The Authorization header is cropped in NetworkMonitor for long JWT tokens.
Categories
(DevTools :: Netmonitor, defect, P3)
Tracking
(Not tracked)
People
(Reporter: petcuandrei, Unassigned)
References
(Blocks 1 open bug)
Details
Attachments
(3 files)
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:87.0) Gecko/20100101 Firefox/87.0
Steps to reproduce:
I signed up to https://alpha.uipath.com/ (it can be any web site that uses a long enough JWT token). Here is the header of my token.
I opened devtools > network > click on a XHR request > I copied the Authorization header.
Go to https://jwt.io/ and paste the token
Actual results:
The token is invalid. It says that the signature is broken.
This happens because the body contains …
Expected results:
I should have seen the token as valid with no cropping and no "…".
If I go to raw data region, I can copy it but it's harder to do also because of the other bug where focus is lost due to this bug https://bugzilla.mozilla.org/show_bug.cgi?id=1632030
Reporter | ||
Updated•3 years ago
|
Comment 1•3 years ago
|
||
Thank you for the report!
Could you please attach a screenshot, thank you.
Honza
Reporter | ||
Comment 2•3 years ago
|
||
Can I just pick this up? It's simpler to try to fix on my machine than to help you reproduce. I'm a n00b at devtools :)
Comment 3•3 years ago
|
||
Yes, please, thank you!
You might want to read our docs
https://firefox-source-docs.mozilla.org/devtools/
https://firefox-source-docs.mozilla.org/setup/index.html
Honza
Reporter | ||
Comment 4•3 years ago
|
||
Still exploring the source of the issue but here is what I found:
cropLimit: 1024,
is the source of the issue. If I change it to cropLimit: 2048,
it works for this specific token I have.
https://searchfox.org/mozilla-central/source/devtools/client/netmonitor/src/components/request-details/PropertiesView.js#76
const shouldCrop = !isOpen && cropLimit && text.length > cropLimit;
https://searchfox.org/mozilla-central/source/devtools/client/shared/components/reps/reps/string.js#85
maybeCropString -> rawCropString
And then it crops the middle of my string with alternativeText.
if (text.length > limit) {
return (
text.substr(0, Math.ceil(halfLimit)) +
alternativeText +
text.substr(text.length - Math.floor(halfLimit))
);
}
This seems to be by design, it's not a bug. What should I do? My original problem is that it was hard for me to copy a JWT token. Should we just increase this number or should we find alternative UX for it?
Reporter | ||
Comment 5•3 years ago
|
||
Or maybe I should just fix https://bugzilla.mozilla.org/show_bug.cgi?id=1632030 and use the raw version of the headers.
Comment 6•3 years ago
•
|
||
We could disable the `cropLimit` for HTTP header values: @Bomsy, what do you think? Honza
Updated•3 years ago
|
Comment 7•3 years ago
•
|
||
Yes. Honza, i agree lets just disable it for the HeadersPanel.
Hi Andrei,
Lets go with Honza's suggestion above in comment 6
Thanks
Updated•3 years ago
|
Is this bug still open to being worked on? I would like to tackle it.
Updated•3 years ago
|
Comment 10•3 years ago
|
||
Comment 11•3 years ago
|
||
I've made the necessary code changes and would be waiting on your review, secondly, I was wondering is this covered by tests, if yes, how am I to go about testing this?
Comment 13•3 years ago
|
||
Thank you for the patch!
Two thing we should do here:
-
We have the same problem in the Cookies panel, so we could disable the cropping there too
https://searchfox.org/mozilla-central/source/devtools/client/netmonitor/src/components/request-details/CookiesPanel.js -
Yes, we should write a test for both panels
You might want to read
https://firefox-source-docs.mozilla.org/devtools/tests/mochitest-devtools.html
This test feels similar, so you can get some inspiration
https://searchfox.org/mozilla-central/source/devtools/client/netmonitor/test/browser_net_headers_filter.js
Please add all additional changes into the one existing patch
(use hg commit amend
)
Honza
Comment 14•3 years ago
|
||
I'm having some issues setting up the test, I think I've spent around 3 days trying to figure out what each function is for, so any pointers would be highly appreciated, So far here's what I've done: ```js ```
Comment 15•2 years ago
|
||
The bug assignee is inactive on Bugzilla, so the assignee is being reset.
Updated•2 years ago
|
Description
•