Groups keyboard shortcuts have been updated
Dismiss
See shortcuts

Chrome 131 prompts for credentials

134 views
Skip to first unread message

Sébastien Règne

unread,
Nov 19, 2024, 4:24:32 PM11/19/24
to Chromium Extensions
Hello,

In the popup of my extension, I ping an address to know if the server is up. If it is, I display a button to access it.

I had a bug, because the server can be protected by an authentification. In this case, a login popup was displayed. I fixed the problem by forcing the { Authorization: “” } header. The server responds with a 403, but I know it's up.

export const ping = async function (url) {
  try {
    await fetch(url, {
      method: "HEAD",
      // Fournir des « identifiants » vides dans les entêtes pour que si
      // la page demande une authentification : celle-ci échoue
      // directement sans demander à l'utilisateur de saisir son
      // identifiant et son mot de passe.
      headers: { Authorization: "" },
    });
    return true;
  } catch {
    // Ignorer l'erreur si la requête échoue. Et indiquer que le lien est
    // inaccessible.
    return false;
  }
};

It worked until Chrome 130.0.6723.119. The problem came back with Chrome 131.0.6778.86. Do you know what changes have been released in this new version?

Do you have a tip to check if a server is up, without triggering a login popup?

Thanks for your help.

Patrick Kettner

unread,
Dec 5, 2024, 10:16:34 AM12/5/24
to Sébastien Règne, Chromium Extensions
Bonjour Sébastien!

If you only care if a server is up, in the sense that responds-to-requests, could you use no-cors?

something like this should work if so

```
async function urlIsUp(url) {
  try {
    const serverResponse = await fetch(url, {
      method: 'HEAD',
      mode: 'no-cors'
    })
    return !!serverResponse
  } catch (e) {
    return false
  }
}
````

You can use an abort controller if you want to have a timeout

```
async function urlIsUp(url) {
  const secondsBeforeTimeout = 8;
  const controller = new AbortController();
  const timeoutId = setTimeout(() => controller.abort(), secondsBeforeTimeout * 1000);

  try {
    const serverResponse = await fetch(url, {
      method: 'HEAD',
      mode: 'no-cors',
      signal: controller.signal
    });

    clearTimeout(timeoutId);

    return true;
  } catch (e) {
    return false;
  }
}
```

patrick

--
You received this message because you are subscribed to the Google Groups "Chromium Extensions" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extens...@chromium.org.
To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/1a939b99-359b-4177-9f5e-6c31f1527019n%40chromium.org.

Sébastien Règne

unread,
Dec 8, 2024, 1:14:08 PM12/8/24
to Patrick Kettner, Chromium Extensions
Hi,

Thanks for your feedback. I fixed the problem with the header credentials: “omit”

export const ping = async function (url) {
    try {
        await fetch(url, {
            method: "HEAD",
            credentials: "omit",
        });
        return true;
    } catch {
        return false;
    }
};

But I couldn't find why this problem happened with Chrome 131.


Patrick Kettner

unread,
Dec 9, 2024, 10:32:32 AM12/9/24
to Sébastien Règne, Chromium Extensions
Not sure, but you can use https://www.chromium.org/developers/bisect-builds-py/ to bisect down to the change that introduced the behavior to find out if you would like
Reply all
Reply to author
Forward
0 new messages