The Authorization header is cropped in NetworkMonitor for long JWT tokens.
Categories
(DevTools :: Netmonitor, defect, P3)
Tracking
(Not tracked)
People
(Reporter: petcuandrei, Unassigned)
References
(Blocks 1 open bug)
Details
Attachments
(3 files)
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:87.0) Gecko/20100101 Firefox/87.0
Steps to reproduce:
I signed up to https://alpha.uipath.com/ (it can be any web site that uses a long enough JWT token). Here is the header of my token.
I opened devtools > network > click on a XHR request > I copied the Authorization header.
Go to https://jwt.io/ and paste the token
Actual results:
The token is invalid. It says that the signature is broken.
This happens because the body contains …
Expected results:
I should have seen the token as valid with no cropping and no "…".
If I go to raw data region, I can copy it but it's harder to do also because of the other bug where focus is lost due to this bug https://bugzilla.mozilla.org/show_bug.cgi?id=1632030
Reporter | ||
Updated•4 years ago
|
Comment 1•4 years ago
|
||
Thank you for the report!
Could you please attach a screenshot, thank you.
Honza
Reporter | ||
Comment 2•4 years ago
|
||
Can I just pick this up? It's simpler to try to fix on my machine than to help you reproduce. I'm a n00b at devtools :)
Comment 3•4 years ago
|
||
Yes, please, thank you!
You might want to read our docs
https://firefox-source-docs.mozilla.org/devtools/
https://firefox-source-docs.mozilla.org/setup/index.html
Honza
Reporter | ||
Comment 4•4 years ago
|
||
Still exploring the source of the issue but here is what I found:
cropLimit: 1024,
is the source of the issue. If I change it to cropLimit: 2048,
it works for this specific token I have.
https://searchfox.org/mozilla-central/source/devtools/client/netmonitor/src/components/request-details/PropertiesView.js#76
const shouldCrop = !isOpen && cropLimit && text.length > cropLimit;
https://searchfox.org/mozilla-central/source/devtools/client/shared/components/reps/reps/string.js#85
maybeCropString -> rawCropString
And then it crops the middle of my string with alternativeText.
if (text.length > limit) {
return (
text.substr(0, Math.ceil(halfLimit)) +
alternativeText +
text.substr(text.length - Math.floor(halfLimit))
);
}
This seems to be by design, it's not a bug. What should I do? My original problem is that it was hard for me to copy a JWT token. Should we just increase this number or should we find alternative UX for it?
Reporter | ||
Comment 5•4 years ago
|
||
Or maybe I should just fix https://bugzilla.mozilla.org/show_bug.cgi?id=1632030 and use the raw version of the headers.
Comment 6•4 years ago
•
|
||
Updated•4 years ago
|
Comment 7•4 years ago
•
|
||
Yes. Honza, i agree lets just disable it for the HeadersPanel.
Hi Andrei,
Lets go with Honza's suggestion above in comment 6
Thanks
Updated•4 years ago
|
Is this bug still open to being worked on? I would like to tackle it.
Updated•4 years ago
|
Comment 10•4 years ago
|
||
Comment 11•4 years ago
|
||
I've made the necessary code changes and would be waiting on your review, secondly, I was wondering is this covered by tests, if yes, how am I to go about testing this?
Comment 13•4 years ago
|
||
Thank you for the patch!
Two thing we should do here:
-
We have the same problem in the Cookies panel, so we could disable the cropping there too
https://searchfox.org/mozilla-central/source/devtools/client/netmonitor/src/components/request-details/CookiesPanel.js -
Yes, we should write a test for both panels
You might want to read
https://firefox-source-docs.mozilla.org/devtools/tests/mochitest-devtools.html
This test feels similar, so you can get some inspiration
https://searchfox.org/mozilla-central/source/devtools/client/netmonitor/test/browser_net_headers_filter.js
Please add all additional changes into the one existing patch
(use hg commit amend
)
Honza
Comment 14•4 years ago
|
||
Comment 15•3 years ago
|
||
The bug assignee is inactive on Bugzilla, so the assignee is being reset.
Updated•3 years ago
|
Comment 16•1 month ago
|
||
This applies to every header not just the authorization header. All headers are trimmed in middle. However raw headers show complete headers text.
If showing complete header is not feasible or if you do not want to implement, then please make sure while copying the header value, complete header should be copied to clipboard but not just the selected trimmed one.
:)
Description
•