search

pmarks-net / ipvfoo

Display the current page's IP version and addresses
Apache License 2.0
545 stars 50 forks source link

(access denied) on youtube.com #30

Closed pmarks-net closed 7 years ago

pmarks-net commented 7 years ago

Reporting this bug to myself for tracking purposes. When visiting http://youtube.com, IPvFoo displays an (access denied) error.

This seems to happen only when redirecting from the non-https, non-www URL. It's triggered by an origin mismatch between these two events:

  1. webRequest.onBeforeRequest/main_frame -> http://youtube.com/
  2. webNavigation.onCommitted -> https://www.youtube.com/

Need to determine whether this is due to a bug in Chrome, or IPvFoo not monitoring for some event that signals the origin change.

pmarks-net commented 7 years ago

Here's the sequence of events:

onBeforeRequest     http://youtube.com
onBeforeSendHeaders http://youtube.com
onSendHeaders       http://youtube.com
onBeforeRedirect    http://youtube.com
onBeforeRequest     http://www.youtube.com
onBeforeSendHeaders https://www.youtube.com  <-- HSTS appears here
onSendHeaders       https://www.youtube.com
   ...

I think the simplest workaround is to monitor onBeforeSendHeaders or onSendHeaders, because onBeforeRequest happens before the HSTS rewrite. onSendHeaders seems more correct, because we're not trying to modify anything.