From 6a96ce727668fd03501382fad4e350775f2e1ac9 Mon Sep 17 00:00:00 2001 From: jcesarmobile Date: Mon, 15 Apr 2024 17:00:04 +0200 Subject: [PATCH] fix(http): prevent POST request from being proxied (#7402) --- android/capacitor/src/main/assets/native-bridge.js | 13 ++++++------- core/native-bridge.ts | 14 ++++++-------- ios/Capacitor/Capacitor/assets/native-bridge.js | 13 ++++++------- 3 files changed, 18 insertions(+), 22 deletions(-) diff --git a/android/capacitor/src/main/assets/native-bridge.js b/android/capacitor/src/main/assets/native-bridge.js index 753680cd4..d255c322c 100644 --- a/android/capacitor/src/main/assets/native-bridge.js +++ b/android/capacitor/src/main/assets/native-bridge.js @@ -502,11 +502,11 @@ var nativeBridge = (function (exports) { if (request.url.startsWith(`${cap.getServerUrl()}/`)) { return win.CapacitorWebFetch(resource, options); } - if (!(options === null || options === void 0 ? void 0 : options.method) || - options.method.toLocaleUpperCase() === 'GET' || - options.method.toLocaleUpperCase() === 'HEAD' || - options.method.toLocaleUpperCase() === 'OPTIONS' || - options.method.toLocaleUpperCase() === 'TRACE') { + const { method } = request; + if (method.toLocaleUpperCase() === 'GET' || + method.toLocaleUpperCase() === 'HEAD' || + method.toLocaleUpperCase() === 'OPTIONS' || + method.toLocaleUpperCase() === 'TRACE') { if (typeof resource === 'string') { return await win.CapacitorWebFetch(createProxyUrl(resource, win), options); } @@ -518,8 +518,7 @@ var nativeBridge = (function (exports) { const tag = `CapacitorHttp fetch ${Date.now()} ${resource}`; console.time(tag); try { - // intercept request & pass to the bridge - const { body, method } = request; + const { body } = request; const optionHeaders = Object.fromEntries(request.headers.entries()); const { data: requestData, type, headers, } = await convertBody((options === null || options === void 0 ? void 0 : options.body) || body || undefined, optionHeaders['Content-Type'] || optionHeaders['content-type']); const nativeResponse = await cap.nativePromise('CapacitorHttp', 'request', { diff --git a/core/native-bridge.ts b/core/native-bridge.ts index 62f4e56de..5480e64a7 100644 --- a/core/native-bridge.ts +++ b/core/native-bridge.ts @@ -551,13 +551,12 @@ const initBridge = (w: any): void => { if (request.url.startsWith(`${cap.getServerUrl()}/`)) { return win.CapacitorWebFetch(resource, options); } - + const { method } = request; if ( - !options?.method || - options.method.toLocaleUpperCase() === 'GET' || - options.method.toLocaleUpperCase() === 'HEAD' || - options.method.toLocaleUpperCase() === 'OPTIONS' || - options.method.toLocaleUpperCase() === 'TRACE' + method.toLocaleUpperCase() === 'GET' || + method.toLocaleUpperCase() === 'HEAD' || + method.toLocaleUpperCase() === 'OPTIONS' || + method.toLocaleUpperCase() === 'TRACE' ) { if (typeof resource === 'string') { return await win.CapacitorWebFetch( @@ -576,8 +575,7 @@ const initBridge = (w: any): void => { const tag = `CapacitorHttp fetch ${Date.now()} ${resource}`; console.time(tag); try { - // intercept request & pass to the bridge - const { body, method } = request; + const { body } = request; const optionHeaders = Object.fromEntries(request.headers.entries()); const { data: requestData, diff --git a/ios/Capacitor/Capacitor/assets/native-bridge.js b/ios/Capacitor/Capacitor/assets/native-bridge.js index 753680cd4..d255c322c 100644 --- a/ios/Capacitor/Capacitor/assets/native-bridge.js +++ b/ios/Capacitor/Capacitor/assets/native-bridge.js @@ -502,11 +502,11 @@ var nativeBridge = (function (exports) { if (request.url.startsWith(`${cap.getServerUrl()}/`)) { return win.CapacitorWebFetch(resource, options); } - if (!(options === null || options === void 0 ? void 0 : options.method) || - options.method.toLocaleUpperCase() === 'GET' || - options.method.toLocaleUpperCase() === 'HEAD' || - options.method.toLocaleUpperCase() === 'OPTIONS' || - options.method.toLocaleUpperCase() === 'TRACE') { + const { method } = request; + if (method.toLocaleUpperCase() === 'GET' || + method.toLocaleUpperCase() === 'HEAD' || + method.toLocaleUpperCase() === 'OPTIONS' || + method.toLocaleUpperCase() === 'TRACE') { if (typeof resource === 'string') { return await win.CapacitorWebFetch(createProxyUrl(resource, win), options); } @@ -518,8 +518,7 @@ var nativeBridge = (function (exports) { const tag = `CapacitorHttp fetch ${Date.now()} ${resource}`; console.time(tag); try { - // intercept request & pass to the bridge - const { body, method } = request; + const { body } = request; const optionHeaders = Object.fromEntries(request.headers.entries()); const { data: requestData, type, headers, } = await convertBody((options === null || options === void 0 ? void 0 : options.body) || body || undefined, optionHeaders['Content-Type'] || optionHeaders['content-type']); const nativeResponse = await cap.nativePromise('CapacitorHttp', 'request', {