Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

POST Absolute URI is sent to server by XmlHttpRequest when using Squid3 proxy

I've faced strange problem now with sending http request from Chrome extension i am developing (normal JavaScript). This's a POST request with XmlHttpRequest (from background.js) with url like:

http://host.com/postform/upload

I also send this request from normal webpage (not chrome extension), and important bit is that if i open Developer Tools and check Network tab for my request (selecting raw headers display) i see first header there:

POST /postform/upload HTTP/1.1

And it works fine before i enable proxy instead of a direct conneciton. I use squid3 on my Ubuntu for this. Only one thing is different between requests when using proxy - and it makes HTTP server return 404 not found - only when using proxy..

When i force Chrome to work with my proxy based on squid3 (i use PAC script for this in my chrome extension), my request will not work. I checked many times and did all i could to reduce any difference in request body, and all i have left for now is first header.

It looks like this when request sent with proxy active (from Network tab of Developer Tools, opened from background page):

POST http://host.com/postform/upload HTTP/1.1

I've tried using chome.webRequest.onBeforeSendHeaders API, but that did not help. I also tried to remove hostname from URL in XmlHttpRequest.open but this did not help.

Yep, i am sending correct Host and Origin headers in any case. Could this be a problem in my squid3 configuration, or what should i change in my javaScript?

UPDATE Realized now that squid is not the problem in any way, and the problem is that POST request contains FULL uri (http://...) instead of "path". GET works fine. It's killing me.

I cannot use iframe workarounds. What's my problem?

like image 416
Croll Avatar asked Jan 25 '16 23:01

Croll


1 Answers

To use the XHR API from within your Chrome extension, you need to request the permission for the target host by specifying its URL in the "permissions" manifest-attribute. For example, if the target host (to which you want to send the XHR request) is http://www.example.org, then your manifest should contain the following lines of code.

...
"permissions" : {
    "http://www.example.org",
    ...
}

If you have done so already, then obviously, the error is on the back-end part. Also read about match patterns to allow matching of multiple URLs using a single string - for example, *://www.example.org/*.

like image 141
Patt Mehta Avatar answered Nov 05 '22 12:11

Patt Mehta