Cookie- and Set-Cookie-headers are missing in Chrome

[khlr]

While debugging a web application the other day I noticed that SAML-tracer doesn't record the Cookie- or Set-Cookie-header in Chrome. This was a really lucky discovery since I usually don't use Chrome.

It's a quite sever bug as users of SAML-tracer in Chrome will mistakenly think that their applications don't issue cookies albeit in fact they do!

Why does this bug occur? This is due to a change in Chrome 72: Starting from this version the Cookie-, Set-Cookie- and some other headers are only accessible by specifying extraHeaders in opt_extraInfoSpec. See: https://developer.chrome.com/extensions/webRequest

Hence I added this option, although there's one downside:

Note: Specifying 'extraHeaders' in opt_extraInfoSpec may have a negative impact on performance, hence it should only be used when really necessary.

But I think there's no way to get around this. SAML-tracer has to inspect each request since there's always a chance for cookies being involved.

[khlr]

@jaimeperez, will you soon find the time to merge this PR? (And the other open PRs as well 😉) Tho, to me, this one seems to be the most important one as the bug can be really misleading.

[jaimeperez]

Thanks @khlr! And sorry for the time it took me to have a look at this.

The change looks good to me and the bug indeed is quite bad, so I'll take a look at the other PR and try to create a new release as soon as I'm able to.

[khlr]

Thank you for creating the new release, Jaime 🙂

[jaimeperez]

No problem at all! I just wish I had the time to be more responsive and get things released faster...

[tvdijen]

I couldn't find my plugin anymore yesterday with the new logo :rofl: