passbolt-browser-extension 4.7.0 → 4.7.3-rc.0

package/CHANGELOG.md

@@ -3,6 +3,15 @@ All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 
 ## [Unreleased]
+## [4.7.3] - 2024-05-07
+### Maintenance
+- PB-33235 Convert formData file into a json serializable in offscreen
+- PB-33297 Extension update available should store the state if user signed in
+
+## [4.7.1] - 2024-05-02
+### Maintenance
+- PB-33225 MV3 beta rollout
+
 ## [4.7.0] - 2024-04-26
 ### Added
 - PB-32931 As administrator, I see SSO and Directory Sync health checks in Passbolt API Status page
@@ -1586,7 +1595,9 @@ self registration settings option in the left-side bar
 - AP: User with plugin installed
 - LU: Logged in user
 
-[Unreleased]: https://github.com/passbolt/passbolt_browser_extension/compare/v4.7.0...HEAD
+[Unreleased]: https://github.com/passbolt/passbolt_browser_extension/compare/v4.7.3...HEAD
+[4.7.3]: https://github.com/passbolt/passbolt_browser_extension/compare/v4.7.1...v4.7.3
+[4.7.1]: https://github.com/passbolt/passbolt_browser_extension/compare/v4.7.0...v4.7.1
 [4.7.0]: https://github.com/passbolt/passbolt_browser_extension/compare/v4.6.2...v4.7.0
 [4.6.2]: https://github.com/passbolt/passbolt_browser_extension/compare/v4.6.0...v4.6.2
 [4.6.0]: https://github.com/passbolt/passbolt_browser_extension/compare/v4.5.2...v4.6.0

package/RELEASE_NOTES.md

@@ -1,72 +1,8 @@
 Song: https://www.youtube.com/watch?v=3L4YrGaR8E4
 
-Passbolt v4.7 is a maintenance release that resolves multiple issues identified by the community.
-Furthermore, this release supports the commitment to improving customization options and integration features, making it easier for organizations to tailor the system to their specific needs.
-
-A key enhancement in this release is the ability for administrators to use custom SSL certificates for SMTP and Users directory server connections (PRO only).
-These long-awaited features are particularly beneficial for organizations operating in air-gapped environments or those using their own root CAs, enabling passbolt to more securely integrate with internal communication tools.
-All of these customizations are visible in the API status report of the administration workspace, providing a clear and manageable overview for administrators.
-
-Moreover, the integration with user directories has been enhanced, now enabling the synchronization of user accounts using multiple fields as email identifiers.
-This allows organizations with heterogeneous data environments to synchronize more seamlessly with Passbolt.
-This improvement is part of a broader initiative aimed at modernizing the integration with your user directories.
-Stay tuned, more enhancements are planned for future releases.
-
-## [4.7.0] - 2024-04-26
-### Added
-- PB-32931 As administrator, I see SSO and Directory Sync health checks in Passbolt API Status page
-- PB-33065 As an administrator I can add a fallback property to map my organisation AD user username
-- PB-33070 Request passphrase when exporting account kit
-
-### Fixed
-- PB-32420 Fix double calls to PwnedPassword API service
-- PB-32631 Fix healthCheck Entity to support air gapped instances
-- PB-33066 As AD, I should not see directorySync and SSO checks if they are disabled
-- PB-33067 After an unexpected error during setup, recover or account recovery, only the iframe reload and the port cannot reconnect
+Passbolt v4.7.3 is a test release focused on addressing problems identified with MV3.
 
+## [4.7.3] - 2024-05-07
 ### Maintenance
-- PB-22623 Start service worker in an insecure environment
-- PB-22640 As a signed-in user the inform call to action should remain after the port is disconnected only for MV3
-- PB-22644 The passbolt icon should detect if the user is still connected after the service worker awake
-- PB-23928 Handle when the extension is updated, the webIntegration should be destroy and injected again
-- PB-29622 Simulate user keyboard input for autofill event
-- PB-29946 When the service worker is shutdown and a navigation is detected the service worker do not reconnect port and stay in error mode
-- PB-29965 Use a dedicated service to verify the server
-- PB-29966 Update apiClient to support form data body and custom header
-- PB-29967 Use a dedicated service to do the step challenge with the server
-- PB-29968 use a dedicated service to check the user authentication status
-- PB-29969 Use a dedicated service to logout the user
-- PB-29988 Update the alarm in the class StartLoopAuthSessionCheckService to use the property periodInMinutes
-- PB-29989 Put the alarm listener at the top level for the StartLoopAuthSessionCheckService to check the authentication status
-- PB-29990 Move PassphraseStorageService keep alive alarm listener in top level
-- PB-30272 Add message service in the app content script in order to reconnect the port from a message sent by the service worker
-- PB-30273 On the post logout event the service worker should reconnect port that needs to receive the post logout message
-- PB-30274 Add message service in the browser integration content script in order to reconnect the port from a message sent by the service worker
-- PB-30310 Improve invalid groups users sanitization strategy
-- PB-30335 Use timeout instead alarms for service worker
-- PB-30336 Use timeout instead alarms for promise timeout service
-- PB-30337 Put the alarm listener at the top level for the passphraseStorageService to flush passphrase after a time duration
-- PB-30341 Remove alarms for toolbar controller
-- PB-30342 Use timeout instead of alarm for the resource in progress cache service to flush the resource not consumed
-- PB-30374 Check if AuthService from styleguide is still used in the Bext otherwise remove it
-- PB-30375 Improve CI unit test performance by running them in band
-- PB-32291 Cleanup legacy code and unused passbolt.auth.is-authenticated related elements
-- PB-32335 Split PassphraseStorageService to put the KeepSessionAlive feature on its own service
-- PB-32345 Ensures on the desktop app during import account that the file to import is taken into account
-- PB-32597 Ensure ToolbarController are set on index.js
-- PB-32598 Ensure add listener from authentication event controller are set on index.js
-- PB-32599 Ensure add listener from StartLoopAuthSessionCheckService are set on index.js
-- PB-32604 Ensure add listener from on extension update available controller are set on index.js
-- PB-32602 Ensure add listener from user.js are set on index.js
-- PB-32603 Ensure add listener from ResourceInProgressCacheService are set on index.js
-- PB-32915 Update code to remove the destruction of the public web sign-in on port disconnected
-- PB-32916 Update code to remove the destruction of the setup on port disconnected
-- PB-32917 Update code to remove the destruction of the recover on port disconnected
-- PB-33018 Automate browser extension npm publication
-- PB-33024 Ensure only stable tags of the styleguide are published to npm
-- PB-33024 Ensure only stable tag of the browser extension are sent for review or publish to the store
-- PB-33061 Create account temporary storage
-- PB-33062 Use temporary account storage for setup process
-- PB-33063 Use temporary account storage for recover process
-- PB-33064 Use temporary account storage for account recovery process
-- PB-33068 Remove beta information for the windows app
+- PB-33235 Convert formData file into a json serializable in offscreen
+- PB-33297 Extension update available should store the state if user signed in

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "passbolt-browser-extension",
-  "version": "4.7.0",
+  "version": "4.7.3-rc.0",
   "license": "AGPL-3.0",
   "copyright": "Copyright 2022 Passbolt SA",
   "description": "Passbolt web extension for the open source password manager for teams",

package/src/all/background_page/model/entity/avatar/update/avatarUpdateEntity.js

@@ -13,7 +13,7 @@
  */
 import Entity from "passbolt-styleguide/src/shared/models/entity/abstract/entity";
 import EntitySchema from "passbolt-styleguide/src/shared/models/entity/abstract/entitySchema";
-import b64ToBlob from "../../../../utils/format/base64";
+import Base64Utils from "../../../../utils/format/base64";
 
 
 const ENTITY_NAME = 'AvatarUpdate';
@@ -47,7 +47,7 @@ class AvatarUpdateEntity extends Entity {
     const filename = avatarBase64UpdateDto.filename;
     const fileBase64 = avatarBase64UpdateDto.fileBase64;
     const mimeType = avatarBase64UpdateDto.mimeType;
-    const file = b64ToBlob(fileBase64, mimeType);
+    const file = Base64Utils.base64ToBlob(fileBase64, mimeType);
     const avatarUpdateDto = {file: file, filename: filename, mimeType: mimeType};
     return new AvatarUpdateEntity(avatarUpdateDto);
   }

package/src/all/background_page/service/extension/onExtensionUpdateAvailableService.js

@@ -20,6 +20,8 @@ import WebIntegrationPagemod from "../../pagemod/webIntegrationPagemod";
 import WorkerService from "../worker/workerService";
 import PublicWebsiteSignInPagemod from "../../pagemod/publicWebsiteSignInPagemod";
 
+const PASSBOLT_EXTENSION_UPDATE = "passboltExtensionUpdate";
+
 class OnExtensionUpdateAvailableService {
   /**
    * Execute the OnExtensionUpdateAvailableService process
@@ -27,7 +29,7 @@ class OnExtensionUpdateAvailableService {
    */
   static async exec() {
     if (await isUserAuthenticated()) {
-      this.shouldReload = true;
+      await browser.storage.session.set({[PASSBOLT_EXTENSION_UPDATE]: true});
     } else {
       await this.cleanAndReload();
     }
@@ -47,8 +49,9 @@ class OnExtensionUpdateAvailableService {
    * It triggers a runtime reload if an extension update was available while the user was signed in.
    */
   static async handleUserLoggedOut() {
-    if (this.shouldReload) {
-      this.shouldReload = false;
+    const shouldUpdate = await browser.storage.session.get(PASSBOLT_EXTENSION_UPDATE);
+    if (shouldUpdate && shouldUpdate[PASSBOLT_EXTENSION_UPDATE]) {
+      await browser.storage.session.remove(PASSBOLT_EXTENSION_UPDATE);
       await this.cleanAndReload();
     }
   }

package/src/all/background_page/utils/format/base64.js

@@ -1,33 +1,61 @@
 /**
- * Transforms a base 64 encoded file content into a file object.
- * Useful when we need to transmit a file from the content code to the add-on code.
- * @param string b64Data
- * @param string contentType
- * @param integer sliceSize
- * @returns {*}
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         4.8.0
  */
-function b64ToBlob(b64Data, contentType, sliceSize) {
-  contentType = contentType || '';
-  sliceSize = sliceSize || 512;
 
-  const byteCharacters = atob(b64Data);
-  const byteArrays = [];
+/**
+ * The class that deals with Passbolt to convert base64.
+ */
+class Base64Utils {
+  /**
+   * Transforms a base 64 encoded file content into a file object.
+   * Useful when we need to transmit a file from the content code to the add-on code.
+   * @param {string} b64Data The base64 data
+   * @param {string} contentType The content type
+   * @param {number} sliceSize The slice size
+   * @returns {*}
+   */
+  static base64ToBlob(b64Data, contentType = "", sliceSize = 512) {
+    const byteCharacters = atob(b64Data);
+    const byteArrays = [];
 
-  for (let offset = 0; offset < byteCharacters.length; offset += sliceSize) {
-    const slice = byteCharacters.slice(offset, offset + sliceSize);
+    for (let offset = 0; offset < byteCharacters.length; offset += sliceSize) {
+      const slice = byteCharacters.slice(offset, offset + sliceSize);
 
-    const byteNumbers = new Array(slice.length);
-    for (let i = 0; i < slice.length; i++) {
-      byteNumbers[i] = slice.charCodeAt(i);
-    }
+      const byteNumbers = new Array(slice.length);
+      for (let i = 0; i < slice.length; i++) {
+        byteNumbers[i] = slice.charCodeAt(i);
+      }
 
-    const byteArray = new Uint8Array(byteNumbers);
+      const byteArray = new Uint8Array(byteNumbers);
 
-    byteArrays.push(byteArray);
+      byteArrays.push(byteArray);
+    }
+
+    return new Blob(byteArrays, {type: contentType});
   }
 
-  const blob = new Blob(byteArrays, {type: contentType});
-  return blob;
+  /**
+   * Transforms a file object into a base 64 encoded file content.
+   * @param {Blob} blob
+   * @returns {Promise<string>}
+   */
+  static blobToBase64(blob) {
+    return new Promise(resolve => {
+      const reader = new FileReader();
+      reader.onloadend = () => resolve(reader.result);
+      reader.readAsDataURL(blob);
+    });
+  }
 }
 
-export default b64ToBlob;
+export default Base64Utils;

package/src/all/background_page/utils/format/formDataUtils.js

@@ -0,0 +1,93 @@
+/**
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         4.8.0
+ */
+
+import Base64Utils from "./base64";
+
+/**
+ * The class that deals with Passbolt to convert formData.
+ */
+class FormDataUtils {
+  /**
+   * Transform a form data to an array of object
+   * @param {FormData} formData The form data
+   * @return {Promise<Array<Object>>}
+   */
+  static async formDataToArray(formData) {
+    const formDataSerialized = [];
+    for (const [key, value] of formData.entries()) {
+      const formDataObject = {
+        key: key
+      };
+      // BLOB in FormData is transformed into a File
+      if (value instanceof File) {
+        formDataObject.value = await Base64Utils.blobToBase64(value);
+        formDataObject.name = value.name;
+        formDataObject.type = FormDataUtils.TYPE_FILE;
+      } else {
+        formDataObject.value = value;
+        formDataObject.type = FormDataUtils.TYPE_SCALAR;
+      }
+      formDataSerialized.push(formDataObject);
+    }
+    return formDataSerialized;
+  }
+
+  /**
+   * Transform an array of object to a form data
+   * @param {Array<Object>} array
+   * @return {FormData}
+   */
+  static arrayToFormData(array) {
+    const formData = new FormData();
+    array.forEach(data => {
+      if (data.type === FormDataUtils.TYPE_SCALAR) {
+        formData.append(data.key, data.value);
+      } else {
+        const base64UrlSplit = data.value.split(',');
+        const blobBase64 = base64UrlSplit[1];
+        const mimeType = base64UrlSplit[0].split(':')[1].split(';')[0];
+        const blob = Base64Utils.base64ToBlob(blobBase64, mimeType);
+        formData.append(data.key, blob, data.name);
+      }
+    });
+    return formData;
+  }
+
+  /**
+   * Get the type scalar
+   * @return {string}
+   */
+  static get TYPE_SCALAR() {
+    return "SCALAR";
+  }
+
+  /**
+   * Get the type file
+   * @return {string}
+   */
+  static get TYPE_FILE() {
+    return "FILE";
+  }
+
+  /**
+   * Get the type blob
+   * @return {string}
+   * @constructor
+   */
+  static get TYPE_BLOB() {
+    return "FILE";
+  }
+}
+
+export default FormDataUtils;

package/src/all/background_page/utils/format/formDataUtils.test.data.js

@@ -0,0 +1,49 @@
+/**
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         4.8.0
+ */
+
+export const formDataString = () => {
+  const formDataBody = new FormData();
+  formDataBody.append("prop1", "value 1");
+  formDataBody.append("prop1", "value 2");
+  return formDataBody;
+};
+
+export const formDataFile = () => {
+  const formDataBody = new FormData();
+  const file1 = new File(['test'], "file 1", {type: 'image/png'});
+  const file2 = new File(['test'], "file 2", {type: 'image/png'});
+  formDataBody.append("file", file1, "file 1");
+  formDataBody.append("file", file2, "file 2");
+  return formDataBody;
+};
+
+export const formDataBlob = () => {
+  const formDataBody = new FormData();
+  const blob1 = new Blob(['test'], {type: 'text/plain'});
+  const blob2 = new Blob(['test'], {type: 'text/plain'});
+  formDataBody.append("blob", blob1, "blob 1");
+  formDataBody.append("blob", blob2, "blob 2");
+  return formDataBody;
+};
+
+export const formDataMixed = () => {
+  const formDataBody = new FormData();
+  formDataBody.append("prop1", "value 1");
+  const file = new File(['test'], "file 1", {type: 'image/png'});
+  formDataBody.append("file", file, "file 1");
+  const blob = new Blob(['test'], {type: 'text/plain'});
+  formDataBody.append("blob", blob, "blob 1");
+  return formDataBody;
+};
+

package/src/all/background_page/utils/format/formDataUtils.test.js

@@ -0,0 +1,105 @@
+/**
+ * Passbolt ~ Open source password manager for teams
+ * Copyright (c) Passbolt SA (https://www.passbolt.com)
+ *
+ * Licensed under GNU Affero General Public License version 3 of the or any later version.
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
+ * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
+ * @link          https://www.passbolt.com Passbolt(tm)
+ * @since         4.8.0
+ */
+import {formDataMixed, formDataString} from "./formDataUtils.test.data";
+import FormDataUtils from "./formDataUtils";
+import {formDataBlob, formDataFile} from "./formDataUtils.test.data";
+
+describe("FormDataUtils", () => {
+  beforeEach(() => {
+    jest.resetModules();
+  });
+
+  describe("FormDataUtils::formDataToArray", () => {
+    it("Should create an array of scalar object", async() => {
+      expect.assertions(1);
+      // data mocked
+      const formData = formDataString();
+      // process
+      const arrayObject = await FormDataUtils.formDataToArray(formData);
+      // expectations
+      const expectedArray = [
+        {key: "prop1", value: "value 1", type: FormDataUtils.TYPE_SCALAR},
+        {key: "prop1", value: "value 2", type: FormDataUtils.TYPE_SCALAR}
+      ];
+      expect(arrayObject).toStrictEqual(expectedArray);
+    });
+
+    it("Should create an array of file object", async() => {
+      expect.assertions(1);
+      // data mocked
+      const formData = formDataFile();
+      // process
+      const arrayObject = await FormDataUtils.formDataToArray(formData);
+      // expectations
+      const expectedArray = [
+        {key: "file", value: "data:image/png;base64,dGVzdA==", name: "file 1", type: FormDataUtils.TYPE_FILE},
+        {key: "file", value: "data:image/png;base64,dGVzdA==", name: "file 2", type: FormDataUtils.TYPE_FILE}
+      ];
+      expect(arrayObject).toStrictEqual(expectedArray);
+    });
+
+    it("Should create an array of blob object", async() => {
+      expect.assertions(1);
+      // data mocked
+      const formData = formDataBlob();
+      // process
+      const arrayObject = await FormDataUtils.formDataToArray(formData);
+      // expectations
+      const expectedArray = [
+        {key: "blob", value: "data:text/plain;base64,dGVzdA==", name: "blob 1", type: FormDataUtils.TYPE_BLOB},
+        {key: "blob", value: "data:text/plain;base64,dGVzdA==", name: "blob 2", type: FormDataUtils.TYPE_BLOB}
+      ];
+      expect(arrayObject).toStrictEqual(expectedArray);
+    });
+
+    it("Should create an array of mixed object", async() => {
+      expect.assertions(1);
+      // data mocked
+      const formData = formDataMixed();
+      // process
+      const arrayObject = await FormDataUtils.formDataToArray(formData);
+      // expectations
+      const expectedArray = [
+        {key: "prop1", value: "value 1", type: FormDataUtils.TYPE_SCALAR},
+        {key: "file", value: "data:image/png;base64,dGVzdA==", name: "file 1", type: FormDataUtils.TYPE_FILE},
+        {key: "blob", value: "data:text/plain;base64,dGVzdA==", name: "blob 1", type: FormDataUtils.TYPE_BLOB}
+      ];
+      expect(arrayObject).toStrictEqual(expectedArray);
+    });
+  });
+
+  describe("FormDataUtils::arrayToFormData", () => {
+    it("should form the same formData string from the origin", async() => {
+      expect.assertions(1);
+      // data mocked
+      const formData = formDataString();
+      // process
+      const arrayObject = await FormDataUtils.formDataToArray(formData);
+      const formDataReceived = FormDataUtils.arrayToFormData(arrayObject);
+      // expectations
+      expect(formData).toStrictEqual(formDataReceived);
+    });
+
+    it("should form the same formData mixed from the origin", async() => {
+      expect.assertions(1);
+      // data mocked
+      const formData = formDataMixed();
+      // process
+      const arrayObject = await FormDataUtils.formDataToArray(formData);
+      const formDataReceived = FormDataUtils.arrayToFormData(arrayObject);
+      // expectations
+      expect(formData).toStrictEqual(formDataReceived);
+    });
+  });
+});

package/src/chrome/manifest.json

@@ -2,7 +2,7 @@
   "manifest_version": 2,
   "name": "__MSG_appName__",
   "short_name": "passbolt",
-  "version": "4.7.0",
+  "version": "4.7.3",
   "description": "__MSG_appDescription__",
   "default_locale": "en",
   "externally_connectable": {},

package/src/chrome-mv3/manifest.json

@@ -2,7 +2,7 @@
   "manifest_version": 3,
   "name": "__MSG_appName__",
   "short_name": "passbolt",
-  "version": "4.7.0",
+  "version": "4.7.3",
   "description": "__MSG_appDescription__",
   "default_locale": "en",
   "externally_connectable": {

package/src/chrome-mv3/offscreens/service/network/fetchOffscreenService.js

@@ -13,12 +13,15 @@
  */
 
 import Validator from "validator";
+import FormDataUtils from "../../../../all/background_page/utils/format/formDataUtils";
 
 export const SEND_MESSAGE_TARGET_FETCH_OFFSCREEN = "fetch-offscreen";
 export const SEND_MESSAGE_TARGET_FETCH_OFFSCREEN_RESPONSE_HANDLER = "service-worker-fetch-offscreen-response-handler";
 export const SEND_MESSAGE_TARGET_FETCH_OFFSCREEN_POLLING_HANDLER = "service-worker-fetch-offscreen-polling-handler";
 export const FETCH_OFFSCREEN_RESPONSE_TYPE_SUCCESS = "success";
 export const FETCH_OFFSCREEN_RESPONSE_TYPE_ERROR = "error";
+export const FETCH_OFFSCREEN_DATA_TYPE_JSON = "JSON";
+export const FETCH_OFFSCREEN_DATA_TYPE_FORM_DATA = "FORM_DATA";
 const POLLING_COUNTER_UPDATE_LOCK = "POLLING_COUNTER_UPDATE_LOCK";
 const POLLING_PERIOD = 25_000;
 
@@ -54,7 +57,8 @@ export default class FetchOffscreenService {
       return;
     }
     const {id, resource, options} = message?.data || {};
-
+    // Update the body to fit the data type to send (JSON or FORM DATA)
+    options.body = options.body.dataType === FETCH_OFFSCREEN_DATA_TYPE_JSON ? options.body.data : FormDataUtils.arrayToFormData(options.body.data);
     await FetchOffscreenService.increaseAwaitingRequests();
     try {
       const response = await fetch(resource, options);

package/src/chrome-mv3/offscreens/service/network/fetchOffscreenService.test.data.js

@@ -12,7 +12,7 @@
  * @since         4.7.0
  */
 import {fetchOptionsHeaders} from "../../../serviceWorker/service/network/requestFetchOffscreenService.test.data";
-import {SEND_MESSAGE_TARGET_FETCH_OFFSCREEN} from "./fetchOffscreenService";
+import {FETCH_OFFSCREEN_DATA_TYPE_JSON, SEND_MESSAGE_TARGET_FETCH_OFFSCREEN} from "./fetchOffscreenService";
 
 export const defaultFetchMessage = message => ({
   target: SEND_MESSAGE_TARGET_FETCH_OFFSCREEN,
@@ -23,8 +23,11 @@ export const defaultFetchMessage = message => ({
       credentials: "include",
       headers: fetchOptionsHeaders(),
       body: {
-        prop1: "value 1",
-        prop2: "value 2"
+        data: {
+          prop1: "value 1",
+          prop2: "value 2"
+        },
+        dataType: FETCH_OFFSCREEN_DATA_TYPE_JSON
       }
     }
   },

package/src/chrome-mv3/serviceWorker/service/network/requestFetchOffscreenService.js

@@ -11,6 +11,11 @@
  * @link          https://www.passbolt.com Passbolt(tm)
  * @since         4.7.0
  */
+import FormDataUtils from "../../../../all/background_page/utils/format/formDataUtils";
+import {
+  FETCH_OFFSCREEN_DATA_TYPE_FORM_DATA,
+  FETCH_OFFSCREEN_DATA_TYPE_JSON
+} from "../../../offscreens/service/network/fetchOffscreenService";
 
 const {SEND_MESSAGE_TARGET_FETCH_OFFSCREEN} = require("../../../offscreens/service/network/fetchOffscreenService");
 
@@ -92,7 +97,7 @@ export class RequestFetchOffscreenService {
       RequestFetchOffscreenService.createIfNotExistOffscreenDocument);
 
     const offscreenFetchId = crypto.randomUUID();
-    const offscreenFetchData = RequestFetchOffscreenService.buildOffscreenData(offscreenFetchId, resource, options);
+    const offscreenFetchData = await RequestFetchOffscreenService.buildOffscreenData(offscreenFetchId, resource, options);
 
     return new Promise((resolve, reject) => {
       // Stack the response listener callbacks.
@@ -130,19 +135,21 @@ export class RequestFetchOffscreenService {
    * @param {object} fetchOptions The fetch options, similar to the native fetch option parameter.
    * @returns {object}
    */
-  static buildOffscreenData(id, resource, fetchOptions = {}) {
+  static async buildOffscreenData(id, resource, fetchOptions = {}) {
     const options = JSON.parse(JSON.stringify(fetchOptions));
 
     // Format FormData fetch options to allow its serialization.
     if (fetchOptions?.body instanceof FormData) {
-      const formDataValues = [];
-      for (const key of fetchOptions.body.keys()) {
-        formDataValues.push(`${encodeURIComponent(key)}=${encodeURIComponent(fetchOptions.body.get(key))}`);
-      }
-      options.body = formDataValues.join('&');
-      // Ensure the request content type reflect the content of its body.
-      options.headers = options.headers ?? {};
-      options.headers['Content-type'] = 'application/x-www-form-urlencoded';
+      const formDataSerialized = await FormDataUtils.formDataToArray(fetchOptions.body);
+      options.body = {
+        data: formDataSerialized,
+        dataType: FETCH_OFFSCREEN_DATA_TYPE_FORM_DATA
+      };
+    } else {
+      options.body = {
+        data: fetchOptions.body,
+        dataType: FETCH_OFFSCREEN_DATA_TYPE_JSON
+      };
     }
 
     return {id, resource, options};

package/src/chrome-mv3/serviceWorker/service/network/requestFetchOffscreenService.test.js

@@ -19,8 +19,12 @@ import {
   IS_FETCH_OFFSCREEN_PREFERRED_STORAGE_KEY,
   RequestFetchOffscreenService
 } from "./requestFetchOffscreenService";
-import {SEND_MESSAGE_TARGET_FETCH_OFFSCREEN} from "../../../offscreens/service/network/fetchOffscreenService";
+import {
+  FETCH_OFFSCREEN_DATA_TYPE_FORM_DATA, FETCH_OFFSCREEN_DATA_TYPE_JSON,
+  SEND_MESSAGE_TARGET_FETCH_OFFSCREEN
+} from "../../../offscreens/service/network/fetchOffscreenService";
 import {fetchOptionsWithBodyFormData, fetchOptionWithBodyData} from "./requestFetchOffscreenService.test.data";
+import FormDataUtils from "../../../../all/background_page/utils/format/formDataUtils";
 
 beforeEach(() => {
   enableFetchMocks();
@@ -108,19 +112,24 @@ describe("RequestFetchOffscreenService", () => {
       const id = crypto.randomUUID();
       const resource = "https://test.passbolt.com/passbolt-unit-test/test.json";
       const options = fetchOptionWithBodyData();
-      const offscreenData = RequestFetchOffscreenService.buildOffscreenData(id, resource, options);
+      const offscreenData = await RequestFetchOffscreenService.buildOffscreenData(id, resource, options);
+      options.body = {
+        data: options.body,
+        dataType: FETCH_OFFSCREEN_DATA_TYPE_JSON
+      }
       // Ensure body remains a form data after serialization.
       expect(offscreenData).toEqual({id, resource, options});
     });
 
     it("should ensure given fetch options body will not be altered", async() => {
-      expect.assertions(1);
+      expect.assertions(2);
       const id = crypto.randomUUID();
       const resource = "https://test.passbolt.com/passbolt-unit-test/test.json";
       const fetchOptions = fetchOptionsWithBodyFormData();
-      RequestFetchOffscreenService.buildOffscreenData(id, resource, fetchOptions);
+      const offscreenData = await RequestFetchOffscreenService.buildOffscreenData(id, resource, fetchOptions);
       // Ensure body remains a form data after serialization.
-      expect(fetchOptions.body).toBeInstanceOf(FormData);
+      expect(offscreenData.options.body.data).toBeInstanceOf(Array);
+      expect(offscreenData.options.body.dataType).toStrictEqual(FETCH_OFFSCREEN_DATA_TYPE_FORM_DATA);
     });
 
     it("should transform FormData body into serialized encoded url parameters", async() => {
@@ -129,7 +138,7 @@ describe("RequestFetchOffscreenService", () => {
       const resource = "https://test.passbolt.com/passbolt-unit-test/test.json";
       const options = fetchOptionsWithBodyFormData();
 
-      const offscreenData = RequestFetchOffscreenService.buildOffscreenData(id, resource, options);
+      const offscreenData = await RequestFetchOffscreenService.buildOffscreenData(id, resource, options);
       // eslint-disable-next-line object-shorthand
       const expectedOffscreenMessageData = {
         id,
@@ -138,9 +147,11 @@ describe("RequestFetchOffscreenService", () => {
           ...options,
           headers: {
             ...options.headers,
-            "Content-type": "application/x-www-form-urlencoded" // ensure the content type reflect the body type parameter.
           },
-          body: "prop1=value%201&prop1=value%201" // ensure the body is serialized as url encoded parameter
+          body: {
+            data: [{key: "prop1", value: "value 1", type: FormDataUtils.TYPE_SCALAR}, {key: "prop1", value: "value 2", type: FormDataUtils.TYPE_SCALAR}],
+            dataType: FETCH_OFFSCREEN_DATA_TYPE_FORM_DATA
+          } // ensure the body is serialized as url encoded parameter
         }
       };
       expect(offscreenData).toEqual(expectedOffscreenMessageData);
@@ -172,9 +183,14 @@ describe("RequestFetchOffscreenService", () => {
               ...message.data.options,
               headers: {
                 ...message.data.options.headers,
-                "Content-type": "application/x-www-form-urlencoded" // ensure the content type reflect the body type parameter.
               },
-              body: "prop1=value%201&prop1=value%201" // ensure the body is serialized as url encoded parameter
+              body: {
+                data: [
+                  {key: "prop1", value: "value 1", type: FormDataUtils.TYPE_SCALAR},
+                  {key: "prop1", value: "value 2", type: FormDataUtils.TYPE_SCALAR}
+                ],
+                dataType: FETCH_OFFSCREEN_DATA_TYPE_FORM_DATA
+              }, // ensure the body is serialized as url encoded parameter
             }
           },
         };

package/src/firefox/manifest.json

@@ -2,7 +2,7 @@
   "manifest_version": 2,
   "name": "__MSG_appName__",
   "short_name": "passbolt",
-  "version": "4.7.0",
+  "version": "4.7.3",
   "description": "__MSG_appDescription__",
   "default_locale": "en",
   "browser_specific_settings": {

package/src/safari/manifest.json

@@ -2,7 +2,7 @@
   "manifest_version": 3,
   "name": "__MSG_appName__",
   "short_name": "passbolt",
-  "version": "4.7.0",
+  "version": "4.7.3",
   "description": "__MSG_appDescription__",
   "default_locale": "en",
   "externally_connectable": {},