Electron WebRequest Headers Help

[KooIaIa]

Hello I am trying to use this in an Electron project where I had been using session.webRequest.onHeadersReceived and session.webRequest.onBeforeSendHeaders to deal with CORS.

For example, to use SharedArrayBuffers I am setting:
details.responseHeaders['Cross-Origin-Opener-Policy'] = ['same-origin']
details.responseHeaders['Cross-Origin-Embedder-Policy'] = ['require-corp']
details.responseHeaders['Cross-Origin-Resource-Policy'] = ['cross-origin']

And for experiments with cross origin iFrames I am using:
delete details.responseHeaders['x-frame-options']
delete details.responseHeaders['content-security-policy']

It all worked as I expected in Electron but now when I use ElectronBlocker it seems like its bypassing all my header setting functions when I navigate on a page.

Is it possible for me to set these kinds of headers in Electron Blocker directly?

Update - > FIXED! :
I found the onHeadersReceived function in node_modules -> @cliqz -> adblocker-electron -> dist -> cjs -> adblocker.js

   this.onHeadersReceived = (details, callback) => {

        const CSP_HEADER_NAME = 'content-security-policy';
        const policies = [];
        const responseHeaders = details.responseHeaders || {};
        if (details.resourceType === 'mainFrame' || details.resourceType === 'subFrame') {
            const rawCSP = this.getCSPDirectives(fromElectronDetails(details));
            if (rawCSP !== undefined) {
                policies.push(...rawCSP.split(';').map((csp) => csp.trim()));
                // Collect existing CSP headers from response
                for (const [name, values] of Object.entries(responseHeaders)) {
                    if (name.toLowerCase() === CSP_HEADER_NAME) {
                        policies.push(...values);
                        delete responseHeaders[name];
                    }
                }
                responseHeaders[CSP_HEADER_NAME] = [policies.join(';')];
                callback({ responseHeaders });
                return;
            }
        }
        callback({});
    };

I commented out everything in here and put in a copy of my custom code and it all works now! I'm a noob at javascript and so I don't understand how the CSP code works so I may just leave it like this just so I understand what its doing.

The other function in Electron I am using is onBeforeRequest to change headers but I am assuming for now the adblocker doesn't mess with outward requests and only messes with responses.

[remusao]

Hi @KooIaIa,

Happy to hear that it worked. I think the issue might be that Electron does not offer a nice way to register multiple listeners to the same event, so it could be that the adblocker overrode your listener (hence the headers were not injected). As far as I know, the only way to handle that with the current Electron APIs is to have one listener that does everything: adding headers and also doing the adblocker work. This would mean duplicating some logic from adblocker, or calling some of the low-level functions; but there is no documented way to achieve that at the moment.

I hope that helps,
Rémi