OnBeforeResourceLoad and Filter - not working correctly
Posted: Tue Jun 21, 2022 12:53 pm
Hello,
This topic is a continuation of the topic: https://www.magpcss.org/ceforum/viewtopic.php?f=6&t=19071
If I understand correctly, the functions OnBeforeResourceLoad() and GetResourceResponseFilter - do not work correctly.
Let me explain step by step what I mean:
1)Using CEF, I make a request to the site on which I am already authorized, that is, I visited this site earlier using CEF and authorized there and the authorization data is stored in the CEF folder:
2)Now I load this site again:
but in OnBeforeResourceLoad() I'm intercepting a request that CEF should make, but hasn't done yet! And I change the -cookie header to a non-existent cookie, something like: "my_cookies"
Final HTTP headers, after my modification:
And I complete the OnBeforeResourceLoad() function: return RV_CONTINUE;
3)CEF sends a request to the server...
4)Now GetResourceResponseFilter() is called - in which I look at the nttp headers that the cef sent to the server:
We see that GetResourceResponseFilter - shows that SENT my modified cookies. BUT this is a lie.
NOW:------> between point 2 and 4 - I ran wireshark - and saw what REALLY https-headers were sent by the CEF browser:
That is functions - OnBeforeResourceLoad() and GetResourceResponseFilter - do not work correctly.
Right ?
This topic is a continuation of the topic: https://www.magpcss.org/ceforum/viewtopic.php?f=6&t=19071
If I understand correctly, the functions OnBeforeResourceLoad() and GetResourceResponseFilter - do not work correctly.
Let me explain step by step what I mean:
1)Using CEF, I make a request to the site on which I am already authorized, that is, I visited this site earlier using CEF and authorized there and the authorization data is stored in the CEF folder:
- Code: Select all
CefSettings settings;
CefString(&settings.cache_path) = my_string_path;
2)Now I load this site again:
but in OnBeforeResourceLoad() I'm intercepting a request that CEF should make, but hasn't done yet! And I change the -cookie header to a non-existent cookie, something like: "my_cookies"
Final HTTP headers, after my modification:
- Code: Select all
Request_GetMethod:GET
Request_GetReferrerPolicy:0
Request_GetResourceType:RT_MAIN_FRAME
Request_GetTransitionType:
Request_vector_GetHeaderMap: Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Request_vector_GetHeaderMap: Accept-Language:ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7
Request_vector_GetHeaderMap: Cookie:my_cookie
Request_vector_GetHeaderMap: Upgrade-Insecure-Requests:1
Request_vector_GetHeaderMap: User-Agent:Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36
And I complete the OnBeforeResourceLoad() function: return RV_CONTINUE;
3)CEF sends a request to the server...
4)Now GetResourceResponseFilter() is called - in which I look at the nttp headers that the cef sent to the server:
- Code: Select all
Request_GetMethod:GET
Request_GetReferrerPolicy:0
Request_GetResourceType:RT_MAIN_FRAME
Request_GetTransitionType:
Request_vector_GetHeaderMap: Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Request_vector_GetHeaderMap: Accept-Encoding:gzip, deflate
Request_vector_GetHeaderMap: Accept-Language:ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7
Request_vector_GetHeaderMap: Cookie:my_cookie
Request_vector_GetHeaderMap: Sec-Fetch-Dest:document
Request_vector_GetHeaderMap: Sec-Fetch-Mode:navigate
Request_vector_GetHeaderMap: Sec-Fetch-Site:none
Request_vector_GetHeaderMap: Sec-Fetch-User:?1
Request_vector_GetHeaderMap: Upgrade-Insecure-Requests:1
Request_vector_GetHeaderMap: User-Agent:Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36
We see that GetResourceResponseFilter - shows that SENT my modified cookies. BUT this is a lie.
NOW:------> between point 2 and 4 - I ran wireshark - and saw what REALLY https-headers were sent by the CEF browser:
- Code: Select all
Header: :method: GET
Header: :scheme: https
Header: :path: /
Header: accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Header: accept-encoding: gzip, deflate
Header: cookie: __ddgid_=6OYnDB8t1XPGZ6vl
Header: cookie: __ddgmark_=XqrquioBCHD8NH0G
Header: cookie: __ddg2_=xrQM7UeuXHk9yPiA
Header: cookie: __ddg1_=z8ddcH7Gkavi0ITq8mbn
Header: cookie: cflastvisit=1655818047
Header: cookie: cflastactivity=0
Header: cookie: pg_unq_cohort_key=1:2206151711
Header: cookie: _ym_uid=1655750398378558731
Header: cookie: _ym_d=1655821659
Header: cookie: _ga=GA1.2.1223971946.1655821660
Header: cookie: _gid=GA1.2.1899166236.1655821660
Header: cookie: u_count=%5B1%2C0%5D
Header: cookie: _ym_isad=2
Header: cookie: pg_preconnecting=disabled
Header: cookie: pg_geo_response_time=152
Header: cookie: pg_custom_timeout=
Header: cookie: pg_tc=not-sampled
Header: cookie: pg_mm2_cookie_a=1822a63e-4d46-439b-ba43-455606ec4aef
Header: cookie: pg_ip=185.134.148.156
Header: cookie: pg_after_init_response_time=197
Header: cookie: __gads=ID=a7154c6145ec8e9c-222b4532b8cd0023:T=1655818051:S=ALNI_MaroImChuRdP0FVwpFqWsMEnZ-Kfw
Header: cookie: __gpi=UID=0000078d44321777:T=1655818051:RT=1655818051:S=ALNI_MaoxkN-SL_YesfkMICvguCcr3cY_Q
Header: cookie: pg_analytics=disabled
Header: cookie: FCNEC=[["AKsRol8Sig7mJTG9RLD1EXpmqA1pT6TMprYVgzovZShZIZScUBshpcrWG743TXtJflwrSrk1wafsIxDrm1rP4wck6mj3cvhtuu1X4KQMPgD-KVoRDa-jdxvisjedgFerVj0r2YvXotIm2ksc8V-ZW49rAfDUgthR7g=="],null,[]]
Header: cookie: PHPSESSID=ce3609fb0fff0ced2b3538b6e28fd996
Header: cookie: cfuserid=1917575
Header: cookie: cfpassword=56844c327ce5359854f32cc41ecee21d
Header: cookie: __ddg5_=LGPRdN7n490D30rj
Header: cookie: cfsessionhash=8170a9e40d5c638b7a0770e9ced611f9
Header: cookie: cfdup_timestamp=1655832291
Header: sec-fetch-dest: document
Header: sec-fetch-mode: navigate
Header: sec-fetch-site: none
Header: sec-fetch-user: ?1
Header: upgrade-insecure-requests: 1
Header: user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36
Header: accept-language: ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7
That is functions - OnBeforeResourceLoad() and GetResourceResponseFilter - do not work correctly.
Right ?