Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Asset discovery headers #384

Merged
merged 2 commits into from
Oct 3, 2019
Merged

feat: Asset discovery headers #384

merged 2 commits into from
Oct 3, 2019

Conversation

wwilsman
Copy link
Contributor

@wwilsman wwilsman commented Oct 3, 2019

Purpose

The asset discovery service cannot capture assets protected by authentication. While headers may not help with cookie or session auth, they will at least enable users to use basic auth, proxy auth, or set some other header token to pass their server's auth requirements.

Approach

Allow two options for specifying headers:

  • Per-snapshot headers via a requestHeaders option – if only a single snapshot needs a header, this would be preferred over setting global request headers.

  • Global headers via a agent.asset-discovery.request-headers option inside a config file.

Per-snapshot headers are merged with global headers. So headers defined in the config file will always be present, even when specifying additional headers per-snapshot.

The headers are set with Puppeteer's setExtraHTTPHeaders() method during asset discovery. For redirected assets, the original request's headers are forwarded to the Axios request.

Tests

Live site tests cannot be added to the SDK test site due to Netifly restricting authentication to pro plans. The testing server used (http-server) recently added support for basic auth 6 months ago, but hasn't released a new version of the package for almost 2 years. That package was removed in favor of utilizing Express, which is already installed as a dependency, and express-basic-auth was added as a dev-dep for testing headers.

@wwilsman wwilsman requested a review from Robdel12 October 3, 2019 20:05
Robdel12
Robdel12 approved these changes Oct 3, 2019
View reviewed changes
Copy link
Contributor

@Robdel12 Robdel12 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🏁 This is going to solve so many problems for folks!

test/integration/agent-integration.test.ts Outdated Show resolved Hide resolved
test/integration/testcases/protected-with-basic-auth.html Outdated Show resolved Hide resolved
package.json
@@ -76,7 +75,7 @@
"chai-http": "^4.0.0",
"cheerio": "^1.0.0-rc.3",
"eslint-config-oclif": "^3.0.0",
"http-server": "^0.11.1",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👋 so long, you won't be missed (thinking back to all of the ecstatic issues on windows with this package)

@wwilsman
feat: ✨ Add request-headers option for asset-discovery
6e54cac
@wwilsman
✅ Add tests for auth header and protected resources
38dab7a 
Remove http-server in favor of using express which is already a dep. Also add
express-basic-auth as a dev-dep for testing.
@wwilsman wwilsman merged commit 488a3b6 into master Oct 3, 2019
@delete-merged-branch delete-merged-branch bot deleted the ww/asset-discovery-headers branch October 3, 2019 21:17
djones pushed a commit that referenced this pull request Oct 3, 2019
@semantic-release-bot
chore(release): 0.18.0 [skip ci]
be754a1 
# [0.18.0](v0.17.1...v0.18.0) (2019-10-03)

### Features

* ✨ Asset discovery headers ([#384](#384)) ([488a3b6](488a3b6))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Robdel12 Robdel12 Robdel12 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@wwilsman @Robdel12