@checkly/playwright-core 1.51.17-beta.5 → 1.51.18-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/checkly/secretsFilter.js +10 -1
- package/lib/client/fetch.js +1 -1
- package/package.json +1 -1
|
@@ -17,9 +17,18 @@ const dynamicallyAddedSecrets = new Set();
|
|
|
17
17
|
let cachedAuthorizationHeaderSecrets = null;
|
|
18
18
|
const extractAuthorizationHeaderValue = authorizationHeaderValue => {
|
|
19
19
|
const spaceIndex = authorizationHeaderValue.indexOf(' ');
|
|
20
|
-
|
|
20
|
+
if (spaceIndex === -1) return authorizationHeaderValue;
|
|
21
|
+
return authorizationHeaderValue.slice(spaceIndex + 1);
|
|
21
22
|
};
|
|
22
23
|
|
|
24
|
+
/**
|
|
25
|
+
* We use diagnostics_channel.subscribe to intercept HTTP(S) requests not made through
|
|
26
|
+
* Playwright's request fixture. The request fixture outputs the Authorization header
|
|
27
|
+
* value before executing the request, but direct Node.js HTTP calls bypass this mechanism.
|
|
28
|
+
* By subscribing to these diagnostic channels, we can capture authorization secrets from
|
|
29
|
+
* all HTTP requests made in the test environment.
|
|
30
|
+
*/
|
|
31
|
+
|
|
23
32
|
// For http/https
|
|
24
33
|
diagnostics_channel.subscribe('http.client.request.start', message => {
|
|
25
34
|
const {
|
package/lib/client/fetch.js
CHANGED
|
@@ -222,7 +222,7 @@ class APIRequestContext extends _channelOwner.ChannelOwner {
|
|
|
222
222
|
|
|
223
223
|
// [Checkly] We need to parse the headers in case there is the Authorization one.
|
|
224
224
|
for (const header of headers || []) {
|
|
225
|
-
if (header.name === '
|
|
225
|
+
if (header.name.toLowerCase() === 'authorization') (0, _secretsFilter.addSecret)(header.value);
|
|
226
226
|
}
|
|
227
227
|
// [/Checkly]
|
|
228
228
|
|