Skip to content

Remove referrerPolicy from Cloudflare Worker fetch requests #8393

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 14 commits into from
Sep 11, 2024
Merged

Remove referrerPolicy from Cloudflare Worker fetch requests #8393

Show file tree
Hide file tree
Changes from 9 commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
3407e2b
remove referrerPolicy from auth fetch requests
DellaBitta Jul 25, 2024
cc8114c
Merge branch 'main' into ddb-remove-referrerpolicy
DellaBitta Sep 4, 2024
936f3f2
Append referrerPolicy for non cloudflare envs.
DellaBitta Sep 5, 2024
a0c9570
Merge branch 'main' into ddb-remove-referrerpolicy
DellaBitta Sep 5, 2024
4b4a66f
lint fixes
DellaBitta Sep 5, 2024
d2b604f
changeset
DellaBitta Sep 5, 2024
c63a5c7
Use RequestInit type for fetchArgs
DellaBitta Sep 5, 2024
357fd9e
Patch bump for Auth instead of a minor bump.
DellaBitta Sep 6, 2024
c2a5286
Update khaki-numbers-nail.md
DellaBitta Sep 6, 2024
48c3940
Added uTests & isCloudflareWorker usage comments
DellaBitta Sep 9, 2024
73b6eca
Revert removal from mock_fetch_tests
DellaBitta Sep 9, 2024
9d220d6
convert referrerPolicy var to let.
DellaBitta Sep 10, 2024
1629b93
remove comment
DellaBitta Sep 10, 2024
b1f3860
Update mocks to resolve not reject
DellaBitta Sep 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions .changeset/khaki-numbers-nail.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
'@firebase/auth': patch
'@firebase/util': minor
---

Suppress the use of the `fetch` parameter `referrPolicy` within Auth for `fetch` requests originating from Cloudflare Workers. Clouldflare Worker environments do not support this parameter and throw when it's used.
5 changes: 5 additions & 0 deletions common/api-review/util.api.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -264,6 +264,11 @@ export function isBrowser(): boolean;
// @public (undocumented)
export function isBrowserExtension(): boolean;

// Warning: (ae-missing-release-tag) "isCloudflareWorker" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal)
//
// @public
export function isCloudflareWorker(): boolean;

// Warning: (ae-missing-release-tag) "isElectron" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal)
//
// @public
Expand Down
19 changes: 12 additions & 7 deletions packages/auth/src/api/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
* limitations under the License.
*/

import { FirebaseError, querystring } from '@firebase/util';
import { FirebaseError, isCloudflareWorker, querystring } from '@firebase/util';

import { AuthErrorCode, NamedErrorParams } from '../core/errors';
import {
Expand Down Expand Up @@ -148,14 +148,19 @@ export async function _performApiRequest<T, V>(
headers[HttpHeader.X_FIREBASE_LOCALE] = auth.languageCode;
}

const fetchArgs: RequestInit = {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we should consider adding some unit tests on _performApiRequest since we introduced new logic.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done!

method,
headers,
...body
};

if (!isCloudflareWorker()) {
fetchArgs.referrerPolicy = 'no-referrer';
}

return FetchProvider.fetch()(
_getFinalTarget(auth, auth.config.apiHost, path, query),
{
method,
headers,
referrerPolicy: 'no-referrer',
...body
}
fetchArgs
);
});
}
Expand Down
1 change: 0 additions & 1 deletion packages/auth/test/helpers/mock_fetch.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,6 @@ async function fetchJson(path: string, req?: object): Promise<object> {
headers: {
'Content-Type': 'application/json'
},
referrerPolicy: 'no-referrer',
...body
};

Expand Down
14 changes: 12 additions & 2 deletions packages/util/src/environment.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ export function isNode(): boolean {
}

/**
* Detect Browser Environment
* Detect Browser Environment.
* Note: This will return true for certain test frameworks that are incompletely
* mimicking a browser, and should not lead to assuming all browser APIs are
* available.
Expand All @@ -89,7 +89,7 @@ export function isBrowser(): boolean {
}

/**
* Detect Web Worker context
* Detect Web Worker context.
*/
export function isWebWorker(): boolean {
return (
Expand All @@ -99,6 +99,16 @@ export function isWebWorker(): boolean {
);
}

/**
* Detect Cloudflare Worker context.
*/
export function isCloudflareWorker(): boolean {
return (
typeof navigator !== 'undefined' &&
navigator.userAgent === 'Cloudflare-Workers'
);
}

/**
* Detect browser extensions (Chrome and Firefox at least).
*/
Expand Down
Loading