Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix response body capture for fetch telemetry #1055

Merged
merged 2 commits into from
Nov 29, 2022
Merged

Fix response body capture for fetch telemetry #1055

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
175a5a9
fix response body capture for fetch telemetry
waltjones Nov 29, 2022
fdc9086
return the promise returned by then to guarantee order
waltjones Nov 29, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions src/browser/telemetry.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -383,6 +383,9 @@ Instrumenter.prototype.instrumentNetwork = function() {
if (self.trackHttpErrors()) {
metadata.stack = (new Error()).stack;
}

// Start our handler before returning the promise. This allows resp.clone()
// to execute before other handlers touch the response.
return orig.apply(this, args).then(function (resp) {
metadata.end_time_ms = _.now();
metadata.status_code = resp.status;
Expand All @@ -395,6 +398,7 @@ Instrumenter.prototype.instrumentNetwork = function() {
if (self.autoInstrument.networkResponseBody) {
if (typeof resp.text === 'function') { // Response.text() is not implemented on some platforms
// The response must be cloned to prevent reading (and locking) the original stream.
// This must be done before other handlers touch the response.
body = resp.clone().text(); //returns a Promise
}
}
Expand Down
35 changes: 15 additions & 20 deletions test/browser.rollbar.test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1529,15 +1529,9 @@ describe('options.autoInstrument', function() {

window.fetchStub = sinon.stub(window, 'fetch');

var readableStream = new ReadableStream({
start(controller) {
controller.enqueue(JSON.stringify({name: 'foo', password: '123456'}));
controller.close();
}
});

var responseBody = JSON.stringify({name: 'foo', password: '123456'});
window.fetch.returns(Promise.resolve(new Response(
readableStream,
responseBody,
{ status: 200, statusText: 'OK', headers: { 'content-type': 'application/json', 'password': '123456' }}
)));

Expand All @@ -1561,11 +1555,18 @@ describe('options.autoInstrument', function() {
const fetchInit = {
method: 'POST',
headers: fetchHeaders,
body: JSON.stringify({name: 'bar', secret: 'xhr post'})
body: JSON.stringify({name: 'bar', secret: 'fetch post'})
};
var fetchRequest = new Request('https://example.com/xhr-test');
var fetchRequest = new Request('https://example.com/fetch-test');
window.fetch(fetchRequest, fetchInit)
.then(function(response) {
// Assert that the original stream reader hasn't been read.
expect(response.bodyUsed).to.eql(false);
return response.text()
})
.then(function(text) {
expect(text).to.eql(responseBody);

try {
rollbar.log('test'); // generate a payload to inspect
} catch (e) {
Expand All @@ -1577,28 +1578,22 @@ describe('options.autoInstrument', function() {
try {
server.respond();

expect(server.requests.length).to.eql(2);
var body = JSON.parse(server.requests[1].requestBody);
expect(window.fetchStub.called).to.be.ok();
expect(server.requests.length).to.eql(1);
var body = JSON.parse(server.requests[0].requestBody);

// Verify request capture and scrubbing
expect(body.data.body.telemetry[0].body.request).to.eql('{"name":"bar","secret":"********"}');

// Verify request headers capture and case-insensitive scrubbing
expect(body.data.body.telemetry[0].body.request_headers).to.eql({'content-type': 'application/json', secret: '********'});

// When using the Sinon test stub, the response body is populated in Headless Chrome 73,
// but not in 77. When using the Fetch API normally, it is populated in all tested Chrome versions.
// Disable here due to the Sinon limitation.
//
// Verify response capture and scrubbing
// expect(body.data.body.telemetry[0].body.response.body).to.eql('{"name":"foo","password":"********"}');
expect(body.data.body.telemetry[0].body.response.body).to.eql('{"name":"foo","password":"********"}');

// Verify response headers capture and case-insensitive scrubbing
expect(body.data.body.telemetry[0].body.response.headers).to.eql({'content-type': 'application/json', password: '********'});

// Assert that the original stream reader hasn't been read.
expect(response.bodyUsed).to.eql(false);

rollbar.configure({ autoInstrument: false });
window.fetch.restore();
done();
Expand Down