestResponseData,
    private readonly sendMessage: (message: NetworkRequest) => void,
    private readonly isServiceUrl: (url: string) => boolean,
-    private readonly tokenUrls: string[],
+    private readonly tokenUrlMatcher?: (url: string) => boolean,
  ) {
    this.XMLReq = XMLReq
    this.XMLReq.onreadystatechange = () => {
@ -44,11 +44,8 @@ export class XHRProxyHandler<T extends XMLHttpRequest> implements ProxyHandler<T
        return this.getOpen(target)
      case 'send':
        this.setSessionTokenHeader((name: string, value: string) => {
-          if (this.tokenUrls.length > 0) {
-            const isWhitelisted = this.tokenUrls.some((url) => {
-              return this.item.url.includes(url)
-            })
-            if (!isWhitelisted) {
+          if (this.tokenUrlMatcher !== undefined) {
+            if (!this.tokenUrlMatcher(this.item.url)) {
              return
            }
          }
@ -237,7 +234,7 @@ export default class XHRProxy {
    sanitize: (data: RequestResponseData) => RequestResponseData,
    sendMessage: (data: NetworkRequest) => void,
    isServiceUrl: (url: string) => boolean,
-    tokenUrls: string[],
+    tokenUrlMatcher?: (url: string) => boolean,
  ) {
    return new Proxy(XMLHttpRequest, {
      construct(original: any) {
@ -251,7 +248,7 @@ export default class XHRProxy {
            sanitize,
            sendMessage,
            isServiceUrl,
-            tokenUrls,
+            tokenUrlMatcher,
          ),
        )
      },
--- a/tracker/tracker/src/main/modules/network.ts
+++ b/tracker/tracker/src/main/modules/network.ts
@ -56,7 +56,7 @@ export interface Options {
  sanitizer?: Sanitizer
  axiosInstances?: Array<AxiosInstance>
  useProxy?: boolean
-  tokenUrls?: Array<string>
+  tokenUrlMatcher?: (url: string) => boolean
 }

 export default function (app: App, opts: Partial<Options> = {}) {
@ -69,7 +69,6 @@ export default function (app: App, opts: Partial<Options> = {}) {
      captureInIframes: true,
      axiosInstances: undefined,
      useProxy: false,
-      tokenUrls: [],
    },
    opts,
  )
@ -138,7 +137,7 @@ export default function (app: App, opts: Partial<Options> = {}) {
        sanitize,
        (message) => app.send(message),
        (url) => app.isServiceURL(url),
-        options.tokenUrls as string[],
+        options.tokenUrlMatcher,
      )
    }
    /* ====== Fetch ====== */