MicrosoftEdge-Extensions
MicrosoftEdge-Extensions copied to clipboard
microsoft
Changing of request headers (declarativeNetRequest) inside the side panel does not work
Why? Maybe I should specify some special parameters for the rule?
Example:
addRules: [
{
id: 1,
priority: 1,
action: {
type: 'modifyHeaders',
requestHeaders: todoist.requestHeaders,
},
condition: {
resourceTypes: ["sub_frame"],
requestDomains: todoist.requestDomains,
},
},
Hi @yankovichv ,
Thank you for reporting this. We are looking into this and will let you know as soon as we have an update.
@yankovichv, can you share more details about where you're calling the declarativeNetRequest API from (static ruleset from manifest, background script, side panel surface, ...), whether you see any warning or error in the developer console when you make the call, and what the request domains are for which the header modification is not working?
@abhishek-shanthkumar, we call the code from the service worker. We don't get any errors. The rules work fine in tabs but not in the side panel.
@Bhuvana-Priya I have my Page Sidebar for Microsoft Edge in the store: https://microsoftedge.microsoft.com/addons/detail/page-sidebar-open-any-p/miifojhnicpdfnfmojlcjkgebnmcckjb However, I encounter the same issue where it does not allow my page content to show up. While in Google Chrome and Firefox, the same code works for both web browsers.
My code is free and Open-Source: https://github.com/stefanvd/Browser-Extensions/tree/master/Page-Sidebar
Are there any updates? And what is the reason that your Microsoft web browser makes this different?
Thanks, @yankovichv. It'll help if you can share a minimal extension with which the behaviour can be reproduced. If I understand it correctly, you make some network requests from your extension's side panel surface, and for those requests, the header modification rules don't apply (while they do for requests made from other surfaces like the popup and the service worker). Is that right?
@abhishek-shanthkumar , all right.
Check it — https://microsoftedge.microsoft.com/addons/detail/page-sidebar-open-any-p/miifojhnicpdfnfmojlcjkgebnmcckjb and https://github.com/stefanvd/Browser-Extensions/tree/master/Page-Sidebar
@Bhuvana-Priya @abhishek-shanthkumar Is there any update about this important issue? As it is very important for my users.
Sorry for the delay. I can repro the reported issue through the following steps:
- Install the extension https://microsoftedge.microsoft.com/addons/detail/page-sidebar-open-any-p/miifojhnicpdfnfmojlcjkgebnmcckjb
- Open the extension side panel and search for or drag-and-drop a site that has CSP headers (example: https://content-security-policy.com/) into it.
Expected result: The site loads because the extension modifies the CSP headers. This is the behavior on Chrome. Actual result on Microsoft Edge: The site fails to load because of CSP violations.
We're engaged with our security team to determine the best approach here.
Hi @yankovichv, we apologize for the inconvenience.
We are looking into this and will let you know as soon as we have an update.
