microsoft/playwright
1
1
Fork 0
mirror of https://github.com/microsoft/playwright.git synced 2024-12-02 23:27:28 +03:00
Code Issues Projects Releases Wiki Activity

cherry-pick(#31913): fix(client-certificates): use matching origin for connections on :443

Browse Source 
Motivation: When using client-certificates on a website on port `443`,
we would normalise the user input with `new URL` but still generate a
"bad" representation of the "origin" internally, since the just do
concatenated "host:port".

(The origin doesn't contain the port in case of :443)

We use `clientCertificatesToTLSOptions` in two places:

a) for APIRequestContext, there we pass one from the URL constructor
over and
b) from the socks proxy, there we **now** also pass a "good one" over.

Test plan: We don't want to run the tests on port :443, so only manually
validated the fix.

Relates https://github.com/microsoft/playwright/issues/31906
This commit is contained in:
Max Schmitt 2024-07-30 12:31:50 +02:00
parent 446de523c4
commit 64e4a9b0eb
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
packages/playwright-core/src/server/socksClientCertificatesInterceptor.ts
View File

@ -148,7 +148,7 @@ class SocksProxyConnection {
port: this.port, port: this.port,
rejectUnauthorized: !this.socksProxy.ignoreHTTPSErrors, rejectUnauthorized: !this.socksProxy.ignoreHTTPSErrors,
ALPNProtocols: [internalTLS.alpnProtocol || 'http/1.1'], ALPNProtocols: [internalTLS.alpnProtocol || 'http/1.1'],
...clientCertificatesToTLSOptions(this.socksProxy.clientCertificates, `https://${this.host}:${this.port}`), ...clientCertificatesToTLSOptions(this.socksProxy.clientCertificates, new URL(`https://${this.host}:${this.port}`).origin),
}; };
if (!net.isIP(this.host)) if (!net.isIP(this.host))
tlsOptions.servername = this.host; tlsOptions.servername = this.host;