科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>Using fetch in chrome extension but it doesn't offer me a cookie - Stack Overflow

    Using fetch in chrome extension but it doesn't offer me a cookie - Stack Overflow

    programmeradmin0浏览0评论

    summarize: I think background.js can't respond cookie in fetch.

    I know, there is a similar query that Asked 7years ago. but information was too little to know how to solve this problem.

    first, as title, I am making a chrome extension that do a completely auto login for using Session hijacking tech.(of course I never develop this for illegal. just for auto login only for MY account in my college website)

    Q: Why do you stick to using Session hijacking?

    A: I think it is a only way to do auto login without enter the login form.

    so I made fetch system that gets valid login cookie and at least in CMD, It works properly.

    this is my fetch code

    const res = await fetch("https://<college website>"
            ,fetchOption.toString());

    fetchOption information...

    this.option = {
            method: 'POST',
            headers: {
                'Content-Type': 'application/x-www-form-urlencoded'
            },
            mode: 'cors',
            body: new URLSearchParams(payload).toString(),
            credentials: 'include'
        }
}

    fetch in CMD: works properly

    Headers {
'transfer-encoding': 'chunked',
connection: 'keep-alive'
'set-cookie': <it shows proper cookie anyway>
date: 'Tue, 19 Nov 2024 14:48:32 GMT',
'content-type': 'text/html; charset=UTF-8'
}

    What I made next was chrome extension's background. I bundled my fetch system and tested it. And it was executed its fetch system automatically. and I got responded, except cookie.

    fetch in chrome extension's background: works properly... EXCEPT COOKIE

    res.headers.forEach(console.log)
/*
  keep-alive connection
  text/html; charset=UTF-8 content-type
  Tue, 19 Nov 2024 15:37:37 GMT date
  hunked transfer-encoding
*/

    I, of course, also used Axios, but it was not enough to get cookie, too. and I got a information from ChatBot AI that I can get cookie data when I fetch in context-script. but It's not an answer because of CORS(I can't fetch before I access that website and that's not what I want).

    also I know there is a chrome.cookie API but there's no way to get response.

    I wonder. If this shit chrome extension blocks getting some cookies. If it's true, There's no way to make my wish come true.

    I'm depressed now... somebody come and tell me how to bypass that chrome extension's inspection.

    "I've tried several approaches:

    1. Using fetch with different options
    2. Switching to Axios
    3. Attempting to use content-script (but CORS prevents this)
    4. Checking declarativeNetRequest API and manifest.json"
    5. Tried in CMD(it works.)
    6. I considered using VM, but It seems so unstable because the module is too old.

    "The extension is built with TypeScript and uses Manifest V3"

    "Is there any alternative way to:

    1. Access Set-Cookie headers in background script, or
    2. Implement auto-login without accessing cookies directly?
    3. Or make the session last forever?

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论