-
Notifications
You must be signed in to change notification settings - Fork 0
/
background.js
124 lines (115 loc) · 3.38 KB
/
background.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
'use strict';
chrome.runtime.onMessage.addListener(
function(request, sender, sendResponse) {
console.log(sender.tab ?
"from a content script:" + sender.tab.url :
"from the extension");
if (request.greeting === "hello") {
sendResponse({farewell: "goodbye"});
}
});
const prefs = {
'enabled': true,
'overwrite-origin': true,
'methods': ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'PATCH'],
'remove-x-frame': true,
'allow-credentials': true,
'allow-headers-value': '*',
'expose-headers-value': '*',
'allow-headers': true
};
const cors = {};
cors.onHeadersReceived = (details) => {
let responseHeaders = details.responseHeaders;
let url = details.url;
if (url.includes('.glb') || url.includes('.gltf')) {
chrome.tabs.query({active: true, currentWindow: true}, function(tabs) {
chrome.tabs.sendMessage(tabs[0].id, {message: 'modify headers for: ' + url});
});
} else {
return { responseHeaders };
}
if (prefs['overwrite-origin'] === true) {
const o = responseHeaders.find(({name}) => name.toLowerCase() === 'access-control-allow-origin');
if (o) {
o.value = '*';
}
else {
responseHeaders.push({
'name': 'Access-Control-Allow-Origin',
'value': '*'
});
}
}
if (prefs.methods.length > 3) { // GET, POST, HEAD are mandatory
const o = responseHeaders.find(({name}) => name.toLowerCase() === 'access-control-allow-methods');
if (o) {
o.value = prefs.methods.join(', ');
}
else {
responseHeaders.push({
'name': 'Access-Control-Allow-Methods',
'value': prefs.methods.join(', ')
});
}
}
if (prefs['allow-credentials'] === true) {
const o = responseHeaders.find(({name}) => name.toLowerCase() === 'access-control-allow-credentials');
if (o) {
o.value = 'true';
}
else {
responseHeaders.push({
'name': 'Access-Control-Allow-Credentials',
'value': 'true'
});
}
}
if (prefs['allow-headers'] === true) {
const o = responseHeaders.find(({name}) => name.toLowerCase() === 'access-control-allow-headers');
if (o) {
o.value = prefs['allow-headers-value'];
}
else {
responseHeaders.push({
'name': 'Access-Control-Allow-Headers',
'value': prefs['allow-headers-value']
});
}
}
if (prefs['allow-headers'] === true) {
const o = responseHeaders.find(({name}) => name.toLowerCase() === 'access-control-expose-headers');
if (o) {
o.value = prefs['expose-headers-value'];
}
else {
responseHeaders.push({
'name': 'Access-Control-Expose-Headers',
'value': prefs['expose-headers-value']
});
}
}
if (prefs['remove-x-frame'] === true) {
const i = responseHeaders.findIndex(({name}) => name.toLowerCase() === 'x-frame-options');
if (i !== -1) {
responseHeaders.splice(i, 1);
}
}
return { responseHeaders };
};
cors.install = () => {
cors.remove();
const extra = ['blocking', 'responseHeaders'];
if (/Firefox/.test(navigator.userAgent) === false) {
extra.push('extraHeaders');
}
chrome.webRequest.onHeadersReceived.addListener(cors.onHeadersReceived, {
urls: ['http://*/*','https://*/*']
}, extra);
};
cors.remove = () => {
chrome.webRequest.onHeadersReceived.removeListener(cors.onHeadersReceived);
};
if (prefs.enabled) {
cors.install();
}