Devtools network tab - is it the ultimate source of truth?
81 views
Skip to first unread message
Charlie Mike
Jun 20, 2023, 4:58:16 AM6/20/23
to Chromium Extensions
How relaible is checking the network requests in the Network tab of dev tools?
Is it 100% what is actually happening with requests and responses?
The reason I ask is I've been using a iframe extension that puts the current page inside an iframe. It somehow works on every single page, even pages with the response header X-FRAME-OPTIONS: DENY
I've checked the network tab and it does not remove or change this header, yet the iframe still displays the content.
How is this possible?
Is it 100% what is actually happening with requests and responses?
The reason I ask is I've been using a iframe extension that puts the current page inside an iframe. It somehow works on every single page, even pages with the response header X-FRAME-OPTIONS: DENY
I've checked the network tab and it does not remove or change this header, yet the iframe still displays the content.
How is this possible?
Oliver Dunk
Jun 20, 2023, 5:02:13 AM6/20/23
to Charlie Mike, Chromium Extensions
Hi Charlie,
In general, that should be a pretty good representation of the responses.
That said, there's currently a bug where any changes made by extensions using the declarativeNetRequest API are not shown: https://bugs.chromium.org/p/chromium/issues/detail?id=1247400
Could that explain what you're seeing?
--
You received this message because you are subscribed to the Google Groups "Chromium Extensions" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extens...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/c63cd647-aedc-48fc-8132-d64021b76a43n%40chromium.org.
Message has been deleted
Connor Talbot
Jun 20, 2023, 5:28:59 AM6/20/23
to Chromium Extensions
Perhaps in the morning I will check the rules added by DNR and see if the extension is adding any rules, that should be simple enough for a sanity check
On Tue, 20 Jun 2023 at 21:16, Charlie Mike <connorda...@gmail.com> wrote:
Okay. I am making my own extension and also use declarativeNetRequest and DO see changes that I make.
But it appears the third party extension I'm testing does not interfere with X-FRAME-OPTIONS.
Which leads to my main question, how is this possible (to show a site blocking iframes inside an iframe...) - no proxy either (no network calls to a proxy etc)
Message has been deleted
Connor Talbot
Jun 20, 2023, 2:52:58 PM6/20/23
to Uladzimir Yankovich, Chromium Extensions
I don’t think it’s right to share the extension here, but I will message you direct
On Wed, 21 Jun 2023 at 02:07, Uladzimir Yankovich <yank...@manganum.app> wrote:
It would be interesting to know which extension you played with. I would like to explore it too.
PhistucK
Jun 21, 2023, 8:04:57 AM6/21/23
to Connor Talbot, Uladzimir Yankovich, Chromium Extensions
That is probably just an intentional violation by the extension system to allow embedding pages within extensions regardless of that header.
☆PhistucK
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/CAELRbOyUHqnLTnbiwGa1gAvHKOJkKzbc_EuAS%3DG7Taxit_R9zw%40mail.gmail.com.
wOxxOm
Jun 21, 2023, 10:15:50 AM6/21/23
to Chromium Extensions, PhistucK, Uladzimir Yankovich, Chromium Extensions, Connor Talbot
> That is probably just an intentional violation by the extension system to allow embedding pages within extensions regardless of that header.
Reply all
Reply to author
Forward
0 new messages