Chromium Embedded Framework Forum

[Staxcelrom]

Hello,

This topic is a continuation of the topic: https://www.magpcss.org/ceforum/viewtopic.php?f=6&t=19071

If I understand correctly, the functions OnBeforeResourceLoad() and GetResourceResponseFilter - do not work correctly.

Let me explain step by step what I mean:

1)Using CEF, I make a request to the site on which I am already authorized, that is, I visited this site earlier using CEF and authorized there and the authorization data is stored in the CEF folder:

Code: Select all

CefSettings settings;
CefString(&settings.cache_path) = my_string_path;

2)Now I load this site again:
but in OnBeforeResourceLoad() I'm intercepting a request that CEF should make, but hasn't done yet! And I change the -cookie header to a non-existent cookie, something like: "my_cookies"

Final HTTP headers, after my modification:

Code: Select all

Request_GetMethod:GET
Request_GetReferrerPolicy:0
Request_GetResourceType:RT_MAIN_FRAME
Request_GetTransitionType:

Request_vector_GetHeaderMap: Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Request_vector_GetHeaderMap: Accept-Language:ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7
Request_vector_GetHeaderMap: Cookie:my_cookie
Request_vector_GetHeaderMap: Upgrade-Insecure-Requests:1
Request_vector_GetHeaderMap: User-Agent:Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36

And I complete the OnBeforeResourceLoad() function: return RV_CONTINUE;

3)CEF sends a request to the server...

4)Now GetResourceResponseFilter() is called - in which I look at the nttp headers that the cef sent to the server:

Code: Select all

Request_GetMethod:GET
Request_GetReferrerPolicy:0
Request_GetResourceType:RT_MAIN_FRAME
Request_GetTransitionType:

Request_vector_GetHeaderMap: Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Request_vector_GetHeaderMap: Accept-Encoding:gzip, deflate
Request_vector_GetHeaderMap: Accept-Language:ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7
Request_vector_GetHeaderMap: Cookie:my_cookie
Request_vector_GetHeaderMap: Sec-Fetch-Dest:document
Request_vector_GetHeaderMap: Sec-Fetch-Mode:navigate
Request_vector_GetHeaderMap: Sec-Fetch-Site:none
Request_vector_GetHeaderMap: Sec-Fetch-User:?1
Request_vector_GetHeaderMap: Upgrade-Insecure-Requests:1
Request_vector_GetHeaderMap: User-Agent:Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36

We see that GetResourceResponseFilter - shows that SENT my modified cookies. BUT this is a lie.


NOW:------> between point 2 and 4 - I ran wireshark - and saw what REALLY https-headers were sent by the CEF browser:

Code: Select all

Header: :method: GET
        Header: :scheme: https
        Header: :path: /
        Header: accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
        Header: accept-encoding: gzip, deflate
        Header: cookie: __ddgid_=6OYnDB8t1XPGZ6vl
        Header: cookie: __ddgmark_=XqrquioBCHD8NH0G
        Header: cookie: __ddg2_=xrQM7UeuXHk9yPiA
        Header: cookie: __ddg1_=z8ddcH7Gkavi0ITq8mbn
        Header: cookie: cflastvisit=1655818047
        Header: cookie: cflastactivity=0
        Header: cookie: pg_unq_cohort_key=1:2206151711
        Header: cookie: _ym_uid=1655750398378558731
        Header: cookie: _ym_d=1655821659
        Header: cookie: _ga=GA1.2.1223971946.1655821660
        Header: cookie: _gid=GA1.2.1899166236.1655821660
        Header: cookie: u_count=%5B1%2C0%5D
        Header: cookie: _ym_isad=2
        Header: cookie: pg_preconnecting=disabled
        Header: cookie: pg_geo_response_time=152
        Header: cookie: pg_custom_timeout=
        Header: cookie: pg_tc=not-sampled
        Header: cookie: pg_mm2_cookie_a=1822a63e-4d46-439b-ba43-455606ec4aef
        Header: cookie: pg_ip=185.134.148.156
        Header: cookie: pg_after_init_response_time=197
        Header: cookie: __gads=ID=a7154c6145ec8e9c-222b4532b8cd0023:T=1655818051:S=ALNI_MaroImChuRdP0FVwpFqWsMEnZ-Kfw
        Header: cookie: __gpi=UID=0000078d44321777:T=1655818051:RT=1655818051:S=ALNI_MaoxkN-SL_YesfkMICvguCcr3cY_Q
        Header: cookie: pg_analytics=disabled
        Header: cookie: FCNEC=[["AKsRol8Sig7mJTG9RLD1EXpmqA1pT6TMprYVgzovZShZIZScUBshpcrWG743TXtJflwrSrk1wafsIxDrm1rP4wck6mj3cvhtuu1X4KQMPgD-KVoRDa-jdxvisjedgFerVj0r2YvXotIm2ksc8V-ZW49rAfDUgthR7g=="],null,[]]
        Header: cookie: PHPSESSID=ce3609fb0fff0ced2b3538b6e28fd996
        Header: cookie: cfuserid=1917575
        Header: cookie: cfpassword=56844c327ce5359854f32cc41ecee21d
        Header: cookie: __ddg5_=LGPRdN7n490D30rj
        Header: cookie: cfsessionhash=8170a9e40d5c638b7a0770e9ced611f9
        Header: cookie: cfdup_timestamp=1655832291
        Header: sec-fetch-dest: document
        Header: sec-fetch-mode: navigate
        Header: sec-fetch-site: none
        Header: sec-fetch-user: ?1
        Header: upgrade-insecure-requests: 1
        Header: user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36
        Header: accept-language: ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7

That is functions - OnBeforeResourceLoad() and GetResourceResponseFilter - do not work correctly.

Right ?

[magreenblatt]

I’ve already told you that cookies are a special case and need to be set via CefCookieManager.

[Staxcelrom]

Maybe add OnBeforeResourceLoad to the description?

[magreenblatt]

Maybe add OnBeforeResourceLoad to the description?

Description of what? For what purpose?

[Staxcelrom]

// Called on the IO thread before a resource request is loaded. The |browser|
// and |frame| values represent the source of the request, and may be NULL for
// requests originating from service workers or CefURLRequest. To redirect or
// change the resource load optionally modify |request|. Modification of the
// request URL will be treated as a redirect. Return RV_CONTINUE to continue
// the request immediately. Return RV_CONTINUE_ASYNC and call CefCallback
// methods at a later time to continue or cancel the request asynchronously.
// Return RV_CANCEL to cancel the request immediately.

Code: Select all

  virtual ReturnValue OnBeforeResourceLoad(CefRefPtr<CefBrowser> browser,
                                           CefRefPtr<CefFrame> frame,
                                           CefRefPtr<CefRequest> request,
                                           CefRefPtr<CefCallback> callback) {
    return RV_CONTINUE;
  }